Globals
Globals are system properties affecting all components in a configuration.
For details about where to place these global VM options, see Extra VM options
-D<property-name>=<property-value>
All globals has the following prefix (if not specified otherwise):
com.phenixidentity.globals.
(left out from table below for better readability)
Example:
-Dcom.phenixidentity.globals.httpRequestBodyMaxSize=<property-value>
| Name | Default | Description |
|---|---|---|
| licensePath |
./license | Path to license directory |
| tls.version |
TLSv1.2 |
TLS version to use |
| http.port |
8443 | Default HTTP listen port. Note: This value is only used if the server configuration does NOT contain a HTTP_CONFIGURATION with alias 'default' |
| defaultLanguage |
en | Default language used for localization. |
| defaultHTTPErrorTemplate |
error | Name of template used for displaying errors. |
| faviconFilePath |
Path to favicon | |
| com.phenixidentity.valve.detectionpattern |
com.phenixidentity..* |
Regex matching packages that should be scanned for valves. Note: prefix for this property is 'com.phenixidentity.' |
| datetimepattern |
MMM dd yyyy HH:mm:ss.SSS zzz |
Date/time pattern for events. |
| storePath |
Path to configuration store. | |
| sessionTTL |
30 | Session TTL in minutes. |
| sessionMaxCount |
50000 | Maximum number of concurrent sessions. If this value is exceeded, oldest sessions will be removed before expired. |
| asyncStoreRequestTimeout |
10000 | Timeout in milliseconds for calls to configuration and runtime store. |
| asyncPipeRequestTimeout |
10000 | Timeout in milliseconds for calls to pipes. |
| asyncServiceRequestTimeout |
2000 | Timeout in milliseconds for calls to internal services. |
| useExtendedExprSyntax |
false | Enable support for dotted names in valve expressions. |
| usePromiscuousMode |
false | Enable SSL trust all |
| hazelcastConfigPath |
classes/cluster.xml |
Path to Hazelcast configurations file |
| com.phenixidentity.operatingPlattform |
default | Server platform. This is an internal setting that never should be changed. Note: prefix for this property is 'com.phenixidentity.' |
| listenAddress |
0.0.0.0 | Server bind/listen address |
| httpRequestBodyMaxSize |
2097152 |
Max size in bytes of incoming HTTP request bodies. If a message with a body larger than this value is received it will be rejected. |
| allowedHttpMethods |
GET,PUT,POST,DELETE | Allowed HTTP request methods. Calls with methods NOT in this list will be rejected. |
| requireHttpContentLength |
true | Require HTTP clients to supply header Content-Length in HTTP PUT and POST request. |
| phenixid_lta_signature_size |
20000 | Size (bytes) of LTA signature. |
| datetimepattern | yyyy-MM-dd'T'HH:mm:ssXXX |
Date and time format for CEF logs |
| phenixid.auth.client.address | When authenticating using HTTP based protocols the system uses the remote address property as the client source. When using a reverse proxy this will in most cases result in logging the proxy address instead of the actual client. If the reverse proxy send the actual remote client ip in a parameter the server can be configured using this parameter (often X-Forwarded-For). |
|
| phenixid.auth.cookie.force.secure | false | Cookies set by PAS can be forced to include the secure flag. By default PAS tries to guess if the flag should be set or not. Often when running PAS behind a reverse proxy terminating SSL/TLS and the communication between the reverse proxy and PAS is using basic HTTP this behaviour will result in a less secure set up (the secure flag is not set). When setting this, direct http connections will not work as expected meaning if there are sections of the system running on plain http without a SSL/TLS proxy in front. That part will not work. HTTP API is not affected since cookies are not used in this scenario. |
| msggw.connection.timeout | 1 | Timeout in seconds for connecting to the message gateway, which is used for sending SMS, voice messages etc. |
| msggw.socket.timeout | 1 | The socket timeout, in seconds, when communicating with the message gateway, which is used for sending SMS, voice messages etc. |
| msggw.request.timeout | 4 | The request timeout, in seconds, when communicating with the message gateway, which is used for sending SMS, voice messages etc. |
| com.phenixidentity.globals.enableCaching | true | If caching should be enabled or not. This attempts to cache ex. common static files, gzip compression results, templates etc. Should under normal circumstances be enabled when running in production. Can be useful to disable when developing in order to reflect file changes instantly, ex. CSS, templates or similar. |