KCI-KANBAN/docs/deployment-configuration.md

Deployment Configuration

Date: 2026-03-11T11:59:39Z

Hosting Model

• Windows IIS
• public/ configured as the site root
• public/Default.asp as the default document
• URL Rewrite sends non-static requests through the ASP front controller

Runtime Configuration

Primary deployment configuration is stored in public/web.config.

Important Settings

• ConnectionString
• Environment
• FlashMessageTimeout
• Error404RedirectSeconds
• CacheExpirationYear
• EnableErrorLogging
• ErrorLogPath
• KeycloakBaseUrl
• KeycloakRealm
• KeycloakClientId
• KeycloakClientSecret
• KeycloakRedirectUri
• KeycloakLogoutRedirectUri
• KeycloakAllowedClockSkewSeconds
• KeycloakHttpResolveTimeoutMs
• KeycloakHttpConnectTimeoutMs
• KeycloakHttpSendTimeoutMs
• KeycloakHttpReceiveTimeoutMs
• KeycloakEnableLogging
• KeycloakLogPath

Deployment Notes

• The Access DB path must be updated for the target machine.
• ErrorLogPath should be writable by the IIS application identity if enabled.
• Keep KeycloakClientSecret out of source control and inject it per environment.
• In Production, the login flow now rejects non-HTTPS or localhost Keycloak base, callback, and logout URLs.
• Static assets are expected under public/ paths excluded from rewrite rules.

Observed Gaps

• No container, CI/CD, or infrastructure-as-code deployment config was detected.
• Deployment is currently documented as a manual IIS-based process.