###############################################################################
#
# CSIv2 Properties File
#
# This file contains properties that are used by the CSIv2 component
# of the WAS product. CSIv2 executes on
# WebSphere java servers and client systems with java applications that
# access WebSphere servers over the IIOP protocol.
#
# ** CSIv2 Trace Instructions **
#
# Note: To enable logging of trace on the application client, add the
# following property to the startup script: -DtraceSettingsFile=filename.
# Do not specify filename as a fully qualified path and filename, just
# specify the filename. The file must exist in the classpath to be loaded.
# A sample file is provided in <was_root>/properties/TraceSettings.properties.
#
# There are two related functions provided by this file:
#
# 1.traceFileName property
# This should be set to the fully qualified name of a file to which you want
# output written. For example, traceFileName=c:\\MyTraceFile.log. This
# property must be specified, otherwise no visible output is generated.
# 2.Trace string
# To enable CSIv2 trace, specify the trace string: SASRas=all=enabled
#
# If you only want to trace specific classes, you can specify a trace filter by
# adding the property com.ibm.CORBA.securityTraceFilter=<comma-separated class names>
#
# Example: com.ibm.CORBA.securityTraceFilter=SecurityConnectionInterceptor, CSIClientRI, SessionManager
#
# ** Encoding Passwords in this File **
#
# The PropFilePasswordEncoder utility may be used to encode passwords in a
# properties file. To edit an encoded password, replace the whole password
# string (including the encoding tag {...}) with the new password and then
# encode the password with the PropFilePasswordEncoder utility. Refer to
# product documentation for additional information.
#
# Note: The old SAS protocol has been removed. Only CSIv2 is supported in
# this release.
#
###############################################################################
#------------------------------------------------------------------------------
# Client Security Enablement
#
# - security enabled status ( false, true [default] )
#------------------------------------------------------------------------------
com.ibm.CORBA.securityEnabled=true
#------------------------------------------------------------------------------
# Authentication Configuration
#
# - authenticationTarget (BasicAuth [default], this is the only supported selection
# on a pure client for this release. This is for message
# layer authentication only, SSL client certificate authentication
# is configured below under CSIv2 configuration.)
# - authenticationRetryEnabled (enables authentication retries if login fails when
# loginSource=prompt or stdin)
# - authenticationRetryCount (the number of times to retry)
# - source (prompt [default], properties, keyfile, stdin, none)
# - timeout (prompt timeout, specified in seconds, 0 min to 600 max [default 300])
# - validateBasicAuth (determines if immediate authentication after uid/pw login,
# or wait for method request to send uid/pw to server,
# setting this to false gives the previous release behavior.)
# - securityServerHost (when validateBasicAuth=true, this property might need to be set
# in order for security code to lookup SecurityServer. Needs to be set to
# any running WebSphere server host in the cell you are authenticating to.
# - securityServerPort (when validateBasicAuth=true, this property might need to be set
# in order for security code to lookup SecurityServer. Needs to be set to
# the bootstrap port of the host chosen above.
# - loginUserid (must be set if login source is "properties" )
# - loginPassword (must be set if login source is "properties" )
# - principalName (format: "realm/userid", only needed in cases where realm
# is required. Typically the realm is already provided by the
# server via the IOR and this property is not necessary).
#
#------------------------------------------------------------------------------
com.ibm.CORBA.authenticationTarget=BasicAuth
com.ibm.CORBA.authenticationRetryEnabled=true
com.ibm.CORBA.authenticationRetryCount=3
com.ibm.CORBA.validateBasicAuth=true
com.ibm.CORBA.securityServerHost=
com.ibm.CORBA.securityServerPort=
com.ibm.CORBA.loginTimeout=300
com.ibm.CORBA.loginSource=prompt
# RMI/IIOP user identity
com.ibm.CORBA.loginUserid=
com.ibm.CORBA.loginPassword=
#------------------------------------------------------------------------------
# CSIv2 Configuration (see InfoCenter for more information on these properties).
#
# This is where you enable SSL client certificate authentication. Must also
# specify a valid SSL keyStore below with a personal certificate in it.
#------------------------------------------------------------------------------
# Does this client support stateful sessions?
com.ibm.CSI.performStateful=true
# Does this client support/require BasicAuth (userid/password) client authentication?
com.ibm.CSI.performClientAuthenticationRequired=false
com.ibm.CSI.performClientAuthenticationSupported=true
# Does this client support/require SSL client authentication?
com.ibm.CSI.performTLClientAuthenticationRequired=false
com.ibm.CSI.performTLClientAuthenticationSupported=false
# Note: You can perform BasicAuth (uid/pw) and SSL client authentication (certificate)
# simultaneously, however, the BasicAuth identity will always take precedence at the server.
# Does this client support/require SSL connections?
com.ibm.CSI.performTransportAssocSSLTLSRequired=false
com.ibm.CSI.performTransportAssocSSLTLSSupported=true
# Does this client support/require 40-bit cipher suites when using SSL?
com.ibm.CSI.performMessageIntegrityRequired=true
com.ibm.CSI.performMessageIntegritySupported=true
# Note: This property is only valid when SSL connections are supported or required.
# Does this client support/require 128-bit cipher suites when using SSL?
com.ibm.CSI.performMessageConfidentialityRequired=false
com.ibm.CSI.performMessageConfidentialitySupported=true
# Note: This property is only valid when SSL connections are supported or required.
#------------------------------------------------------------------------------
# SSL configuration alias referenced in ssl.client.props
#------------------------------------------------------------------------------
com.ibm.ssl.alias=DefaultSSLSettings
#------------------------------------------------------------------------------
# CORBA Request Timeout (used when getting NO_RESPONSE exceptions, typically
# during high-stress loads. Specify on all processes
# involved in the communications.)
#
# - timeout (specified in seconds [default 180], 0 implies no timeout)
#
# com.ibm.CORBA.requestTimeout=180
#------------------------------------------------------------------------------
com.ibm.CORBA.requestTimeout=180