Client properties file

Create a properties file based on your requirements for WebSphere® eXtreme Scale client processes.

Sample client properties file

You can use the sampleClient.properties file that is in the wxs_home/properties directory to create your properties file.

Specifying a client properties file

You can specify the client properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the client properties file, the properties in that file override the values in the objectGridClient.properties file that is in the class path.

  1. As a well-named file anywhere in the WebSphere Application Server class path. Putting this file in the system current directory is not supported:
    objectGridClient.properties
  2. As a system property in either a stand-alone or WebSphere Application Server configuration. This value can specify a file in the system current directory, but not a file in the class path:
    -Dobjectgrid.client.props=file_name
    Note: In a WebSphere Application Server configuration, the client properties file must be in the classpath if you want to specify a particular client properties file to use with the system property; for example, was_root/properties or profile_root/properties, depending on whether you want the properties file to apply to a specific profile, or the entire installation.
  3. As a programmatic override using the ClientClusterContext.getClientProperties method. The data in the object is populated with the data from the properties files. You cannot configure security properties with this method.

Client properties

Client properties
listenerHost

Specifies the host name to which the Object Request Broker (ORB) transport protocol binds for communication. The value must be a fully qualified domain name or IP address. If your configuration involves multiple network cards, set the listener host and port to let the transport mechanism in the JVM know the IP address for which to bind. If you do not specify which IP address to use, symptoms such as connection timeouts, unusual API failures, and clients that seem to hang can occur.

listenerPort
Specifies the port number to which the Object Request Broker transport protocol binds for communication.

Default: 2809

Note: When a data grid server is run inside and the ORB transport protocol is being used, another port ORB_LISTENER_ADDRESS must also be opened. The BOOTSTRAP_ADDRESS port forwards requests to this port.
preferLocalProcess
This property is not currently used. It is reserved for future use.
preferLocalHost
This property is not currently used. It is reserved for future use.
preferZones
Specifies a list of preferred routing zones. Each specified zone is separated by a comma in the form: preferZones=ZoneA,ZoneB,ZoneC

Default: no value

requestRetryTimeout
Specifies how long to continue processing a request (in milliseconds) after an exception occurs. Use one of the following valid values:
  • A value of 0 indicates that the request should fail fast and skip over the internal retry logic.
  • A value of -1 indicates that the request retry timeout is not set, meaning that the request duration is governed by the transaction timeout. (Default). The following levels of checking the request retry timeout are used to determine the default behavior:
    • Session instance requestRetryTimeout value
    • Client properties file requestRetryTimeout value
    • If neither of the previous values are set, then the lowest value between the transaction timeout value and 30 seconds is selected. For example, if the transaction timeout value has the default value of 10 minutes, then the request times out at 30 seconds. Alternatively, if you set the transaction timeout value to 20 seconds, then the request times out after 20 seconds.
  • A value over 0 indicates the request entry timeout value in milliseconds. Exceptions that are not successfully created are returned. Even when exceptions, such as DuplicateException, are tried again, they are also returned when they do not succeed. The transaction timeout is still used as the maximum time to wait.

Security client properties

General security properties
securityEnabled
Enables WebSphere eXtreme Scale client security. This setting should match with the securityEnabled setting in theWebSphere eXtreme Scale server properties file. If the settings do not match, the client connection to the data grid fails.

Default: false

Credential authentication configuration properties
credentialAuthentication
Specifies the client credential authentication support. Use one of the following valid values:
  • Never: The client does not support credential authentication.
  • Supported: The client supports credential authentication if the server also supports credential authentication. (Default)
  • Required: The client requires credential authentication.
authenticationRetryCount
Specifies the number of times that authentication is tried if the credential is expired. If the value is set to 0, attempts to authenticate are not tried again.

Default: 3

credentialGeneratorClass
Specifies the name of the class that implements the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface. To specify this property, the credentialAuthentication property must be set to Supported or Required. This class is used to get credentials for clients.

Default: no value

credentialGeneratorProps
Specifies the properties for the CredentialGenerator implementation class. The properties are set to the object with the setProperties(String) method. To specify this property, the credentialAuthentication property must be set to Supported or Required. The credentialGeneratorprops value is used only if the value of the credentialGeneratorClass property is not null.
Transport layer security configuration properties
transportType
Specifies the client transport type. The possible values are:
  • TCP/IP: Indicates that the client only supports TCP/IP connections.
  • SSL-Supported: Indicates that the client supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default)
  • SSL-Required: Indicates that the client requires SSL connections.
SSL configuration properties
alias
Specifies the alias name in the keystore. This property is used if the keystore has multiple key pair certificates and you want to select one of the certificates.

Default: no value

contextProvider
Specifies the name of the context provider for the trust service. If you indicate a value that is not valid, a security exception results that indicates that the context provider type is incorrect.

Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.

keyStore
Specifies a fully qualified path to the keystore file.

Example:

etc/test/security/client.private

keyStoreType
Indicates the type of keystore. If you indicate a value that is not valid, a runtime security exception occurs.

Valid values: JKS, JCEK, PKCS12, and so on.

protocol
Indicates the type of security protocol to use for the client. Set this protocol value based on which security provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.

Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.

trustStoreType
Indicates the type of truststore. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

trustStore
Specifies a fully qualified path to the truststore file.

Example:

etc/test/security/server.public

keyStorePassword
Specifies the string password to the keystore. You can encode this value or use the actual value.
trustStorePassword
Specifies a string password to the truststore. You can encode this value or use the actual value.