Mongo (mongo)
Configuration for a Mongo instance.
Name | Type | Default | Description |
---|---|---|---|
hostNames | string | localhost | List of host names. The ordering of this list must be consistent with the list of ports, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth. |
id | string | A unique configuration ID. | |
libraryRef | A reference to top level library element (string). | Specifies a library that contains the MongoDB Java Driver. | |
onError |
| WARN | Determines the action to take in response to configuration errors. |
password | Reversably encoded password (string) | Password for database user. | |
ports | int | 27017 | List of port numbers. The ordering of this list must be consistent with the list of host names, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth. |
useCertificateAuthentication | boolean | Use provided certificate from key store to authenticate user to MongoDB. | |
user | string | Database user name. | |
MongoClientOptions | |||
autoConnectRetry | boolean | Retry connections to a server, for an interval up to the maxAutoConnectRetryTime, if the socket cannot be opened. | |
connectTimeout | A period of time with millisecond precision | Connection timeout for new connections. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. | |
connectionsPerHost | int | Limits the number of open connections to each host. Connections are pooled when not in use. | |
cursorFinalizerEnabled | boolean | Attempts to clean up DBCursors that are not closed. | |
description | string | Description of a Mongo instance. | |
maxAutoConnectRetryTime | A period of time with millisecond precision | Interval during which to retry attempts to open a connection to a server. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. | |
maxWaitTime | A period of time with millisecond precision | Maximum amount of time to wait for an available connection. If negative, the connection request never times out. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. | |
readPreference |
| Configures the read preference. | |
socketKeepAlive | boolean | Configures whether or not to keep sockets alive. | |
socketTimeout | A period of time with millisecond precision | The socket timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. | |
sslEnabled | boolean | Configures whether or not to enable SSL. | |
sslRef | A reference to top level ssl element (string). | ID of the SSL configuration to be used to connect to the SSL-enabled server. | |
threadsAllowedToBlockForConnectionMultiplier | int | This value, multiplied by connectionsPerHost, establishes an upper limit on threads that are allowed to wait for an available connection. | |
writeConcern |
| The reliability of a write operation to the mongo server. |
library
Specifies a library that contains the MongoDB Java Driver.
Name | Type | Default | Description |
---|---|---|---|
apiTypeVisibility | string | spec,ibm-api,api,stable | The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party. |
description | string | Description of shared library for administrators | |
filesetRef | List of references to top level fileset elements (comma-separated string). | Id of referenced Fileset | |
name | string | Name of shared library for administrators |
library > file
Id of referenced File
Name | Type | Default | Description |
---|---|---|---|
id | string | A unique configuration ID. | |
name | Path to a file | Fully qualified filename |
library > fileset
Id of referenced Fileset
Name | Type | Default | Description |
---|---|---|---|
caseSensitive | boolean | true | Boolean to indicate whether or not the search should be case sensitive (default: true). |
dir | Path to a directory | ${server.config.dir} | The base directory to search for files. |
excludes | string | The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded. | |
id | string | A unique configuration ID. | |
includes | string | * | The comma or space separated list of file name patterns to include in the search results (default: *). |
scanInterval | A period of time with millisecond precision | 0 | Scanning interval to check the fileset for changes as a long with a time unit suffix h-hour, m-minute, s-second, ms-millisecond (e.g. 2ms or 5s). Disabled (scanInterval=0) by default. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. |
library > folder
Id of referenced folder
Name | Type | Default | Description |
---|---|---|---|
dir | Path to a directory | Directory or folder to be included in the library classpath for locating resource files | |
id | string | A unique configuration ID. |
ssl
ID of the SSL configuration to be used to connect to the SSL-enabled server.
Name | Type | Default | Description |
---|---|---|---|
clientAuthentication | boolean | false | Specifies whether client authentication is enabled. If set to true then client authentication is required and the client must provide a certificate for the server trusts. |
clientAuthenticationSupported | boolean | false | Specifies whether a client authentication is supported. If set to true then the client authentication support means the server will check trust from a client if the client presents a certificate. |
clientKeyAlias | string | Specifies the alias of the certificate in the keystore that is used as the key to send to a server that has client authentication enabled. This attribute is only needed if the keystore has more than one key entry. | |
enabledCiphers | string | Specifies a custom list of ciphers. Separate each cipher in the list with a space. The supported cipher will depend on the underlying JRE used. Please check the JRE for valid ciphers. | |
enforceCipherOrder | boolean | false | Specify on the server socket whether to enforce the cipher order. If set to true, the server socket is enabled to enforce the cipher order. The attribute is set to false by default. |
keyStoreRef | A reference to top level keyStore element (string). | A keystore containing key entries for the SSL repertoire. This attribute is required. | |
securityLevel |
| HIGH | Specifies the cipher suite group used by the SSL handshake. HIGH are 3DES and 128 bit and higher ciphers, MEDIUM are DES and 40 bit ciphers, LOW are ciphers without encryption. If the enabledCiphers attribute is used the securityLevel list is ignored. |
serverKeyAlias | string | Specifies the alias of the certificate in the keystore used as the server's key. This attribute is only needed if the keystore has more then one key entry. | |
sslProtocol | string | The SSL handshake protocol. The protocol can be set to a single value found in the documentation for the underlying JRE's Java Secure Socket Extension (JSSE) provider. When using the IBM JRE the default value is SSL_TLSv2 and when using the Oracle JRE the default value is SSL. The protocol can also be a comma-separated list of any of the following values: TLSv1, TLSv1.1, TLSv1.2, or TLSv1.3. | |
trustDefaultCerts | boolean | false | Specifies whether the trust manager can establish trust by using the default certificates. If set to true, then the default certificates are used in addition to the configured truststore file to establish trust. The attribute is set to false by default. |
trustStoreRef | A reference to top level keyStore element (string). | A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries. | |
verifyHostname | boolean | false | Specifies whether host name verification for outbound connections using a specific SSL configuration is enabled. If set to true, then all outbound SSL connections that use the specified SSL configuration undergo verification of the target server host name against that server's certificate. The attribute is set to false by default. |
ssl > keyStore
A keystore containing key entries for the SSL repertoire. This attribute is required.
Name | Type | Default | Description |
---|---|---|---|
fileBased | boolean | true | Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type. |
id | string | defaultKeyStore | A unique configuration ID. |
location | A file, directory or url. | ${server.output.dir}/resources/security/key.p12 | An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12. |
password | Reversably encoded password (string) | The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password. | |
pollingRate | A period of time with millisecond precision | 500ms | Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. |
readOnly | boolean | false | Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore. |
type | string | PKCS12 | A keystore type supported by the target SDK. |
updateTrigger |
| mbean | Keystore file update method or trigger. |
ssl > keyStore > keyEntry
A unique configuration ID.
Name | Type | Default | Description |
---|---|---|---|
id | string | A unique configuration ID. | |
keyPassword | Reversably encoded password (string) | Password of the private key entry in the keystore. | |
name | string | Name of the private key entry in the keystore. |
ssl > outboundConnection
A unique configuration ID.
Name | Type | Default | Description |
---|---|---|---|
clientCertificate | string | The client uses this certificate alias if you make a connection to a server that supports or requires client authentication. | |
host | string | The server uses this SSL configuration when it accesses the specified host name. | |
id | string | A unique configuration ID. | |
port | int | The server uses this SSL configuration when it accesses the remote host name at the specified port. |
ssl > trustStore
A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.
Name | Type | Default | Description |
---|---|---|---|
fileBased | boolean | true | Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type. |
id | string | defaultKeyStore | A unique configuration ID. |
location | A file, directory or url. | ${server.output.dir}/resources/security/key.p12 | An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12. |
password | Reversably encoded password (string) | The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password. | |
pollingRate | A period of time with millisecond precision | 500ms | Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. |
readOnly | boolean | false | Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore. |
type | string | PKCS12 | A keystore type supported by the target SDK. |
updateTrigger |
| mbean | Keystore file update method or trigger. |
ssl > trustStore > keyEntry
A unique configuration ID.
Name | Type | Default | Description |
---|---|---|---|
id | string | A unique configuration ID. | |
keyPassword | Reversably encoded password (string) | Password of the private key entry in the keystore. | |
name | string | Name of the private key entry in the keystore. |