You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.
Table of contents
This component should not be enabled in a production environment.
Description
This component adds debug/development functionality to the Runtime:
- A dashboard to start application and manage the server (settings),
- session debug tools to debug/inspect the current running session,
- a connection to Studio to start applications modelled in Studio.
Installation
This component is enabled by default, but can be disabled:
To disable this component, the development-tools profile should be disabled. More information on how to configure the application using Spring Profiles can be found here : Application configuration with Spring Profiles.
Configuration
Shortcut properties
To enable editing of shortcut properties create a file named application-shortcuts.properties
in the Blueriq config location. Enable the shortcuts
Spring profile to make the properties available to the Runtime.
Runtime user properties
To enable editing of Runtime user properties create a file named users.properties
in the Blueriq config location. You can configure editing behaviour by adding properties to application-
development-tools
.properties
# When true, user property passwords will be cryptographically hashed when stored blueriq.development.user-properties.store-password-hashed=true
By default passwords for user properties will be (cryptographically) hashed when you save them through the Development Dashboard. If you want new passwords to be saved in plain text, set the above mentioned property to false
.
H2 Console
For security reasons, the H2 Console is disabled by default since Blueriq 11.5. You can enable it by adding a property to application-development-tools.properties:
# Enable the H2 Console blueriq.development.h2-console.enabled=true
After changing this property, the runtime should be restarted.
If Blueriq was installed using the installer, the H2 Console will be enabled by default.
For security reasons the H2 Console is protected with basic authentication by default (since release 11.5). In order to use the H2 Console you need to have a user with the role h2console configured in your user-management. For an out-of-the-box installation running in development you can configure a In-memory authentication provider with the user below.
# User for H2 Console access in development. h2={noop}h2,h2console
Be sure to specify a password encoder in your password, the noop statement with the brackets in this example
Usage
See the cookbook Using the development dashboard for more information.
Content Security Policy
When using the development tools component, and therefore the development tools dashboard and toolbar, it is required to have the default development tools CSP header configured. When overriding the CSP header else outside of the Blueriq Runtime it is possible that the development tools dashboard and toolbar will not work as expected. For more information please visit the Security: Clickjacking protection page.
Using the development tools with HTTPS
When using https when accessing the runtime and development tools some http headers has to be set in the reverse proxy, for more info : Using a reverse proxy server