Trace Level |
Enables you to set the trace level for the Enterprise Gateway at
runtime. Select the appropriate option from the Trace
Level drop-down list.
|
Active Timeout |
When the Enterprise Gateway receives a large HTTP request, it reads the
request off the network when it becomes available. If the time
between reading successive blocks of data exceeds the Active
Timeout specified in milliseconds, the Enterprise Gateway closes
the connection. This guards against a host closing the connection
in the middle of sending data. For example, if the host's network
connection is pulled out of the machine while in the middle of
sending data to the Enterprise Gateway. When the Enterprise Gateway has read all
the available data off the network, it waits the Active
Timeout period before closing the connection. Defaults
to 30000 milliseconds.
Note:
You can configure this setting on a per-host basis using the
Remote Hosts interface.
|
Administrator Role |
Configures a special system administrator role that provides protection
for the specified role (a user with this role cannot remove themselves
from this role). This ensures that there is always at least one user in
the system with this role. By default, the configured Administrator
Role allows access to all management services. Defaults to the
Administrators role. For more details, see the
Configuring Role-Based Access Control
topic.
|
Date Format |
Configures the format of the date for the purposes of tracing,
logging, and reporting. For more information, see
http://java.sun.com/j2se/1.4.2/docs/api/java/text/SimpleDateFormat.html
|
Cache Refresh Interval |
Configures the number of seconds that the server caches data loaded
from an external source (external database, LDAP directory, and so on)
before refreshing the data from that source. The default value is
5 seconds. If you do not wish any caching to occur,
set this value to 0 .
|
Idle Timeout |
The Enterprise Gateway supports HTTP 1.1 persistent connections. The Idle
Timeout specified in milliseconds is the time that the Enterprise Gateway
waits after sending a message over a persistent connection before it closes
the connection. Typically, the host tells the Enterprise Gateway that it wants to
use a persistent connection. The Enterprise Gateway acknowledges this instruction
and decides to keep the connection open for a certain amount of time after
sending the message to the host. If the connection is not reused within the
Idle Timeout period, the Enterprise Gateway closes the connection.
Defaults to 15000 milliseconds.
Note:
You can configure this setting on a per-host basis using the Remote
Hosts interface.
|
LDAP Service Provider |
Specifies the service provider used for looking up an LDAP server
(for example, com.sun.jndi.ldap.LdapCtxFactory ).
The provider is typically used to connect to LDAP directories for
certificate and attribute retrieval.
|
Maximum Memory per Request |
The maximum amount of memory allocated to each request.
Note:
You can configure this setting on a per-host
basis using the Remote Hosts
interface.
|
Policy Director Super User Role |
Configures a special system administrator role that has special
privileges in the system, for example:
-
Add, delete, and update other users.
-
Reset user passwords.
-
Add another superuser.
-
Perform actions only allowed by a Configuration Profile
owner (for example, transfer ownership to another user).
-
Perform actions only allowed by a Process owner (for example, deploy
a new Configuration Profile to a Process owned by another user).
Defaults to the Administrators role. This means that the default
admin user has the PD superuser privilege, and it cannot delete
itself. However, you can also separate the PD superuser privilege from the
Administrators role. For more details, see the
Configuring Role-Based Access Control
topic.
|
Policy Director Process Connect Timeout |
When the Policy Director connects to a process to deploy or retrieve
configuration, the connection fails if no activity happens on that
connection for the duration specified by this setting (in seconds).
The default is 300 seconds (5 minutes). Increase this setting if very
large configurations are being deployed to the process, or configurations
that may stall the process on initialization (for example, due to
database timeout).
|
Policy Director Process Ping Connect Timeout |
If an attempt to connect to a known process to ping it stalls for
greater than this configured time in seconds, the attempt is aborted.
This time should always be configured to be less than the process ping
interval. Defaults to 30 seconds.
|
Policy Director Process Ping Interval |
Specifies the polling interval in seconds for contacting each known
process to check it is alive and retrieve its configuration status.
Defaults to 60 seconds.
|
Policy Director User Session Timeout |
This setting logs out a Policy Director user if there is no activity in
the specified time period in seconds. Defaults to 1800 seconds (30
minutes).
|
Realm |
Specifies the realm for authentication purposes.
|
Schema Pool Size |
Sets the size of the Schema Parser pool.
|
Server Brand |
Specifies the branding to be used in the Enterprise Gateway.
|
SSL Session Cache |
Specifies the number of idle SSL sessions that can be kept in memory.
You can use this setting to improve performance because it caches the
slowest part of establishing the SSL connection. A new connection does
not need to go through full authentication if it finds its target in the
cache. Defaults to 32 . If there are more than 32 simultaneous
SSL sessions, this does not prevent another SSL connection from being
established, but means that no more SSL sessions are cached. A cache size
of 0 means the cache size is unlimited.
|
Token Drift Time |
Specifies the number of seconds drift allowed for WS-Security tokens.
This is important in cases where the Enterprise Gateway is checking the date
on incoming WS-Security tokens. It is likely that the machine on which
the token was created is out-of-sync with the machine on which the
Enterprise Gateway is running. The drift time allows for differences in the
respective machine clock times.
|
Allowed number of operations to limit XPath transforms |
Specifies the total number of node operations permitted in XPath
transformations. Complex XPath expressions (or those constructed together
with content to produce expensive processing) might lead to a denial-of-service
risk. Defaults to 4096 .
|
Input Encodings |
Click the browse button to specify the HTTP content encodings that the Enterprise Gateway
can accept from peers. The available content encodings include gzip
and deflate . For more details, see the topic
on Compressed Content Encoding.
|
Output Encodings |
Click the browse button to specify the HTTP content encodings that the Enterprise Gateway
can apply to outgoing messages. The available content encodings include gzip
and deflate . For more details, see the topic on
Compressed Content Encoding.
|
Server's SSL cert's name must match name of requested
server |
Ensures that the certificate presented by the server matches the name
of the host address being connected to. This prevents host spoofing and
man-in-the-middle attacks. This setting is enabled by default.
|
Send desired servername to server during TLS
negotiation |
Specifies whether to add a field to outbound TLS/SSL calls that shows
the name that the client used to connect. For example, this can be useful
if the server handles several different domains, and needs to present
different certificates depending on the name that the client used to
connect.
|