Previous Topic: CA Risk Authentication WSDL FilesNext Topic: XML Configuration Files Details

CA Risk Authentication Administration GuideProperties Files Details

Properties Files Details

CA Risk Authentication primarily uses the properties files that are discussed in the following sections.

These files are available in the following location:

<install_location>\Arcot Systems\sdk\java\properties\

riskfort.risk-evaluation.properties

The riskfort.risk-evaluation.properties file provides the parameters for the CA Risk Authentication Risk Evaluation Java SDK and Sample Application to read CA Risk Authentication Server information. The following table lists the configuration parameters that are used in this file.

Parameter

Default

Description

HOST.1

localhost

IP address of CA Risk Authentication Server.

PORT.1

7680

Port number where CA Risk Authentication Server is listening to incoming requests.

CONNECTION_TIMEOUT

10000

Time in milliseconds before CA Risk Authentication Server is considered unreachable.

CONNECTION_RETRIES

3

Maximum number of retries allowed with CA Risk Authentication Server.

READ_TIMEOUT

30000

Maximum time in milliseconds allowed for a response from CA Risk Authentication Server.

USE_CONNECTION_POOLING

1

Parameter for enabling or disabling connection pooling to CA Risk Authentication Server:

  • 0: Disabled
  • 1: Enabled

MAX_ACTIVE

128

Maximum number of active connections (from the pool) allowed with CA Risk Authentication Server.

 

It controls the maximum number of connections that can be borrowed from the pool at one time. When negative, there is no limit on the number of objects that might be active at a time.

TIME_BETWEEN_CONNECTION_EVICTION

900000

(15 minutes)

Time in milliseconds between consecutive runs of the Idle Connection Evictor thread.

 

Note: If this parameter is set to -1, then connections are not evicted.

 

Important! Ensure that TIME_BETWEEN_CONNECTION_EVICTION + IDLE_TIME_OF_CONNECTION is less than the connection timeout of your firewall (between SDK and CA Risk Authentication Server.) This ensures that no connection is abruptly dropped by the firewall because of idle time, which ensures smooth functioning of the system.

IDLE_TIME_OF_CONNECTION

1800000

(30 minutes)

Idle time (in milliseconds) after which a connection will be closed.

Note: If this parameter is set to -1, then connections are not evicted.

WHEN_EXHAUSTED_ACTION

BLOCK

The SDK behavior when all connections are exhausted:

  • BLOCK: The SDK waits for a connection to be free. This behavior is the default behavior.
  • FAIL: The transaction is considered as failed.
  • GROW: The SDK can increase the pool.

TRANSPORT_TYPE

TCP

Default value for CA Risk Authentication Server to start up is TCP.

Set this parameter to SSL, if CA Risk Authentication Native protocol is set to SSL. In other words, set this parameter to SSL, if you want to enable SSL-based secure communication between Administration Console and CA Risk Authentication Server.

 

Note: Restart CA Risk Authentication Server, if you change the value to SSL.

CA_CERT_FILE

 

Path for the CA certificate file of the server. The file must be in .PEM format.

Provide the complete path for the file.

For example:

<install_location>/certs/ca.pem

or

<install_location>\\certs\\ca.pem

 

Note:

– Use CLIENT_P12_FILE for the client PKCS#12 file (which contains the Client key and the Certificate pair.)

– Use CLIENT_P12_PASSWORD for the password of the specified PKCS#12 file.

LIFO

false

Indication whether or not the connection pool returns idle objects in Last-In-First-Out order.

Set it to false to ensure that each connection is used in a round-robin manner and is not idle.

For high-load deployments, the recommended value is false.

NUM_PRE_CREATE

32

Number of connections that must be created during the initialization of the pool.

NUM_CONNECT_FAILURES_TO_TRIGGER_FAILOVER

2

Number of consecutive connection failures that will trigger the failover to another pool.

MAX_IDLE

-1

The maximum number of idle connections from the SDK to a given server instance allowed in the pool.

MAX_WAIT_TIME_MILLIS

3000

The maximum time (in milliseconds), a connection request will wait for a connection from the pool.

Note: If this parameter is set to -1, the request waits indefinitely.

log4j.properties.risk-evaluation

The log4j.properties.risk-evaluation file specifies the logging behavior of CA Risk Authentication and its Risk Evaluation components. The following table provides information about the parameters that you may need to change for Risk Evaluation.

Parameter

Default Value

Description

log4j.rootLogger

INFO, debuglog

Specify the log level that must be used to write the logs. The supported log levels are:

  • FATAL
  • WARNING
  • INFO
  • DEBUG

 

Book: See CA Risk Authentication Administration Guide for more information about the log levels.

log4j.logger.com.arcot

INFO

log4j.logger.com.arcot.riskfortAPI

DEBUG

log4j.appender.debuglog.File

arcot-riskfort-evaluaterisk.log

The name of the log file. Possible values for this parameter are:

  • riskfortsdk.log (for CA Risk Authentication Java SDK)
  • arriskfortws.log (for CA Risk Authentication Web Service)

log4j.appender.debuglog.MaxFileSize

1MB

The maximum allowed file size of the log file.

log4j.appender.debuglog.MaxBackupIndex

3

The maximum number of backup files that can be created. When the number of backup files reaches this number, then the application starts to overwrite from the first log file.