Service Layer System Properties
| Properties | Mandatory | Data Type | Format | Size | Default | Allowed Values | Usage Details |
|
application.buildversion |
NUMBER | nn.nn.nn.nn | 11 |
n - Digit from 0 to 9 inclusive |
Defines the build version of the application. |
||
|
application.databaseType |
YES | Fixed List | <=10 |
SqlServer Oracle DB2 |
The system-wide default database type. Used for multiple query support functionality and JDBC interaction. |
||
| application.defaultLocale | YES | Standard List | As per IETF BCP 47, supported by JAVA |
Specifies the language Example: ja_JP, en-US |
|||
|
application.mode |
YES | Alphabetic | Fixed List | <=11 |
Value: DEVELOPMENT, PRODUCTION |
Development mode allows the configuration changes. Configuration data is not cached.Production mode allows the configuration changes as a new release. JVM should be restarted whenever configuration is changed. Configuration data is cached.Should be set to PRODUCTION in production environment. | |
|
application.configurationCacheTimeout |
Positive Integer | nnnnn | <=5 |
|
If value = 0, updates are not verified.If value > 0, updates are verified in the specified interval (i.e. after specified number of minutes). | ||
|
application.enableProduct |
Boolean | <=3 | No |
Value: Yes, No |
Allows application to use the Products hierarchy in configuration. System default is No. |
||
|
application.X-Frame-Options |
AlphaNumeric | Fixed List / Free text Parameter | <=255 | None |
Value: DENY, SAMEORIGIN, ALLOW-FROM <url> |
Supports against CSRF attacks. Applies only to IE8 and above. If property is not specified, no system protection against CSRF is offered.If DENY is set, any application page is not allowed to be framed.If SAMEORIGIN is set, application is allowed to be framed in any page coming from the same root url. (SAMEORIGIN means the same root URL).If ALLOW-FROM <url> is set, application is allowed to be framed from any page coming from the root URL specified in the property. | |
|
datasource.type |
YES | Alphabetic | Fixed | 4 | none |
Value: jndi |
The data source type. jndi relies on jndi names ORACLEDATASTOREDS in the application server for a datasource connection. |
| dataSource.project.jtaType | YES | Alphabetic | Fixed | <=100 | non-jta-data-source | ||
|
jpa.databasePlatform |
YES | AlphaNumeric | Fixed List | <=100 |
Value: org.eclipse.persistence.platform.database.SQLServerPlatform org.eclipse.persistence.platform.database.OraclePlatform org.eclipse.persistence.platform.database.DB2Platform |
Determines which JPA DatabasePlatform should be used with EclipseLink. |
|
|
jpa.showSql |
Boolean | <=5 | False |
Value: True, False |
Shows information in the application's log/console for all SQLs executed using JPA. It should be used only in Non-Production environment. | ||
|
transaction.manager |
YES | Alphabetic | Fixed | 3 |
Value: jpa |
Data source transaction manager. |
|
|
jpa.targetServer |
YES | AlphaNumeric | Fixed List | <=15 |
Value: none,Websphere_7,WebLogic_10 |
Determines the target server for this installation |
|
| application.AccessControlAllowOrigin | Alphabetic | List of domains that are allowed to make cross domain requests to shared resources. This header can have either list of domains or a wildcard character (*) to allow all access. Having a wildcard is considered as overly permissive policy. | |||||
| application.encryptDecryptFilePath | NO | AlphaNumeric |
The property application.encryptDecryptFilePath is deprecated and will be removed in future release. It is recommended to use application.keyStorePath and application.keyStoreAlias. Value of this property should be absolute path with file name, where EDKeyValue.dat exists. This .dat file holds the partial Encrypt/Decrypt Key for encryption/decryption of the data. This file comes as part of distribution zip. Example: /scratch/oipa/Oracle/oipa/conf/EDKeyValue.dat #File should have read permissions. |
||||
|
application.keyStorePath |
YES |
AlphaNumeric | File Path | <=255 |
|
Absolute path including file name where the oipakeystore.p12 is located.This file contains the Encrypt/Decrypt Key used for data encryption and decryption.It is included as part of the distribution zip.Example: /scratch/oipa/Oracle/oipa/conf/oipakeystore.p12Ensure the file has appropriate read/write permissions for authorized users. |
|
|
application.keyStoreAlias |
YES |
AlphaNumeric | YES |
Value: OIPAALIASDEFAULT |
The alias is a unique identifier for the key entry (secret key) in the keystore.Do not modify this value unless the customer rotates the encryption key. |
||
| JWK_URL | AlphaNumeric |
URL used to identity Cloud Services Signing Key in JWK (JSON Web Key) format. This URL converts the access_token into JSON web key format. Example: https://idcs1ee9ce3208c747708d658a74d8e5a625.identity.c9dev1.oc9qadev.com/admin/v1/SigningCert/jwk |
|||||
| TOKEN_URL | AlphaNumeric | URL is used to issue access_token in exchange of client id and client secret. Example : https://idcs-1ee9ce3208c747708d658a74d8e5a625.identity.c9dev1.oc9qadev.com/oauth2/v1/token |
|||||
| CLIENT_ID | AlphaNumeric | CLIENT ID of registered application in IDCS console. Client ID is generated after registering the application in IDCS console. | |||||
| CLIENT_SECRET | AlphaNumeric | CLIENT SECRET of registered application in IDCS console Client SECRET is generated after registering the application in IDCS console. | |||||
| SCOPE_AUD | AlphaNumeric |
SCOPE of registered application in IDCS console. The primary audience defined for the application in IDCS console. Example: http://localhost:8080/PASService/rest/services/ |
|||||
| VALIDATE_TOKEN_URL | AlphaNumeric | URL used to validate access_token issues by IDCS Example: https://idcs-1ee9ce3208c747708d658a74d8e5a625.identity.c9dev1.oc9qadev.com/oauth2/v1/introspect |
|||||
| idcs.authentication | Boolean | <=5 | false |
Value: true, false |
This property decides whether to provide IDCS authentication or not. true - allows to execute IDCS authentication flow. false - IDCS authentication flow is not executed. |
||
|
application.enableServiceLogs |
Alphabetic | Fixed List | <=3 | No | Value: Yes, No |
This property is used to enable Access Logs and publish to AdminConsole from Service Layer Yes → to enable capturing access logs and publish to AdminConsole No → to disable capturing access logs and do not publish to AdminConsole |
|
| PAS_URL | AlphaNumeric | http://hostname:portNumberOfPAS/PASJava |
URL to access PAS application - For Rest Wrapper Functionality Example: http://localhost:8080/PASJava |
||||
| cors.allowGenericHttpRequests | Yes | Boolean | true | true or false | If property value is to true generic HTTP requests will be allowed to pass through the filter else only valid CORS requests will be allowed. | ||
| cors.allowOrigin | Yes | Alphanumeric | FixedList | Origin list separated with space | This property allows to provide list of origins allowed to make cross domain requests. cors.allowOrigin=https://app.customer.com https://admin.customer.comEach entry must be an origin only: scheme + host + optional port. Do not include paths or trailing slashes.As AdminConosole, Cycle interact with OIPA add cycle, Adminconsole URLS separated by comma | ||
| cors.allowSubdomains | Yes | Boolean | false | true or false | If this property value is set to true, allow requests from any origin which is a subdomain origin of the allowed origins ( cors.allowOrigin ). | ||
| cors.supportedMethods | Yes | Alphanumeric | Fixed List, Comma separated | GET, POST, HEAD, OPTIONS, PUT, DELETE,PATCH | GET, POST, HEAD, OPTIONS, PUT, DELETE,PATCH | HTTP supportedMethods This property defines through Access-Control-Allow-Methods header, list of HTTP methods allowed for the request. for Example, if GET is added in supportedMethods then only GET cross-origin requests is allowed. | |
| cors.supportedHeaders | Yes | Alphanumeric | Content-Type,Accept,jSessionIDHeader,tokenIDHeader,tokenIDHeader_Ad | Content-Type,Accept,jSessionIDHeader,tokenIDHeader,tokenIDHeader_Ad | This is any custom header set by the application through XMLHttpRequest.setRequestHeader() for example Content-Type, X-Requested-With. | ||
| cors.exposedHeaders | No | Alphanumeric | empty list | This is list of headers which are safe to be exposed in the response and this information is sent through Access-Control-Expose-Headers for example , Custom-Exposed-Header-1 , Custom-Exposed-Header-2. | |||
| cors.supportsCredentials | Yes | Boolean | true | true or false | This property value identifies in constructing Access-Control-Allow-Credentials header. | ||
| cors.maxAge | Yes | Integer | -1 | This property indicates how long the preflight request can be cached by the web browser; this value is mentioned in seconds. for example, if the value is mentioned as 3600 means browsers should cache preflight request for 1 hour. | |||
| application.limit | No | Integer | 100 | ||||
| application.isSSOEnabled | No | Boolean | false | true or false | If this this property set to true, Native SSO feature will be enabled. |
