docs: document config properties in application-default.properties

config/application-default.properties

@@ -172,15 +172,38 @@ pit.pidsystem.handle-protocol.handleRedirectAttributes = {'21.T11148/b8457812905
 ### Base URL for the DTR used. ###
 # Currently, we support the DTRs of GWDG/ePIC.
 pit.typeregistry.baseURI = https://typeapi.lab.pidconsortium.net
-# If the attribute(s) keys/types in your PID records are not being recognized as such, please contact us.
-# As a workaround, add them to this list:
-pit.validation.profileKeys = {}
+# If the attribute(s) keys/types in your PID records are not being
+# recognized as such, please contact us.
+# As a workaround, add them to this list.
+# pit.validation.profileKeys = {}
 
 ### As this service is a RESTful serice without GUI, CSRF protection is not required. ###
 pit.security.enable-csrf: false
 ### You may define patterns here for services which are allowed for communication. (CORS) ###
 pit.security.allowedOriginPattern: http*://localhost:[*]
 
+### Caching settings for validation ###
+# The maximum number of entries in the cache.
+# pit.typeregistry.cache.maxEntries:1000
+#
+# The time in minutes after which Entries will expire, starting from the
+# last update.
+# pit.typeregistry.cache.lifetimeMinutes:10
+
+# Profiles may disallow additional attributes in the PID records. This
+# option may be used to override this behavior for this instance.
+# If set to false, it will behave as the profiles describe.
+# If set to true, additional attributes will always be allowed.
+pit.validation.alwaysAllowAdditionalAttributes = true
+
+### DANGEROUS OPTIONS! Please read carefully! ########################################
+# This will disable validation. It is only meant for testing and rare cases
+# where a DTR may not be available or an external validator is being
+# used.
+#
+# pit.validation.strategy = debug-none
+### DANGEROUS OPTIONS! Please read carefully! ########################################
+
 #######################################################
 #################### PID GENERATOR ####################
 #######################################################
@@ -208,7 +231,7 @@ pit.pidgeneration.casing = lower
 # Default: 4
 # pit.pidgeneration.num-chunks = 4
 
-### DANGEROUS OPTION! Please read carefully! ########################################
+### DANGEROUS OPTIONS! Please read carefully! ########################################
 # Please keep this option as a last resort vor special use-cases
 # where you need total control about the PID suffix you want to create.
 # In addition to authentication, we recommend fully hide the Typed PID Maker behind
@@ -219,7 +242,7 @@ pit.pidgeneration.casing = lower
 #                => PID = "abc/def" (delimiter may depend on PID system)
 #
 # pit.pidgeneration.custom-client-pids-enabled = false
-### DANGEROUS OPTION! Please read carefully! ########################################
+### DANGEROUS OPTIONS! Please read carefully! ########################################
 
 ################################
 ######## Database ##############

src/main/java/edu/kit/datamanager/pit/configuration/ApplicationProperties.java

@@ -51,6 +51,11 @@
 @Validated
 public class ApplicationProperties extends GenericApplicationProperties {
 
+  /**
+   * Internal default set of types which indicate that, when used as a key
+   * of an attribute, that the value of the attribute must be a profile.
+   * Used for profile detection in records.
+   */
   private static final Set<String> KNOWN_PROFILE_KEYS = Set.of(
           "21.T11148/076759916209e5d62bd5",
           "21.T11969/bcc54a2a9ab5bf2a8f2c"