Administration guide > Configure the deployment environment > Configuring clients


Client properties file


Sample client properties file

Use the sampleClient.properties file that is in the wxs_home/properties directory to create the properties file.


Client properties file

You can specify the client properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the client properties file, the properties in that file override the values in the objectGridClient.properties file that is in the class path.

  1. As a well-named file anywhere in the class path. Putting this file in the system current directory is not supported:

    objectGridClient.properties

  2. As a system property in either a stand-alone or WAS configuration.†This value can specify a file in the system current directory, but not a file in the class path:

    -Dobjectgrid.client.props=file_name

  3. As a programmatic override using the ClientClusterContext.getClientProperties method. The data in the object is populated with the data from the properties files. You cannot configure security properties with this method.


Client properties

[v7.1 and later] listenerHost

Host name to which the ORB binds.

For a multiple network card configuration, set the listener host and port to let the Object Request Broker in the JVM know the IP address on which to bind. For the client, use the client properties file. If you do not specify which IP address to use, the following problems might occur: connection timeouts, unusual API failures, and clients that seem to hang.

[v7.1 and later] listenerPort

Port number to which the ORB binds.

preferLocalProcess

This property is not currently used. It is reserved for future use.

preferLocalHost

This property is not currently used. It is reserved for future use.

preferZones

List of preferred routing zones. Each specified zone is separated by a comma in the form: preferZones=ZoneA,ZoneB,ZoneC

Default: no value

requestRetryTimeout

How long to retry a request (in milliseconds). Use one of the following valid values:

  • A value of 0 indicates that the request should fail fast and skip over the internal retry logic.

  • A value of -1 indicates that the request retry timeout is not set, meaning that the request duration is governed by the transaction timeout. (Default)

  • A value over 0 indicates the request entry timeout value in milliseconds. Exceptions that cannot succeed even if tried again such as a DuplicateException exception are returned immediately. The transaction timeout is still used as the maximum time to wait.


Security client properties

securityEnabled

Enables WebSphere eXtreme Scale client security. This setting should match with the securityEnabled setting in theWebSphere eXtreme Scale server properties file. If the settings do not match, an exception results.

Default: false


Credential authentication configuration properties

credentialAuthentication

Client credential authentication support. Use one of the following valid values:

Never The client does not support credential authentication.
Supported The client supports credential authentication if the server also supports credential authentication. (Default)
Required The client requires credential authentication.

authenticationRetryCount

Number of times that authentication is tried if the credential is expired. If the value is set to 0, attempts to authenticate are not tried again.

Default: 3

credentialGeneratorClass

Name of the class that implements the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface. This class is used to get credentials for clients.

Default: no value

credentialGeneratorProps

Properties for the CredentialGenerator implementation class. The properties are set to the object with the setProperties(String) method. The credentialGeneratorprops value is used only if the value of the credentialGeneratorClass property is not null.


Transport layer security configuration properties

transportType

Client transport type. The possible values are:

TCP/IP Indicates that the client only supports TCP/IP connections.
SSL-Supported Indicates that the client supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default)
SSL-Required †Indicates that the client requires SSL connections.


SSL configuration properties

alias

Alias name in the keystore. This property is used if the keystore has multiple key pair certificates and to select one of the certificates.


Default: no value

contextProvider

Name of the context provider for the trust service. If you indicate a value that is not valid, a security exception results that indicates that the context provider type is incorrect.

Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.

protocol

Indicates the type of security protocol to use for the client. Set this protocol value based on which Java Secure Socket Extension (JSSE) provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.

Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.

keyStoreType

Indicates the type of keystore. If you indicate a value that is not valid, a runtime security exception occurs.

Valid values: JKS, JCEK, PKCS12, and so on.

trustStoreType

Indicates the type of truststore. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

keyStore

Fully qualified path to the keystore file.


Example:

etc/test/security/client.private

trustStore

Fully qualified path to the truststore file.


Example:

etc/test/security/server.public

keyStorePassword

String password to the keystore. You can encode this value or use the actual value.

trustStorePassword

String password to the truststore. You can encode this value or use the actual value.


Parent topic:

Configure clients


Related concepts

Configure clients with WebSphere eXtreme Scale
Enable the client invalidation mechanism
Plan for network ports
Security integration with external providers


Related tasks

Configure request retry timeout values
Stop secure servers
Stop stand-alone servers
Configure SSL parameters for clients or servers


Related information

ClientSecurityConfigurationFactory class