AMClient.properties revision 0a99555401a033704f1f171baab6db11fb5528f2
3112N/A#
3112N/A# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
3112N/A#
3112N/A# Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
3112N/A#
3112N/A# The contents of this file are subject to the terms
3112N/A# of the Common Development and Distribution License
3112N/A# (the License). You may not use this file except in
3112N/A# compliance with the License.
3112N/A#
3112N/A# You can obtain a copy of the License at
3112N/A# https://opensso.dev.java.net/public/CDDLv1.0.html or
3112N/A# opensso/legal/CDDLv1.0.txt
3112N/A# See the License for the specific language governing
3112N/A# permission and limitations under the License.
3112N/A#
3112N/A# When distributing Covered Code, include this CDDL
3112N/A# Header Notice in each file and include the License file
3112N/A# at opensso/legal/CDDLv1.0.txt.
3112N/A# If applicable, add the following below the CDDL Header,
3112N/A# with the fields enclosed by brackets [] replaced by
3112N/A# your own identifying information:
3112N/A# "Portions Copyrighted [year] [name of copyright owner]"
5061N/A#
6273N/A# $Id: AMClient.properties,v 1.24 2009/08/12 17:43:03 beomsuk Exp $
3112N/A#
4458N/A#
4458N/A
4458N/A#
4458N/A# Portions Copyrighted [2010] [ForgeRock AS]
3832N/A#
3832N/A
4458N/A/* The following keys are used to configure the Debug service.
3832N/A * Possible values for the key 'level' are: off | error | warning | message.
3832N/A * The key 'directory' specifies the output directory where the debug files
4458N/A * will be created.
4974N/A * Trailing spaces are significant.
5580N/A * Windows: Use forward slashes "/" separate directories, not backslash "\".
4458N/A * Windows: Spaces in the file name are allowed for Windows.
5581N/A */
5580N/Acom.iplanet.services.debug.level=@DEBUG_LEVEL@
5332N/Acom.iplanet.services.debug.directory=@DEBUG_DIR@
5580N/A
5580N/A/*
4978N/A * Server mode should be 'false'
4978N/A */
5361N/Acom.iplanet.am.serverMode=false
4978N/A
5010N/A/*
4978N/A * Cache enable / disable properties
3832N/A */
4458N/Acom.iplanet.am.sdk.caching.enabled=true
4458N/Acom.sun.identity.idm.cache.enabled=true
4458N/Acom.sun.identity.sm.cache.enabled=true
4458N/A
4458N/A/*
4458N/A * Refresh time for appssotoken, value in minutes
4458N/A */
4495N/Acom.iplanet.am.client.appssotoken.refreshtime=3
4495N/A
4495N/A/*
4495N/A * Logging status
4495N/A */
4495N/Acom.iplanet.am.logstatus=ACTIVE
4458N/A
4458N/A/*
4458N/A * SDK package name
4458N/A */
4458N/Acom.iplanet.am.sdk.package=com.iplanet.am.sdk.remote
4714N/A
4714N/A/*
4714N/A * Configure remote plugin classes for configuration (SMS)
4458N/A */
4458N/Acom.sun.identity.sm.sms_object_class_name=com.sun.identity.sm.jaxrpc.SMSJAXRPCObject
4458N/A
4495N/A/*
4458N/A * Naming URL
4458N/A */
4458N/Acom.iplanet.am.naming.url=@NAMING_URL@
4458N/A
4458N/A/*
4458N/A * Notification URL
4723N/A */
4458N/Acom.sun.identity.client.notification.url=@NOTIFICATION_URL@
4458N/A
4458N/A/*
4458N/A * Security Credentails to read the configuration data
5417N/A */
5417N/Acom.sun.identity.agents.app.username=@APPLICATION_USER@
5417N/Acom.iplanet.am.service.password=@APPLICATION_PASSWD@
880N/Acom.iplanet.am.service.secret=@ENCODED_APPLICATION_PASSWORD@
4714N/A
4714N/A/*
4714N/A * Encryption key that will be used to encrypt and decypt
4714N/A * data to communicate with the server.
3832N/A * This key is needed to decrypt passwords stored
4458N/A * in the SMS configuration.
5061N/A */
4458N/Aam.encryption.pwd=@ENCRYPTION_KEY@
4458N/A
4458N/A/*
4458N/A * Encryption key that will be used to encrypt and decypt
4458N/A * data used locally within the client.
5061N/A */
5061N/Acom.sun.identity.client.encryptionKey=@ENCRYPTION_KEY_LOCAL@
900N/A
4458N/A/*
900N/A * Encryption: The key "com.iplanet.security.encryptor" specifies
927N/A * the encrypting class implementation.
900N/A * Available classes are:
5043N/A * com.iplanet.services.util.JCEEncryption
4495N/A * com.iplanet.services.util.JSSEncryption
4714N/A */
4458N/Acom.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
5798N/A
5688N/A/*
4458N/A * Property to enable/disable the notifications for am.sdk and IdRepo Caches.
4716N/A * If set to "true" notifications are enabled and disabled if set to "false".
5369N/A */
4495N/Acom.sun.identity.idm.remote.notification.enabled=false
4459N/A
4459N/A/*
5061N/A * Property to enable/disable the notifications for service management caches.
6274N/A * If set to "true" notifications are enabled and disabled if set to "false".
6274N/A */
com.sun.identity.sm.notification.enabled=false
/*
* Cache update time (in minutes) for am.sdk & IdRepo Caches
* if notification URL is not provided or if notifications are disabled.
* Note:
* 1. This property is applicable only if
* 'com.sun.identity.client.notification.url'
* is not provided or if 'com.sun.identity.idm.remote.notification.enabled'
* is set to 'false'.
* 2. If the polling time is set as 0, then polling is disabled.
*/
com.iplanet.am.sdk.remote.pollingTime=0
/*
* Cache update time (in minutes) for service configutation data,
* if notification URL is not provided or if notifications are disabled.
* Note:
* 1. This property is applicable only if
* 'com.sun.identity.client.notification.url'
* is not provided or if 'com.sun.identity.sm.notification.enabled' is
* set to 'false'.
* 2. If the cache time is set as 0, then no cache updates will occur.
*/
com.sun.identity.sm.cacheTime=10
/*
* The following are the properties to configure service management Cache for
* TTL. If the property 'com.sun.identity.sm.cache.ttl.enable' is set to
* true, the cache entries will expire based on the time specified in the
* property "com.sun.identity.sm.cache.ttl" (in minutes).
com.sun.identity.sm.cache.ttl.enable=true
com.sun.identity.sm.cache.ttl=30
/*
* The following are the properties to configure IdRepo cache for TTL.
* If the property 'com.sun.identity.idm.cache.entry.expire.enabled' is set to
* true, the cache entries will expire based on the time specified in the
* properties below. The properties 'com.sun.identity.idm.cache.user.expire.time'
* & 'com.sun.identity.idm.cache.default.expire.time' specify time in minutes
* for which the user & non-user entries respectively remain valid after their
* last modification. In other words after this specified period of time
* elapses (after the last modification/read from the directory), the data
* for the entry that is cached will expire. At that instant new requests for
* data for these entries will result in reading it from the IdRepo plugins.
*/
com.sun.identity.idm.cache.entry.expire.enabled=true
com.sun.identity.idm.cache.entry.user.expire.time=1
com.sun.identity.idm.cache.entry.default.expire.time=1
/*
* The following are the properties to configure AMSDK plugin Cache for TTL.
* If the property 'com.iplanet.am.sdk.cache.entry.expire.enabled' is set to
* true, the cache entries will expire based on the time specified in the
* properties below. The properties 'com.iplanet.am.sdk.cache.user.expire.time'
* & 'com.iplanet.am.sdk.cache.default.expire.time' specify time in minutes for
* which the user & non-user entries respectively remain valid after their last
* modification. In other words after this specified period of time elapses
* (after the last modification/read from the directory), the data for the
* entry that is cached will expire. At that instant new requests for data for
* these entries will result in reading it from the Directory.
*/
com.iplanet.am.sdk.cache.entry.expire.enabled=true
com.iplanet.am.sdk.cache.entry.user.expire.time=1
com.iplanet.am.sdk.cache.entry.default.expire.time=1
/*
* Server protocol, host and port to be used by Client Services
*/
com.iplanet.am.server.protocol=@SERVER_PROTOCOL@
com.iplanet.am.server.host=@SERVER_HOST@
com.iplanet.am.server.port=@SERVER_PORT@
com.iplanet.am.services.deploymentDescriptor=@DEPLOY_URI@
com.iplanet.am.console.protocol=@CONSOLE_PROTOCOL@
com.iplanet.am.console.host=@CONSOLE_HOST@
com.iplanet.am.console.port=@CONSOLE_PORT@
com.iplanet.am.console.deploymentDescriptor=@CONSOLE_DEPLOY_URI@
com.iplanet.am.console.remote=@CONSOLE_REMOTE@
com.iplanet.am.cookie.name=@AM_COOKIE_NAME@
/*
* Session related properties.
*/
com.iplanet.am.session.client.polling.enable=true
com.iplanet.am.session.client.polling.period=180
/*
* Identify cert db directory path, prefix and password file
* to initialize JSS Socket Factory when Web Container is configured SSL
*/
com.iplanet.am.admin.cli.certdb.dir=@CONTAINER_CERTDB_DIR@
com.iplanet.am.admin.cli.certdb.prefix=@CONTAINER_CERTDB_PREFIX@
com.iplanet.am.admin.cli.certdb.passfile=@BASEDIR@/@PRODUCT_DIR@/config/.wtpass
/*
* Identify property value for SSL ApprovalCallback / HostnameVerifier
* If com.iplanet.services.comm is configured as protocol handler
* and the checkSubjectAltName or resolveIPAddress feature is enabled,
* cert8.db and key3.db with the prefix value of
* com.iplanet.am.admin.cli.certdb.prefix will have to be created under
* the directory of com.iplanet.am.admin.cli.certdb.dir before server is
* restarted.
*/
com.iplanet.am.jssproxy.trustAllServerCerts=false
com.iplanet.am.jssproxy.checkSubjectAltName=false
com.iplanet.am.jssproxy.resolveIPAddress=false
com.iplanet.am.jssproxy.SSLTrustHostList=
/**************************************************************
* Policy Client parameters
**************************************************************/
/* Policy decision log parameters. Possible values for logging.level
* are NONE, ALLOW, DENY, BOTH, and DECISION */
com.sun.identity.agents.server.log.file.name=amRemotePolicyLog
com.sun.identity.agents.logging.level=NONE
/* Notification URL for updating cache */
com.sun.identity.agents.notification.enabled=false
com.sun.identity.agents.notification.url=@NOTIFICATION_URL@
/* Cache time in minutes */
com.sun.identity.agents.polling.interval=3
/* Information to cache. Possible value are "subtree" or "self" */
com.sun.identity.policy.client.cacheMode=subtree
/* Policy client clock skew value in seconds */
com.sun.identity.policy.client.clockSkew=10
/*
* Explicitly disable monitoring services in the client applications.
*/
com.sun.identity.monitoring=off
/*
* Specify if allow to use cached data for HttpURLConnection
*/
com.sun.identity.urlconnection.useCache=false
/**
* Property to enable or disable to use the metro implementation
* for ws-trust client.
*/
com.sun.identity.wss.trustclient.enablemetro=false
/**
* Property to use the SOAP version for ws-trust client. The containers
* that do not support JavaEE5 should use the version 1.1 but make sure that
* the STS service is compatible with 1.1 version.
*/
com.sun.identity.wss.soapversion=1.2
/**
* This property defines interval in seconds for web services security
* cache timeout.
*/
com.sun.identity.wss.security.cache.timeout.interval=300
/**
* This property defines an interval in seconds for cleaning up the
* web services security cache.
*/
com.sun.identity.wss.security.cache.cleanup.interval=60
/**
* This property indicates a plugin class for WSSCacheRepository that can be
* used for storing web services security cache persistently.
*/
com.sun.identity.wss.security.cacherepository.plugin=
/**
* This property is used by the standone SAML Tokens in web services security
* for the issuer name. If this property is not set, they will use the server
* host name as the default.
*/
com.sun.identity.wss.security.samlassertion.issuer=
/**
* This property is used to define the time skew in milli seconds used when
* the time stamps are validated.
*/
com.sun.identity.wss.security.timeskew=5000
/**
* Policy ResourceComparators to be used for different service names
*/
serviceType=iPlanetAMWebAgentService|class=com.sun.identity.policy.plugins.HttpURLResourceName|wildcard=*|delimiter=/|caseSensitive=false|oneLevelWildCard=-*-
/*
* Protocol handler pkg name for HTTPS protocol.
* Default value is none.
* Available impl classes are:
* com.iplanet.services.comm (uses JSS)
* com.sun.identity.protocol (pure Java)
*/
opensso.protocol.handler.pkgs=
/**
* When the Site monitoring needs to be disabled, set this property to true
* When a client SDK application runs in the same container as the OpenAM server
* this property might be set to true
*/
openam.naming.sitemonitor.disabled=false