To manually configure the State Manager properties, perform the following steps:
AFM_HOME\conf\afm\
The properties file contains the RiskMinder parameters, as described in the following table.
|
Parameter |
Required/ Optional |
Used By |
Description |
|---|---|---|---|
|
RiskFortHOST.1
RiskFortHOST.2 |
Required
Optional |
SiteMinder |
Specify the IP address or the Fully Qualified Distinguished Name (FQDN) of RiskMinder Server. |
|
RiskFortPORT.1
RiskFortPORT.2 |
Required
Optional |
SiteMinder |
Specify the port where RiskMinder Server is listening to the incoming requests. Default value: 7680 |
|
RiskFortTRANSPORT_TYPE |
Optional |
SiteMinder |
Specify the protocol for RiskMinder Server. Note: CA recommends that the communication between State Manager and RiskMinder must be over SSL. Refer to the CA RiskMinder Installation and Deployment Guide for more information on how to configure RiskMinder for SSL. Default value: TCP |
|
RiskFortCA_CERT_ |
Optional, Required only if RiskFortTRANSPORT_TYPE=SSL |
SiteMinder |
Specify the complete path of the certification authority (CA) certificate file for RiskMinder Server. The file must be in.PEM format. |
|
RiskFortCLIENT_P12_FILE |
Optional, Required only if RiskFortTRANSPORT_TYPE=SSL |
SiteMinder |
Specify the path of the PKCS 12 file that contains the key and certificate of the client that communicates with RiskMinder Server. This would establish two-way SSL between the RiskMinder client and server. |
|
RiskFortCLIENT_P12_PASSWORD |
Optional, Required only if RiskFortTRANSPORT_TYPE=SSL |
SiteMinder |
Specify the password for the PKCS 12 file specified in the RiskFortCLIENT_P12_FILE parameter. |
|
RiskFortCONNECTION_TIMEOUT |
Optional |
SiteMinder |
Specify the time (in milliseconds) before RiskMinder Server is considered unreachable. Default value: 30000 (30 seconds) |
|
RiskFortREAD_TIMEOUT |
Optional |
SiteMinder |
Specify the maximum time (in milliseconds) allowed for a response from RiskMinder Server. Default value: 30000 (30 seconds) |
|
RiskFortCONNECTION_RETRIES |
Optional |
SiteMinder |
Specify the maximum number of retries allowed to connect to the RiskMinder Server. Default value: 3 |
|
RiskFortUSE_CONNECTION_POOLING |
Optional |
SiteMinder |
Specify whether the connection pooling with RiskMinder Server is enabled or disabled. Possible values are:
Default value: 1 |
|
RiskFortMAX_ACTIVE |
Optional |
SiteMinder |
Specify the number of maximum connections that can exist between State Manager and RiskMinder Server. The number of connections should not exceed this value. Default value: 32 |
|
RiskFortTIME_BETWEEN_CONNECTION_EVICTION |
Optional |
SiteMinder |
Specify the time (in milliseconds) after which the connection eviction thread will be executed to check and delete any idle RiskMinder Server connection. Default value: 900000 (90 seconds) |
|
RiskFortIDLE_TIME_OF_CONNECTION |
Optional |
SiteMinder |
Specify the time (in milliseconds) after which an idle RiskMinder Server connection will be closed. Default value: 1800000 (3 minutes) |
|
RiskFortWHEN_EXHAUSTED_ACTION |
Optional |
SiteMinder |
Specify the behavior when the maximum number of supported connections have exhausted. Default value: BLOCK |
The following table describes the token-related parameters.
|
Parameter |
Required/ Optional |
Used By |
Description |
|---|---|---|---|
|
TokenMaxInactivitySeconds |
Optional |
SAML SiteMinder |
Specify the time (in seconds) for which the token can be idle after an operation is performed on it. If there is no action on the token within this period, the token becomes unusable. Default value: 900 (15 minutes) |
|
TokenMaxLifetimeSeconds |
Optional |
SAML SiteMinder |
Specify the maximum amount of time (in seconds) for which the token is accessible after it is generated. Default value: 900 (15 minutes) |
|
TokenCleanupIntervalSeconds |
Optional |
SAML SiteMinder |
Specify the frequency (in seconds) at which the expired tokens are checked and deleted from the database. Default value: 30 |
|
TSMClass |
Optional |
SAML SiteMinder |
Specify the class implementing the type of storage mechanism to be used for State Manager. By default, State Manager uses a JDBC database. Default value: com.arcot.integrations.toksvr.server.tsmimpl.iBatisTSMImpl |
The following table describes the database connectivity parameters.
|
Parameter |
Required/ Optional |
Used By |
Description |
|---|---|---|---|
|
DbType |
Required |
SAML SiteMinder |
Specify the type of database applicable to all database connections. Set the value of this parameter to mssqlserver, mysql, or oracle.
|
|
AutoRevert |
Optional |
SAML SiteMinder |
Specify whether or not the system attempts to reconnect to the primary database after a failover occurs. Set AutoRevert=1, if you have a backup database configured and if you want the server to reconnect to the primary database after it has switched to the backup database. Default value: 1 |
|
AppServerConnectionPoolName.n |
Required |
SAML SiteMinder |
If the database connection pooling of the application server is used, then specify the JNDI name used to look up the connection pool object. A pool by this JNDI name must be created in the containing application server, and sufficient privileges must be given to State Manager for it to use the connection pool. For example, configure this property in Apache Tomcat, as shown: AppServerConnectionPoolName.1= For other application servers, specify only the JNDI name. For example: AppServerConnectionPoolName.1= If Application Server connection pool is not required, then leave this configuration empty. |
|
Copyright © 2013 CA.
All rights reserved.
|
|