Mongo (mongo)

Configuration for a Mongo instance.

Name	Type	Default	Description
hostNames	string	localhost	List of host names. The ordering of this list must be consistent with the list of ports, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth.
id	string		A unique configuration ID.
libraryRef	A reference to top level library element (string).		Specifies a library that contains the MongoDB Java Driver.
onError	FAIL IGNORE WARN	WARN	Determines the action to take in response to configuration errors. FAIL Server will issue a warning or error message on the first error occurrence and then stop the server. IGNORE Server will not issue any warning and error messages when it incurs a configuration error. WARN Server will issue warning and error messages when it incurs a configuration error.
password	Reversably encoded password (string)		Password for database user.
ports	int Min: 0	27017	List of port numbers. The ordering of this list must be consistent with the list of host names, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth.
useCertificateAuthentication	boolean		Use provided certificate from key store to authenticate user to MongoDB.
user	string		Database user name.
MongoClientOptions
autoConnectRetry	boolean		Retry connections to a server, for an interval up to the maxAutoConnectRetryTime, if the socket cannot be opened.
connectTimeout	A period of time with millisecond precision		Connection timeout for new connections. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
connectionsPerHost	int Min: 0		Limits the number of open connections to each host. Connections are pooled when not in use.
cursorFinalizerEnabled	boolean		Attempts to clean up DBCursors that are not closed.
description	string		Description of a Mongo instance.
maxAutoConnectRetryTime	A period of time with millisecond precision		Interval during which to retry attempts to open a connection to a server. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
maxWaitTime	A period of time with millisecond precision		Maximum amount of time to wait for an available connection. If negative, the connection request never times out. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
readPreference	nearest primary primaryPreferred secondary secondaryPreferred		Configures the read preference.
socketKeepAlive	boolean		Configures whether or not to keep sockets alive.
socketTimeout	A period of time with millisecond precision		The socket timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
sslEnabled	boolean		Configures whether or not to enable SSL.
sslRef	A reference to top level ssl element (string).		ID of the SSL configuration to be used to connect to the SSL-enabled server.
threadsAllowedToBlockForConnectionMultiplier	int Min: 0		This value, multiplied by connectionsPerHost, establishes an upper limit on threads that are allowed to wait for an available connection.
writeConcern	ACKNOWLEDGED ERRORS_IGNORED FSYNCED FSYNC_SAFE JOURNALED JOURNAL_SAFE MAJORITY NONE NORMAL REPLICAS_SAFE REPLICA_ACKNOWLEDGED SAFE UNACKNOWLEDGED		The reliability of a write operation to the mongo server.

Name

Type

Default

Description

hostNames

string

localhost

List of host names. The ordering of this list must be consistent with the list of ports, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth.

string

A unique configuration ID.

libraryRef

A reference to top level library element (string).

Specifies a library that contains the MongoDB Java Driver.

onError

FAIL
IGNORE
WARN

WARN

Determines the action to take in response to configuration errors.
FAIL
Server will issue a warning or error message on the first error occurrence and then stop the server.
IGNORE
Server will not issue any warning and error messages when it incurs a configuration error.
WARN
Server will issue warning and error messages when it incurs a configuration error.

password

Reversably encoded password (string)

Password for database user.

ports

int
Min: 0

27017

List of port numbers. The ordering of this list must be consistent with the list of host names, such that the first element in the list of host names corresponds to the first element in the list of ports, and so forth.

useCertificateAuthentication

boolean

Use provided certificate from key store to authenticate user to MongoDB.

user

string

Database user name.

MongoClientOptions

autoConnectRetry

boolean

Retry connections to a server, for an interval up to the maxAutoConnectRetryTime, if the socket cannot be opened.

connectTimeout

A period of time with millisecond precision

Connection timeout for new connections. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

connectionsPerHost

int
Min: 0

Limits the number of open connections to each host. Connections are pooled when not in use.

cursorFinalizerEnabled

boolean

Attempts to clean up DBCursors that are not closed.

description

string

Description of a Mongo instance.

maxAutoConnectRetryTime

A period of time with millisecond precision

Interval during which to retry attempts to open a connection to a server. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

maxWaitTime

A period of time with millisecond precision

Maximum amount of time to wait for an available connection. If negative, the connection request never times out. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

readPreference

nearest
primary
primaryPreferred
secondary
secondaryPreferred

Configures the read preference.

socketKeepAlive

boolean

Configures whether or not to keep sockets alive.

socketTimeout

A period of time with millisecond precision

The socket timeout. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

sslEnabled

boolean

Configures whether or not to enable SSL.

sslRef

A reference to top level ssl element (string).

ID of the SSL configuration to be used to connect to the SSL-enabled server.

threadsAllowedToBlockForConnectionMultiplier

int
Min: 0

This value, multiplied by connectionsPerHost, establishes an upper limit on threads that are allowed to wait for an available connection.

writeConcern

ACKNOWLEDGED
ERRORS_IGNORED
FSYNCED
FSYNC_SAFE
JOURNALED
JOURNAL_SAFE
MAJORITY
NONE
NORMAL
REPLICAS_SAFE
REPLICA_ACKNOWLEDGED
SAFE
UNACKNOWLEDGED

The reliability of a write operation to the mongo server.

library

Specifies a library that contains the MongoDB Java Driver.

Name	Type	Default	Description
apiTypeVisibility	string	spec,ibm-api,api,stable	The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.
description	string		Description of shared library for administrators
filesetRef	List of references to top level fileset elements (comma-separated string).		Id of referenced Fileset
name	string		Name of shared library for administrators

Name

Type

Default

Description

apiTypeVisibility

string

spec,ibm-api,api,stable

The types of API packages that this class loader supports. This value is a comma-separated list of any combination of the following API packages: spec, ibm-api, api, stable, third-party.

description

string

Description of shared library for administrators

filesetRef

List of references to top level fileset elements (comma-separated string).

Id of referenced Fileset

name

string

Name of shared library for administrators

library > file

Id of referenced File

Name	Type	Default	Description
id	string		A unique configuration ID.
name	Path to a file Required		Fully qualified filename

Name

Type

Default

Description

string

A unique configuration ID.

name

Path to a file
Required

Fully qualified filename

library > fileset

Id of referenced Fileset

Name	Type	Default	Description
caseSensitive	boolean	true	Boolean to indicate whether or not the search should be case sensitive (default: true).
dir	Path to a directory	${server.config.dir}	The base directory to search for files.
excludes	string		The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.
id	string		A unique configuration ID.
includes	string	*	The comma or space separated list of file name patterns to include in the search results (default: *).
scanInterval	A period of time with millisecond precision	0	The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

Name

Type

Default

Description

caseSensitive

boolean

true

Boolean to indicate whether or not the search should be case sensitive (default: true).

dir

Path to a directory

${server.config.dir}

The base directory to search for files.

excludes

string

The comma or space separated list of file name patterns to exclude from the search results, by default no files are excluded.

string

A unique configuration ID.

includes

string

The comma or space separated list of file name patterns to include in the search results (default: *).

scanInterval

A period of time with millisecond precision

The scanning interval to determine whether files are added or removed from the fileset. The individual files are not scanned. The suffix for the interval of time is h-hour, m-minute, s-second, and ms-millisecond, for example, 2ms or 5s. The scanning interval is disabled by default and is disabled manually by setting the scan interval, scanInterval, to 0. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

library > folder

Id of referenced folder

Name	Type	Default	Description
dir	Path to a directory Required		Directory or folder to be included in the library classpath for locating resource files
id	string		A unique configuration ID.

Name

Type

Default

Description

dir

Path to a directory
Required

Directory or folder to be included in the library classpath for locating resource files

string

A unique configuration ID.

ssl

ID of the SSL configuration to be used to connect to the SSL-enabled server.

Name	Type	Default	Description
clientAuthentication	boolean	false	Specifies whether client authentication is enabled. If set to true then client authentication is required and the client must provide a certificate for the server trusts.
clientAuthenticationSupported	boolean	false	Specifies whether a client authentication is supported. If set to true then the client authentication support means the server will check trust from a client if the client presents a certificate.
clientKeyAlias	string		Specifies the alias of the certificate in the keystore that is used as the key to send to a server that has client authentication enabled. This attribute is only needed if the keystore has more than one key entry.
enabledCiphers	string		Specifies a custom list of ciphers. Separate each cipher in the list with a space. The supported cipher will depend on the underlying JRE used. Please check the JRE for valid ciphers.
enforceCipherOrder	boolean	false	Specify on the server socket whether to enforce the cipher order. If set to true, the server socket is enabled to enforce the cipher order. The attribute is set to false by default.
keyStoreRef	A reference to top level keyStore element (string).		A keystore containing key entries for the SSL repertoire. This attribute is required.
securityLevel	CUSTOM HIGH LOW MEDIUM	HIGH	Specifies the cipher suite group used by the SSL handshake. HIGH are 3DES and 128 bit and higher ciphers, MEDIUM are DES and 40 bit ciphers, LOW are ciphers without encryption. If the enabledCiphers attribute is used the securityLevel list is ignored. CUSTOM Custom list of cipher suites HIGH Cipher suites 3DES and 128 bit and higher LOW Cipher suites without encryption MEDIUM Cipher suites DES and 40 bit
serverKeyAlias	string		Specifies the alias of the certificate in the keystore used as the server's key. This attribute is only needed if the keystore has more then one key entry.
skipHostnameVerificationForHosts	string		Specifies the hostname that allow to skip the host name verification for outbound connection using a specific SSL configuration.
sslProtocol	string		The SSL handshake protocol. The protocol can be set to a single value found in the documentation for the underlying JRE's Java Secure Socket Extension (JSSE) provider. When using the IBM JRE the default value is SSL_TLSv2 and when using the Oracle JRE the default value is SSL. The protocol can also be a comma-separated list of any of the following values: TLSv1, TLSv1.1, TLSv1.2, or TLSv1.3.
trustDefaultCerts	boolean	false	Specifies whether the trust manager can establish trust by using the default certificates. If set to true, then the default certificates are used in addition to the configured truststore file to establish trust. The attribute is set to false by default.
trustStoreRef	A reference to top level keyStore element (string).		A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.
verifyHostname	boolean	true	Specifies whether host name verification for outbound connections using a specific SSL configuration is enabled. If set to true, then all outbound SSL connections that use the specified SSL configuration undergo verification of the target server host name against that server's certificate. The attribute is set to false by default.

Name

Type

Default

Description

clientAuthentication

boolean

false

Specifies whether client authentication is enabled. If set to true then client authentication is required and the client must provide a certificate for the server trusts.

clientAuthenticationSupported

boolean

false

Specifies whether a client authentication is supported. If set to true then the client authentication support means the server will check trust from a client if the client presents a certificate.

clientKeyAlias

string

Specifies the alias of the certificate in the keystore that is used as the key to send to a server that has client authentication enabled. This attribute is only needed if the keystore has more than one key entry.

enabledCiphers

string

Specifies a custom list of ciphers. Separate each cipher in the list with a space. The supported cipher will depend on the underlying JRE used. Please check the JRE for valid ciphers.

enforceCipherOrder

boolean

false

Specify on the server socket whether to enforce the cipher order. If set to true, the server socket is enabled to enforce the cipher order. The attribute is set to false by default.

keyStoreRef

A reference to top level keyStore element (string).

A keystore containing key entries for the SSL repertoire. This attribute is required.

securityLevel

CUSTOM
HIGH
LOW
MEDIUM

HIGH

Specifies the cipher suite group used by the SSL handshake. HIGH are 3DES and 128 bit and higher ciphers, MEDIUM are DES and 40 bit ciphers, LOW are ciphers without encryption. If the enabledCiphers attribute is used the securityLevel list is ignored.
CUSTOM
Custom list of cipher suites
HIGH
Cipher suites 3DES and 128 bit and higher
LOW
Cipher suites without encryption
MEDIUM
Cipher suites DES and 40 bit

serverKeyAlias

string

Specifies the alias of the certificate in the keystore used as the server's key. This attribute is only needed if the keystore has more then one key entry.

skipHostnameVerificationForHosts

string

Specifies the hostname that allow to skip the host name verification for outbound connection using a specific SSL configuration.

sslProtocol

string

The SSL handshake protocol. The protocol can be set to a single value found in the documentation for the underlying JRE's Java Secure Socket Extension (JSSE) provider. When using the IBM JRE the default value is SSL_TLSv2 and when using the Oracle JRE the default value is SSL. The protocol can also be a comma-separated list of any of the following values: TLSv1, TLSv1.1, TLSv1.2, or TLSv1.3.

trustDefaultCerts

boolean

false

Specifies whether the trust manager can establish trust by using the default certificates. If set to true, then the default certificates are used in addition to the configured truststore file to establish trust. The attribute is set to false by default.

trustStoreRef

A reference to top level keyStore element (string).

A keystore containing trusted certificate entries used by the SSL repertoire for signing verification. This attribute is optional. If unspecified, the same keystore is used for both key and trusted certificate entries.

verifyHostname

boolean

true

Specifies whether host name verification for outbound connections using a specific SSL configuration is enabled. If set to true, then all outbound SSL connections that use the specified SSL configuration undergo verification of the target server host name against that server's certificate. The attribute is set to false by default.

ssl > keyStore

A keystore containing key entries for the SSL repertoire. This attribute is required.

Name	Type	Default	Description
fileBased	boolean	true	Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.
id	string	defaultKeyStore	A unique configuration ID.
location	A file, directory or url.	${server.output.dir}/resources/security/key.p12	An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.
password	Reversably encoded password (string)		The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.
pollingRate	A period of time with millisecond precision	500ms	Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
readOnly	boolean	false	Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.
type	string	PKCS12	A keystore type supported by the target SDK.
updateTrigger	disabled mbean polled	mbean	Keystore file update method or trigger. disabled Disables all update monitoring. Changes to the keystore file will not be applied while the server is running. mbean Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application. polled Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

Name

Type

Default

Description

fileBased

boolean

true

Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.

string

defaultKeyStore

A unique configuration ID.

location

A file, directory or url.

${server.output.dir}/resources/security/key.p12

An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.

password

Reversably encoded password (string)

The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.

pollingRate

A period of time with millisecond precision

500ms

Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

readOnly

boolean

false

Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.

type

string

PKCS12

A keystore type supported by the target SDK.

updateTrigger

disabled
mbean
polled

mbean

Keystore file update method or trigger.
disabled
Disables all update monitoring. Changes to the keystore file will not be applied while the server is running.
mbean
Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application.
polled
Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

ssl > keyStore > keyEntry

A unique configuration ID.

Name	Type	Description
id	string	A unique configuration ID.
keyPassword	Reversably encoded password (string) Required	Password of the private key entry in the keystore.
name	string Required	Name of the private key entry in the keystore.

Name

Type

Default

Description

string

A unique configuration ID.

keyPassword

Reversably encoded password (string)
Required

Password of the private key entry in the keystore.

name

string
Required

Name of the private key entry in the keystore.

ssl > outboundConnection

A unique configuration ID.

Name	Type	Description
clientCertificate	string	The client uses this certificate alias if you make a connection to a server that supports or requires client authentication.
host	string Required	The server uses this SSL configuration when it accesses the specified host name.
id	string	A unique configuration ID.
port	int	The server uses this SSL configuration when it accesses the remote host name at the specified port.

Name

Type

Default

Description

clientCertificate

string

The client uses this certificate alias if you make a connection to a server that supports or requires client authentication.

host

string
Required

The server uses this SSL configuration when it accesses the specified host name.

string

A unique configuration ID.

port

int

The server uses this SSL configuration when it accesses the remote host name at the specified port.

ssl > trustStore

Name	Type	Default	Description
fileBased	boolean	true	Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.
id	string	defaultKeyStore	A unique configuration ID.
location	A file, directory or url.	${server.output.dir}/resources/security/key.p12	An absolute or relative path to the keystore file. If a relative path is provided, the server will attempt to locate the file in the ${server.output.dir}/resources/security directory. Use the keystore file for a file-based keystore, the keyring name for SAF keyrings, or the device configuration file for hardware cryptography devices. In the SSL minimal configuration, the location of the file is assumed to be ${server.output.dir}/resources/security/key.p12.
password	Reversably encoded password (string)		The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.
pollingRate	A period of time with millisecond precision	500ms	Rate at which the server checks for updates to a keystore file. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
readOnly	boolean	false	Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.
type	string	PKCS12	A keystore type supported by the target SDK.
updateTrigger	disabled mbean polled	mbean	Keystore file update method or trigger. disabled Disables all update monitoring. Changes to the keystore file will not be applied while the server is running. mbean Server will only update the keystore when prompted by the FileNotificationMbean. The FileNotificationMbean is typically called by an external program such as an integrated development environment or a management application. polled Server will scan for keystore file changes at the polling interval and update if the keystore file has detectable changes. Polled does not apply to non file-based keystores such as SAF keyrings.

Name

Type

Default

Description

fileBased

boolean

true

Specify true if the keystore is file based and false if the keystore is a SAF keyring or hardware keystore type.

string

defaultKeyStore

A unique configuration ID.

location

A file, directory or url.

${server.output.dir}/resources/security/key.p12

password

Reversably encoded password (string)

The password used to load the keystore file. The value can be stored in clear text or encoded form. Use the securityUtility tool to encode the password.

pollingRate

A period of time with millisecond precision

500ms

readOnly

boolean

false

Specify true if the keystore is to be used by the server for reading and false if write operations will be performed by the server on the keystore.

type

string

PKCS12

A keystore type supported by the target SDK.

updateTrigger

disabled
mbean
polled

mbean

ssl > trustStore > keyEntry

A unique configuration ID.

Name	Type	Description
id	string	A unique configuration ID.
keyPassword	Reversably encoded password (string) Required	Password of the private key entry in the keystore.
name	string Required	Name of the private key entry in the keystore.

Name

Type

Default

Description

string

A unique configuration ID.

keyPassword

Reversably encoded password (string)
Required

Password of the private key entry in the keystore.

name

string
Required

Name of the private key entry in the keystore.