Close

Event Gateway

The Event Gateway is a brand new Alfresco Component, introduced to improve the security of the event mechanism. The Event Gateway relies on existing components that produces internal events flagged for external consumption. Those events are then consumed by the Event Gateway Service and routed to various destinations such as the queryable Event Store, Global Public Event Topic, subscription triggers, and the Event Archive.

The following picture illustrates how the Event Gateway fits into the big picture:

event_gateway_big_picture

The Event Gateway provides the following:

  • More security and store and forward of events
  • Choice of what ActiveMQ instance you want to use. Extensions don’t need to use the Repository instance.
  • You can create different subscriptions for different extensions.
  • Events can be filtered, for example: consume only created or updated files of content type pub:article or pub:book
  • The gateway also provide metrics: Event produced, event consumed, current subscriptions etc.
  • (Enterprise Edition) Events are filtered by ACL, so users can only receive events of nodes they have permission to read.

Note: The Event Gateway is an optional component, but very useful if you want more security.

Developer deployment

The Event Gateway can be deployed in a developer environment with Docker Compose.

Set the property keycloak.auth-server-url pointing to your local IP address to avoid security issues validating the domain of the access tokens generated by the Alfresco Identity Service.

Use export HOST_IP=xxx for specifying the host ip address before starting docker compose.

The following line will produce the result using ifconfig:

export HOST_IP=$(ifconfig | grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" | grep -v 127.0.0.1 | awk '{ print $2 }' | cut -f2 -d: | head -n1)

The following lines will produce the result using ip address show:

export HOST_IP=$(ip address show | grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" | grep -v 127.0.0.1 | awk '{ print $2 }' | head -n 1 ) export HOST_IP=$(echo ${HOST_IP%/*})

Here is the docker-compose.yml file:

# Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose version: "2" services: alfresco-event-gateway: image: alfresco/alfresco-event-gateway-app:development environment: JAVA_TOOL_OPTIONS: " -agentlib:jdwp=transport=dt_socket,address=*:8888,server=y,suspend=n " JAVA_OPTS: " -Dspring.activemq.brokerUrl=tcp://activemq:61616 -Dspring.datasource.url=jdbc:postgresql://postgres-event-gateway:5432/alfresco-event-gateway -Dspring.datasource.driverClassName=org.postgresql.Driver -Dspring.datasource.username=alfresco-event-gateway -Dspring.datasource.password=alfresco-event-gateway -Dspring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect -Dspring.jpa.hibernate.ddl-auto=update -Dalfresco.event.gateway.publication.jms.broker.my-broker.broker-url=tcp://activemq:61616 -Dkeycloak.auth-server-url=http://${HOST_IP}:8999/auth -Dcontent.service.url=http://alfresco:8080 -Dmanagement.metrics.export.simple.enabled=true -Dmanagement.endpoint.metrics.enabled=true " depends_on: - alfresco - alfresco-identity-service ports: - 7070:8080 - 8888:8888 postgres-event-gateway: image: postgres:13.1 mem_limit: 512m environment: - POSTGRES_PASSWORD=alfresco-event-gateway - POSTGRES_USER=alfresco-event-gateway - POSTGRES_DB=alfresco-event-gateway command: postgres -c max_connections=300 -c log_min_messages=LOG ports: - 5433:5432 alfresco: image: alfresco/alfresco-content-repository-community:7.1.0 mem_limit: 1500m environment: HOST_IP: ${HOST_IP} JAVA_TOOL_OPTIONS: " -Dencryption.keystore.type=JCEKS -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding -Dencryption.keyAlgorithm=DESede -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore -Dmetadata-keystore.password=mp6yc0UD9e -Dmetadata-keystore.aliases=metadata -Dmetadata-keystore.metadata.password=oKIWzVdEdA -Dmetadata-keystore.metadata.algorithm=DESede " JAVA_OPTS: " -Ddb.driver=org.postgresql.Driver -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.url=jdbc:postgresql://postgres:5432/alfresco -Dsolr.host=solr6 -Dsolr.port=8983 -Dsolr.http.connection.timeout=1000 -Dsolr.secureComms=none -Dsolr.base.url=/solr -Dindex.subsystem.name=solr6 -Dshare.host=127.0.0.1 -Dshare.port=8080 -Dalfresco.host=localhost -Dalfresco.port=8080 -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos -Dmessaging.broker.url=\"failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true\" -Ddeployment.method=DOCKER_COMPOSE -DlocalTransform.core-aio.url=http://transform-core-aio:8090/ -Dcsrf.filter.enabled=false -Dauthentication.chain=identity-service1:identity-service,alfrescoNtlm1:alfrescoNtlm -Dalfresco.restApi.basicAuthScheme=true -Didentity-service.enable-basic-auth=true -Didentity-service.authentication.validation.failure.silent=false -Didentity-service.auth-server-url=http://${HOST_IP}:8999/auth -Didentity-service.realm=alfresco -Didentity-service.resource=alfresco -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 " transform-core-aio: image: alfresco/alfresco-transform-core-aio:2.5.2 mem_limit: 1536m environment: JAVA_OPTS: " -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80" ports: - 8090:8090 share: image: alfresco/alfresco-share:7.1.0 mem_limit: 1g environment: REPO_HOST: "alfresco" REPO_PORT: "8080" JAVA_OPTS: " -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 -Dalfresco.host=localhost -Dalfresco.port=8080 -Dalfresco.context=alfresco -Dalfresco.protocol=http " postgres: image: postgres:13.1 mem_limit: 512m environment: - POSTGRES_PASSWORD=alfresco - POSTGRES_USER=alfresco - POSTGRES_DB=alfresco command: postgres -c max_connections=300 -c log_min_messages=LOG ports: - 5432:5432 solr6: image: alfresco/alfresco-search-services:2.0.2 mem_limit: 2g environment: #Solr needs to know how to register itself with Alfresco - SOLR_ALFRESCO_HOST=alfresco - SOLR_ALFRESCO_PORT=8080 #Alfresco needs to know how to call solr - SOLR_SOLR_HOST=solr6 - SOLR_SOLR_PORT=8983 #Create the default alfresco and archive cores - SOLR_CREATE_ALFRESCO_DEFAULTS=alfresco,archive #HTTP by default - ALFRESCO_SECURE_COMMS=none ports: - 8083:8983 #Browser port activemq: image: alfresco/alfresco-activemq:5.16.1 mem_limit: 1g ports: - 8161:8161 # Web Console - 5672:5672 # AMQP - 61616:61616 # OpenWire - 61613:61613 # STOMP proxy: image: alfresco/alfresco-acs-nginx:3.1.1 mem_limit: 128m environment: DISABLE_PROMETHEUS: "true" DISABLE_SYNCSERVICE: "true" DISABLE_ADW: "true" depends_on: - alfresco ports: - 8080:8080 links: - alfresco - share alfresco-identity-service: image: quay.io/alfresco/alfresco-identity-service:1.5.0 environment: - KEYCLOAK_USER=admin - KEYCLOAK_PASSWORD=admin - KEYCLOAK_IMPORT=/tmp/alfresco-realm.json - DB_VENDOR=h2 volumes: - ./realms/alfresco-realm.json:/tmp/alfresco-realm.json ports: - 8999:8080

Gateway API

The Event Gateway provides a ReST API with the following features:

  • Creating a subscription - POST /subscriptions
  • Getting a subscription - GET /subscriptions/{id}
  • Update a subscription - PATCH /subscriptions/{id}

An out-of-process extension may create a subscription to receive certain types of events in a specific topic of an ActiveMQ broker.

For more information on how to use the subscription API, see the Event Gateway documentation.

Edit this page

Suggest an edit on GitHub
By clicking "Accept Cookies", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View Cookie Policy.