• Pick provider for container hosting

• Kubernetes orchestration of images, containers, configuration data

• Install service (Jenkins?) for automated build and integration test of all targets triggered by Github push event, configuration through files in repositories

• Evaluate all-in-one solutions like fabric8, Rancher because it has cluster node image for rpi3, must provide Docker Registry for private images

Deployment targets:

• Raspberry Pi 3
• Any x86 Docker host
• AWS and GKE

The current (error) status of each RulesEngine should be shown in the Manager UI, this will require new SharedEvent subclasses to query/publish. The last error message and maybe some statistics (number of facts, etc.) about the knowledge session should be included.

• HTTP XSRF protection either through CORS or if that's still a problem, through double-submit of form hash in header (cookie) and body (json field), does auth-token help?

• WebSocket XSRF protection (see https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html) must be enabled on WebsocketComponent with Jetty CrossOriginFilter etc.

• Consider "Unlimited Strength Jurisdiction Policy" package for the JVM and if/how we need those algorithms

• Java Problems: http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

• Manager servlets should include CORS headers when in dev mode to allow console development from different host (e.g. node based HTTP server with live reload)

• Fix CORS filter used in Resteasy deployment (see below comment)

It does not scale correctly and there is no map shown.

If the server side is re-deployed with a clean DB (which is mostly what is done today) and a console previously registered to receive notifications, mechanism will stop working.

Issue is that Google FCM token required to send notification is stored in DB and console only sends this once. Upon re-installation with a cleaned-up DB, FCM token is gone.

Solution is to un-install and re-install console from device after a clean server installation.

In production, DB should not be cleaned with each installation and problem should not occur.

It's also possible to add a specific build flag to force console to send FCM token on each application start for development/testing purposes.

Currently when a notification is sent, the alert notification is stored in database and a "trigger" notification is sent using FCM. If the send to FCM fails, it is never re-tried and the trigger will only happen when a new notification is sent.

• 1. retry mechanism should be implemented

• 2. additional status for delivery to FCM should be added (current DELIVERED status means notification has been ack'ed by user).

• 3. notification sending should be isolated in different object to ease testing

• 4. proper testing must be implemented

• 5. notification sending (call to FCM) is done in synchronous way in user exposed method and could block rule thread for long time. Communication should happen in async way.

• As a manager, I want to create, update, and delete an asset entity and edit its attributes (5pt).
• As a manager, I want to group assets, by assigning them to another asset (2pt).
• As a manager, I want to define asset types so that I can distinguish how they are rendered on maps (3pt).
• As a manager, I want to set the geolocation of an asset by placing it on the map (2pt).

Each RulesEngine should have a custom LOG facade so users can log stuff on rules RHS. Ideally the manager UI would show this output on the rules engine screen.

Push notifications use Google FCM as delivery mechanism.
Have a resource for console to register to potentially receive notifications (id, token).
This information is linked to a user (stored as user attribute in Keycloak)

Have a service for manager to send notifications to all devices registered for a user.

How do we handle loops in rules?

1. Unpack the box and install OpenRemote

2. Open start page in browser (can be automatically discovered and opened with native integration?)

3. User is prompted to register with name and password (the name can be a person or client identifier)

   1. Option: User picks "Use bookmarklet" and drags generated bookmarklet (see http://benlog.com/2007/02/06/beamauth-two-factor-web-authentication-with-a-bookmark/) into the browser bar, clicking on it will send an HTTP basic authentication request and then redirect to the initial page

   2. Option: User picks "Use regular login" and the browser will present the user with a regular authentication dialog, its the user's job to make a bookmark and possibly store the credentials in the browser/OS keychain

4. After the first user registered, registration must no longer be possible, open registration can be re-enabled in application security configuration. The first user is the initial superuser, with all permissions.

When an AttributeEvent is sent by clients, we should give the client the option of setting the event timestamp to 0 or -1 and use that as a marker on the server side to set the timestamp when receiving the event on the message bus. This is useful for clients which are not guaranteed to be time-synchronised such as browsers. The event source timestamp would still be different than the processing timestamp in the asset queue.

A ContainerService that starts Camel routes for agent/thing discovery on startup.

TODO: Add task list here

a standard mechanism to create these would be nice:

Define an agent
Mark as "requires callback"
When agent is saved a unique API key is generated (not editable) and callbackURL is displayed in the manager as a readonly attribute
Callback URL endpoint is created on the backend using the agents API key

Request comes in on callback URL, API Key is verified (could also restrict caller IP by domain) and the agent is resolved. The request that comes in will need to be handed to the protocol implementation to process.

When changing attribute configuration in an attribute (in edit mode) and saving (eg. add 'show on dashboard'), state should remain in edit mode. It now goes back to view mode.

For console application writers we need to provide some JavaScript functions that make it easy to integrate with the Console shell offline token storage and authentication handling.

Take the code we have currently in index.html and make it generic and usable in all index.html that someone might want to write as a console application.

Currently have to edit an asset to delete it; having a 'Delete asset' button in the asset viewer will make this much easier

The command to set alarm time status from On to Off includes the parameter to select Master or Local group.

1:master:on
1:local:on

The on and off states are working, but the master / local mode is not changing.

(Bug currently seen in V2.x)

The KNX protocol doesn't react to disconnection events without something sending a command first so internal protocol state could be out of sync with actual KNX devices.

Seems that Calimero doesn't actively monitor the connection.

• Clean up asset discovery SPI, improve mergeAsset(someBetterOptions) and deleteAsset() operations, add doAssetDiscovery() interface.

• It's the job of the protocol implementation to generate a unique identifier for an imported/discovered asset and know when it's "the same" and must be merged or deleted. For ZWave home and node ID should be considered candidate keys. See example:

  openremote/agent/src/main/java/org/openremote/agent/protocol/upnp/UpnpProtocol.java

  Line 193 in 9ae5f2e

  return Generators.nameBasedGenerator().generate(

• Protocols should merge discovered or imported assets into a separate parent asset that groups all things by protocol configuration. For example, protocol configuration "velbus1" of "Agent123" would merge assets under "Agent123" -> "Velbus 1" (or whatever AssetMeta.LABEL the protocol configuration has) -> "DiscoveredDevice123"

• Should we consider read-only assets and forbid modification (cutting attributes), so that they can be safely merged/updated by protocols during repeated discovery/import.

• Setup submodule of openremote main repo in ZWave repository, see https://github.com/openremote/openremote/wiki/Developer-Guide%3A-Creating-a-custom-project

• Write ZwaveProtocol using the serial communication abstraction already present in SPI, start with VelbusSerialMessageProcessor.java as example.

• Figure out packaging for public distribution/custom projects, maybe we can discover if the zwave repository is checked out next to the main repo and then the main repo build includes it and packages the produced zwave.jar.

My joy has stopped after docker-compose up:

michal@rutek06 ~/Developer/openremote/openremote> docker-compose up
Creating network "openremote_default" with the default driver
Pulling mongo (mongo:2.6)...
2.6: Pulling from library/mongo
8dddc0afbe0a: Pull complete
a3ed95caeb02: Pull complete
32eed1053be0: Pull complete
238985f894fd: Pull complete
c92ee4981033: Pull complete
432dada1b3de: Pull complete
8ae43fe32b85: Pull complete
03913f2c5b05: Pull complete
ERROR: failed to register layer: Untar re-exec error: exit status 1: output: no such file or directory

• As a user, I want to manually enter the service API endpoint URL(s), so the console can connect to the backend (1pt).
• As a user, I want to automatically search for and discover the API service endpoints for the console through UPnP or mDNS, so that I don't have to enter the URL(s) manually (1pt).
• As a user, I want to authenticate the connection of the console with the backend API (3pt).

Push notifications will use Google FCM as delivery mechanism.
Goal is to limit to strict minimum the payload that is send over FCM.
Notification is a trigger mechanism for the application to call back to manager, retrieve specific information and display appropriate message as notification to the user.
Feasibility has to be further studied on iOS, seems possible starting with iOS 10.
OK to limit console to iOS 10 for now if required.

• Add http://swagger.io/ to the Gradle build with a JAX-RS extension.

• Include rendered documentation in image(s)

• Show it as an always-available App called 'API Access' in Manager UI

• Find out how to handle authentication so actual calls can be made with Bearer tokens in Swagger UI

• Keep "model" sub-project or rename it to "sdk", merge it with some content from "manager:shared"

• Build and release process for SDK artifacts, Maven repos, Docker hub

• As a user, I want to display a console panel and its widgets fullscreen, so that I can interact with my assets (5pt).
• As a user, I want to be able to rotate the console panel, so that I can switch between portrait and landscape orientation (3pt).

Hello,

I have imported the repository to my pc.

When I try to run:

docker-compose -p openremote -f profile/demo.yml up

the containers starts but after few second the postgresql one exit due to error.

This is the message:

postgresql_1  | syncing data to disk ... ok
postgresql_1  | 
postgresql_1  | Success. You can now start the database server using:
postgresql_1  | 
postgresql_1  |     pg_ctl -D /var/lib/postgresql/data -l logfile start
postgresql_1  | 
postgresql_1  | 
postgresql_1  | WARNING: enabling "trust" authentication for local connections
postgresql_1  | You can change this by editing pg_hba.conf or using the option -A, or
postgresql_1  | --auth-local and --auth-host, the next time you run initdb.
postgresql_1  | waiting for server to start....LOG:  could not bind IPv6 socket: Cannot assign requested address
postgresql_1  | HINT:  Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
postgresql_1  | LOG:  database system was shut down at 2017-09-22 15:08:47 CEST
postgresql_1  | LOG:  MultiXact member wraparound protections are now enabled
postgresql_1  | LOG:  autovacuum launcher started
postgresql_1  | LOG:  database system is ready to accept connections
postgresql_1  |  done
postgresql_1  | server started
postgresql_1  | CREATE DATABASE
postgresql_1  | 
postgresql_1  | CREATE ROLE
postgresql_1  | 
postgresql_1  | 
postgresql_1  | /docker-entrypoint.sh: running /docker-entrypoint-initdb.d/01-init-user.sh
postgresql_1  | ERROR:  syntax error at or near "''" at character 23
postgresql_1  | STATEMENT:  CREATE USER  PASSWORD '';
postgresql_1  | ERROR:  syntax error at or near "''"
postgresql_1  | LINE 1: CREATE USER  PASSWORD '';
postgresql_1  |                               ^
openremote_postgresql_1 exited with code 3

• Handle errors of main web view loading (initial URL) by displaying native error message instead of letting the web view display the error.

• The native error messages should be either fatal (the app should exit clean when user clicks "OK" button in an error dialog) or non-fatal (user can continue using the app with some weird behaviour such as buttons not working, after a short-lived toast with the error message was shown).

• Handle device notifications for connectivity and display an error screen overlay when no connectivity is detected.

• Implement error/status bridge between WebView and shell. The loading and any error status should be send from WebView to shell and displayed in whatever makes most sense.

• If the WebView makes a server (HTTP call or WebSocket connection) request with an invalid access token, this should be handled gracefully by redirecting to login page.

• Also fix #35

The Map currently has a small navigation element with +/- and rotation actions. This is provided by Mapbox. We should turn this off and implement our own navigation elements in a SecondaryNavigation UI element. As an example, http://demo2.openremote.com/master#admin: shows several secondary navigation items in the top black bar.

• Take the code in org.openremote.manager.client.admin package for the navigation view, bring it into the org.openremote.manager.map package
• Implement the +/- and rotation actions by calling the Mapbox API (JSInterop) in the MapView/MapActivity
• Find any other interesting actions on the Mapbox API that make sense as user controls

In VelbusLink actions are set within modules to respond to Press / Release / Long_Press events from other modules.

for example, a relay channel can start or stop an interval timer when it sees a Press event from a module.

The concept for OpenRemote was that by mimicing a Press / Release / Long_Press event for a module (for example an input module) any actions programmed into other modules would respond.

For example.

A glass panel button will start and stop an interval timer to trigger the multi-step dimmer states in VMB4DC channels.
It should be possible for OpenRemote to mimic this button event.

This doesn't appear to be happening in V2.x

• As a user, I want to receive notifications on my mobile and/or wearable device (3pt).
• As a user, I should see notification actions and can trigger them (2pt).
• As a manager, I want to be able to selectively notify users when certain events occur (5pt).
• As a manager, I want to connect possible action events to notifications, so users can select an action (3pt).

When an attribute is linked a request is made to get the current value of the group address but there is no check that the network is connected so a NullPointerException can occur,

• Populate attribute types when asset type is selected (e.g. agent -> protocol config attributes)
• Make Thing the default asset type
• Thing should not be a leaf so child assets can be added
• Default values for protocol configuration meta items (e.g. KNX host -> IP address), however breaks validation flow?
• Discovery/import should only be possible when protocol configuration attribute edit is complete (protocol status indicator)
• Naming convention for KNX/ETS import: group addresses should map to multiple attributes on a single asset, not multiple assets
• Attribute link doesn't populate asset list dropdown
• Detect loops when processing attribute link messages (maybe by detecting source of AttributeEvent)

In DRL we should provide new Java interfaces org.openremote.model.rules.Room, Residence, etc. and map them to AssetState(type == AssetType.*).

• Rename or-shell to console subproject

• Dynamically include console in Gradle project build, based on setting in gradle.properties (enableAndroidDevelopment=true)

• Host access-controlled static resources on the Manager server, these are the webapp files for a particular tenant/realm Console application

• Add read:console role for Console client, which gives the user the ability to download Console webapp resources for a given realm

• Implement access token refresh

• As a manager, I want to locate all assets that have geolocation information on a map (3pt).
• As a manager, I want to select an asset on a map, so I can see the state of its most important attributes in an overlay panel. (3pt).
• As a manager, I want to select an asset on a map, so I can switch to a full view of the asset and manage it (2pt).
• As a manager, I want to select a single or several assets, and a timeframe, so I can see historical attribute values in a table display (5pt).

• As a user, I want to automatically search for and discover the API service endpoints for the console through UPnP or mDNS, so that I don't have to enter the URL(s) manually

• We should recommend and perform installation on host systems with mDNS responder. Users can type [Name of the box].local into their browser.

Some old code from Marcus for mDNS announcements:

 JmDNS jmdns;
   try {
      String data = "http://" + NetworkUtil.getLocalhostIP() + ":8080/controller";
      jmdns = JmDNS.create();
      ServiceInfo serviceInfo = ServiceInfo.create("_http._tcp.local.", "OpenRemote Controller", 8080, "");
      Map<String, String> a = new HashMap<String, String>();
      a.put("URL", data);
      a.put("Vendor", "OpenRemote");
      serviceInfo.setText(a);
      jmdns.registerService(serviceInfo);

   } catch (IOException e1) {
      // TODO Auto-generated catch block
      e1.printStackTrace();
   }

As a user, I want to manually enter the service API endpoint URL(s), so the console can connect to the backend (1pt).

This can be a Spock test, it should use HTTP remote calls to access public API, so we can test the webserver layer as well.

Everyone can run this Benchmark when optimising and compare before/after numbers. We can automate this as part of the regular build later, it should also not be part of the normal test suite.

• Write a protocol that inserts test assets
• Write rules that trigger attribute events
• Create a Spock test that uses the protocol, also performs a rules restart, whenever possible calls done with an HTTP client through public API
• Print how long it takes for each step
• Print heap memory consumption of various stateful components (rules engine, protocols), any useful thread information

• As a user, I want to list, create, update and delete tenant/realms so all data can be isolated for each tenant (5pt).
• As a super-user, I want to list, create, update and delete users for each tenant/realm (5pt).
• As a user, I want to assign roles to users (3pt).
• Define roles for super/tenant administration, how do we handle superusers OF a realm.
• Resolve any issues with login of !superuser in Manager UI, currently there are no role permission checks in the code and the UI breaks randomly as server calls fail.

E.g. motion sensor is stuck in ON position if there was no update in 24 hours.

Maintenance workflow:

• go into manager and disable the scene timer or disable alarm for all scenes
• contact the maintainer/installer and the user and tell them what’s wrong. this step should also be captured in our manager tool, so the next guy on the phone can look up the issue history (CRM)
• when a manager logs in, show a TODO list of pending maintenance issues

Should this be part of ProtocolConfiguration or an attribute linking option?

Actions:

• Easy: Store problems in DB, expose on webservice for external monitoring (Pingdom)
• Difficult: Send email, notify admin, notify user(s), requires work on notification system
• Best: Provide CRM-like functionality to improve maintenance workflow, see #58

• Implement Flow CRUD

• Implement Flow to Camel Routes translation

• Integrate Flow routes in asset processing services

• Port flow designer from M1 to Manager UI

• Loop detection in Macro (and Timer?) protocol, should we delegate this to the flow engine?

Have some gradle task to fetch required bower dependencies

Ability to put attributes with same type into groups; read and write operations can then be performed on the group.

For read operations the value of the first item could be used (as the attributes in a group could be out of sync - alternatively if not all attributes in the group have the same value then the groups value becomes null?).

For write operations each attribute in the group receives the written value.

When an attribute inside a group changes (i.e. a sensor update) then all attributes in the group should also be updated (using south bound attribute event).

Should include:

• Qickstart demo installation
• Customizing demo installation
• Contribution Guidelines (move https://github.com/openremote/OpenRemote.org/wiki/Licensing-guidelines-for-contributors)

Have a way to customize certain aspects of the console for a specific project and build that.
It should be possible to have custom

• icon
• package name
• specific parameters

Occasionally I see a 500 error response coming from keycloak auth handler. Here's the logs from the keycloak container:

11:54:29,500 ERROR [io.undertow.request] (default task-27) UT005023: Exception handling request to /auth/realms/master/protocol/openid-connect/auth: org.jboss.resteasy.spi.UnhandledException: java.lang.NullPointerException
        at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76)
        at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212)
        at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:168)
        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:411)
        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)
        at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)
        at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
        at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
        at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
        at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
        at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
        at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
        at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
        at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
        at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
        at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
        at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
        at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
        at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
        at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
        at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createResponse(FreeMarkerLoginFormsProvider.java:207)
        at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createErrorPage(FreeMarkerLoginFormsProvider.java:484)
        at org.keycloak.services.ErrorPage.error(ErrorPage.java:30)
        at org.keycloak.authentication.AuthenticationProcessor.handleBrowserException(AuthenticationProcessor.java:616)
        at org.keycloak.protocol.AuthorizationEndpointBase.handleBrowserAuthenticationRequest(AuthorizationEndpointBase.java:125)
        at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.buildAuthorizationCodeAuthorizationResponse(AuthorizationEndpoint.java:317)
        at org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint.build(AuthorizationEndpoint.java:125)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139)
        at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)
        at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)
        at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)
        at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:107)
        at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:133)
        at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)
        at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)
        ... 37 more

Currently attributes are by default organized alphabetically. Improve by adding ability to cluster and group with one header, eg. "Scene Times" clustering all 28 attributes. Include option to order, based on own preference.

• Reverse HTTP proxy response header in manager, remove Server: WildFly/10 header when passing through response from Keycloak

• Default HTTP response headers, remove X-Powered-By: Undertow/1

• As a user, I want to display a console panel and its widgets fullscreen, so that I can interact with my assets
• As a user, I want to be able to rotate the console panel, so that I can switch between portrait and landscape orientation

We should show how easy it is conceptually to integrate social services/other APIs. Twitter is probably the easiest to understand and most widespread message consumer/producer we can find.