RapidIdentity Product Guide: Legacy UI

Database Properties
Main Properties
Table 210. Main Properties

Property

Type

Description

db.type

string

Required. Defines the type of database RapidIdentity will connect to. Select one of the three valid values.

  • postgresql

  • mysql

  • mssql

db.host

string

The database host. Defaults to 127.0.0.1.

db.port

integer

The database port. Defaults to the database-specific default port.

  • postgresql: 5432

  • mysql: 3306

  • mssql: 1433

db.username

string

The username used to connect to the database. Defaults to "idautoAdmin".

db.password

string

The password used to connect to the database. Defaults to "idautoAdmin".

db.database

string

The database name. Defaults to "idautodb".

db.failFast

boolean

Whether to immediately fail the RapidIdentity startup if database connections cannot be immediately established. If "false," then RapidIdentity will enter a "holding pattern" until the connection pools can be successfully established. Defaults to "false".



HikariCP Properties

RapidIdentity uses HikariCP as the database connection pool provider and various configuration properties are available.

RapidIdentity provides sensible defaults with the ability to adjust these configuration values as needed. To provide custom configuration values, prefix the HikariCP configuration item name with "db.hikari.".

For example, to adjust the maximum pool size, provide an integer value for db.hikari.maximumPoolSize.

This table defines the explicit default values provided by RapidIdentity.

Table 211. HikariCP Properties

Property

Type

Description

db.hikari.driverClassName

String

RapidIdentity provides a default value based on the db.type.

  • postgresql: org.postgresql.Driver

  • mysql: org.mariadb.jdbc.Driver

  • mssql: net.sourceforge.jtds.jdbc.Driver

The JDBC drivers above are provided with the RapidIdentity distribution. Any change requires that JDBC driver to be present on the classpath.

db.hikari.maximumPoolSize

integer

10

db.hikari.minimumIdle

integer

1

RapidIdentity will not use a value less than 1 or greater than 3.

db.hikari.idleTimeout

integer

120000

db.hikari.initializationFailTimeout

integer

-1

db.hikari.connectionTestQuery

string

If the db.type value is mssql, the value " SELECT 1 " is used for this configuration item



Database Driver Properties

Each database driver has its own set of driver-specific properties that can be specified.

To provide custom configuration values, prefix the driver property name with "db.driver..

Hibernate Properties

If any custom Hibernate properties are required these can be provided by prefixing the property name with "db.hibernate."

Other Properties
Table 212. Other Properties

db.other.jdbcUrl

string

RapidIdentity builds a JDBC URL based on the database information provided in the other various properties. If that is not sufficient, providing a value for this property will override the one created by RapidIdentity.

db.other.ha

string

If the db.hikari.driverClassNamevalue equals org.mariadb.jdbc.Driver, then this property can be used to configure the MariaDB driver for HA. Please see Failover Parameters for more information and possible values.



Audit Database

A separate audit database can be configured in exactly the same way as the main database except that all properties should be prefixed with "auditdb." instead of "db.".

All auditdb.* properties are ignored unless a auditdb.enabled property is present with the value true.

Tomcat Properties

This table defines the explicit default values provided by RapidIdentity.

Table 213. Tomcat Properties

Property

Type

Description

tomcat.sslPort

integer

The port to use for SSL. Defaults to 8443.

tomcat.httpPort

integer

The port to use for non-SSL HTTP. Defaults to 8080.

tomcat.proxyPort

integer

The port to use for the "proxy" connector. Defaults to 8081.

tomcat.proxyPortEnabled

boolean

Whether the proxy port is enabled. Defaults to true.

tomcat.redirectPort

integer

The port to redirect to automatically from the httpPort. Defaults to 443.

tomcat.sessionTimeoutMinutes

integer

The session timeout in minutes.

tomcat.sslProfile

string

The ID or name of the SSL Profile to use. Defaults to '___default___'.

tomcat.sslCipherBlacklist

string

Comma-separated list of SSL ciphers to blacklist. Default: a hard-coded out-of-the-box list of ciphers.

Available since RapidIdentity 2017.10.5.

tomcat.sslProtocols

string

Comma-separated list of SSL protocols to allow. Default: TLSv1.1, TLSv1.2.

See Tomcat Apache Support for information about values which are valid.



JMX Properties

This table defines the explicit default values provided by RapidIdentity.

Table 214. JMX Properties

Property

Type

Description

jmx.enabled

boolean

Whether JMX should be enabled. Defaults to true.

jmx.hostname

string

The IP address for remote access. Defaults to the discovered IP address.

jmx.port

integer

The port for remote access. Defaults to 10001.

jmx.username

string

The authentication username for remote access. Defaults to a random string.

jmx.password

string

The authentication password for remote access. Defaults to a random string.



SSO Properties

This table defines the explicit default values provided by RapidIdentity.

Property

Type

Description

sso.disabled

boolean

Whether SSO should be disabled for the instance. Set this to true if SSO is broken and you want to force "altentry". Defaults to false.

sso.requireAdminIfDisabled

boolean

Whether only admins may authenticate to this instance if SSO is disabled. If sso.disabled is false this property has no effect. Defaults to true.

sso.sp

String

The name of the SAML service provider assignment to which the instance should bind. This allows a subset of instances in a RapidIdentity cluster to use a completely different SAML Service Provider configuration than the rest. Defaults to rapididentity.

CORS Properties

Global CORS configuration for all RapidIdentity instances is stored in the database. These properties only need to be defined in rapididentity.properties if this particular instance of RapidIdentity needs to be configured differently from other instances. If these are defined, they take precedence over those defined globally in the database.

Table 215. CORS Properties

Property

Type

Description

cors.allowedHeaders

string

Comma-separated list of HTTP request headers which can be used when making a cross-origin request. These headers will also be returned in the Access-Control-Allow-Headers header in pre-flight responses. Default: Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization

cors.allowedMethods

string

Comma-separated list of HTTP methods which can be used to access resources using cross-origin requests. These are the methods which will also be included in the Access-Control-Allow-Methods header in pre-flight responses. Default:GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS

cors.allowedOrigins

string

Comma-separated list of origins allowed to access resources on the server using cross-origin requests. A value of "*" indicates that resources are allowed to be accessed from any origin. Default: *

cors.exposedHeaders

string

Comma-separated list of headers other than simple response headers that browsers are allowed to access. These are the headers which will be included in the Access-Control-Expose-Headers header in pre-flight responses. Default:

cors.maxAge

integer

The amount of seconds a browser is allowed to cache the result of a pre-flight request. This will be included as the Access-Control-Max-Age header in pre-flight responses. A negative value will prevent the header from being included in pre-flight responses. Default: 1800

cors.supportsCredentials

boolean

Whether user credentials are supported for cross-origin requests. This flag is exposed as part of the Access-Control-Allow-Credentials header in pre-flight responses. It helps browsers determine whether or not an actual request can be made using credentials. Default: false



Log Properties
Table 216. Log Properties

Property

Type

Description

log.format

string

The format for application logs.

The only non-default value currently supported is fluentd. This format provides log events as single-lined JSON-encoded values and is suitable when using Fluentd to collect logs.