List of JNDI properties for MobileFirst Server administration
When you configure MobileFirst Server Administration Services and MobileFirst Operations Console for your application server, you set optional or mandatory JNDI properties, in particular for Java™ Management Extensions (JMX).
JNDI properties for MobileFirst Administration Services
The following properties can be set on the Administration Services web application worklightadmin.war.
| Property | Optional or mandatory | Description | Restrictions |
|---|---|---|---|
| ibm.worklight.admin.jmx.connector | Optional | The Java Management
Extensions (JMX) connector type. The possible values are SOAP and RMI. The default value is SOAP. |
WebSphere® Application Server only. |
| ibm.worklight.admin.jmx.host | Optional | Host name for the JMX REST connection. | Liberty profile only. |
| ibm.worklight.admin.jmx.port | Optional | Port for the JMX REST connection. | Liberty profile only. |
| ibm.worklight.admin.jmx.user | Optional | User name for the JMX REST connection. | WebSphere Application Server Liberty profile:
User name for the JMX REST connection. WebSphere Application Server Farm: User name for the SOAP connection. WebSphere Application Server Network Deployment: user name of the WebSphere administrator if the virtual host mapped to the MobileFirst server administration application is not the default host. |
| ibm.worklight.admin.jmx.pwd | Optional | User password for the JMX REST connection. | WebSphere Application Server Liberty profile:
User password for the JMX REST connection. WebSphere Application Server Farm: User password for the SOAP connection. WebSphere Application Server Network Deployment: User password of the WebSphere administrator if the virtual host that is mapped to the MobileFirst Server server administration application is not the default host. |
| ibm.worklight.admin.rmi.registryPort | Optional | RMI registry port for the JMX connection through a firewall. | Tomcat only. |
| ibm.worklight.admin.rmi.serverPort | Optional | RMI server port for the JMX connection through a firewall. | Tomcat only. |
| ibm.worklight.admin.jmx.dmgr.host | Mandatory | Deployment manager host name. | WebSphere Application Server Network Deployment only. |
| ibm.worklight.admin.jmx.dmgr.port | Mandatory | Deployment manager RMI or SOAP port. | WebSphere Application Server Network Deployment only. |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.actions.prepareTimeout | Optional | Timeout in milliseconds to transfer data from
the management service to the runtime during a deployment transaction.
If the runtime cannot be reached within this time, an error is raised
and the deployment transaction ends. Default value: 1800000 ms (30 min) |
| ibm.worklight.admin.actions.commitRejectTimeout | Optional | Timeout in milliseconds, when a runtime is contacted,
to commit or reject a deployment transaction. If the runtime cannot
be reached within this time, an error is raised and the deployment
transaction ends. Default value: 120000 ms (2 min) |
| ibm.worklight.admin.lockTimeoutInMillis | Optional | Timeout in milliseconds for obtaining the transaction
lock. Because deployment transactions run sequentially, they use a
lock. Therefore, a transaction must wait until a previous transaction
is finished. This timeout is the maximal time during which a transaction
waits. Default value: 1200000 ms (20 min) |
| ibm.worklight.admin.maxLockTimeInMillis | Optional | The maximal time during which a process can
take the transaction lock. Because deployment transactions run sequentially,
they use a lock. If the application server fails while a lock is taken,
it can happen in rare situations that the lock is not released at
the next restart of the application server. In this case, the lock
is released automatically after the maximum lock time so that the
server is not blocked forever. Set a time that is longer than a normal
transaction. Default value: 1800000 (30 min) |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.logging.formatjson | Optional | Set this property to true to
enable pretty formatting (extra blank space) of JSON objects in responses
and log messages. Setting this property is helpful when you debug
the server. Default value: false. |
| ibm.worklight.admin.logging.tosystemerror | Optional | Specifies whether all logging messages are also directed to System.Error. Setting this property is helpful when you debug the server. |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.proxy.port | Optional | If the MobileFirst Administration server is behind a firewall or reverse proxy, this property specifies the address of the host. Set this property to enable a user outside the firewall to reach the MobileFirst Administration server. Typically, this property is the port of the proxy, for example 443. It is necessary only if the protocol of the external and internal URIs are different. |
| ibm.worklight.admin.proxy.protocol | Optional | If the MobileFirst Administration server is behind a firewall or reverse proxy, this property specifies the protocol (HTTP or HTTPS). Set this property to enable a user outside the firewall to reach the MobileFirst Administration server. Typically, this property is set to the protocol of the proxy. For example, wl.net. This property is necessary only if the protocol of the external and internal URIs are different. |
| ibm.worklight.admin.proxy.scheme | Optional | This property is just an alternative name for ibm.worklight.admin.proxy.protocol. |
| ibm.worklight.admin.proxy.host | Optional | If the MobileFirst Administration server is behind a firewall or reverse proxy, this property specifies the address of the host. Set this property to enable a user outside the firewall to reach the MobileFirst Administration server. Typically, this property is the address of the proxy. |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.audit | Optional. | Set this property to false to disable the audit feature of the MobileFirst Operations Console. The default value is true. |
| ibm.worklight.admin.environmentid | Optional. | Environment identifier for the registration
of the MBeans. Use this identifier when different instances of the MobileFirst Server are installed on the same application server. The identifier determines which Administration Services, which console, and which runtimes belong to the same installation. The Administration Services manage only the runtimes that have the same environment identifier. |
| ibm.worklight.admin.serverid | Optional. | Server identifier. Must be different for each server in the farm. For server farms only. |
| ibm.worklight.admin.hsts | Optional. | Set to true to enable HTTP Strict Transport Security according to RFC 6797. |
| ibm.worklight.topology.platform | Mandatory | Server type. Valid values:
|
| ibm.worklight.topology.clustermode | Mandatory | In addition to the server type, specify here
the server topology. Valid values:
|
| ibm.worklight.admin.lock.master | Optional | In cluster and farm topologies, this property
determines which server is the lock master when the Cloudant® database is used. For synchronization, the system requires a locking mechanism that works across all servers in the farm or cluster. SQL data bases have native locking facilities, but Cloudant has none. Therefore, with Cloudant only one of the servers in the farm or cluster provides the locking mechanism. This server is called the lock master. Alternative ways of using this property are available:
The default value is auto. |
| ibm.worklight.admin.lock.master.detection.delay | Optional | This property determines the time in milliseconds
to wait on startup until Cloudant is
ready, before any locking operation can take place. This property
is only needed in cluster or farm topology when the database is Cloudant. For synchronization,
the system requires a locking mechanism that works across all servers
in the farm or cluster. SQL databases have native locking facilities, but Cloudant has none. Therefore, with Cloudant one of the servers in the farm or cluster provides the locking mechanism. This lock master server can be selected automatically with the help of the database. This automatic selection requires a small delay, similar to the setting of mfp.db.cloudant.afterWrite.delay, to ensure that the Cloudant database is in a consistent state. This delay occurs only once when the server starts. Reasonable values are between 1 and 10 seconds. Negative values are ignored. The default value is 3000 (three seconds). |
| ibm.worklight.admin.lock.master.detection.timeout | Optional | This property determines the timeout in seconds
for the detection of the lock master. This property is only needed
in cluster or farm topology when the database is Cloudant. For synchronization, the system
requires a locking mechanism that works across all servers in the
farm or cluster. SQL databases have native locking facilities, but Cloudant has none. Therefore, with Cloudant one of the servers in the farm or cluster provides the locking mechanism. During startup, the lock master server must come alive before all the other servers. Therefore, the other servers wait for this server before they complete their startup. This timeout value specifies the maximum time another server waits for the lock master to come alive. Negative values are ignored. The default value is 120 (two minutes). |
| ibm.worklight.admin.lock.master.connect.timeout | Optional | This property determines the timeout in seconds
for the connection to the lock master. This property is only needed
in cluster or farm topology when the database is Cloudant. For synchronization, the system
requires a locking mechanism that works across all servers in the
farm or cluster. SQL databases have native locking facilities, but Cloudant has none. Therefore, with Cloudant one of the servers in the farm or cluster provides the locking mechanism. That server is called the lock master. The timeout value specifies the maximum time another server waits for the lock master to respond to requests to take a lock. Negative values are ignored. The default value is 10 (seconds). |
| ibm.worklight.admin.farm.heartbeat | Optional | This property enables you to set in minutes
the heartbeat rate that is used in server farm topologies. The default value is 2 minutes. In a server farm, all members must use the same heartbeat rate. If you set or change this JNDI value on one server in the farm, you must also set the same value on every other server in the farm. For more information, see Lifecycle of a server farm node. |
| ibm.worklight.admin.farm.missed.heartbeats.timeout | Optional | This property enables you to set the number
of missed heartbeats of a farm member before the status of the farm
member is considered to be failed or down. The default value is 2. In a server farm all members must use the same missed heartbeat value. If you set or change this JNDI value on one server in the farm, you must also set the same value on every other server in the farm. For more information, see Lifecycle of a server farm node. |
| ibm.worklight.admin.farm.reinitialize | Optional | A Boolean value (true or false) for re-registering or re-initializing the farm member. |
| ibm.worklight.admin.cloudant.dashboard.url | Optional | This property defines the URL of the Cloudant dashboard, such as the dashboard of the Cloudant account that you use for the MobileFirst data proxy. If this property is set, a link will be displayed in the header of MobileFirst Operations Console. |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.db.jndi.name | Optional | The JNDI name of the database. This parameter is the normal mechanism to specify the database. The default value is java:comp/env/jdbc/WorklightAdminDS. |
| ibm.worklight.admin.db.openjpa.ConnectionDriverName | Optional Conditionally mandatory |
The fully qualified name of the database connection driver class. Mandatory only when the data source that is specified by the ibm.worklight.admin.db.jndi.name property is not defined in the application server configuration. |
| ibm.worklight.admin.db.openjpa.ConnectionURL | Optional Conditionally mandatory |
The URL for the database connection. Mandatory only when the data source that is specified by the ibm.worklight.admin.db.jndi.name property is not defined in the application server configuration. |
| ibm.worklight.admin.db.openjpa.ConnectionUserName | Optional Conditionally mandatory |
The user name for the database connection. Mandatory only when the data source that is specified by the ibm.worklight.admin.db.jndi.name property is not defined in the application server configuration. |
| ibm.worklight.admin.db.openjpa.ConnectionPassword | Optional Conditionally mandatory |
The password for the database connection. Mandatory only when the data source that is specified by the ibm.worklight.admin.db.jndi.name property is not defined in the application server configuration. |
| ibm.worklight.admin.db.openjpa.Log | Optional | This property is passed to OpenJPA and enables JPA logging. For more information, see the Apache OpenJPA User's Guide. |
| ibm.worklight.admin.db.type | Optional | This property defines the type of database. The default value is inferred from the connection URL. |
| Property | Optional or mandatory | Description |
|---|---|---|
| mfp.db.cloudant.url | Optional | This property defines the URL of the Cloudant account used to store the database. The default value is https://username.cloudant.com. |
| mfp.db.cloudant.username | Optional Conditionally mandatory |
This property defines the user name of the Cloudant account used to store
the database. If this property is not defined, a relational database is used. |
| mfp.db.cloudant.password | Optional Conditionally mandatory |
This property defines the password of the Cloudant account used to store
the database. This property must be set when mfp.db.cloudant.username is set. |
| mfp.db.cloudant.ssl.authentication | Optional | This property specifies whether the SSL certificate
chain validation and host name verification are enabled for HTTPS
connections to the Cloudant database.
The value is a Boolean value (true or false). The default value is true. Note: Setting
this property to false creates security risks.
|
| mfp.db.cloudant.ssl.configuration | Optional | This property applies to WebSphere Application Server full profile only. For HTTPS connections to the Cloudant database, it specifies the name of an SSL configuration in the WebSphere Application Server configuration to use when no configuration is specified for the host and port. |
| mfp.db.cloudant.proxyHost | Optional | This property defines the host name of an HTTP proxy for the connection to the Cloudant database server. |
| mfp.db.cloudant.proxyPort | Optional | This property defines the port of an HTTP proxy for the connection to the Cloudant database server. |
| mfp.db.cloudant.adminDbName | Optional | This property defines the name of the database
for MobileFirst Administration
Services in the Cloudant account.
The name must start with a lowercase letter and contain only lowercase
letters and any of the following characters: 0-9 , $ - _ The default name is mfp_admin_db. |
| mfp.db.cloudant.connectTimeout | Optional | This property defines the timeout in milliseconds for establishing a network connection for Cloudant. A value of zero means an infinite timeout. A negative value means the default value (no override). |
| mfp.db.cloudant.socketTimeout | Optional | This property defines the timeout in milliseconds for detecting the loss of a network connection for Cloudant. A value of zero means an infinite timeout. A negative value means the default value (no override). |
| mfp.db.cloudant.maxConnections | Optional | This property defines the maximum number of simultaneous connections to the Cloudant database. |
| mfp.db.cloudant.afterWrite.fullCommit | Optional | This property specifies whether an "ensure full commit" operation is used after every write operation to the Cloudant database. The possible values are: true, false. The default value is false. |
| mfp.db.cloudant.afterWrite.delay | Optional | This property specifies in milliseconds how long to wait after every write operation to the Cloudant database. A value of zero means no wait. The default value is 0. |
| mfp.db.cloudant.retry.count | Optional | This property specifies the number of times to retry a Cloudant database query operation until it satisfies the expectations known from the context. The default value is 2. |
| mfp.db.cloudant.retry.delay | Optional | This property specifies in milliseconds how long to wait before retrying a Cloudant database query operation. A value of 0 means no wait. The default value is 0. |
| mfp.db.cloudant.documentOperation.timeout | Optional | This property specifies in seconds the timeout for the completion of operations on Cloudant documents. A value of zero means an infinite timeout. A negative value means the default value (no override). The default value is 30 seconds. |
| mfp.db.cloudant.attachmentOperation.timeout | Optional | This property specifies in seconds the timeout for the completion of operations on Cloudant attachments. A value of zero means an infinite timeout. A negative value means the default value (no override). The default value is 600 seconds (10 minutes). |
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.license.key.server.host |
|
Host name of the Rational® License Key Server. |
| ibm.worklight.admin.license.key.server.port |
|
Port number of the Rational License Key Server. |
JNDI properties for MobileFirst Operations Console
The following properties can be set on the web application (worklightconsole.war) of MobileFirst Operations Console.
| Property | Optional or mandatory | Description |
|---|---|---|
| ibm.worklight.admin.endpoint | Optional | Enables the MobileFirst Operations Console to locate the MobileFirst Server Administration REST services. Specify the external address and context root of the worklightadmin.war web application. In a scenario with a firewall or a secured reverse proxy, this URI must be the external URI and not the internal URI inside the local LAN. For example, https://wl.net:443/worklightadmin. |
| ibm.worklight.admin.global.logout | Optional | Clears the WebSphere user
authentication cache during the console logout. This property is useful
only for WebSphere Application Server V7. The default value is false. |
| ibm.worklight.admin.hsts | Optional | Set this property to true to
enable HTTP Strict Transport Security according to RFC 6797. For more
information, see the W3C Strict Transport Security page. The default value is false. |
| ibm.worklight.admin.ui.cors | Optional | The default value is true. For more information, see the W3C Cross-Origin Resource Sharing page. |
| ibm.worklight.admin.ui.cors.strictssl | Optional | Set to false to allow CORS situations where the MobileFirst Operations Console is secured with SSL (HTTPS protocol) while the MobileFirst Server Administration services are not, or conversely. This property takes effect only if the ibm.worklight.admin.ui.cors property is enabled. |
Configuring the JNDI properties
For more information about how to configure the JNDI properties, see the topic JNDI environment entries for MobileFirst projects in production.
To configure the properties with Ant tasks, you must use the Ant task installworklightadmin, instead of configureapplicationserver.
For the console, the property element should be under the console element.
For more information, see Ant tasks for installation of MobileFirst Operations Console and Administration Services.