Configuration

The configuration of the GraphQL service is in the file <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-graphql-service/WEB-INF/classes/application.properties:

In this file you can modify the following properties:

  • cors.allowed-origins: This service supports Cross-origin resource sharing (CORS). The section Cross-origin Resource Sharing (CORS) (settings of published REST web services) explains what CORS is.

    By default, the value of the property cors.allowed-origins is *. But this value is not allowed as it is against the CORS specification and may cause security problems.

    You must configure the property to include the list of allowed URLs (separate each URL by a comma), from which GraphQL requests are allowed. For example, http://foo.com, https://foo.bar.com.

  • graphql.enable.filtering: If true, user is allowed to sort data, specify complex filters, group results and calculate aggregation functions in the GraphQL queries. If false the user is only allowed to use GraphQL standard features. Default is true.

  • graphql.max.query.complexity: GraphQL Service prevents the execution of the query if its complexity is greater than the value specified by this property. The complexity is calculated using this formula: 1 + childComplexity. Default is 200.

  • graphql.max.query.depth: GraphQL Service prevents the execution of the query if its depth is greater than the value specified by this property. Default is 5.

  • graphql.endpoint: Default is /graphql.

  • query.default-page-size: Number of results returned per query. If -1 all results are retrieved. Default is 1000.

  • vdp.datasource.driverClassName: The full package name of the Denodo driver class. Its value is com.denodo.vdp.jdbc.Driver and should not be modified.

  • vdp.datasource.jdbcUrl: URI that the GraphQL service uses to connect to Virtual DataPort. The default value is jdbc:denodo://localhost:<PORT>/?noAuth=true.

    If you change the port of Virtual DataPort (by default, 9999), modify this property accordingly.

  • vdp.admin.allowed: set to false to prevent the user account admin from accessing the GraphQL service. The service only takes this property into account when it uses HTTP Basic authentication. This property does not affect other administrator accounts, only the user account admin.

    Default value: true.

GZIP

The GraphQL website recommends that any production GraphQL service enable GZip compression and encourage their clients to send the header Accept-Encoding: gzip.

Depending on your scenario, compressing the JSON response can increase the performance or not.

To enable GZip compression in the GraphQL Service, edit the file <DENODO_HOME>/resources/apache-tomcat/webapps/denodo-graphql-service/WEB-INF/classes/application.properties and this:

# enable response compression
server.compression.enabled=true

# comma-separated list of mime types that should be compressed
server.compression.mime-types=application/json, application/graphql