Cloudant Database (cloudantDatabase)

Cloudant Database (cloudantDatabase)

Configuration for a Cloudant Database.

Name Type Default Description

cloudantRef Top level cloudant element (string). Specifies the builder for the Cloudant Client that will be used when connecting to this database.

create boolean true Indicates that the Cloudant Client should create the database if it does not already exist.

databaseName string
Required Name of the database.

id string A unique configuration ID.

jndiName string JNDI name.

cloudant
Specifies the builder for the Cloudant Client that will be used when connecting to this database.

Name Type Default Description

account string Account name used to connect to a Cloudant database.

containerAuthDataRef Top level authData element (string). Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER.

jndiName string JNDI name.

libraryRef Top level library element (string). Specifies a library containing the Cloudant Client library and its dependencies.

password Reversably encoded password (string) Password corresponding to your Cloudant user ID.

url string URL for the Cloudant server, which includes the host and port.

username string The Cloudant user ID used to log in and access your databases.

Advanced Properties

connectTimeout A period of time with millisecond precision 5m The timeout to establish a connection. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

disableSSLAuthentication boolean false Disables host name verification and certificate chain validation.

maxConnections int
Min: 0 6 The maximum number of concurrent connections that a Cloudant Client can make to the host.

proxyPassword Reversably encoded password (string) Password corresponding to the user name for a proxy server to use when connecting to a Cloudant server.

proxyUrl string The URL of a proxy server to use when connecting to a Cloudant server.

proxyUser string User name for a proxy server to use when connecting to a Cloudant server.

readTimeout A period of time with millisecond precision 5m Timeout value to wait for a response from an established client connection. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

sslRef Top level ssl element (string). Specifies the SSL configuration that is needed to establish a secure connection.

cloudant > containerAuthData
Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER.

Name Type Default Description

krb5Principal string The name of the Kerberos principal name or Kerberos service name to be used.

krb5TicketCache Path to a file The file location where Kerberos credentials for the Kerberos principal name or service name will be stored. Also known as the Kerberos credential cache (ccache)

password Reversably encoded password (string) Password of the user to use when connecting to the EIS. The value can be stored in clear text or encoded form. IBM recommends encoding the password using the securityUtility tool with the encode option.

user string Name of the user to use when connecting to the EIS.

cloudant > library
Specifies a library containing the Cloudant Client library and its dependencies.

Name Type Default Description

apiTypeVisibility string spec,ibm-api,api,stable The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.

description string Description of shared library for administrators

filesetRef List of references to top level fileset elements (comma-separated string). Specifies a set of JAR or ZIP files to include in the class path for this library

name string Name of shared library for administrators

cloudant > library > file
Add a JAR or ZIP file to include in the class path for this library. Classes and resources that are contained in the specified JAR or ZIP are available to load for this library.

Name Type Default Description

id string A unique configuration ID.

name Path to a file
Required The path to a file can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

cloudant > library > fileset
Specifies a set of JAR or ZIP files to include in the class path for this library

Name Type Default Description

caseSensitive boolean true Boolean to indicate whether or not the search should be case sensitive (default: true).

dir Path to a directory ${server.config.dir} The base directory to search for files.

excludes string The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.

id string A unique configuration ID.

includes string * The comma or space separated list of file name patterns to include in the search results (default: *).

scanInterval A period of time with millisecond precision 0 The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

cloudant > library > folder
Add a folder to include in the class path for this library. Classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files that are contained in the specified folder are not added to the class path for this library.

Name Type Default Description

dir Path to a directory
Required The path to a folder can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

id string A unique configuration ID.

cloudant > library > path
Add a JAR file, ZIP file or folder to include in the class path for this library. If the specified path is a JAR or ZIP file, then classes and resources that are contained in the specified JAR or ZIP file are available to load for this library. If the specified path is a folder, then classes and resources that are contained in the specified folder and its subfolders are available to load for this library. JAR and ZIP files contained in the specified folder are not added to the class path for this library.

Name Type Default Description

id string A unique configuration ID.

name A file, directory or url.
Required The path can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.

cloudant > ssl
Specifies the SSL configuration that is needed to establish a secure connection.

Name Type Default Description

clientAuthentication boolean false Specifies whether client authentication is enabled. If set to true then client authentication is required and the client must provide a certificate for the server trusts.

clientAuthenticationSupported boolean false Specifies whether a client authentication is supported. If set to true then the client authentication support means the server will check trust from a client if the client presents a certificate.

clientKeyAlias string Alias of the certificate in the keystore used as the key to send to a server that has client authentication enabled. This attribute is only needed if the keystore has more than one key entry.

enabledCiphers string Specifies a custom list of ciphers. Separate each cipher in the list with a space. The supported cipher will depend on the underlying JRE used. Please check the JRE for valid ciphers.

enforceCipherOrder boolean false Specify on the server socket whether to enforce the cipher order. If set to true, the server socket is enabled to enforce the cipher order. The attribute is set to false by default.

keyStoreRef Top level keyStore element (string). A keystore containing key entries for the SSL repertoire. This attribute is required.

securityLevel

CUSTOM
HIGH
LOW
MEDIUM

HIGH Specifies the cipher suite group used by the SSL handshake. HIGH are 3DES and 128 bit and higher ciphers, MEDIUM are DES and 40 bit ciphers, LOW are ciphers without encryption. If the enabledCiphers attribute is used the securityLevel list is ignored.
CUSTOM
Custom list of cipher suites
HIGH
Cipher suites 3DES and 128 bit and higher
LOW
Cipher suites without encryption
MEDIUM
Cipher suites DES and 40 bit

serverKeyAlias string Alias of the certificate in the keystore used as the server's key. This attribute is only needed if the keystore has more then one key entry.

skipHostnameVerificationForHosts string Hostname that allow to skip the host name verification for outbound connection using a specific SSL configuration.

sslProtocol string The SSL handshake protocol. The protocol can be set to a single value found in the documentation for the underlying JRE's Java Secure Socket Extension (JSSE) provider. When using the IBM JRE the default value is SSL_TLSv2 and when using the Oracle JRE the default value is SSL. The protocol can also be a comma-separated list of any of the following values: TLSv1, TLSv1.1, TLSv1.2, or TLSv1.3.

trustDefaultCerts boolean false Specifies whether the trust manager can establish trust using the default certificates. If set to true, then the default certificates are used in addition to the configured truststore file to establish trust. The attribute is set to false by default.

trustStoreRef Top level keyStore element (string). A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.

verifyHostname boolean true Specifies whether host name verification for outbound connections using a specific SSL configuration is enabled. If set to true, then all outbound SSL connections that use the specified SSL configuration undergo verification of the target server host name against that server's certificate.

cloudant > ssl > keyStore
A keystore containing key entries for the SSL repertoire. This attribute is required.

Name Type Default Description

fileBased boolean true Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.

id string defaultKeyStore A unique configuration ID.

location A file, directory or url. ${server.output.dir}/resources/security/key.p12 An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.

password Reversably encoded password (string) The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.

pollingRate A period of time with millisecond precision 500ms Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

readOnly boolean false Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.

type string PKCS12 A keystore type supported by the target SDK.

updateTrigger

disabled
mbean
polled

mbean Keystore file update method or trigger.
disabled
Disables all update monitoring. Changes to the keystore file will not be applied while the server is running.
mbean
Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application.
polled
Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

cloudant > ssl > keyStore > keyEntry
A unique configuration ID.

Name Type Default Description

id string A unique configuration ID.

keyPassword Reversably encoded password (string)
Required Password of the private key entry in the keystore.

name string
Required Name of the private key entry in the keystore.

cloudant > ssl > outboundConnection
A unique configuration ID.

Name Type Default Description

clientCertificate string The client uses this certificate alias if you make a connection to a server that supports or requires client authentication.

host string
Required The server uses this SSL configuration when it accesses the specified host name.

id string A unique configuration ID.

port int The server uses this SSL configuration when it accesses the remote host name at the specified port.

cloudant > ssl > trustStore
A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.

Name Type Default Description

fileBased boolean true Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.

id string defaultKeyStore A unique configuration ID.

location A file, directory or url. ${server.output.dir}/resources/security/key.p12 An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.

password Reversably encoded password (string) The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.

pollingRate A period of time with millisecond precision 500ms Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

readOnly boolean false Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.

type string PKCS12 A keystore type supported by the target SDK.

updateTrigger

disabled
mbean
polled

mbean Keystore file update method or trigger.
disabled
Disables all update monitoring. Changes to the keystore file will not be applied while the server is running.
mbean
Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application.
polled
Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

cloudant > ssl > trustStore > keyEntry
A unique configuration ID.

Name Type Default Description

id string A unique configuration ID.

keyPassword Reversably encoded password (string)
Required Password of the private key entry in the keystore.

name string
Required Name of the private key entry in the keystore.

Name	Type	Default	Description
cloudantRef	Top level cloudant element (string).		Specifies the builder for the Cloudant Client that will be used when connecting to this database.
create	boolean	true	Indicates that the Cloudant Client should create the database if it does not already exist.
databaseName	string Required		Name of the database.
id	string		A unique configuration ID.
jndiName	string		JNDI name.

Name	Type	Default	Description
account	string		Account name used to connect to a Cloudant database.
containerAuthDataRef	Top level authData element (string).		Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER.
jndiName	string		JNDI name.
libraryRef	Top level library element (string).		Specifies a library containing the Cloudant Client library and its dependencies.
password	Reversably encoded password (string)		Password corresponding to your Cloudant user ID.
url	string		URL for the Cloudant server, which includes the host and port.
username	string		The Cloudant user ID used to log in and access your databases.
Advanced Properties
connectTimeout	A period of time with millisecond precision	5m	The timeout to establish a connection. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
disableSSLAuthentication	boolean	false	Disables host name verification and certificate chain validation.
maxConnections	int Min: 0	6	The maximum number of concurrent connections that a Cloudant Client can make to the host.
proxyPassword	Reversably encoded password (string)		Password corresponding to the user name for a proxy server to use when connecting to a Cloudant server.
proxyUrl	string		The URL of a proxy server to use when connecting to a Cloudant server.
proxyUser	string		User name for a proxy server to use when connecting to a Cloudant server.
readTimeout	A period of time with millisecond precision	5m	Timeout value to wait for a response from an established client connection. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
sslRef	Top level ssl element (string).		Specifies the SSL configuration that is needed to establish a secure connection.

Name	Type	Description
krb5Principal	string	The name of the Kerberos principal name or Kerberos service name to be used.
krb5TicketCache	Path to a file	The file location where Kerberos credentials for the Kerberos principal name or service name will be stored. Also known as the Kerberos credential cache (ccache)
password	Reversably encoded password (string)	Password of the user to use when connecting to the EIS. The value can be stored in clear text or encoded form. IBM recommends encoding the password using the securityUtility tool with the encode option.
user	string	Name of the user to use when connecting to the EIS.

Name	Type	Default	Description
apiTypeVisibility	string	spec,ibm-api,api,stable	The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.
description	string		Description of shared library for administrators
filesetRef	List of references to top level fileset elements (comma-separated string).		Specifies a set of JAR or ZIP files to include in the class path for this library
name	string		Name of shared library for administrators

Name	Type	Default	Description
caseSensitive	boolean	true	Boolean to indicate whether or not the search should be case sensitive (default: true).
dir	Path to a directory	${server.config.dir}	The base directory to search for files.
excludes	string		The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
id	string		A unique configuration ID.
includes	string	*	The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval	A period of time with millisecond precision	0	The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

Name	Type	Default	Description
dir	Path to a directory Required		The path to a folder can be a fully qualified path or a relative path. Relative paths are relative to the value of the ${server.config.dir} property.
id	string		A unique configuration ID.

Name	Type	Default	Description
clientAuthentication	boolean	false	Specifies whether client authentication is enabled. If set to true then client authentication is required and the client must provide a certificate for the server trusts.
clientAuthenticationSupported	boolean	false	Specifies whether a client authentication is supported. If set to true then the client authentication support means the server will check trust from a client if the client presents a certificate.
clientKeyAlias	string		Alias of the certificate in the keystore used as the key to send to a server that has client authentication enabled. This attribute is only needed if the keystore has more than one key entry.
enabledCiphers	string		Specifies a custom list of ciphers. Separate each cipher in the list with a space. The supported cipher will depend on the underlying JRE used. Please check the JRE for valid ciphers.
enforceCipherOrder	boolean	false	Specify on the server socket whether to enforce the cipher order. If set to true, the server socket is enabled to enforce the cipher order. The attribute is set to false by default.
keyStoreRef	Top level keyStore element (string).		A keystore containing key entries for the SSL repertoire. This attribute is required.
securityLevel	CUSTOM HIGH LOW MEDIUM	HIGH	Specifies the cipher suite group used by the SSL handshake. HIGH are 3DES and 128 bit and higher ciphers, MEDIUM are DES and 40 bit ciphers, LOW are ciphers without encryption. If the enabledCiphers attribute is used the securityLevel list is ignored. CUSTOM Custom list of cipher suites HIGH Cipher suites 3DES and 128 bit and higher LOW Cipher suites without encryption MEDIUM Cipher suites DES and 40 bit
serverKeyAlias	string		Alias of the certificate in the keystore used as the server's key. This attribute is only needed if the keystore has more then one key entry.
skipHostnameVerificationForHosts	string		Hostname that allow to skip the host name verification for outbound connection using a specific SSL configuration.
sslProtocol	string		The SSL handshake protocol. The protocol can be set to a single value found in the documentation for the underlying JRE's Java Secure Socket Extension (JSSE) provider. When using the IBM JRE the default value is SSL_TLSv2 and when using the Oracle JRE the default value is SSL. The protocol can also be a comma-separated list of any of the following values: TLSv1, TLSv1.1, TLSv1.2, or TLSv1.3.
trustDefaultCerts	boolean	false	Specifies whether the trust manager can establish trust using the default certificates. If set to true, then the default certificates are used in addition to the configured truststore file to establish trust. The attribute is set to false by default.
trustStoreRef	Top level keyStore element (string).		A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.
verifyHostname	boolean	true	Specifies whether host name verification for outbound connections using a specific SSL configuration is enabled. If set to true, then all outbound SSL connections that use the specified SSL configuration undergo verification of the target server host name against that server's certificate.

Name	Type	Default	Description
fileBased	boolean	true	Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.
id	string	defaultKeyStore	A unique configuration ID.
location	A file, directory or url.	${server.output.dir}/resources/security/key.p12	An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.
password	Reversably encoded password (string)		The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.
pollingRate	A period of time with millisecond precision	500ms	Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
readOnly	boolean	false	Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.
type	string	PKCS12	A keystore type supported by the target SDK.
updateTrigger	disabled mbean polled	mbean	Keystore file update method or trigger. disabled Disables all update monitoring. Changes to the keystore file will not be applied while the server is running. mbean Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application. polled Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

Name	Type	Description
id	string	A unique configuration ID.
keyPassword	Reversably encoded password (string) Required	Password of the private key entry in the keystore.
name	string Required	Name of the private key entry in the keystore.

Name	Type	Description
clientCertificate	string	The client uses this certificate alias if you make a connection to a server that supports or requires client authentication.
host	string Required	The server uses this SSL configuration when it accesses the specified host name.
id	string	A unique configuration ID.
port	int	The server uses this SSL configuration when it accesses the remote host name at the specified port.