Google Git
Sign in
apache / james-site / a15da97d6f43d2450183d8ff4b8722aa4ad8b24d / . / james-distributed-app / 3.8.1 / configure / jmap.html
blob: 5de1184104561e4e191c17d403f79dabd91c10ca [file] [log] [blame]
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>Distributed James Server &mdash; jmap.properties :: Apache James</title>
<meta name="generator" content="Antora 3.1.2">
<link rel="stylesheet" href="../../../_/css/site.css">
</head>
<body class="article">
<header class="header">
<nav class="navbar">
<div class="navbar-brand">
<a class="navbar-item" href="https://james.apache.org"><img src="/_/img/james.svg" alt="james logo"> Apache James</a>
<button class="navbar-burger" data-target="topbar-nav">
<span></span>
<span></span>
<span></span>
</button>
</div>
<div id="topbar-nav" class="navbar-menu">
<div class="navbar-end">
<a class="navbar-item" href="#">Home</a>
<div class="navbar-item has-dropdown is-hoverable">
<a class="navbar-link" href="#">Products</a>
<div class="navbar-dropdown">
<div class="navbar-item"><strong>James server</strong></div>
<a class="navbar-item" href="https://github.com/apache/james-project">Repository</a>
<a class="navbar-item" href="https://issues.apache.org/jira/projects/JAMES/issues">Issue Tracker</a>
<hr class="navbar-divider">
<a class="navbar-item" href="https://james.apache.org/mime4j/index.html">Mime4J</a>
<a class="navbar-item" href="https://james.apache.org/jsieve/index.html">jSieve</a>
<a class="navbar-item" href="https://james.apache.org/jspf/index.html">jSPF</a>
<a class="navbar-item" href="https://james.apache.org/jdkim/index.html">jDKIM</a>
<a class="navbar-item" href="https://james.apache.org/hupa/index.html">HUPA</a>
</div>
</div>
<div class="navbar-item has-dropdown is-hoverable">
<a class="navbar-link" href="#">Community</a>
<div class="navbar-dropdown">
<!-- Not ideal but dropping the version in the href requires tweaking james-projet docs module first -->
<a class="navbar-item" href="/james-project/3.6.0/community/mailing-lists.html">Mailing lists</a>
<a class="navbar-item" href="https://gitter.im/apache/james-project"><svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 32 32" class="logo-gitter-sign" data-v-44ebcb1a=""><rect x="15" y="5" width="2" height="10"></rect> <rect x="10" y="5" width="2" height="20"></rect> <rect x="5" y="5" width="2" height="20"></rect> <rect width="2" height="15"></rect></svg> Gitter</a>
<a class="navbar-item" href="https://twitter.com/ApacheJames">
<span class="icon">
<svg aria-hidden="true" data-icon="twitter" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
<path fill="#57aaee" d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"></path>
</svg>
</span> Twitter
</a>
<a class="navbar-item" href="#"> <svg class="octicon octicon-mark-github v-align-middle" viewBox="0 0 16 16" version="1.1" aria-hidden="true"><path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"></path></svg> Github</a>
</div>
</div>
<!-- <div class="navbar-item">
<span class="control">
<a class="button is-primary" href="#">Download</a>
</span>
</div> -->
</div>
</div>
</nav>
</header>
<div class="body">
<div class="nav-container" data-component="james-distributed-app" data-version="3.8.1">
<aside class="nav">
<div class="panels">
<div class="nav-panel-menu is-active" data-panel="menu">
<nav class="nav-menu">
<button class="nav-menu-toggle" aria-label="Toggle expand/collapse all" style="display: none"></button>
<h3 class="title"><a href="../index.html">Apache James Distributed Server</a></h3>
<ul class="nav-list">
<li class="nav-item" data-depth="0">
<ul class="nav-list">
<li class="nav-item" data-depth="1">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../index.html">Distributed James Application</a>
<ul class="nav-list">
<li class="nav-item" data-depth="2">
<a class="nav-link" href="../objectives.html">Objectives and motivation</a>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../architecture/index.html">Architecture</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../architecture/implemented-standards.html">Implemented standards</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../architecture/consistency-model.html">Consistency Model</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../architecture/specialized-instances.html">Specialized instances</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../run/index.html">Run</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../run/run-java.html">Run with Java</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../run/run-docker.html">Run with Docker</a>
</li>
<li class="nav-item" data-depth="3">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../run/run-kubernetes.html">Run with Kubernetes</a>
<ul class="nav-list">
<li class="nav-item" data-depth="4">
<a class="nav-link" href="../run/k8s-checklist.html">Deployment Checklist</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="../run/k8s-logsMetrics.html">Logs &amp; Metrics</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="../run/k8s-values.html">values.yaml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="../run/k8s-secrets.html">secrets.yaml</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="index.html">Configuration</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<button class="nav-item-toggle"></button>
<span class="nav-text">Protocols</span>
<ul class="nav-list">
<li class="nav-item" data-depth="4">
<a class="nav-link" href="imap.html">imapserver.xml</a>
</li>
<li class="nav-item is-current-page" data-depth="4">
<a class="nav-link" href="jmap.html">jmap.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="jmx.html">jmx.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="smtp.html">smtpserver.xml &amp; lmtpserver.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="smtp-hooks.html">Packaged SMTP hooks</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="pop3.html">pop3server.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="webadmin.html">webadmin.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="ssl.html">SSL &amp; TLS</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="sieve.html">Sieve &amp; ManageSieve</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="3">
<button class="nav-item-toggle"></button>
<span class="nav-text">Storage dependencies</span>
<ul class="nav-list">
<li class="nav-item" data-depth="4">
<a class="nav-link" href="blobstore.html">blobstore.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="cassandra.html">cassandra.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="opensearch.html">opensearch.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="rabbitmq.html">rabbitmq.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="redis.html">redis.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="tika.html">tika.properties</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="3">
<button class="nav-item-toggle"></button>
<span class="nav-text">Core components</span>
<ul class="nav-list">
<li class="nav-item" data-depth="4">
<a class="nav-link" href="batchsizes.html">batchsizes.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="dns.html">dnsservice.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="domainlist.html">domainlist.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="healthcheck.html">healthcheck.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="mailetcontainer.html">mailetcontainer.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="mailets.html">Packaged Mailets</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="matchers.html">Packaged Matchers</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="mailrepositorystore.html">mailrepositorystore.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="recipientrewritetable.html">recipientrewritetable.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="search.html">search.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="usersrepository.html">usersrepository.xml</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="3">
<button class="nav-item-toggle"></button>
<span class="nav-text">Extensions</span>
<ul class="nav-list">
<li class="nav-item" data-depth="4">
<a class="nav-link" href="vault.html">deletedMessageVault.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="extensions.html">extensions.properties</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="listeners.html">listeners.xml</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="spam.html">Anti-Spam setup</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="remote-delivery-error-handling.html">About RemoteDelivery error handling</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="collecting-contacts.html">Contact collection</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="collecting-events.html">Event collection</a>
</li>
<li class="nav-item" data-depth="4">
<a class="nav-link" href="dsn.html">ESMTP DSN support</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../operate/index.html">Operate</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/guide.html">Operator guide</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/performanceChecklist.html">Performance checklist</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/logging.html">Logging</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/webadmin.html">WebAdmin REST administration API</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/metrics.html">Metrics</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/migrating.html">Migrating existing data</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/cli.html">Command Line Interface</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/cassandra-migration.html">Cassandra migration</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../operate/security.html">Security checklist</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../extending/index.html">Extending server behavior</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../extending/mail-processing.html">Custom mail processing components</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../extending/mailbox-listeners.html">Custom Mailbox Listeners</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../extending/smtp-hooks.html">Custom SMTP hooks</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../extending/webadmin-routes.html">Custom WebAdmin routes</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../extending/imap.html">Custom IMAP processing</a>
</li>
</ul>
</li>
<li class="nav-item" data-depth="2">
<button class="nav-item-toggle"></button>
<a class="nav-link" href="../benchmark/index.html">Performance benchmark</a>
<ul class="nav-list">
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../benchmark/db-benchmark.html">Database benchmarks</a>
</li>
<li class="nav-item" data-depth="3">
<a class="nav-link" href="../benchmark/james-benchmark.html">James benchmarks</a>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</nav>
</div>
<div class="nav-panel-explore" data-panel="explore">
<div class="context">
<span class="title">Apache James Distributed Server</span>
<span class="version">3.8.1 SNAPSHOT</span>
</div>
<ul class="components">
<li class="component is-current">
<div class="title"><a href="../index.html">Apache James Distributed Server</a></div>
<ul class="versions">
<li class="version is-current is-latest">
<a href="../index.html">3.8.1 SNAPSHOT</a>
</li>
</ul>
</li>
<li class="component">
<div class="title"><a href="../../../james-project/3.8.1/index.html">Apache James Server</a></div>
<ul class="versions">
<li class="version is-latest">
<a href="../../../james-project/3.8.1/index.html">3.8.1 SNAPSHOT</a>
</li>
<li class="version">
<a href="../../../james-project/3.6.0/index.html">3.6.0 Snapshot</a>
</li>
</ul>
</li>
<li class="component">
<div class="title"><a href="../../../james-site/latest/index.html">Apache James Site</a></div>
<ul class="versions">
<li class="version is-latest">
<a href="../../../james-site/latest/index.html">latest</a>
</li>
</ul>
</li>
</ul>
</div>
</div>
</aside>
</div>
<main class="article">
<div class="toolbar" role="navigation">
<button class="nav-toggle"></button>
<a href="../../../james-site/latest/homepage.html" class="home-link"></a>
<nav class="breadcrumbs" aria-label="breadcrumbs">
<ul>
<li><a href="../index.html">Apache James Distributed Server</a></li>
<li><a href="../index.html">Distributed James Application</a></li>
<li><a href="index.html">Configuration</a></li>
<li>Protocols</li>
<li><a href="jmap.html">jmap.properties</a></li>
</ul>
</nav>
<div class="edit-this-page"><a href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/docs/modules/ROOT/pages/configure/jmap.adoc">Edit this Page</a></div>
</div>
<div class="content">
<aside class="toc sidebar" data-title="Contents" data-levels="2">
<div class="toc-menu"></div>
</aside>
<article class="doc">
<h1 class="page">Distributed James Server &mdash; jmap.properties</h1>
<div id="preamble">
<div class="sectionbody">
<div class="paragraph">
<p><a href="https://jmap.io/">JMAP</a> is intended to be a new standard for email clients to connect to mail
stores. It therefore intends to primarily replace IMAP + SMTP submission. It is also designed to be more
generic. It does not replace MTA-to-MTA SMTP transmission.</p>
</div>
<div class="paragraph">
<p>Consult this <a href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/jmap.properties">example</a>
to get some examples and hints.</p>
</div>
<table class="tableblock frame-all grid-all stretch">
<caption class="title">Table 1. jmap.properties content</caption>
<colgroup>
<col style="width: 50%;">
<col style="width: 50%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Property name</th>
<th class="tableblock halign-left valign-top">explanation</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">enabled</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">true/false. Governs whether JMAP should be enabled</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">jmap.port</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Defaults to 80. The port this server will be listening on. This value must be a valid
port, ranging between 1 and 65535 (inclusive)</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">tls.keystoreURL</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Keystore to be used for generating authentication tokens for password authentication mechanism.
This should not be the same keystore than the ones used by TLS based protocols.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">tls.secret</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Password used to read the keystore</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">jwt.publickeypem.url</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Coma separated list of RSA public keys URLs to validate JWT tokens allowing requests to bypass authentication.
Defaults to an empty list.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">url.prefix</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration urlPrefix for JMAP routes. Default value: <a href="http://localhost" class="bare">http://localhost</a>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">websocket.url.prefix</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. URL for JMAP WebSocket route. Default value: ws://localhost</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">email.send.max.size</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration max size for message created in RFC-8621.
Default value: None. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">max.size.attachments.per.mail</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Defaults to 20MB. RFC-8621 <code>maxSizeAttachmentsPerEmail</code> advertised to JMAP client as part of the
<code>urn:ietf:params:jmap:mail</code> capability. This needs to be at least 33% lower than <code>email.send.max.size</code> property
(in order to account for text body, headers, base64 encoding and MIME structures).
JMAP clients would use this property in order not to create too big emails.
Default value: None. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">upload.max.size</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configuration max size for each upload file in new JMAP-RFC-8621.
Default value: 30M. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">upload.quota.limit</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional. Configure JMAP upload quota for total existing uploads' size per user. User exceeding the upload quota would result in old uploads being cleaned up.
Default value: 200M. Supported units are B (bytes) K (KB) M (MB) G (GB).</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">view.email.query.enabled</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Should simple Email/query be resolved against a Cassandra projection, or should we resolve them against OpenSearch?
This enables a higher resilience, but the projection needs to be correctly populated.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">user.provisioning.enabled</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to true. Governs whether authenticated users that do not exist locally should be created in the users repository.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">authentication.strategy.rfc8621</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional List[String] with delimiter <code>,</code> . Specify which authentication strategies system admin want to use for JMAP RFC-8621 server.
The implicit package name is <code>org.apache.james.jmap.http</code>. If you have a custom authentication strategy outside this package, you have to specify its FQDN.
If no authentication strategy is specified, JMAP RFC-8621 server will fallback to default strategies:
<code>JWTAuthenticationStrategy</code>, <code>BasicAuthenticationStrategy</code>.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">jmap.version.default</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional string. Defaults to <code>rfc-8621</code>. Allowed values: rfc-8621
Which version of the JMAP protocol should be served when none supplied in the Accept header.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">dynamic.jmap.prefix.resolution.enabled</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Supported Jmap session endpoint returns dynamic prefix in response.
When its config is true, and the HTTP request to Jmap session endpoint has a <code>X-JMAP-PREFIX</code> header with the value <code><a href="http://new-domain/prefix" class="bare">http://new-domain/prefix</a></code>,
then <code>apiUrl, downloadUrl, uploadUrl, eventSourceUrl, webSocketUrl</code> in response will be changed with a new prefix. Example: The <code>apiUrl</code> will be "http://new-domain/prefix/jmap".
If the HTTP request to Jmap session endpoint has the <code>X-JMAP-WEBSOCKET-PREFIX</code> header with the value <code>ws://new-domain/prefix</code>,
then <code>capabilities."urn:ietf:params:jmap:websocket".url</code> in response will be "ws://new-domain/prefix/jmap/ws".</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">webpush.prevent.server.side.request.forgery</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Prevent server side request forgery by preventing calls to the private network ranges. Defaults to true, can be disabled for testing.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">cassandra.filter.projection.activated</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Casandra backends only. Whether to use or not the Cassandra projection
for JMAP filters. This projection optimizes reads, but needs to be correctly populated. Turning it on on
systems with filters already defined would result in those filters to be not read.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">delay.sends.enabled</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional boolean. Defaults to false. Whether to support or not the delay send with JMAP protocol.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">disabled.capabilities</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional, defaults to empty. Coma separated list of JMAP capabilities to reject.
This allows to prevent users from using some specific JMAP extensions.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">email.get.full.max.size</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 5. The max number of items for EmailGet full reads.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">get.max.size</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 500. The max number of items for /get methods.</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">set.max.size</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Optional, default value is 500. The max number of items for /set methods.</p></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_wire_tapping"><a class="anchor" href="#_wire_tapping"></a>Wire tapping</h2>
<div class="sectionbody">
<div class="paragraph">
<p>Enabling <strong>TRACE</strong> on <code>org.apache.james.jmap.wire</code> enables reactor-netty wiretap, logging of
all incoming and outgoing requests, outgoing requests. This will log also potentially sensible information
like authentication credentials.</p>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_oidc_set_up"><a class="anchor" href="#_oidc_set_up"></a>OIDC set up</h2>
<div class="sectionbody">
<div class="paragraph">
<p>The use of <code>XUserAuthenticationStrategy</code> allow delegating the authentication responsibility to a third party system,
which could be used to set up authentication against an OIDC provider.</p>
</div>
<div class="paragraph">
<p>We do supply an <a href="https://github.com">example</a> of such a setup. It combines the <a href="https://www.keycloak.org/">Keycloack</a>
OIDC provider with the <a href="https://www.krakend.io/">Krackend</a> API gateway, but usage of similar technologies is definitely doable.</p>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_generating_a_jwt_key_pair"><a class="anchor" href="#_generating_a_jwt_key_pair"></a>Generating a JWT key pair</h2>
<div class="sectionbody">
<div class="paragraph">
<p>Apache James can alternatively be configured to check the validity of JWT tokens itself. No revocation mechanism is
supported in such a setup, and the <code>sub</code> claim is used to identify the user. The key configuration is static.</p>
</div>
<div class="paragraph">
<p>This requires the <code>JWTAuthenticationStrategy</code> authentication strategy to be used.</p>
</div>
<div class="paragraph">
<p>The Distributed server enforces the use of RSA-SHA-256.</p>
</div>
<div class="paragraph">
<p>One can use OpenSSL to generate a JWT key pair :</p>
</div>
<div class="literalblock">
<div class="content">
<pre># private key
openssl genrsa -out rs256-4096-private.rsa 4096
# public key
openssl rsa -in rs256-4096-private.rsa -pubout &gt; rs256-4096-public.pem</pre>
</div>
</div>
<div class="paragraph">
<p>The private key can be used to generate JWT tokens, for instance
using <a href="https://github.com/vandium-io/jwtgen">jwtgen</a>:</p>
</div>
<div class="literalblock">
<div class="content">
<pre>jwtgen -a RS256 -p rs256-4096-private.rsa 4096 -c "sub=bob@domain.tld" -e 3600 -V</pre>
</div>
</div>
<div class="paragraph">
<p>This token can then be passed as <code>Bearer</code> of the <code>Authorization</code> header :</p>
</div>
<div class="literalblock">
<div class="content">
<pre>curl -H "Authorization: Bearer $token" -XPOST http://127.0.0.1:80/jmap -d '...'</pre>
</div>
</div>
<div class="paragraph">
<p>The public key can be referenced as <code>jwt.publickeypem.url</code> of the <code>jmap.properties</code> configuration file.</p>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_annotated_specification"><a class="anchor" href="#_annotated_specification"></a>Annotated specification</h2>
<div class="sectionbody">
<div class="paragraph">
<p>The [annotated documentation](<a href="https://github.com/apache/james-project/tree/master/server/protocols/jmap-rfc-8621/doc/specs/spec" class="bare">https://github.com/apache/james-project/tree/master/server/protocols/jmap-rfc-8621/doc/specs/spec</a>)
presents the limits of the JMAP RFC-8621 implementation part of the Apache James project. We furthermore implement
[JSON Meta Application Protocol (JMAP) Subprotocol for WebSocket](<a href="https://tools.ietf.org/html/rfc8887" class="bare">https://tools.ietf.org/html/rfc8887</a>).</p>
</div>
<div class="paragraph">
<p>Some methods / types are not yet implemented, some implementations are naive, and the PUSH is not supported yet.</p>
</div>
<div class="paragraph">
<p>Users are invited to read these limitations before using actively the JMAP RFC-8621 implementation, and should ensure their
client applications only uses supported operations.</p>
</div>
<div class="paragraph">
<p>Contributions enhancing support are furthermore welcomed.</p>
</div>
<div class="paragraph">
<p>The list of tested JMAP clients are:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Experiments had been run on top of [LTT.RS](<a href="https://github.com/iNPUTmice/lttrs-android" class="bare">https://github.com/iNPUTmice/lttrs-android</a>). Version in the Accept
headers needs to be explicitly set to <code>rfc-8621</code>. [Read more](<a href="https://github.com/linagora/james-project/pull/4089" class="bare">https://github.com/linagora/james-project/pull/4089</a>).</p>
</li>
</ul>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_jmap_auto_configuration"><a class="anchor" href="#_jmap_auto_configuration"></a>JMAP auto-configuration</h2>
<div class="sectionbody">
<div class="paragraph">
<p><a href="https://datatracker.ietf.org/doc/html/rfc8620">RFC-8620</a> defining JMAP core RFC defines precisely service location.</p>
</div>
<div class="paragraph">
<p>James already redirects <code><a href="http://jmap.domain.tld/.well-known/jmap" class="bare">http://jmap.domain.tld/.well-known/jmap</a></code> to the JMAP session.</p>
</div>
<div class="paragraph">
<p>You can further help your clients by publishing extra SRV records.</p>
</div>
<div class="paragraph">
<p>Eg:</p>
</div>
<div class="listingblock">
<div class="content">
<pre>_jmap._tcp.domain.tld. 3600 IN SRV 0 1 443 jmap.domain.tld.</pre>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_jmap_reverse_proxy_set_up"><a class="anchor" href="#_jmap_reverse_proxy_set_up"></a>JMAP reverse-proxy set up</h2>
<div class="sectionbody">
<div class="paragraph">
<p>James implementation adds the value of <code>X-Real-IP</code> header as part of the logging MDC.</p>
</div>
<div class="paragraph">
<p>This allows for reverse proxies to cary other the IP address of the client down to the JMAP server for diagnostic purpose.</p>
</div>
</div>
</div>
</article>
</div>
</main>
</div>
<footer class="footer">
<p>This page was built using the Antora default UI.</p>
<p>The source code for this UI is licensed under the terms of the MPL-2.0 license.</p>
</footer>
<script id="site-script" src="../../../_/js/site.js" data-ui-root-path="../../../_"></script>
<script async src="../../../_/js/vendor/highlight.js"></script>
</body>
</html>