Document toolboxDocument toolbox

List of Identity Manager system properties

This article includes updates for Smart ID 23.10.3.

The table below contains properties that can be set for the Identity Manager components (Admin and/or Operator).

For more information, see Set properties for Identity Manager Admin and Set properties for Identity Manager Operator.

Property

Default value if not set

IDM component

Description

Property

Default value if not set

IDM component

Description

jobExecutorStarter.startOnSystemStartup

true

Operator

Enable or disable the activiti engine on system startup.

deleteConfigurationVisibility.deleteConfigurationVisible

false

Admin

Shows or hides the Delete Configuration button.

Do not use this property in production systems.

uploadPopup.enableUploadButtonStrategyName

enableUploadButtonStrategyAllowUnsigned

Admin, Operator

Sets the behavior of the Upload button. Configure the tolerance for configuration/zip signing and verification.

This configuration should be set to reflect how "zipPacker.signZip" and "zipUnpacker.verifyZip" are configured.

Accepted values:

  • enableUploadButtonStrategyStrict

  • enableUploadButtonStrategyAllowUnsigned

  • enableUploadButtonStrategyIgnoreSigning

zipPacker.signZip

true

Admin, Operator

Enable or disable signing of ZIP archives and configuration.

zipUnpacker.verifyZip

true

Admin, Operator

Enable or disable verification of ZIP archives and configuration.

uploadContext.serverSideMaxFileUploadSizeMB

5

Admin, Operator

Sets the maximum size in MB of files that can be uploaded to Identity Manager. This is an additional limit on top of maxPostSize in bytes from the Tomcat server configuration (see also Apache Tomcat 9 Configuration Reference (9.0.97) - The HTTP Connector). Whichever is the smallest value wins.

Increase this value if you need to upload large configuration files.

historyServiceSigner.descriptorName

ObjectHistorySigner

Operator

Activate the chained signature feature in object history.

cardSDKConnectorBaseConfig.cardSDKUrl

https://localhost:54881

Operator

The URL to CardSDK. Used for image capture.

commonHistoryService.historyCutOffDuration

12

Operator

This value is number of month.

If no historyCutOffDuration is set, then history verification and cleanup will behave as follows:

  •  

    •  verification (via REST or scheduled task) checks the entire history.

    • no cleaning (via scheduled task) will be done.

You can set historyCutOffDuration to N >= 12, then it will behave as follows:

  •  

    • verification (via REST or scheduled task) checks the most recent N months.

    • cleaning (via scheduled task) deletes entries older than N months.

If historyCutOffDuration is set to N < 12 then the minimum value as 12 will be used instead.

cronUsername

admin

Operator

The system user for scheduled tasks. Executes tasks relevant to all tenants.

cronPassword

admin

Operator

The system user password for scheduled tasks. Executes tasks relevant to all tenants.

cronTenantId

1

Operator

The tenant id of the system user for scheduled tasks. Executes tasks relevant to all tenants, not only for this specific tenant, such as sending out notifications to admins.

historyVerificationTrigger.cronExpression

0 30 0 ? * SUN *

Operator

A cron expression that defines at which frequency the History verification task will run.

historyCleaningTrigger.cronExpression

0 30 0 ? * FRI *

Operator

A cron expression that defines at which frequency the History Cleaning task will run.

schedulingReporter.cc

 

Operator

Email address (CC) of users to be notified by the history verification task.

schedulingReporter.to

 

Operator

Email address (TO) of users to be notified by the history verification task.

activitiHistoryCleaner.daysAfterEndTime

30

Operator

Parameter for the Activiti process history cleanup task.

Defines the number of days to wait, after a process is completed, until it will be removed.

activitiHistoryCleaner.daysOfInactivity

180

Operator

Parameter for the Activiti process history cleanup task.

Defines the number of days a running process can stay inactive until it will be removed.

activitiHistoryCleanerJobTrigger.cronExpression

0 0 23 ? * FRI *

Operator

Parameter for the Activiti process history cleanup task.

A cron expression that defines at which frequency the cleanup task is run.

objectHistoryRemovalStrategy.removeWhenDeletingCoreObject

false

Operator

If set to true, history entries are deleted when a core object is deleted.

quartzScheduler.enable

true

Operator

Enable or disable the quartz scheduler. By disabling, all the scheduled tasks are disabled.

caasCommunicationService.clientId

 

Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.clientSecret

 

Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.organisationId

 

Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.hostname

cards.nxsas.com

Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

webappUrlInfo.httpsOverridePort

 

Operator

Disabled by default (see info "HTTPS Override Ports" below the table), for JPKIEncoder download.

webServer.httpsOverridePort

 

Operator

Disabled by default (see info "HTTPS Override Ports" below the table), for CA connector calls.

scheduledJob.monitorInterval

0 0/1 * * * ?

Operator

This cron expression determines the scan interval of the ScheduledJobMonitor.

scheduledJob.permissionRole

BaseRoleBatchSync

Operator

The scheduled jobs are executed with this role.

processtracker.enabled

true

Operator

Enable or disable the Process Tracker. Note: Debug logging for de.nexus.projectutils.processtracker has to be enabled. (It is disabled by default.)

You can enable it here and change it on/off without restarting tomcat by changing the log4j2 config. Note: The performance might slightly decrease due to this.

idmInstanceId

 

Operator

In a multi-node environment, the instance ID is the value that uniquely identifies each Tomcat.

MLTextTranslationProvider.defaultLanguage

en

Admin, Operator

See Configure language in Smart ID Identity Manager.

multilanguageHelper.localeString

de,en,fr,sv

Admin, Operator

See Configure language in Smart ID Identity Manager.

licenseRestController.permittedRole

Administrator

Admin, Operator

The role which is allowed to upload product licenses, either on first login or through the REST API.

hermodEncodingService.pollWaitSec

1

Operator

Long time polling can be less efficient than operating with several short polls if the Smart ID Messaging server is clustered.

Value 1 means waiting 1 second. Value 0 waits until time out configured in the messaging connection. 

commonHistoryService.signatureVerifyThreads

30

Operator

The history verification is done in multiple concurrent threads.

This is the thread pool size.

jksKeyStoreProvider.keyStorePath

${catalina.base}/conf/prime.truststore

Operator

Path to the truststore to use for certificate validation.

jksKeyStoreProvider.keyStorePassword

 

Operator

The password for the truststore.

jksKeyStoreProvider.keyStoreType

 

Operator

The type of the truststore. Valid values include "JKS" for the keystore used with Tomcat and "PKCS12" for PKCS#12 keystore.

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions