These settings can be found under Global Settings > Advanced Settings for module Core:


Property

Description

Certificate publishing configuration for ASC_DirectoryThread

ADSS Certification Service can be configured to generate the certificates for users on the Active Directory. If so then following properties come in use:

  • CERTIFICATE_PUBLISHING_INTERVAL = 5
    Time interval to publish the user certificates on an LDAP server when ADSS Server is configured for this purpose.
  • DEFAULT_SERVICE_PROTOCOL = HTTP
    Protocol used by the ASC_DirectoryThread to communicate with Service instance when ADSS Server is configured to generate the certificates against the Active Directory users. Possible values are: HTTP and HTTPS.
  • DEFAULT_SERVICE_PORT = 8777
    Port used by the ASC_DirectoryThread to communicate with Service instance when ADSS Server is configured to generate the certificates against the Active Directory users. Possible values are: 8777, 8778 and 8779.

Signature Padding Scheme

Define the signature padding scheme to be used while core is performing signing operations. The default parameter value is:

  • SIGNATURE_PADDING_SCHEME = PKCS1

Possible values are PKCS1 and PSS

Note: Click here for more details on limitations when PSS padding scheme is used.

Database connections settings

In ADSS Server Core settings, database connection can be re-configured so that the connections can be reused when future requests to the database are required. The default parameter values are:

  • CONNECTION_POOL_QUERY_TIMEOUT = 180
    Number of seconds a query will wait for the database to return the results before terminating the connection.
  • ENABLE_DB_CONNECTION_COUNTER = FALSE
    Used to display the database connections details of logs. To enable logging, uncomment the "File Appenders for Temporary c3p0" appender in core/log.properties file as well.
  • DATABASE_MONITORING_INTERVAL = 15
    Time interval after which the database monitoring thread check the database aliveness.
  • EXPIRED_QR_CODE_REMOVAL_INTERVAL = 60
    Time interval after which the expired QR code removal thread will run its next cycle. Value 0 means the thread is inactive. Default value: 60 minutes
  • hibernate.c3p0.minPoolSize = 30
    Minimum number of connections a pool will maintain at any given time for ADSS Server Core instance.
  • hibernate.c3p0.maxPoolSize = 100
    Maximum number of Connections a pool will maintain at any given time for ADSS Server Core instance.
  • hibernate.c3p0.maxIdleTime = 900
    Seconds a connection can remain pooled but unused before being discarded. Zero means idle connections never expire.
  • hibernate.c3p0.acquireIncrement = 10
    Determines how many connections at a time c3p0 will try to acquire when the pool is exhausted
  • hibernate.c3p0.checkoutTimeout = 600000
    The number of milliseconds a client calling getConnection() will wait for a connection to be checked-in or acquired when the pool is exhausted. Zero means wait indefinitely. Setting any positive value will cause the getConnection() call to time-out and break with an SQLException after the specified number of milliseconds.

For more details, follow the link: http://www.mchange.com/projects/c3p0/

Business Application Authorisation Code Expiry Time

Time interval in minutes to define the expiry time of OAuth2 authorisation code generated for business applications. Default value: 10 minutes

  • BA_OAUTH_CODE_EXPIRY_TIME = 10

Shutdown ADSS Instances if HMAC record is tampered

If enabled then all ADSS Server instances will shutdown on detection of tampered HMAC record by automatic HMAC verification process. Possible values are TRUE/FALSE. Default value: FALSE.

  • SHUTDOWN_SERVICES_IF_HMAC_TAMPERED = FALSE

See also

General
Core Instance
Console Instance
Service Instance