+

Search Tips   |   Advanced Search

OpenID Connect Provider

This feature enables web applications to integrate OpenID Connect Server 1.0 for authenticating users instead of, or in addition to, the configured user registry.


Enable this feature

To enable the OpenID Connect Provider feature, add the following element declaration inside the featureManager element in the server.xml file:


Developing a feature that depends on this feature

If we are developing a feature that depends on the OpenID Connect Provider feature, include the following item in the Subsystem-Content header in the feature manifest file for the new feature:


Features that this feature enables


Feature configuration elements

We can use the following elements in the server.xml file to configure the OpenID Connect Provider feature:

openidConnectProvider

OpenID Connect server provider

Attribute name Data type Default value Description
id string A unique configuration ID.
idTokenLifetime A period of time with second precision 2h Time that ID token is valid (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
issuerIdentifier string Specify an issuer identifier for the issuer of the response.
keyAliasName string Key alias name to locate the private key for signing with an asymmetric algorithm.
keyStoreRef string opKeyStore A keystore containing the private key necessary for signing with an asymmetric algorithm.
oauthProviderRef A reference to top level oauthProvider element (string). A reference to the ID of an OAuth provider.
sessionManaged boolean false Indicate by true or false whether session management is supported. Default is false.
signatureAlgorithm

  • HS256

  • none

  • RS256

HS256 Specify the signature algorithm that will be used to sign the ID token.

HS256

HMAC using SHA-256 hash

none

No signature

RS256

RSASSA-PKCS-v1_5 using SHA-256 hash

trustStoreRef string A keystore containing the public key necessary for verifying a signature of the JWT token.

openidConnectProvider > claimToUserRegistryMap

Description: Specify the user registry key for the claim.

Required: false

Data type:

Attribute name Data type Default value Description
address string postalAddress Specify the user registry key that will be retrieved for the address claim.
email string mail Specify the user registry key that will be retrieved for the email claim.
given_name string givenName Specify the user registry key that will be retrieved for the given_name claim.
name string displayName Specify the user registry key that will be retrieved for the name claim.
phone_number string telephoneNumber Specify the user registry key that will be retrieved for the phone_number claim.
picture string photoURL Specify the user registry key that will be retrieved for the picture claim.

openidConnectProvider > claimToUserRegistryMap > property

Description: Specify a property in addition to the parent element properties

Required: false

Data type:

Attribute name Data type Default value Description
name string Name of the property
value string Specify the value of the property

openidConnectProvider > discovery

Description: Discovery is based on OpenID Connect and Jazz Authorization Server Profile.

Required: false

Data type:

Attribute name Data type Default value Description
claimsParameterSupported boolean false Indicate by true or false whether claims parameter is supported.
requestParameterSupported boolean false Indicate by true or false whether request parameter is supported.
requestUriParameterSupported boolean false Indicate by true or false whether request URI parameter is supported.
requireRequestUriRegistration boolean false Indicate by true or false whether require request URI registration is supported.

openidConnectProvider > discovery > claimsSupported

Description: Specify by comma the list of claims that will be supported.

Required: false

Data type: string

openidConnectProvider > discovery > grantTypesSupported

Description: Specify by comma the list of the grant types that will be used.

Required: false

Data type:

openidConnectProvider > discovery > idTokenSigningAlgValuesSupported

Description: Specify the signature algorithm that will be used to sign the ID token.

Required: false

Data type:

openidConnectProvider > discovery > responseModesSupported

Description: Specify by comma the list of the response modes that will be used.

Required: false

Data type:

openidConnectProvider > discovery > responseTypesSupported

Description: Specify by comma the list of the response types that will be supported by the OP.

Required: false

Data type:

openidConnectProvider > discovery > scopesSupported

Description: Specify by comma the list of scopes that will be supported.

Required: false

Data type: string

openidConnectProvider > discovery > tokenEndpointAuthMethodsSupported

Description: Specify by comma the list of the token endpoint authentication methods that will be used.

Required: false

Data type:

openidConnectProvider > oauthProvider

Description: A reference to the ID of an OAuth provider.

Required: false

Data type:

Attribute name Data type Default value Description
accessTokenLength long 40 Length of the generated OAuth access token. The equivalent provider parameter in the full application server profile is oauth20.access.token.length.
accessTokenLifetime A period of time with second precision 7200 Time that access token is valid (seconds). The equivalent provider parameter in the full application server profile is oauth20.token.lifetime.seconds. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
allowPublicClients boolean false A value of false disables the access of public clients as detailed in the OAuth specification. The equivalent provider parameter in the full application server profile is oauth20.allow.public.clients.
authorizationCodeLength long 30 Length of the generated authorization code. The equivalent provider parameter in the full application server profile is oauth20.code.length.
authorizationCodeLifetime A period of time with second precision 60 Authorization code lifetime (seconds). The equivalent provider parameter in the full application server profile is oauth20.code.lifetime.seconds. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
authorizationErrorTemplate string URL of a custom authorization error page template. The equivalent provider parameter in the full application server profile is oauth20.authorization.error.template.
authorizationFormTemplate string template.html URL of a custom authorization page template. The equivalent provider parameter in the full application server profile is oauth20.authorization.form.template.
authorizationGrantLifetime A period of time with second precision 604800 Authorization grant lifetime (seconds). The equivalent provider parameter in the full application server profile is oauth20.max.authorization.grant.lifetime.seconds. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
autoAuthorize boolean false To use auto authorization, append the autoAuthorize parameter to requests with a value of true. The equivalent provider parameter in the full application server profile is oauth20.autoauthorize.param.
autoAuthorizeParam string autoauthz To use auto authorization, append the autoAuthorize parameter to requests with a value of true. The equivalent provider parameter in the full application server profile is oauth20.autoauthorize.param.
certAuthentication boolean false Enable the authentication of client certificate in the https request.
characterEncoding string Set request character encoding to this value. The equivalent provider parameter in the full application server profile is characterEncoding.
clientTokenCacheSize long Maximum number of entries in the client token cache.
clientURISubstitutions string Optional value to replace client URI strings for dynamic hostnames. The equivalent provider parameter in the full application server profile is oauth20.client.uri.substitutions.
consentCacheEntryLifetime A period of time with second precision 1800 Time that an entry in the consent cache is valid (seconds). Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
consentCacheSize long

Minimum: 0

1000 Maximum number of entries allowed in the consent cache.
coverageMapSessionMaxAge A period of time with second precision 600 The max-age value (seconds) for the cache-control header of the coverage map service. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
customLoginURL string login.jsp URL of a custom login page. The equivalent provider parameter in the full application server profile is oauth20.authorization.loginURL.
filter string URI filter selects requests to be authorized by this provider. The equivalent provider parameter in the full application server profile is Filter.
httpsRequired boolean true SSL communication between the OAuth client and provider is required.
includeTokenInSubject boolean true If the value is true, add the com.ibm.wsspi.security.oauth20.token.WSOAuth20Token as a private credential. The equivalent provider parameter in the full application server profile is includeToken.
issueRefreshToken boolean true A value of false disables generation and the use of refresh tokens. The equivalent provider parameter in the full application server profile is oauth20.issue.refresh.token.
libraryRef A reference to top level library element (string). Reference to shared library containing the mediator plugin class.
oauthOnly boolean true If the value is true, then requests matching the filter must have an access token or they will be failed. If false, then matching requests will be checked for other authentication data if no access token is present. The equivalent provider parameter in the full application server profile is oauthOnly.
refreshTokenLength long 50 Length of generated refresh token. The equivalent provider parameter in the full application server profile is oauth20.refresh.token.length.
userClientTokenLimit long Token limit for each user and client combination.

openidConnectProvider > oauthProvider > autoAuthorizeClient

Description: Name of a client that is allowed to use auto authorization. The equivalent provider parameter in the full application server profile is oauth20.autoauthorize.clients.

Required: false

Data type: string

openidConnectProvider > oauthProvider > databaseStore

Description: Clients are defined and tokens are cached in the database.

Required: false

Data type:

Attribute name Data type Default value Description
cleanupExpiredTokenInterval A period of time with second precision 3600 Expired token cleanup interval (seconds). The equivalent provider parameter in the full application server profile is oauthjdbc.CleanupInterval. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
dataSourceRef A reference to top level dataSource element (string). Reference to the data source for the store.
password Reversably encoded password (string) Password used to access the database.
user string User

openidConnectProvider > oauthProvider > databaseStore > dataSource

Description: Reference to the data source for the store.

Required: false

Data type:

Attribute name Data type Default value Description
beginTranForResultSetScrollingAPIs boolean true Attempt transaction enlistment when result set scrolling interfaces are used.
beginTranForVendorAPIs boolean true Attempt transaction enlistment when vendor interfaces are used.
commitOrRollbackOnCleanup

  • commit

  • rollback

Determines how to clean up connections that might be in a database unit of work (AutoCommit=false) when the connection is closed or returned to the pool.

commit

Clean up the connection by committing.

rollback

Clean up the connection by rolling back.

connectionManagerRef A reference to top level connectionManager element (string). Connection manager for a data source.
connectionSharing

MatchOriginalRequest Specifies how connections are matched for sharing.

MatchOriginalRequest

When sharing connections, match based on the original connection request.

MatchCurrentState

When sharing connections, match based on the current state of the connection.

containerAuthDataRef A reference to top level authData element (string). Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER.
isolationLevel

  • TRANSACTION_REPEATABLE_READ

  • TRANSACTION_READ_COMMITTED

  • TRANSACTION_SERIALIZABLE

  • TRANSACTION_READ_UNCOMMITTED

  • TRANSACTION_SNAPSHOT

Default transaction isolation level.

TRANSACTION_REPEATABLE_READ

Dirty reads and non-repeatable reads are prevented; phantom reads can occur.

TRANSACTION_READ_COMMITTED

Dirty reads are prevented; non-repeatable reads and phantom reads can occur.

TRANSACTION_SERIALIZABLE

Dirty reads, non-repeatable reads and phantom reads are prevented.

TRANSACTION_READ_UNCOMMITTED

Dirty reads, non-repeatable reads and phantom reads can occur.

TRANSACTION_SNAPSHOT

Snapshot isolation for Microsoft SQL Server JDBC Driver and DataDirect Connect for JDBC driver.

jdbcDriverRef A reference to top level jdbcDriver element (string). JDBC driver for a data source.
jndiName string JNDI name for a data source.
queryTimeout A period of time with second precision Default query timeout for SQL statements. In a JTA transaction, syncQueryTimeoutWithTransactionTimeout can override this default. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
recoveryAuthDataRef A reference to top level authData element (string). Authentication data for transaction recovery.
statementCacheSize int

Minimum: 0

10 Maximum number of cached statements per connection.
supplementalJDBCTrace boolean Supplements the JDBC driver trace that is logged when JDBC driver trace is enabled in bootstrap.properties. JDBC driver trace specifications include: com.ibm.ws.database.logwriter, com.ibm.ws.db2.logwriter, com.ibm.ws.derby.logwriter, com.ibm.ws.informix.logwriter, com.ibm.ws.oracle.logwriter, com.ibm.ws.sqlserver.logwriter, com.ibm.ws.sybase.logwriter.
syncQueryTimeoutWithTransactionTimeout boolean false Use the time remaining (if any) in a JTA transaction as the default query timeout for SQL statements.
transactional boolean true Enable participation in transactions managed by the application server.
type

  • javax.sql.DataSource

  • javax.sql.XADataSource

  • javax.sql.ConnectionPoolDataSource

Type of data source.

javax.sql.DataSource

javax.sql.DataSource

javax.sql.XADataSource

javax.sql.XADataSource

javax.sql.ConnectionPoolDataSource

javax.sql.ConnectionPoolDataSource

openidConnectProvider > oauthProvider > databaseStore > dataSource > connectionManager

Description: Connection manager for a data source.

Required: false

Data type:

Attribute name Data type Default value Description
agedTimeout A period of time with second precision -1 Amount of time before a physical connection can be discarded by pool maintenance. A value of -1 disables this timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
connectionTimeout A period of time with second precision 30s Amount of time after which a connection request times out. A value of -1 disables this timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxConnectionsPerThread int

Minimum: 0

Limits the number of open connections on each thread.
maxIdleTime A period of time with second precision 30m Amount of time after which an unused or idle connection can be discarded during pool maintenance, if doing so does not reduce the pool below the minimum size. A value of -1 disables this timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxPoolSize int

Minimum: 0

50 Maximum number of physical connections for a pool. A value of 0 means unlimited.
minPoolSize int

Minimum: 0

Minimum number of physical connections to maintain in the pool. The pool is not pre-populated. Aged timeout can override the minimum.
numConnectionsPerThreadLocal int

Minimum: 0

Caches the specified number of connections for each thread.
purgePolicy

  • ValidateAllConnections

  • FailingConnectionOnly

  • EntirePool

EntirePool Specifies which connections to destroy when a stale connection is detected in a pool.

ValidateAllConnections

When a stale connection is detected, connections are tested and those found to be bad are closed.

FailingConnectionOnly

When a stale connection is detected, only the connection which was found to be bad is closed.

EntirePool

When a stale connection is detected, all connections in the pool are marked stale, and when no longer in use, are closed.

reapTime A period of time with second precision 3m Amount of time between runs of the pool maintenance thread. A value of -1 disables pool maintenance. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

openidConnectProvider > oauthProvider > databaseStore > dataSource > containerAuthData

Description: Default authentication data for container managed authentication that applies when bindings do not specify an authentication-alias for a resource reference with res-auth=CONTAINER.

Required: false

Data type:

Attribute name Data type Default value Description
password Reversably encoded password (string) Password of the user to use when connecting to the EIS. Stored in clear text or encoded form. It is recommended that you encode the password. To do so, use the securityUtility tool with the encode option.
user string Name of the user to use when connecting to the EIS.

openidConnectProvider > oauthProvider > databaseStore > dataSource > jdbcDriver

Description: JDBC driver for a data source.

Required: false

Data type:

Attribute name Data type Default value Description
javax.sql.ConnectionPoolDataSource string JDBC driver implementation of javax.sql.ConnectionPoolDataSource.
javax.sql.DataSource string JDBC driver implementation of javax.sql.DataSource.
javax.sql.XADataSource string JDBC driver implementation of javax.sql.XADataSource.
libraryRef A reference to top level library element (string). Identifies JDBC driver JARs and native files.

openidConnectProvider > oauthProvider > databaseStore > dataSource > jdbcDriver > library

Description: Identifies JDBC driver JARs and native files.

Required: false

Data type:

Attribute name Data type Default value Description
apiTypeVisibility string spec,ibm-api,api The types of API package this library's class loader will be able to see, as a comma-separated list of any combination of the following: spec, ibm-api, api, third-party.
description string Description of shared library for administrators
filesetRef List of references to top level fileset elements (comma-separated string). Id of referenced Fileset
name string Name of shared library for administrators

openidConnectProvider > oauthProvider > databaseStore > dataSource > jdbcDriver > library > file

Description: Id of referenced File

Required: false

Data type:

Attribute name Data type Default value Description
name Path to a file Fully qualified filename

openidConnectProvider > oauthProvider > databaseStore > dataSource > jdbcDriver > library > fileset

Description: Id of referenced Fileset

Required: false

Data type:

Attribute name Data type Default value Description
caseSensitive boolean true Boolean to indicate whether or not the search should be case sensitive (default: true).
dir Path to a directory ${server.config.dir} The base directory to search for files.
excludes string The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
includes string * The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval A period of time with millisecond precision 0 Scanning interval to check the fileset for changes as a long with a time unit suffix h-hour, m-minute, s-second, ms-millisecond (e.g. 2ms or 5s). Disabled (scanInterval=0) by default. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

openidConnectProvider > oauthProvider > databaseStore > dataSource > jdbcDriver > library > folder

Description: Id of referenced folder

Required: false

Data type:

Attribute name Data type Default value Description
dir Path to a directory Directory or folder to be included in the library classpath for locating resource files

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties

Description: List of JDBC vendor properties for the data source. For example, databaseName="dbname" serverName="localhost" portNumber="50000".

Required: false

Data type:

Attribute name Data type Default value Description
URL string URL for connecting to the database.
databaseName string JDBC driver property: databaseName.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int Port on which to obtain database connections.
serverName string Server where the database is running.
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.datadirect.sqlserver

Description: Data source properties for the DataDirect Connect for JDBC driver for Microsoft SQL Server.

Required: false

Data type:

Attribute name Data type Default value Description
JDBCBehavior

  • 1

  • 0

0 JDBC driver property: JDBCBehavior. Values are: 0 (JDBC 4.0) or 1 (JDBC 3.0).

1

JDBC 3.0

0

JDBC 4.0

XATransactionGroup string JDBC driver property: XATransactionGroup.
XMLDescribeType

  • longvarbinary

  • longvarchar

JDBC driver property: XMLDescribeType.

longvarbinary

longvarbinary

longvarchar

longvarchar

accountingInfo string JDBC driver property: accountingInfo.
alternateServers string JDBC driver property: alternateServers.
alwaysReportTriggerResults boolean JDBC driver property: alwaysReportTriggerResults.
applicationName string JDBC driver property: applicationName.
authenticationMethod

  • ntlm

  • userIdPassword

  • kerberos

  • auto

JDBC driver property: authenticationMethod.

ntlm

ntlm

userIdPassword

userIdPassword

kerberos

kerberos

auto

auto

bulkLoadBatchSize long JDBC driver property: bulkLoadBatchSize.
bulkLoadOptions long JDBC driver property: bulkLoadOptions.
clientHostName string JDBC driver property: clientHostName.
clientUser string JDBC driver property: clientUser.
codePageOverride string JDBC driver property: codePageOverride.
connectionRetryCount int JDBC driver property: connectionRetryCount.
connectionRetryDelay A period of time with second precision JDBC driver property: connectionRetryDelay. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
convertNull int JDBC driver property: convertNull.
databaseName string JDBC driver property: databaseName.
dateTimeInputParameterType

  • dateTime

  • dateTimeOffset

  • auto

JDBC driver property: dateTimeInputParameterType.

dateTime

dateTime

dateTimeOffset

dateTimeOffset

auto

auto

dateTimeOutputParameterType

  • dateTime

  • dateTimeOffset

  • auto

JDBC driver property: dateTimeOutputParameterType.

dateTime

dateTime

dateTimeOffset

dateTimeOffset

auto

auto

describeInputParameters

  • describeIfString

  • noDescribe

  • describeIfDateTime

  • describeAll

JDBC driver property: describeInputParameters.

describeIfString

describeIfString

noDescribe

noDescribe

describeIfDateTime

describeIfDateTime

describeAll

describeAll

describeOutputParameters

  • describeIfString

  • noDescribe

  • describeIfDateTime

  • describeAll

JDBC driver property: describeOutputParameters.

describeIfString

describeIfString

noDescribe

noDescribe

describeIfDateTime

describeIfDateTime

describeAll

describeAll

enableBulkLoad boolean JDBC driver property: enableBulkLoad.
enableCancelTimeout boolean JDBC driver property: enableCancelTimeout.
encryptionMethod

  • loginSSL

  • requestSSL

  • SSL

  • noEncryption

JDBC driver property: encryptionMethod.

loginSSL

loginSSL

requestSSL

requestSSL

SSL

SSL

noEncryption

noEncryption

failoverGranularity

  • disableIntegrityCheck

  • atomicWithRepositioning

  • nonAtomic

  • atomic

JDBC driver property: failoverGranularity.

disableIntegrityCheck

disableIntegrityCheck

atomicWithRepositioning

atomicWithRepositioning

nonAtomic

nonAtomic

atomic

atomic

failoverMode

  • connect

  • select

  • extended

JDBC driver property: failoverMode.

connect

connect

select

select

extended

extended

failoverPreconnect boolean JDBC driver property: failoverPreconnect.
hostNameInCertificate string JDBC driver property: hostNameInCertificate.
initializationString string JDBC driver property: initializationString.
insensitiveResultSetBufferSize int JDBC driver property: insensitiveResultSetBufferSize.
javaDoubleToString boolean JDBC driver property: javaDoubleToString.
loadBalancing boolean JDBC driver property: loadBalancing.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
longDataCacheSize int

Minimum: -1

JDBC driver property: longDataCacheSize.
netAddress string JDBC driver property: netAddress.
packetSize int

Minimum: -1

Maximum: 128

JDBC driver property: packetSize.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1433 Port on which to obtain database connections.
queryTimeout A period of time with second precision JDBC driver property: queryTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
resultsetMetaDataOptions int JDBC driver property: resultsetMetaDataOptions.
selectMethod

  • direct

  • cursor

JDBC driver property: selectMethod.

direct

direct

cursor

cursor

serverName string localhost Server where the database is running.
snapshotSerializable boolean JDBC driver property: snapshotSerializable.
spyAttributes string JDBC driver property: spyAttributes.
stringInputParameterType

  • varchar

  • nvarchar

varchar JDBC driver property: stringInputParameterType.

varchar

varchar

nvarchar

nvarchar

stringOutputParameterType

  • varchar

  • nvarchar

varchar JDBC driver property: stringOutputParameterType.

varchar

varchar

nvarchar

nvarchar

suppressConnectionWarnings boolean JDBC driver property: suppressConnectionWarnings.
transactionMode

  • explicit

  • implicit

JDBC driver property: transactionMode.

explicit

explicit

implicit

implicit

truncateFractionalSeconds boolean JDBC driver property: truncateFractionalSeconds.
trustStore string JDBC driver property: trustStore.
trustStorePassword Reversably encoded password (string) JDBC driver property: trustStorePassword.
useServerSideUpdatableCursors boolean JDBC driver property: useServerSideUpdatableCursors.
user string It is recommended to use a container managed authentication alias instead of configuring this property.
validateServerCertificate boolean JDBC driver property: validateServerCertificate.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.db2.i.native

Description: Data source properties for the IBM DB2 for i Native JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
access

  • read only

  • all

  • read call

all JDBC driver property: access.

read only

read only

all

all

read call

read call

autoCommit boolean true JDBC driver property: autoCommit.
batchStyle

  • 2.1

  • 2.0

2.0 JDBC driver property: batchStyle.

2.1

2.1

2.0

2.0

behaviorOverride int JDBC driver property: behaviorOverride.
blockSize

  • 512

  • 128

  • 0

  • 32

  • 64

  • 16

  • 8

  • 256

32 JDBC driver property: blockSize.

512

512

128

128

0

0

32

32

64

64

16

16

8

8

256

256

cursorHold boolean false JDBC driver property: cursorHold.
cursorSensitivity

  • asensitive

  • sensitive

asensitive JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE).

asensitive

asensitive

sensitive

sensitive

dataTruncation string true JDBC driver property: dataTruncation.
databaseName string *LOCAL JDBC driver property: databaseName.
dateFormat

  • dmy

  • iso

  • eur

  • ymd

  • julian

  • jis

  • usa

  • mdy

JDBC driver property: dateFormat.

dmy

dmy

iso

iso

eur

eur

ymd

ymd

julian

julian

jis

jis

usa

usa

mdy

mdy

dateSeparator

  • \,

  • b

  • .

  • /

  • -

JDBC driver property: dateSeparator.

\,

The comma character (,).

b

The character b

.

The period character (.).

/

The forward slash character (/).

-

The dash character (-).

decimalSeparator

  • \,

  • .

JDBC driver property: decimalSeparator.

\,

The comma character (,).

.

The period character (.).

directMap boolean true JDBC driver property: directMap.
doEscapeProcessing boolean true JDBC driver property: doEscapeProcessing.
fullErrors boolean JDBC driver property: fullErrors.
libraries string JDBC driver property: libraries.
lobThreshold int

Maximum: 500000

0 JDBC driver property: lobThreshold.
lockTimeout A period of time with second precision 0 JDBC driver property: lockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maximumPrecision

  • 31

  • 63

31 JDBC driver property: maximumPrecision.

31

31

63

63

maximumScale int

Minimum: 0

Maximum: 63

31 JDBC driver property: maximumScale.
minimumDivideScale int

Minimum: 0

Maximum: 9

0 JDBC driver property: minimumDivideScale.
networkProtocol int JDBC driver property: networkProtocol.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int Port on which to obtain database connections.
prefetch boolean true JDBC driver property: prefetch.
queryOptimizeGoal

  • 2

  • 1

2 JDBC driver property: queryOptimizeGoal. Values are: 1 (*FIRSTIO) or 2 (*ALLIO).

2

*ALLIO

1

*FIRSTIO

reuseObjects boolean true JDBC driver property: reuseObjects.
serverName string Server where the database is running.
serverTraceCategories int 0 JDBC driver property: serverTraceCategories.
systemNaming boolean false JDBC driver property: systemNaming.
timeFormat

  • iso

  • eur

  • jis

  • usa

  • hms

JDBC driver property: timeFormat.

iso

iso

eur

eur

jis

jis

usa

usa

hms

hms

timeSeparator

  • \,

  • b

  • :

  • .

JDBC driver property: timeSeparator.

\,

The comma character (,).

b

The character b

:

The colon character (:).

.

The period character (.).

trace boolean JDBC driver property: trace.
transactionTimeout A period of time with second precision 0 JDBC driver property: transactionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
translateBinary boolean false JDBC driver property: translateBinary.
translateHex

  • binary

  • character

character JDBC driver property: translateHex.

binary

binary

character

character

useBlockInsert boolean false JDBC driver property: useBlockInsert.
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.db2.i.toolbox

Description: Data source properties for the IBM DB2 for i Toolbox JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
access

  • read only

  • all

  • read call

all JDBC driver property: access.

read only

read only

all

all

read call

read call

behaviorOverride int JDBC driver property: behaviorOverride.
bidiImplicitReordering boolean true JDBC driver property: bidiImplicitReordering.
bidiNumericOrdering boolean false JDBC driver property: bidiNumericOrdering.
bidiStringType int JDBC driver property: bidiStringType.
bigDecimal boolean true JDBC driver property: bigDecimal.
blockCriteria

  • 2

  • 1

  • 0

2 JDBC driver property: blockCriteria. Values are: 0 (no record blocking), 1 (block if FOR FETCH ONLY is specified), 2 (block if FOR UPDATE is specified).

2

2

1

1

0

0

blockSize

  • 512

  • 128

  • 0

  • 32

  • 64

  • 16

  • 8

  • 256

32 JDBC driver property: blockSize.

512

512

128

128

0

0

32

32

64

64

16

16

8

8

256

256

cursorHold boolean false JDBC driver property: cursorHold.
cursorSensitivity

  • asensitive

  • sensitive

  • insensitive

asensitive JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE).

asensitive

asensitive

sensitive

sensitive

insensitive

insensitive

dataCompression boolean true JDBC driver property: dataCompression.
dataTruncation boolean true JDBC driver property: dataTruncation.
databaseName string JDBC driver property: databaseName.
dateFormat

  • dmy

  • iso

  • eur

  • ymd

  • julian

  • jis

  • usa

  • mdy

JDBC driver property: dateFormat.

dmy

dmy

iso

iso

eur

eur

ymd

ymd

julian

julian

jis

jis

usa

usa

mdy

mdy

dateSeparator

  • \,

  • .

  • /

  • -

JDBC driver property: dateSeparator.

The space character ( ).

\,

The comma character (,).

.

The period character (.).

/

The forward slash character (/).

-

The dash character (-).

decimalSeparator

  • \,

  • .

JDBC driver property: decimalSeparator.

\,

The comma character (,).

.

The period character (.).

driver

  • toolbox

  • native

toolbox JDBC driver property: driver.

toolbox

toolbox

native

native

errors

  • full

  • basic

basic JDBC driver property: errors.

full

full

basic

basic

extendedDynamic boolean false JDBC driver property: extendedDynamic.
extendedMetaData boolean false JDBC driver property: extendedMetaData.
fullOpen boolean false JDBC driver property: fullOpen.
holdInputLocators boolean true JDBC driver property: holdInputLocators.
holdStatements boolean false JDBC driver property: holdStatements.
isolationLevelSwitchingSupport boolean false JDBC driver property: isolationLevelSwitchingSupport.
keepAlive boolean JDBC driver property: keepAlive.
lazyClose boolean false JDBC driver property: lazyClose.
libraries string JDBC driver property: libraries.
lobThreshold int

Minimum: 0

Maximum: 16777216

0 JDBC driver property: lobThreshold.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maximumPrecision

  • 31

  • 63

31 JDBC driver property: maximumPrecision.

31

31

63

64

maximumScale int

Minimum: 0

Maximum: 63

31 JDBC driver property: maximumScale.
metaDataSource int

Minimum: 0

Maximum: 1

1 JDBC driver property: metaDataSource.
minimumDivideScale int

Minimum: 0

Maximum: 9

0 JDBC driver property: minimumDivideScale.
naming

  • system

  • sql

sql JDBC driver property: naming.

system

system

sql

sql

package string JDBC driver property: package.
packageAdd boolean true JDBC driver property: packageAdd.
packageCCSID

  • 13488

  • 1200

13488 JDBC driver property: packageCCSID. Values are: 1200 (UCS-2) or 13488 (UTF-16).

13488

13488 (UTF-16)

1200

1200 (UCS-2)

packageCache boolean false JDBC driver property: packageCache.
packageCriteria

  • default

  • select

default JDBC driver property: packageCriteria.

default

default

select

select

packageError

  • exception

  • none

  • warning

warning JDBC driver property: packageError.

exception

exception

none

none

warning

warning

packageLibrary string QGPL JDBC driver property: packageLibrary.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
prefetch boolean true JDBC driver property: prefetch.
prompt boolean false JDBC driver property: prompt.
proxyServer string JDBC driver property: proxyServer.
qaqqiniLibrary string JDBC driver property: qaqqiniLibrary.
queryOptimizeGoal int

Minimum: 0

Maximum: 2

0 JDBC driver property: queryOptimizeGoal. Values are: 1 (*FIRSTIO) or 2 (*ALLIO).
receiveBufferSize int

Minimum: 1

JDBC driver property: receiveBufferSize.
remarks

  • system

  • sql

system JDBC driver property: remarks.

system

system

sql

sql

rollbackCursorHold boolean false JDBC driver property: rollbackCursorHold.
savePasswordWhenSerialized boolean false JDBC driver property: savePasswordWhenSerialized.
secondaryUrl string JDBC driver property: secondaryUrl.
secure boolean false JDBC driver property: secure.
sendBufferSize int

Minimum: 1

JDBC driver property: sendBufferSize.
serverName string Server where the database is running.
serverTraceCategories int 0 JDBC driver property: serverTraceCategories.
soLinger A period of time with second precision JDBC driver property: soLinger. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
soTimeout A period of time with millisecond precision JDBC driver property: soTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
sort

  • hex

  • table

  • language

hex JDBC driver property: sort.

hex

hex

table

table

language

language

sortLanguage string JDBC driver property: sortLanguage.
sortTable string JDBC driver property: sortTable.
sortWeight

  • unqiue

  • shared

JDBC driver property: sortWeight.

unqiue

unique

shared

shared

tcpNoDelay boolean JDBC driver property: tcpNoDelay.
threadUsed boolean true JDBC driver property: threadUsed.
timeFormat

  • iso

  • eur

  • jis

  • usa

  • hms

JDBC driver property: timeFormat.

iso

iso

eur

eur

jis

jis

usa

usa

hms

hms

timeSeparator

  • \,

  • :

  • .

JDBC driver property: timeSeparator.

The space character ( ).

\,

The comma character (,).

:

The colon character (:).

.

The period character (.).

toolboxTrace

  • diagnostic

  • information

  • conversion

  • error

  • thread

  • proxy

  • none

  • datastream

  • pcml

  • all

  • jdbc

  • warning

JDBC driver property: toolboxTrace.

diagnostic

diagnostic

information

information

conversion

conversion

error

error

thread

thread

proxy

proxy

none

none

datastream

datastream

pcml

pcml

all

all

jdbc

jdbc

warning

warning

trace boolean JDBC driver property: trace.
translateBinary boolean false JDBC driver property: translateBinary.
translateBoolean boolean true JDBC driver property: translateBoolean.
translateHex

  • binary

  • character

character JDBC driver property: translateHex.

binary

binary

character

character

trueAutoCommit boolean false JDBC driver property: trueAutoCommit.
user string It is recommended to use a container managed authentication alias instead of configuring this property.
xaLooselyCoupledSupport int

Minimum: 0

Maximum: 1

0 JDBC driver property: xaLooselyCoupledSupport.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.db2.jcc

Description: Data source properties for the IBM Data Server Driver for JDBC and SQLJ for DB2.

Required: false

Data type:

Attribute name Data type Default value Description
activateDatabase int JDBC driver property: activateDatabase.
alternateGroupDatabaseName string JDBC driver property: alternateGroupDatabaseName.
alternateGroupPortNumber string JDBC driver property: alternateGroupPortNumber.
alternateGroupServerName string JDBC driver property: alternateGroupServerName.
blockingReadConnectionTimeout A period of time with second precision JDBC driver property: blockingReadConnectionTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
clientAccountingInformation string JDBC driver property: clientAccountingInformation.
clientApplicationInformation string JDBC driver property: clientApplicationInformation.
clientRerouteServerListJNDIName string JDBC driver property: clientRerouteServerListJNDIName.
clientUser string JDBC driver property: clientUser.
clientWorkstation string JDBC driver property: clientWorkstation.
connectionCloseWithInFlightTransaction

  • 2

  • 1

JDBC driver property: connectionCloseWithInFlightTransaction.

2

CONNECTION_CLOSE_WITH_ROLLBACK

1

CONNECTION_CLOSE_WITH_EXCEPTION

currentAlternateGroupEntry int JDBC driver property: currentAlternateGroupEntry.
currentFunctionPath string JDBC driver property: currentFunctionPath.
currentLocaleLcCtype string JDBC driver property: currentLocaleLcCtype.
currentLockTimeout A period of time with second precision JDBC driver property: currentLockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
currentPackagePath string JDBC driver property: currentPackagePath.
currentPackageSet string JDBC driver property: currentPackageSet.
currentSQLID string JDBC driver property: currentSQLID.
currentSchema string JDBC driver property: currentSchema.
cursorSensitivity

  • 2

  • 1

  • 0

JDBC driver property: cursorSensitivity. Values are: 0 (TYPE_SCROLL_SENSITIVE_STATIC), 1 (TYPE_SCROLL_SENSITIVE_DYNAMIC), 2 (TYPE_SCROLL_ASENSITIVE).

2

TYPE_SCROLL_ASENSITIVE

1

TYPE_SCROLL_SENSITIVE_DYNAMIC

0

TYPE_SCROLL_SENSITIVE_STATIC

databaseName string JDBC driver property: databaseName.
deferPrepares boolean true JDBC driver property: deferPrepares.
driverType

  • 2

  • 4

4 JDBC driver property: driverType.

2

Type 2 JDBC driver.

4

Type 4 JDBC driver.

enableAlternateGroupSeamlessACR boolean JDBC driver property: enableAlternateGroupSeamlessACR.
enableClientAffinitiesList

  • 2

  • 1

JDBC driver property: enableClientAffinitiesList. Values are: 1 (YES) or 2 (NO).

2

NO

1

YES

enableExtendedDescribe

  • 2

  • 1

JDBC driver property: enableExtendedDescribe.

2

NO

1

YES

enableExtendedIndicators

  • 2

  • 1

JDBC driver property: enableExtendedIndicators.

2

NO

1

YES

enableNamedParameterMarkers

  • 2

  • 1

JDBC driver property: enableNamedParameterMarkers. Values are: 1 (YES) or 2 (NO).

2

NO

1

YES

enableSeamlessFailover

  • 2

  • 1

JDBC driver property: enableSeamlessFailover. Values are: 1 (YES) or 2 (NO).

2

NO

1

YES

enableSysplexWLB boolean JDBC driver property: enableSysplexWLB.
fetchSize int JDBC driver property: fetchSize.
fullyMaterializeInputStreams boolean JDBC driver property: fullyMaterializeInputStreams.
fullyMaterializeInputStreamsOnBatchExecution

  • 2

  • 1

JDBC driver property: fullyMaterializeInputStreamsOnBatchExecution.

2

NO

1

YES

fullyMaterializeLobData boolean JDBC driver property: fullyMaterializeLobData.
implicitRollbackOption

  • 2

  • 1

  • 0

JDBC driver property: implicitRollbackOption.

2

IMPLICIT_ROLLBACK_OPTION_CLOSE_CONNECTION

1

IMPLICIT_ROLLBACK_OPTION_NOT_CLOSE_CONNECTION

0

IMPLICIT_ROLLBACK_OPTION_NOT_SET

interruptProcessingMode

  • 2

  • 1

  • 0

JDBC driver property: interruptProcessingMode.

2

INTERRUPT_PROCESSING_MODE_CLOSE_SOCKET

1

INTERRUPT_PROCESSING_MODE_STATEMENT_CANCEL

0

INTERRUPT_PROCESSING_MODE_DISABLED

keepAliveTimeOut A period of time with second precision JDBC driver property: keepAliveTimeOut. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
keepDynamic int JDBC driver property: keepDynamic.
kerberosServerPrincipal string JDBC driver property: kerberosServerPrincipal.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
maxConnCachedParamBufferSize int JDBC driver property: maxConnCachedParamBufferSize.
maxRetriesForClientReroute int JDBC driver property: maxRetriesForClientReroute.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 50000 Port on which to obtain database connections.
profileName string JDBC driver property: profileName.
queryCloseImplicit

  • 2

  • 1

JDBC driver property: queryCloseImplicit. Values are: 1 (QUERY_CLOSE_IMPLICIT_YES) or 2 (QUERY_CLOSE_IMPLICIT_NO).

2

QUERY_CLOSE_IMPLICIT_NO

1

QUERY_CLOSE_IMPLICIT_YES

queryDataSize int

Minimum: 4096

Maximum: 65535

JDBC driver property: queryDataSize.
queryTimeoutInterruptProcessingMode

  • 2

  • 1

JDBC driver property: queryTimeoutInterruptProcessingMode.

2

INTERRUPT_PROCESSING_MODE_CLOSE_SOCKET

1

INTERRUPT_PROCESSING_MODE_STATEMENT_CANCEL

readOnly boolean JDBC driver property: readOnly.
recordTemporalHistory

  • 2

  • 1

JDBC driver property: recordTemporalHistory.

2

NO

1

YES

resultSetHoldability

  • 2

  • 1

JDBC driver property: resultSetHoldability. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT).

2

CLOSE_CURSORS_AT_COMMIT

1

HOLD_CURSORS_OVER_COMMIT

resultSetHoldabilityForCatalogQueries

  • 2

  • 1

JDBC driver property: resultSetHoldabilityForCatalogQueries. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT).

2

CLOSE_CURSORS_AT_COMMIT

1

HOLD_CURSORS_OVER_COMMIT

retrieveMessagesFromServerOnGetMessage boolean true JDBC driver property: retrieveMessagesFromServerOnGetMessage.
retryIntervalForClientReroute A period of time with second precision JDBC driver property: retryIntervalForClientReroute. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
securityMechanism

  • 3

  • 7

  • 4

  • 15

  • 9

  • 16

  • 13

  • 11

  • 12

JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY), 11 (KERBEROS_SECURITY), 12 (ENCRYPTED_USER_AND_DATA_SECURITY"), (ENCRYPTED_USER_PASSWORD_AND_DATA_SECURITY"), 15 (PLUGIN_SECURITY), 16 (ENCRYPTED_USER_ONLY_SECURITY).

3

CLEAR_TEXT_PASSWORD_SECURITY

7

ENCRYPTED_PASSWORD_SECURITY

4

USER_ONLY_SECURITY

15

PLUGIN_SECURITY

9

ENCRYPTED_USER_AND_PASSWORD_SECURITY

16

ENCRYPTED_USER_ONLY_SECURITY

13

ENCRYPTED_USER_PASSWORD_AND_DATA_SECURITY

11

KERBEROS_SECURITY

12

ENCRYPTED_USER_AND_DATA_SECURITY

sendDataAsIs boolean JDBC driver property: sendDataAsIs.
serverName string localhost Server where the database is running.
sessionTimeZone string JDBC driver property: sessionTimeZone.
sqljCloseStmtsWithOpenResultSet boolean JDBC driver property: sqljCloseStmtsWithOpenResultSet.
sqljEnableClassLoaderSpecificProfiles boolean JDBC driver property: sqljEnableClassLoaderSpecificProfiles.
sslConnection boolean JDBC driver property: sslConnection.
streamBufferSize int JDBC driver property: streamBufferSize.
stripTrailingZerosForDecimalNumbers

  • 2

  • 1

JDBC driver property: stripTrailingZerosForDecimalNumbers.

2

NO

1

YES

sysSchema string JDBC driver property: sysSchema.
timerLevelForQueryTimeOut

  • 2

  • 1

  • -1

JDBC driver property: timerLevelForQueryTimeOut.

2

QUERYTIMEOUT_CONNECTION_LEVEL

1

QUERYTIMEOUT_STATEMENT_LEVEL

-1

QUERYTIMEOUT_DISABLED

traceDirectory string JDBC driver property: traceDirectory.
traceFile string JDBC driver property: traceFile.
traceFileAppend boolean JDBC driver property: traceFileAppend.
traceFileCount int JDBC driver property: traceFileCount.
traceFileSize int JDBC driver property: traceFileSize.
traceLevel int 0 Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_SQLJ=1024, TRACE_META_CALLS=8192, TRACE_DATASOURCE_CALLS=16384, TRACE_LARGE_OBJECT_CALLS=32768, TRACE_SYSTEM_MONITOR=131072, TRACE_TRACEPOINTS=262144, TRACE_ALL=-1.
traceOption

  • 1

  • 0

JDBC driver property: traceOption

1

1

0

0

translateForBitData

  • 2

  • 1

JDBC driver property: translateForBitData.

2

SERVER_ENCODING_REPRESENTATION

1

HEX_REPRESENTATION

updateCountForBatch

  • 2

  • 1

JDBC driver property: updateCountForBatch.

2

TOTAL_UPDATE_COUNT

1

NO_UPDATE_COUNT

useCachedCursor boolean JDBC driver property: useCachedCursor.
useIdentityValLocalForAutoGeneratedKeys boolean JDBC driver property: useIdentityValLocalForAutoGeneratedKeys.
useJDBC41DefinitionForGetColumns

  • 2

  • 1

JDBC driver property: useJDBC41DefinitionForGetColumns.

2

NO

1

YES

useJDBC4ColumnNameAndLabelSemantics

  • 2

  • 1

JDBC driver property: useJDBC4ColumnNameAndLabelSemantics. Values are: 1 (YES) or 2 (NO).

2

NO

1

YES

useTransactionRedirect boolean JDBC driver property: useTransactionRedirect.
user string It is recommended to use a container managed authentication alias instead of configuring this property.
xaNetworkOptimization boolean JDBC driver property: xaNetworkOptimization.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.derby.client

Description: Data source properties for Derby Network Client JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
connectionAttributes string JDBC driver property: connectionAttributes.
createDatabase

  • false

  • create

JDBC driver property: createDatabase.

false

Do not automatically create the database.

create

When the first connection is established, automatically create the database if it doesn't exist.

databaseName string JDBC driver property: databaseName.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1527 Port on which to obtain database connections.
retrieveMessageText boolean true JDBC driver property: retrieveMessageText.
securityMechanism

  • 3

  • 7

  • 4

  • 9

  • 8

3 JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 8 (STRONG_PASSWORD_SUBSTITUTE_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY).

3

CLEAR_TEXT_PASSWORD_SECURITY

7

ENCRYPTED_PASSWORD_SECURITY

4

USER_ONLY_SECURITY

9

ENCRYPTED_USER_AND_PASSWORD_SECURITY

8

STRONG_PASSWORD_SUBSTITUTE_SECURITY

serverName string localhost Server where the database is running.
shutdownDatabase

  • false

  • shutdown

JDBC driver property: shutdownDatabase.

false

Do not shut down the database.

shutdown

Shut down the database when a connection is attempted.

ssl

  • basic

  • off

  • peerAuthentication

JDBC driver property: ssl.

basic

basic

off

off

peerAuthentication

peerAuthentication

traceDirectory string JDBC driver property: traceDirectory.
traceFile string JDBC driver property: traceFile.
traceFileAppend boolean JDBC driver property: traceFileAppend.
traceLevel int Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_XA_CALLS=2048, TRACE_ALL=-1.
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.derby.embedded

Description: Data source properties for Derby Embedded JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
connectionAttributes string JDBC driver property: connectionAttributes.
createDatabase

  • false

  • create

JDBC driver property: createDatabase.

false

Do not automatically create the database.

create

When the first connection is established, automatically create the database if it doesn't exist.

databaseName string JDBC driver property: databaseName.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
shutdownDatabase

  • false

  • shutdown

JDBC driver property: shutdownDatabase.

false

Do not shut down the database.

shutdown

Shut down the database when a connection is attempted.

user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.informix

Description: Data source properties for the Informix JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
databaseName string JDBC driver property: databaseName.
ifxCLIENT_LOCALE string JDBC driver property: ifxCLIENT_LOCALE.
ifxCPMAgeLimit A period of time with second precision JDBC driver property: ifxCPMAgeLimit. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxCPMInitPoolSize int JDBC driver property: ifxCPMInitPoolSize.
ifxCPMMaxConnections int JDBC driver property: ifxCPMMaxConnections.
ifxCPMMaxPoolSize int JDBC driver property: ifxCPMMaxPoolSize.
ifxCPMMinAgeLimit A period of time with second precision JDBC driver property: ifxCPMMinAgeLimit. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxCPMMinPoolSize int JDBC driver property: ifxCPMMinPoolSize.
ifxCPMServiceInterval A period of time with millisecond precision JDBC driver property: ifxCPMServiceInterval. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
ifxDBANSIWARN boolean JDBC driver property: ifxDBANSIWARN.
ifxDBCENTURY string JDBC driver property: ifxDBCENTURY.
ifxDBDATE string JDBC driver property: ifxDBDATE.
ifxDBSPACETEMP string JDBC driver property: ifxDBSPACETEMP.
ifxDBTEMP string JDBC driver property: ifxDBTEMP.
ifxDBTIME string JDBC driver property: ifxDBTIME.
ifxDBUPSPACE string JDBC driver property: ifxDBUPSPACE.
ifxDB_LOCALE string JDBC driver property: ifxDB_LOCALE.
ifxDELIMIDENT boolean JDBC driver property: ifxDELIMIDENT.
ifxENABLE_TYPE_CACHE boolean JDBC driver property: ifxENABLE_TYPE_CACHE.
ifxFET_BUF_SIZE int JDBC driver property: ifxFET_BUF_SIZE.
ifxGL_DATE string JDBC driver property: ifxGL_DATE.
ifxGL_DATETIME string JDBC driver property: ifxGL_DATETIME.
ifxIFXHOST string localhost JDBC driver property: ifxIFXHOST.
ifxIFX_AUTOFREE boolean JDBC driver property: ifxIFX_AUTOFREE.
ifxIFX_DIRECTIVES string JDBC driver property: ifxIFX_DIRECTIVES.
ifxIFX_LOCK_MODE_WAIT A period of time with second precision 2s JDBC driver property: ifxIFX_LOCK_MODE_WAIT. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxIFX_SOC_TIMEOUT A period of time with millisecond precision JDBC driver property: ifxIFX_SOC_TIMEOUT. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
ifxIFX_USEPUT boolean JDBC driver property: ifxIFX_USEPUT.
ifxIFX_USE_STRENC boolean JDBC driver property: ifxIFX_USE_STRENC.
ifxIFX_XASPEC string y JDBC driver property: ifxIFX_XASPEC.
ifxINFORMIXCONRETRY int JDBC driver property: ifxINFORMIXCONRETRY.
ifxINFORMIXCONTIME A period of time with second precision JDBC driver property: ifxINFORMIXCONTIME. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ifxINFORMIXOPCACHE string JDBC driver property: ifxINFORMIXOPCACHE.
ifxINFORMIXSTACKSIZE int JDBC driver property: ifxINFORMIXSTACKSIZE.
ifxJDBCTEMP string JDBC driver property: ifxJDBCTEMP.
ifxLDAP_IFXBASE string JDBC driver property: ifxLDAP_IFXBASE.
ifxLDAP_PASSWD string JDBC driver property: ifxLDAP_PASSWD.
ifxLDAP_URL string JDBC driver property: ifxLDAP_URL.
ifxLDAP_USER string JDBC driver property: ifxLDAP_USER.
ifxLOBCACHE int JDBC driver property: ifxLOBCACHE.
ifxNEWCODESET string JDBC driver property: ifxNEWCODESET.
ifxNEWLOCALE string JDBC driver property: ifxNEWLOCALE.
ifxNODEFDAC string JDBC driver property: ifxNODEFDAC.
ifxOPTCOMPIND string JDBC driver property: ifxOPTCOMPIND.
ifxOPTOFC string JDBC driver property: ifxOPTOFC.
ifxOPT_GOAL string JDBC driver property: ifxOPT_GOAL.
ifxPATH string JDBC driver property: ifxPATH.
ifxPDQPRIORITY string JDBC driver property: ifxPDQPRIORITY.
ifxPLCONFIG string JDBC driver property: ifxPLCONFIG.
ifxPLOAD_LO_PATH string JDBC driver property: ifxPLOAD_LO_PATH.
ifxPROTOCOLTRACE int JDBC driver property: ifxPROTOCOLTRACE.
ifxPROTOCOLTRACEFILE string JDBC driver property: ifxPROTOCOLTRACEFILE.
ifxPROXY string JDBC driver property: ifxPROXY.
ifxPSORT_DBTEMP string JDBC driver property: ifxPSORT_DBTEMP.
ifxPSORT_NPROCS boolean JDBC driver property: ifxPSORT_NPROCS.
ifxSECURITY string JDBC driver property: ifxSECURITY.
ifxSQLH_FILE string JDBC driver property: ifxSQLH_FILE.
ifxSQLH_LOC string JDBC driver property: ifxSQLH_LOC.
ifxSQLH_TYPE string JDBC driver property: ifxSQLH_TYPE.
ifxSSLCONNECTION string JDBC driver property: ifxSSLCONNECTION.
ifxSTMT_CACHE string JDBC driver property: ifxSTMT_CACHE.
ifxTRACE int JDBC driver property: ifxTRACE.
ifxTRACEFILE string JDBC driver property: ifxTRACEFILE.
ifxTRUSTED_CONTEXT string JDBC driver property: ifxTRUSTED_CONTEXT.
ifxUSEV5SERVER boolean JDBC driver property: ifxUSEV5SERVER.
ifxUSE_DTENV boolean JDBC driver property: ifxUSE_DTENV.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1526 Port on which to obtain database connections.
roleName string JDBC driver property: roleName.
serverName string Server where the database is running.
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.informix.jcc

Description: Data source properties for the IBM Data Server Driver for JDBC and SQLJ for Informix.

Required: false

Data type:

Attribute name Data type Default value Description
DBANSIWARN boolean JDBC driver property: DBANSIWARN.
DBDATE string JDBC driver property: DBDATE.
DBPATH string JDBC driver property: DBPATH.
DBSPACETEMP string JDBC driver property: DBSPACETEMP.
DBTEMP string JDBC driver property: DBTEMP.
DBUPSPACE string JDBC driver property: DBUPSPACE.
DELIMIDENT boolean JDBC driver property: DELIMIDENT.
IFX_DIRECTIVES

  • ON

  • OFF

JDBC driver property: IFX_DIRECTIVES.

ON

ON

OFF

OFF

IFX_EXTDIRECTIVES

  • ON

  • OFF

JDBC driver property: IFX_EXTDIRECTIVES.

ON

ON

OFF

OFF

IFX_UPDDESC string JDBC driver property: IFX_UPDDESC.
IFX_XASTDCOMPLIANCE_XAEND

  • 1

  • 0

JDBC driver property: IFX_XASTDCOMPLIANCE_XAEND.

1

1

0

0

INFORMIXOPCACHE string JDBC driver property: INFORMIXOPCACHE.
INFORMIXSTACKSIZE string JDBC driver property: INFORMIXSTACKSIZE.
NODEFDAC

  • yes

  • no

JDBC driver property: NODEFDAC.

yes

yes

no

no

OPTCOMPIND

  • 2

  • 1

  • 0

JDBC driver property: OPTCOMPIND.

2

2

1

1

0

0

OPTOFC

  • 1

  • 0

JDBC driver property: OPTOFC.

1

1

0

0

PDQPRIORITY

  • HIGH

  • LOW

  • OFF

JDBC driver property: PDQPRIORITY.

HIGH

HIGH

LOW

LOW

OFF

OFF

PSORT_DBTEMP string JDBC driver property: PSORT_DBTEMP.
PSORT_NPROCS string

Maximum: 10

JDBC driver property: PSORT_NPROCS.
STMT_CACHE

  • 1

  • 0

JDBC driver property: STMT_CACHE.

1

1

0

0

currentLockTimeout A period of time with second precision 2s JDBC driver property: currentLockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
databaseName string JDBC driver property: databaseName.
deferPrepares boolean JDBC driver property: deferPrepares.
driverType int 4 JDBC driver property: driverType.
enableNamedParameterMarkers int JDBC driver property: enableNamedParameterMarkers. Values are: 1 (YES) or 2 (NO).
enableSeamlessFailover int JDBC driver property: enableSeamlessFailover. Values are: 1 (YES) or 2 (NO).
enableSysplexWLB boolean JDBC driver property: enableSysplexWLB.
fetchSize int JDBC driver property: fetchSize.
fullyMaterializeLobData boolean JDBC driver property: fullyMaterializeLobData.
keepDynamic int JDBC driver property: keepDynamic.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1526 Port on which to obtain database connections.
progressiveStreaming

  • 2

  • 1

JDBC driver property: progressiveStreaming. Values are: 1 (YES) or 2 (NO).

2

NO

1

YES

queryDataSize int

Minimum: 4096

Maximum: 10485760

JDBC driver property: queryDataSize.
resultSetHoldability

  • 2

  • 1

JDBC driver property: resultSetHoldability. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT).

2

CLOSE_CURSORS_AT_COMMIT

1

HOLD_CURSORS_OVER_COMMIT

resultSetHoldabilityForCatalogQueries

  • 2

  • 1

JDBC driver property: resultSetHoldabilityForCatalogQueries. Values are: 1 (HOLD_CURSORS_OVER_COMMIT) or 2 (CLOSE_CURSORS_AT_COMMIT).

2

CLOSE_CURSORS_AT_COMMIT

1

HOLD_CURSORS_OVER_COMMIT

retrieveMessagesFromServerOnGetMessage boolean true JDBC driver property: retrieveMessagesFromServerOnGetMessage.
securityMechanism

  • 3

  • 7

  • 4

  • 9

JDBC driver property: securityMechanism. Values are: 3 (CLEAR_TEXT_PASSWORD_SECURITY), 4 (USER_ONLY_SECURITY), 7 (ENCRYPTED_PASSWORD_SECURITY), 9 (ENCRYPTED_USER_AND_PASSWORD_SECURITY).

3

CLEAR_TEXT_PASSWORD_SECURITY

7

ENCRYPTED_PASSWORD_SECURITY

4

USER_ONLY_SECURITY

9

ENCRYPTED_USER_AND_PASSWORD_SECURITY

serverName string localhost Server where the database is running.
traceDirectory string JDBC driver property: traceDirectory.
traceFile string JDBC driver property: traceFile.
traceFileAppend boolean JDBC driver property: traceFileAppend.
traceLevel int Bitwise combination of the following constant values: TRACE_NONE=0, TRACE_CONNECTION_CALLS=1, TRACE_STATEMENT_CALLS=2, TRACE_RESULT_SET_CALLS=4, TRACE_DRIVER_CONFIGURATION=16, TRACE_CONNECTS=32, TRACE_DRDA_FLOWS=64, TRACE_RESULT_SET_META_DATA=128, TRACE_PARAMETER_META_DATA=256, TRACE_DIAGNOSTICS=512, TRACE_SQLJ=1024, TRACE_META_CALLS=8192, TRACE_DATASOURCE_CALLS=16384, TRACE_LARGE_OBJECT_CALLS=32768, TRACE_SYSTEM_MONITOR=131072, TRACE_TRACEPOINTS=262144, TRACE_ALL=-1.
useJDBC4ColumnNameAndLabelSemantics int JDBC driver property: useJDBC4ColumnNameAndLabelSemantics. Values are: 1 (YES) or 2 (NO).
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.microsoft.sqlserver

Description: Data source properties for Microsoft SQL Server JDBC Driver.

Required: false

Data type:

Attribute name Data type Default value Description
URL string URL for connecting to the database. Example: jdbc:sqlserver://localhost:1433;databaseName=myDB.
applicationIntent

  • ReadOnly

  • ReadWrite

JDBC driver property: applicationIntent.

ReadOnly

ReadOnly

ReadWrite

ReadWrite

applicationName string JDBC driver property: applicationName.
authenticationScheme

  • NativeAuthentication

  • JavaKerberos

JDBC driver property: authenticationScheme.

NativeAuthentication

NativeAuthentication

JavaKerberos

JavaKerberos

databaseName string JDBC driver property: databaseName.
encrypt boolean JDBC driver property: encrypt.
failoverPartner string JDBC driver property: failoverPartner.
hostNameInCertificate string JDBC driver property: hostNameInCertificate.
instanceName string JDBC driver property: instanceName.
integratedSecurity boolean JDBC driver property: integratedSecurity.
lastUpdateCount boolean JDBC driver property: lastUpdateCount.
lockTimeout A period of time with millisecond precision JDBC driver property: lockTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
multiSubnetFailover boolean JDBC driver property: multiSubnetFailover.
packetSize int

Minimum: 512

Maximum: 32767

JDBC driver property: packetSize.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1433 Port on which to obtain database connections.
responseBuffering

  • full

  • adaptive

JDBC driver property: responseBuffering.

full

full

adaptive

adaptive

selectMethod

  • direct

  • cursor

JDBC driver property: selectMethod.

direct

direct

cursor

cursor

sendStringParametersAsUnicode boolean false JDBC driver property: sendStringParametersAsUnicode.
sendTimeAsDatetime boolean JDBC driver property: sendTimeAsDatetime.
serverName string localhost Server where the database is running.
trustServerCertificate boolean JDBC driver property: trustServerCertificate.
trustStore string JDBC driver property: trustStore.
trustStorePassword Reversably encoded password (string) JDBC driver property: trustStorePassword.
user string It is recommended to use a container managed authentication alias instead of configuring this property.
workstationID string JDBC driver property: workstationID.
xopenStates boolean JDBC driver property: xopenStates.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.oracle

Description: Data source properties for Oracle JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
ONSConfiguration string JDBC driver property: ONSConfiguration.
TNSEntryName string JDBC driver property: TNSEntryName.
URL string URL for connecting to the database. Examples: jdbc:oracle:thin:@//localhost:1521/sample or jdbc:oracle:oci:@//localhost:1521/sample.
connectionProperties string JDBC driver property: connectionProperties.
databaseName string JDBC driver property: databaseName.
driverType

  • oci

  • thin

thin JDBC driver property: driverType.

oci

oci

thin

thin

loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
networkProtocol string JDBC driver property: networkProtocol.
password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 1521 Port on which to obtain database connections.
serverName string localhost Server where the database is running.
serviceName string JDBC driver property: serviceName.
user string It is recommended to use a container managed authentication alias instead of configuring this property.

openidConnectProvider > oauthProvider > databaseStore > dataSource > properties.sybase

Description: Data source properties for Sybase JDBC driver.

Required: false

Data type:

Attribute name Data type Default value Description
SERVER_INITIATED_TRANSACTIONS

  • false

  • true

false JDBC driver property: SERVER_INITIATED_TRANSACTIONS.

false

false

true

true

connectionProperties string SELECT_OPENS_CURSOR=true JDBC driver property: connectionProperties.
databaseName string JDBC driver property: databaseName.
loginTimeout A period of time with second precision JDBC driver property: loginTimeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
networkProtocol

  • SSL

  • socket

JDBC driver property: networkProtocol.

SSL

SSL

socket

socket

password Reversably encoded password (string) It is recommended to use a container managed authentication alias instead of configuring this property.
portNumber int 5000 Port on which to obtain database connections.
resourceManagerName string JDBC driver property: resourceManagerName.
serverName string localhost Server where the database is running.
user string It is recommended to use a container managed authentication alias instead of configuring this property.
version int JDBC driver property: version.

openidConnectProvider > oauthProvider > databaseStore > dataSource > recoveryAuthData

Description: Authentication data for transaction recovery.

Required: false

Data type:

Attribute name Data type Default value Description
password Reversably encoded password (string) Password of the user to use when connecting to the EIS. Stored in clear text or encoded form. It is recommended that you encode the password. To do so, use the securityUtility tool with the encode option.
user string Name of the user to use when connecting to the EIS.

openidConnectProvider > oauthProvider > grantType

Description: An access token grant type (as detailed in the OAuth specification) that is allowed for the provider. The equivalent provider parameter in the full application server profile is oauth20.grant.types.allowed.

Required: false

Data type: string

openidConnectProvider > oauthProvider > jwtGrantType

Description: The grant_type for JWT Token handler

Required: false

Data type:

Attribute name Data type Default value Description
clockSkew A period of time with second precision 300s The time difference allowed between OpenID Connect Client and OpenID Connect Provider systems when they are not synchronized. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
iatRequired boolean false The iat claim in a jwt token is required.
maxJtiCacheSize long

Minimum: 1

10000 The maximum size of cache, which keeps jti data of jwt token, to prevent the jti from being reused.
tokenMaxLifetime A period of time with second precision 7200s The time indicates the maximum lifetime of an alive jwt token since its issued-at-time. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

openidConnectProvider > oauthProvider > library

Description: Reference to shared library containing the mediator plugin class.

Required: false

Data type:

Attribute name Data type Default value Description
apiTypeVisibility string spec,ibm-api,api The types of API package this library's class loader will be able to see, as a comma-separated list of any combination of the following: spec, ibm-api, api, third-party.
description string Description of shared library for administrators
filesetRef List of references to top level fileset elements (comma-separated string). Id of referenced Fileset
name string Name of shared library for administrators

openidConnectProvider > oauthProvider > library > file

Description: Id of referenced File

Required: false

Data type:

Attribute name Data type Default value Description
name Path to a file Fully qualified filename

openidConnectProvider > oauthProvider > library > fileset

Description: Id of referenced Fileset

Required: false

Data type:

Attribute name Data type Default value Description
caseSensitive boolean true Boolean to indicate whether or not the search should be case sensitive (default: true).
dir Path to a directory ${server.config.dir} The base directory to search for files.
excludes string The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
includes string * The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval A period of time with millisecond precision 0 Scanning interval to check the fileset for changes as a long with a time unit suffix h-hour, m-minute, s-second, ms-millisecond (e.g. 2ms or 5s). Disabled (scanInterval=0) by default. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

openidConnectProvider > oauthProvider > library > folder

Description: Id of referenced folder

Required: false

Data type:

Attribute name Data type Default value Description
dir Path to a directory Directory or folder to be included in the library classpath for locating resource files

openidConnectProvider > oauthProvider > localStore

Description: Clients are defined in server.xml and tokens are cached in the server.

Required: false

Data type:

Attribute name Data type Default value Description
tokenStoreSize long 2000 Token store size

openidConnectProvider > oauthProvider > localStore > client

Description: OAuth client definition. Only clients defined here can access the provider.

Required: false

Data type:

Attribute name Data type Default value Description
applicationType

  • native

  • web

web The type of application best describing the client.

native

native

web

web

displayname string Display name of the client.
enabled boolean true Client is enabled if true, disabled if false.
functionalUserId string A user identifier to be associated with access tokens obtained by this client using the client credentials grant type. When this client parameter is specified, the value is returned in the functional_user_id response parameter from the introspect endpoint.
introspectTokens boolean false Boolean value specifying whether the client is allowed to access the introspection endpoint to introspect tokens issued by the authorization server.
name string Name of the client (sometimes referred to as the Id).
preAuthorizedScope string Space separated list of scope values that the client can use when requesting access tokens that are deemed to have been pre-approved by the resource owner and therefore does not require the resource owner's consent.
scope string Specify by spaces the list of scopes of the client.
secret Reversably encoded password (string) Secret key of the client.
sessionManaged boolean false Boolean indicating whether the client participates in OpenID session management.
subjectType

  • public

Subject type requested for response to this client.

public

public

tokenEndpointAuthMethod

  • client_secret_post

  • none

  • client_secret_basic

client_secret_basic The requested authentication method for the token endpoint of the client.

client_secret_post

client_secret_post

none

none

client_secret_basic

client_secret_basic

openidConnectProvider > oauthProvider > localStore > client > functionalUserGroupIds

Description: A list of group ids to be to be associated with access tokens obtained by this client using the client credentials grant type. When this client parameter is specified, the value is returned in the functional_user_groupIds response parameter from the introspect endpoint.

Required: false

Data type: string

openidConnectProvider > oauthProvider > localStore > client > grantTypes

Description: Grant types the client may use.

Required: false

Data type:

openidConnectProvider > oauthProvider > localStore > client > postLogoutRedirectUris

Description: Array of URLs supplied by the RP to which it may request that the end-user's user agent be redirected using the post_logout_redirect_uri parameter after a logout has been performed.

Required: false

Data type: string

openidConnectProvider > oauthProvider > localStore > client > redirect

Description: Array of redirect URIs for use in redirect-based flows such as the authorization code and implicit grant types of the client. The first redirect URI is used as a default, when none is specified in a request.

Required: false

Data type: string

openidConnectProvider > oauthProvider > localStore > client > responseTypes

Description: Response types the client may use.

Required: false

Data type:

openidConnectProvider > oauthProvider > mediatorClassname

Description: Mediator plugin class name. The equivalent provider parameter in the full application server profile is oauth20.mediator.classnames.

Required: false

Data type: string

openidConnectProvider > scopeToClaimMap

Description: Specify the claims for the scope.

Required: false

Data type:

Attribute name Data type Default value Description
address string address Specify a comma-separated list of claims associated with the address scope.
email string email, email_verified Specify a comma-separated list of claims associated with the email scope.
phone string phone_number, phone_number_verified Specify a comma-separated list of claims associated with the phone scope.
profile string name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, updated_at Specify a comma-separated list of claims associated with the profile scope.

openidConnectProvider > scopeToClaimMap > property

Description: Specify a property in addition to the parent element properties

Required: false

Data type:

Attribute name Data type Default value Description
name string Name of the property
value string Specify the value of the property