System Properties

System properties influence the behavior of the system. Administrators use them to set timeout values, URLs, processing settings, and many other properties.

You can set system properties:

  • Within the ohi-authorizations.properties file.

  • By the Properties API.

A new Oracle Health Insurance Authorizations release may support a unique set of properties.

The Property Definitions Integration Point contains the list of all available properties.

The following tables describe all properties. We format the property names for readability. Specify the property names and associated values on one line in the properties file.

Name Description Default Value Possible Values Change Effective

ohi.properties.file.
poll.interval

Changes made to any of these properties are not immediately picked up
by the application. That only happens when it reads the
properties-file again. This property specifies how often the system
will read the file, in minutes. Default value, every 10 minutes.
Minimum value, 1 minute. Values lower than that are ignored, meaning
the default value is used.

10

Integer ≥ 1

Next Execution

Base View Generator

Name Description Default Value Possible Values Change Effective

ohi.baseview.generation.
worker.count

The number of worker threads to start for a base view generation
process

8

Integer ≥ 1

Immediate

Dynamic Logic

Name Description Default Value Possible Values Change Effective

ohi.dynamiclogic.
classes.directory

Path to directory in which the system places the generated Dynamic
Logic classes.

/tmp

String

Next Execution

ohi.dynamiclogic.
startup.compile

An optional property that determines whether to compile the Dynamic
Logic (those who are not compiled before) at the startup of the
application or not.

true

Boolean

Next Execution

ohi.dynamiclogic.timeout

An optional property that determines the timeout of a running Dynamic
Logic. If the timeout expires, the system interrupts the Dynamic Logic
and throws an exception. The value is in seconds. Please note that
when you add/update a Dynamic Logic timeout property, the Dynamic
Logic needs to recompile for the property change to take effect. You
can do this by using the "Invalidate Dynamic Logic Integration Point"
that we explain in the Integration Guide.

300

Integer ≥ 0

Next Execution

ohi.dynamiclogic.
timeout.<0>

An optional property that determines the timeout of the running
Dynamic Logic. If the timeout expires, the system interrupts the
Dynamic Logic and throws an exception. The value is in seconds. This
property is for a particular Dynamic Logic code, so replace the
placeholder <0> with the Dynamic Logic code for which you want to
specify the timeout. Please note that when you add/update a Dynamic
Logic timeout property, the Dynamic Logic needs to recompile for the
property change to take effect. You can do this by using the
"Invalidate Dynamic Logic Integration Point" that we explain in the
Integration Guide. If this property is not set, it takes the value of
ohi.dynamiclogic.timeout (which in its turn has a default of '300').

Integer ≥ 0

Next Execution

Logging Support

Name Description Default Value Possible Values Change Effective

ohi.logging.fileset.max.
timespan

Maximum time in days between start and end time for bundling log
events in a file set

2

Integer ≥ 1

Immediate

ohi.logging.phi.min.
retentionperiod

Minimal number of days for retaining PHI log events

1825

Integer ≥ 1

Immediate

ohi.logging.target

Determines whether logging persists to the database or uses any
configured Logback Appender. Possible values are 'database' and 'log'
respectively

log

String

Next Execution

Incident Reports

Name Description Default Value Possible Values Change Effective

ohi.incident.
datafileset.
retentionperiod

Whenever OHI Incident storage in datafile sets activates, this
property defines the number of days that the system will keep OHI
Incident datafile sets, and remove OHI Incident datafile sets that are
older.

10

Integer ≥ 1

After Restart

ohi.incident.rootdir

OHI Components makes use of the Logback library for generating log
output. In the event of an unanticipated application exception, the
system writes more detailed exception trace information to an
individual exception trace file. This property controls the location
of these exception trace files. By default, the location
'target/trace' is relative to the directory where the WebLogic server
starts. When changing the value for this property, make sure that the
OS user that executes the WebLogic server processes needs to create
(and read/write files in) the directory that the property refers to.

target/trace

String

After Restart

ohi.incident.target

OHI Incident files can be stored in the database, in a datafile set.
Whenever you set this property to "datafileset" this feature
activates. Otherwise, the default mechanism of writing incident files
to an OS file system directory. The OHI Incident datafile sets will
have a Code with a following pattern: "OHIIncidents<yyyyMMdd>". Note
that the value for this property must be set in the properties file,
not using properties API.

file

"file" or "datafileset"

After Restart

Cache Control

Name Description Default Value Possible Values Change Effective

ohi.httpapi.cache.
control.cachesetting.
metadata

This property specifies the code of a OHI_RESOURCE_CACHE_SETTING for
metadata settings. See ohi.httpapi.cache.control.enable.

String

Next Execution

ohi.httpapi.cache.
control.enable

Property to enable HTTP API Caching, which is disabled by default.
When enabled, HTTP API will add a Cache-Control header in the response
it sends.

false

Boolean

Next Execution

ohi.messagegroup.cache.
max.size

Guava cache setting for MessageGroupCache. Specifies the maximum
number of entries the cache may contain. Note that the cache may evict
an entry before it exceeds the limit. As the cache size grows close to
the maximum, the cache evicts entries that are less likely to be in
use again. When value is '0', the elements evict immediately after it
loads into the cache. See CacheBuilder#maximumSize for additional
detail.

10000

Integer ≥ 0

Next Execution

ohi.messagegroup.
cachesize

Use it as an initial sizing element for the number of cached message
groups

1000

Integer ≥ 1

Next Execution

ohi.messagegroupdetail.
cache.max.size

Guava cache setting for MessageGroupCacheDetail. Specifies the maximum
number of entries the cache may contain. Note that the cache may evict
an entry before it exceeds the limit. As the cache size grows close to
the maximum, the cache evicts entries that are less likely to be in
use again. When value is '0', the elements evict immediately after it
loads into the cache. See CacheBuilder#maximumSize for additional
detail.

10000

Integer ≥ 0

Next Execution

ohi.process.cache.
disabled

This property enables or disables business process cache facilities.

false

Boolean

Next Execution

ohi.process.cache.push_
wait

The time in milliseconds to back-off invalidating the business process
cache for consecutive bursts of invalidations.

250

Integer ≥ 0

After Restart

Web Service Connection Settings

Name Description Default Value Possible Values Change Effective

ohi.ws.client.
retrytimeout

MANDATORY
The time in milliseconds that the system will wait before it makes
another attempt to access a failing service. A value of 0 means no
timeout before retrying.

1000

Integer ≥ 0

After Restart

ohi.ws.fileimport.
filesrootdirectory

MANDATORY
Use this property to give the root directory path that the File Import
uses. This is for security reasons, it ensures that the files are in a
specific area only.

String

Next Execution

ohi.rest.client.logging

Enable or Disable logging for rest clients. When "true" will log
traffic to external system.

false

Boolean

Immediate

ohi.service.client.
cache.size

The rest client cache size.

500

Integer ≥ 1

Immediate

ohi.service.<0>.method.
type

This property is for the notification method type. The notification
key replaces the <0>.

POST

String

Next Execution

ohi.ws.client.
connectiontimeout

The time in milliseconds before the attempt to connect to an outbound
service times out. A value of 0 means never timeout.

60000

Integer ≥ 0

Immediate

ohi.ws.client.
readtimeout

The time in milliseconds that the client will wait for the server to
respond to the request. A value of 0 means never timeout.

60000

Integer ≥ 0

Immediate

ohi.ws.last.login.
update.threshold

The number of hours that need to pass between logins before updating
the user’s last login timestamp. By default, the last login timestamp
will not update more than once per hour. This only applies to logins
through a web service, not the ADF UI.

1

Integer ≥ 1

Next Execution

Callout Rules

Name Description Default Value Possible Values Change Effective

ohi.service.<0>.client.
authentication

This property specifies the (Jersey/REST specific) authentication
mechanism to use for machine-to-machine communication. Allowable
values are 'None', 'BasicAuthentication' (and 'OAuth'). The
notification key replaces the <0>.

BasicAuthentication

String

Next Execution

ohi.service.<0>.media.
type

For the notification media type. Notification key replaces the <0>.

application/json

String

Next Execution

ohi.<0>.endpoint.request

Allows for web service client interactions to identify their request
URI destination. The system uses this property to get the URI for the
end point. The notification key replaces the <0>. Sample value is
http://machine.domain:port/<0>.

String

Next Execution

Web Service Client Authentication

Use Basic Authentication or
OAuth2 to secure the outbound RESTful invocations.
For details, refer to the relevant chapter in the Security Guide.
It is essential to configure each client’s needs separately.

The applicable properties all
follow the same naming convention:
ohi.service.<0>.client.authentication.

The default value is
BasicAuthentication. The placeholder <0> is the name of the client.
Oracle Health Insurance defined client names are listed as follows:

Web Service: Activity Notification
Client Name: ActivityResponseClient
Relevant Properties: ohi.service.ActivityResponseClient.client.authentication

Web Service: Data Exchange Export Notification
Client Name: DataExchangeExportNotificationClient
Relevant Properties: ohi.service.DataExchangeExportNotificationClient.client.authentication

Web Service: Data Exchange Import Notification
Client Name: DataExchangeImportNotificationClient
Relevant Properties: ohi.service.DataExchangeImportNotificationClient.client.authentication

Web Service: Data Replication Person Events
Client Name: DataReplicationPersonEvents
Relevant Properties: ohi.service.DataReplicationPersonEvents.client.authentication

Web Service: Data Replication Person Entities
Client Name: DataReplicationPersonEntities
Relevant Properties: ohi.service.DataReplicationPersonEntities.client.authentication

Web Service: Enrollment
Client Name: PolicyEnrollmentClient
Relevant Properties: ohi.service.PolicyEnrollmentClient.client.authentication

Note

Define the property for the authentication mechanism in conjunction with defining the credentials that the web service client will use when making the request.
The Developer Guide outlines how to enter credentials.

Web Service Media Type

Certain outbound RESTFul invocation support multiple output formats (That is, XML
or JSON). Use media type property to configure it. If unspecified,
the default value is application/json. The property name follows the naming
convention: ohi.service.<0>.media.type, where the
placeholder <0> is the name of the client. The names of the clients
that support a configurable media type are as follows:

Web Service: Activity Notification
Client Name: ActivityResponseClient
Relevant Properties: ohi.service.ActivityResponseClient.media.type

Single Sign-On and Web Gate

The following table lists properties that need to be set when Oracle Health Insurance
applications take part in Single Sign-On (SSO) scenarios or when a gateway that handles authentication fronts Oracle Health Insurance applications.

Name Description Default Value Possible Values Change Effective

ohi.security.sso.enabled

The application will check for an SSO header, and if it does not find
one, it will present the user with a login screen.

false

Boolean

Next Execution

ohi.security.sso.header

The header value in which to check for an SSO principal if servlet
security does not map it.

OAM_REMOTE_USER

String

After Restart

ohi.security.sso.
required

The application will reject traffic without an SSO header.

false

Boolean

Next Execution

Secrets Store

Name Description Default Value Possible Values Change Effective

ohi.oauth.cert.signing.
algorithm

Determines the signing algorithm for X509 certificates that are used
by OHI applications to sign the JWT token that an OHI application
generates for obtaining an OAuth2 access token through the assertion
grant type (where the JWT is used as assertion). Only RSA algorithms
are currently supported.

SHA512withRSA

String

Immediate

ohi.secure.secrets.store

The type of store the OHI application uses for secrets

One of the following: opss,
vault

After Restart

ohi.vault.address

Vault address. Must use HTTPS.

String

After Restart

ohi.vault.clientkeypem.
url

Resource URL to Vault Client Key pem. Must be accompanied by a
matching value for system property ohi.vault.clientpem.url

String

After Restart

ohi.vault.clientpem.url

Resource URL to Vault Client pem. Must be accompanied by a matching
value for system property ohi.vault.clientkeypem.url

String

After Restart

ohi.vault.environment.
identifier

To distinguish secrets on a per OHI application instance basis

String

After Restart

ohi.vault.jkskeystore.
password

Password for JKS keystore that contains certificatesMust be
accompanied by a matching value for system property
ohi.vault.jkskeystore.url

String

After Restart

ohi.vault.jkskeystore.
url

Resource URL to JKS keystore that contains certificates.Must be
accompanied by a matching value for system property
ohi.vault.jkskeystore.password

String

After Restart

ohi.vault.jkstruststore.
url

Resource URL to JKS truststore that contains certificates

String

After Restart

ohi.vault.kv.secrets.
engine

By default, OHI applications assume that Vault’s Key-Value secrets
engine is enabled at root path "secret".The Key-Value secrets engine
is used to store arbitrary secrets within the configured physical
storage for Vault.

secret

String

After Restart

ohi.vault.namespace

OHI specific Vault namespace section, under the path determined by
properties {ohi.vault.kv.secrets.engine}/{ohi.vault.namespace} to look
for secrets

ohi

String

After Restart

ohi.vault.pem.url

Resource URL to Vault pem

String

After Restart

ohi.vault.token

Vault token

String

Next Execution

Cross-Origin Resource Sharing

See the Security Guide for an introduction to "Cross Origin Resource Sharing
(CORS)". For further explanation, you can refer to W3C’s CORS
specification.

The following table lists CORS-related properties:

Name Description Default Value Possible Values Change Effective

ohi.cors.access.control.
allow.origin

MANDATORY
Comma-separated list of allowed origins. The value '*' effectively
allows all origins.

String

Next Execution

ohi.cors.access.control.
allow.credentials

Header that shows whether the system can expose the response to a
request when the omit credentials flag is unset. When this is part of
the response to a preflight request, it shows that the actual request
can include user credentials.

true

Boolean

Next Execution

ohi.cors.access.control.
allow.headers

Header that shows, as part of the response to a preflight request,
which header field names can be useful for during the actual request.
Allows all headers by default. The value is a comma-separated list of
allowed headers.

String

Next Execution

ohi.cors.access.control.
allow.methods

Header that shows, as part of the response to a preflight request,
which methods the system can use during the actual request. Allows all
methods by default. The value is a comma-separated list of allowed
methods.

String

Next Execution

ohi.cors.access.control.
expose.headers

Header that shows which headers are safe to expose to the API of a
CORS API specification. The value is a comma-separated list of all
exposed headers.

String

Next Execution

ohi.cors.access.control.
max.age

Header that shows how long the preflight result cache stores the
results of a preflight request, number representing seconds.

1800

Integer ≥ 0

Next Execution

ohi.vary.header

Property to set Vary HTTP Header. Value is a comma-separated list

Accept,Accept-
Encoding,Accept-
Language,Origin

String

Next Execution

Intrusion Detection

Oracle Health Insurance applications prevent Cross-Site Scripting (XSS) attacks by
checking untrusted data that may enter with HTTP API requests (see the
Security Guide for "Intrusion Detection Principles"). The following table lists the properties to customize detection behavior:

Name Description Default Value Possible Values Change Effective

ohi.untrusteddata.check

The application enables the XSS vulnerability detection by default.
Disable it bysetting the value for this parameter to false. You should
use this property if other components in the landscape perform
vulnerability detection.

true

Boolean

Next Execution

ohi.untrusteddata.
domain.attribute.length

The system checks the domain attributes of type string by default if
the length ≥ 30 characters. To be more stringent, decrease the
default value using this property.

30

Integer ≥ 1

Next Execution

ohi.untrusteddata.
whitelist.
domainattribute

The system checks the domain attributes by default. Use this property
to define a comma-separated list of excluded customer-specific
attributes from intrusion detection checking. Format: <DOMAIN OBJECT
SIMPLE NAME>.<ATTRIBUTE NAME>.

String

Next Execution

ohi.untrusteddata.
whitelist.httpheader

The property checks the HTTP Headers by default. Use this property to
define a comma-separated list of customer-specific headers that need
exclusion from intrusion detection checking. Format: <HEADER
NAME>,<HEADER NAME>.

String

Next Execution

ohi.untrusteddata.
whitelist.queryparameter

The system checks HTTP Query Parameters by default. Use this property
to define a comma-separated list of customer-specific query parameters
that need exclusion from intrusion detection checking. Format: <QUERY
PARAMETER NAME>,<QUERY PARAMETER NAME>.

String

Next Execution

For example, you can allow the cookie
header to prevent mixed encoded cookies that a client, like a browser,
sends as part of the request, resulting in a Bad Request using the following code.

ohi.untrusteddata.whitelist.httpheader=Cookie

Data Set Operations

The following table lists properties that deal with the Data Set Operations
integration point.

Name Description Default Value Possible Values Change Effective

ohi.datasetoperations.
notification.endpoint.
export

This property is about the Data Set Operations Integration Point, for
export usages. It contains a URI that refers to the notification
message, once the process of uploading the data set payload completes
this message is sent.

String

Next Execution

ohi.datasetoperations.
notification.endpoint.
import

This property is about the Data Set Operations Integration Point, for
import usages. It contains a URI that refers to the notification
message, once the process of uploading the data set payload completes
this message is sent. Error messages prevent the import from happening.

String

Next Execution

OAuth2

The OAuth2 protects the Oracle Health Insurance application’s RESTful services. The
application validates and introspects OAuth2 access tokens that the application sends as
bearer tokens in the HTTP Authorization header. See the Security Guide for
further details about "OAuth2 Support in Oracle Health Insurance Applications".

The following table lists OAuth2 server-side properties.

Name Description Default Value Possible Values Change Effective

ohi.oauth.accesstoken.
expiry.time.delay

To model the overhead of fetching an access token from an OAuth2
authorization server for caching the access token in the REST client,
e.g. to account for some network delay between the client and the
authorization server.Example: if the authorization server returns a
token with an expiry time of 3600 seconds and if the network delay is
expected to be 100 ms, then 100 ms could be configured for this key.
The resulting access token will be cached for the original expiry time
minus overhead time, i.e. 3600000 - 100 = 3599900 ms. The value should
be specified in milliseconds.

10

Integer ≥ 0

Immediate

ohi.oauth.idp.uri

A system property needs to be set to the IDP (IDentity Provider) URL
to acquire the OpenID Connect configuration. This property is expected
to be set when 'ohi.oauth.use.openidconnect' is set to 'true'.

String

After Restart

ohi.oauth.jwk.set.url

URL value for the OAuth2 authorization server JSON Web Key (JWK) Set
endpoint. The OAuth2 authorization server should support RFC 7517.
Token Validation Method is JWKSET.

String, URL

After Restart

ohi.oauth.jwk.set.
validation.audience

Client Id or audience claim for token validation. Token Validation
Method is JWKSET.

String

After Restart

ohi.oauth.jwk.set.
validation.issuer

Issuer for token validation. Token Validation Method is JWKSET.

String or URL

After Restart

ohi.oauth.jwk.set.
validation.jws.signing.
algorithm

Signing algorithm used by the Authorization Server. Token Validation
Method is JWKSET.

RS256

String

After Restart

ohi.oauth.jws.signing.
algorithm

Algorithm used for signing the JWT token that an OHI application
generates for obtaining an OAuth2 access token through the assertion
grant type (where the JWTis used as assertion). Note that only RSA
algorithms are currently supported.

RS512

RS256, RS384, RS512

Immediate

ohi.oauth.jwt.
expiration.period

Expiration period (in seconds) for the JWT token that an OHI
application generates for obtaining an OAuth2 access token through the
assertion grant type (where the JWT is used as assertion).

600

0 ≤ Integer ≤ 9999

Immediate

ohi.oauth.jwt.userid.
claim

Specifies the claim in the JWT that can be used to identify the user
for which the OAuth2 access token was created. Token Validation Method
is JWKSET.

sub

String

Immediate

ohi.oauth.openidconnect.
accesstoken.client_id

Client ID of the OpenID Connect client that has to be present to
acquire an access token.

String

Immediate

ohi.oauth.openidconnect.
accesstoken.credential

Credential associated with the OpenID Connect client that has to be
present to acquire an access token.

String

Immediate

ohi.oauth.openidconnect.
accesstoken.validation.
clockskew

Defines the maximum acceptable clock skew (in seconds) for validating
timestamps of ID tokens that are issued by an OpenID Provider.

60

Integer ≥ 1

After Restart

ohi.oauth.token.
introspection.endpoint.
client_id

Unique client id for resolving the username and password credentials
that are used to construct the Basic Authentication Authorization
header when calling the OAuth2 authorization server token validation
or introspection endpoint. Token Validation Method is OAUTH2_ENDPOINT.

String

Immediate

ohi.oauth.token.
introspection.endpoint.
url

URL value for the OAuth2 authorization server token validation or
introspection endpoint. It is assumed that the endpoint supports Basic
Authentication. Token Validation Method is OAUTH2_ENDPOINT.

String, URL

After Restart

ohi.oauth.token.
introspection.response.
username

RFC 7662 defined Introspection Response element that will be used to
derive the username from. Token Validation Method is OAUTH2_ENDPOINT.

sub

String

Immediate

ohi.oauth.token.issuer.
<0>

For token validation. Specific issuer identifier. Requires use of
properties ohi.oauth.token.issuers and
ohi.oauth.token.issuer.<0>.user.claim.

String or URL

After Restart

ohi.oauth.token.issuer.
<0>.user.claim

For token validation. Issuer-specific user claim. Requires use of
properties ohi.oauth.token.issuers and ohi.oauth.token.issuer.<0>.

String

After Restart

ohi.oauth.token.issuers

For token validation. Comma-separated string of possible token
issuers. Requires use of properties ohi.oauth.token.issuer.<0> and
ohi.oauth.token.issuer.<0>.user.claim.

Comma-
separated string,
e.g. oracle_idcs,
azure_ad

After Restart

ohi.oauth.token.
validation.method

Determines the access token validation method. Possible values:
JWKSET: OAuth2 access tokens are validated by the resource server.
Assuming the token is a JWT, validates it against a JSON Web Key (JWK)
Set as defined by RFC 7517. The source of the JWK Set is an endpoint
exposed by an OAuth2 authorization server. Use this method to validate
ID tokens issued by an OpenID Provider.OAUTH2_ENDPOINT: validates the
token using an OAuth2 authorization server’s token introspection
endpoint as defined by RFC 7662.

JWKSET

JWKSET, OAUTH2_
ENDPOINT

Immediate

ohi.oauth.use.
openidconnect

When set to true, it indicates that Oracle JET UI leverages OpenID
Connect authentication.

false

Boolean

After Restart

Claims in an OAuth2 token may differ per token issuer.
The following example shows mapping a Claim in an access token
to Oracle Health Insurance user, based on the issuer of the token:

# configure multiple token issuers as comma-separated string
ohi.oauth.token.issuers=oracle_idcs,azure_ad

# configure issuer to user claim mapping for issuer oracle_idcs
ohi.oauth.token.issuer.oracle_idcs=https://identity.oraclecloud.com/
ohi.oauth.token.issuer.oracle_idcs.user.claim=sub

# configure issuer to user claim mapping for issuer azure_ad
ohi.oauth.token.issuer.azure_ad=https://sts.windows.net/fa15d692-e9c7-4460-a743-29f29522229/
ohi.oauth.token.issuer.azure_ad.user.claim=oid

Activity and Task Processing

Name Description Default Value Possible Values Change Effective

ohi.activityprocessing.
notification.endpoint

RESTful Service endpoint URL for delivering the response notification
after activity processing completes. OHI Components applications will
use a POST operation by default. You can overwrite this by using
ohi.service.<0>.method.type, where the notification key must replace
the <0>. Sample value is
http://machine:port/api/generic_notification_service.

String

Next Execution

ohi.activityprocessing.
notification.endpoint.
<0>

Activity type-specific RESTful Service endpoint URL for delivering the
response notification once activity processing completes. The activity
type code must replace the <0>. For example, REFSHEETLINE_IMPORT. When
you do not set this property, the property uses the value of
ohi.activityprocessing.notification.endpoint. OHI Components
applications will use a POST operation by default. You can overwrite
this by using ohi.service.<0>.method.type, where the notification
key must replace the <0>. Sample value is
http://machine:port/api/generic_notification_service.

String

Next Execution

ohi.amount.scale

By default, amounts are stored with the scale of 2 (two digits after
the decimal point). A subset of amounts allows for a higher scale. For
example, the premium amounts in calculation results allow up to 12
digits after the decimal point. How many of those additional digits
the system actually uses depends on this property. The system can use
it to store calculation result amounts with greater scale. An increase
of scale allows for sending financial data on a detail level (For
example, VAT on a premium for a member) to the financial system and
round only after aggregation (For example, on a group account);
rounding in an early stage to two decimals leads to a substantial
difference with the expected outcome on an aggregate level.

2

2 ≤ Integer ≤ 12.

Next Execution

ohi.max.headroom

The maximum number of tasks to load into the processing grid.

2000

Integer ≥ 1

Next Execution

ohi.max.headroom.<0>

The maximum number of tasks to load into the processing grid - per
given activity type.

2000

Integer ≥ 1

Next Execution

ohi.processing.
attemptLogLevel

A non-zero value for this property means that the system retains data
(That is, extra_info) for failed attempts.

0

Integer ≥ 0

Next Execution

ohi.processing.
bucketsize.SELECT_
EXTRACT_ITEMS

Utilized for extract items bucketing. It decides how many items will
be exported in one transaction to improve performance. Suggested is a
value between 1 and 1000.

500

Integer ≥ 1

Next Execution

ohi.processing.cache.
flexcodekeyvaluecache.
spec

Specification for a cache that caches the results (Flex Code entity)
of queries on Flex Code by key value and Flex Code system code. For
more information, see CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html

maximumSize=10000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
flexcodesystemcache.spec

Specification for a cache that caches the results (Flex Code system
code) of queries on Flex Code system by ID. For more information, see
CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html

maximumSize=1000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup

This property allows for caching of the responses of the "InGroup"
family of function calls.

false

Boolean

Next Execution

ohi.processing.cache.
ingroup.countryregion.
spec

This cache maintains the result if CountryRegion is in
CountryRegionGroup, where the system creates a key using the
CountryRegion.Id and CountryRegionGroupCode

maximumSize=1000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.diagnosis.spec

Specification for the cache storing diagnosis group membership. Value
should be a valid Google Guava specification. See the
CacheBuilderSpec’s javadoc:
http://docs.guava-libraries.googlecode.com/

maximumSize=100000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.flexcode.spec

Cache for Flex Codes in a Flex Code Group

maximumSize=100000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.message.spec

Cache for messages in a message group.

maximumSize=1000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.procedure.spec

Specification for the cache storing procedure group membership. Value
should be a valid Google Guava specification. See the
CacheBuilderSpec’s javadoc:
http://docs.guava-libraries.googlecode.com/

maximumSize=100000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.productprovider.
spec

A specification of Google Guava’s CacheBuilder configuration. It
configures a cache for products in a provider group. Defined as a
string, which is a series of comma-separated keys or key-value pairs,
each corresponding to a CacheBuilder method. See CacheBuilderSpec for
additional detail.

maximumSize=10000,
softValues,
recordStats

String

Next Execution

ohi.processing.cache.
ingroup.provider.spec

A specification of Google Guava’s CacheBuilder configuration. It
configures a cache for providers in a provider group. Defined as a
string, which is a series of comma-separated keys or key-value pairs,
each corresponding to a CacheBuilder method. See CacheBuilderSpec for
additional detail.

maximumSize=10000,
softValues,
recordStats

String

Next Execution

ohi.processing.
defaultdelay

Default amount of delay in seconds when a failed task re-queues for
another attempt. The system can override this property if a delay is
set on the task type.

3

Integer ≥ 0

Next Execution

ohi.processing.filldepth

Specifies a target number of work items to process at a time - to best
utilize processing capacity. We suggest a value that is a multiple of
the number of CPU cores available to the managed server. The system
will take the maximum of 2x the number of processors available to the
JVM and the value of this property (which has in its turn a default of
3).

3

Integer ≥ 0

Next Execution

ohi.processing.
fillthreshhold

Determines the number of tasks that the system submits for processing.
Suggested is a value that is 1 less than the number of CPU cores
available to the managed server. The system will take the maximum of
the number of processors available to the JVM minus 1 and the value of
this property (which has in its turn a default of 1).

1

Integer ≥ 1

Next Execution

ohi.processing.groupsize

The number of tasks to group (when applicable) into a collection of
tasks to put into the processing grid as one atomic unit. This
complete collection will process on one processing node.

400

Integer ≥ 1

Next Execution

ohi.processing.
groupsize.<0>

The number of tasks to group (when applicable) into a collection of
tasks to put into the processing grid as one atomic unit - per
activity type. This complete collection will process on one processing
node.

400

Integer ≥ 1

Next Execution

ohi.processing.
loadercount

The number of loader tasks the system has to spawn, whenever an
activity of that type needs to be processed and has child tasks
spawned into the grid. These loaders work concurrently on the set of
child tasks to spawn.

1

Integer ≥ 1

Next Execution

ohi.processing.
loadercount.<0>

The number of loader tasks the system has to spawn for a specific
activity type, whenever an activity of that type needs to be processed
and has child tasks spawned into the grid. These loaders work
concurrently on the set of child tasks to spawn.

1

Integer ≥ 1

Next Execution

ohi.processing.
loaderyield

This property specifies the time (in seconds) the system holds back a
loader task in the grid, in the event it reaches its maximum allowed
number of tasks to load and spawn into the grid.

3

Integer ≥ 1

Next Execution

ohi.processing.
loaderyield.<0>

This property specifies the time (in seconds) the system holds back a
loader task in the grid, in the event it reaches its maximum allowed
number of tasks to load and spawn into the grid.- per given activity
type.

3

Integer ≥ 1

Next Execution

ohi.processing.max.
numberofretries

The maximum amount of times activity processing will try to send out
an 'activity processed' event to an external system.

3

Integer ≥ 0

Next Execution

ohi.processing.max.
numberofretries.<0>

The maximum amount of times activity processing will try to send out
an 'activity processed' event to an external system - per activity
type.

3

Integer ≥ 0

Next Execution

ohi.processing.
maxErrorAttempts

Number of times a task can resolve as 'errored' before it stops a task
flow.

3

Integer ≥ 0

Next Execution

ohi.processing.
maxIncompleteAttempts

Determines how many times a specific incomplete task will reschedule
for processing, before marking it as 'errored'.

10000

Integer ≥ 0

Next Execution

ohi.processing.
retryimmediate

Determines if a failed task retries immediately, or re-queues for
another attempt after a delay.

true

Boolean

Immediate

ohi.processing.yield.
default

This property specifies the default time (in seconds) that the system
holds back a task in the processing grid, in between execution steps.
This is typical for parent-child task relationships, where a parent
task will has to regularly check on the status of its children.

3

Integer ≥ 1

Next Execution

ohi.processing.yield.
taskcompletion

This property specifies the time (in milliseconds) the system will
hold an (aggregate) task backfor task loaders to complete their work.

3

Integer ≥ 1

Next Execution

ohi.processing.yield.<0>

This property specifies the default time (in seconds) that the system
holds back a task in the processing grid, in between execution steps.
This is typical for parent-child task relationships, where a parent
task has to regularly check on the status of its children - per
activity type.

3

Integer ≥ 1

Next Execution

ohi.startup.start.task.
processing

Controls task processing for a managed server. By default, if a
managed server that executes an OHI Components application starts,
then it will start processing tasks from the work backlog queue. You
can override the default behavior by setting command-line parameter
ohi.startup.start.task.processing; if it is set to false, a managed
server that executes the OHI Components application will not process
tasks after it starts. The default value is true, meaning the managed
server that executes the OHI Components application will start
processing tasks from the work backlog queue after it starts.

true

Boolean

Next Execution

Specifying Yields, Submission Count, Group Size, and Loader Count Per Activity Type

Oracle Health Insurance Authorizations allows specifying some aforementioned application properties individually on a per-activity-type basis. This
provides fine-grained control of loading and processing semantics. The way to accomplish this is by concatenating the mnemonic for the specific activity type
after the specific property key. For example,

ohi.processing.groupsize.CALCULATE_PREMIUM=250

This mechanism is available for the following properties:

  • ohi.processing.yield.<activity_type>

  • ohi.max.headroom.<activity_type>

  • ohi.processing.groupsize.<activity_type>

  • ohi.processing.loadercount.<activity_type>

  • ohi.processing.loaderyield.<activity_type>

  • ohi.processing.max.numberofretries.<activity_type>

Check the Developer Guide for the mnemonic of individual activity types.

Data File Import

The following table lists (technical) properties that influence data file
(batch) processing performance. Only change these after consulting with Oracle:

Name Description Default Value Possible Values Change Effective

ohi.diagnosisimport.
filereader.chunk.size

A separate processing activity is spawned for processing a chunk or
batch of diagnoses of the specified size.

5000

Integer ≥ 1

Next Execution

ohi.
insurableobjectimport.
filereader.chunk.size

A separate processing activity is spawned for processing a chunk or
batch of insurable objects of the specified size.

5000

Integer ≥ 1

Next Execution

ohi.procedureimport.
filereader.chunk.size

A separate processing activity is spawned for processing a chunk or
batch of procedures of the specified size.

5000

Integer ≥ 1

Next Execution

ohi.providerimport.
filereader.chunk.size

A separate processing activity spawns for processing a chunk or batch
of providers of the specified size.

5000

Integer ≥ 1

Next Execution

ohi.
referencesheetimport.
filereader.chunk.size

The system spawns a separate processing activity to process a chunk or
batch of reference sheet lines of the specified size.

5000

Integer ≥1

Next Execution

ohi.relationimport.
filereader.chunk.size

A separate processing activity is spawned for processing a chunk or
batch of relations of the specified size.

5000

Integer ≥ 1

Next Execution

URL References

It is optional to pass URL references in HTTP API RESTful services links. The following parameters derive the deconstruction of the URL for these pages:

Name Description Default Value Possible Values Change Effective

ohi.<0>.application.
baseurl

MANDATORY
The base URL for accessing the application typically includes the
machine or load balancer, the domain and a port number. It is
mandatory to set these in order to have correct links in the response
or location header. You must replace the placeholder <0> with the
application name. It is possible to overwrite the behaviour using a
custom header in requests: X-OHI-OBEY-HOST.
If this header is present
with value true, the system will create the links from the request url
itself.
If the header is not present or the value is false, the
system will create the links with the help of the properties.
For all
asynchronous responses, notifications, containing links, use of
properties is the same as always. An example of the value is
http://localhost:7001.

String

After Restart

ohi.<0>.deeplink.url

MANDATORY
The base URL of an application for ADF/JET UI deep linking URL
formation. It includes the machine or load balancer, the domain and a
port number. It is mandatory to set a correct link in the deep linking
URL. The application name must replace the Placeholder <0>. An example
of the value is http://localhost:7001.

String

After Restart

ohi.http.api.path

The context root of the application. For example,
/<application>-ws/api. We do not anticipate for this property to be
hot reloadable.

api

String

Next Execution

Data Exchange

Name Description Default Value Possible Values Change Effective

ohi.application.uri.<0>

MANDATORY
Reference to URI of the source application to retrieve data-sets
metadata to be processed. Either "CONF" or "PRD" as values replace the
<0>. It is possible to define multiple URI’s, with ";" separating each.

String

Next Execution

ohi.cm.concurrency.limit

This property specifies the number of parallel threads in
configuration migration tool for export and import processes. For
better performance results, we recommend the value of this system
property to be equal to the number of CPUs (core). For example, if
there are six CPUs and each of them is single-core, then this property
must be six

2

Integer ≥ 1

After Restart

ohi.cm.dynamiclogic.
import.maxretrycount

Some Dynamic Logic can refer to another Dynamic Logic and if the
Dynamic Logics are not imported in the correct order, the compilation
will fail. If this happens, the CMT process retries the failed Dynamic
Logic. This property specifies how many times the Dynamic Logic Import
retries before marking it as errored. We suggest to use a value
between one and nine.

3

Integer ≥ 0

Next Execution

ohi.cm.dynamiclogic.
retry.import.batch.size

The number of records from the failure table that the CMT process
reads at once during retry processing.

100

Integer ≥ 0

Next Execution

ohi.cm.
highvolumeentities.
export.page.size

The system uses this property in the export process and it represents
the number of high volume entities (For example, Procedure Group
detail) to read at a time. We recommend setting this value to N *
1000, where N is the number of JVMs.

1000

Integer ≥ 1

Next Execution

Enrollment Client

Name Description Default Value Possible Values Change Effective

ohi.enrollment.
logtraffic

Can be used to switch on/off HTTP traffic logging for Jersey/REST
machine-to-machine enrollment communication. When specified as true -
requires additional logback configuration

false

Boolean

Next Execution

ohi.enrollment.
responsedefinition.code

You can specify it to include in enrollment requests to drive response
generation based on a specific (Dynamic Logic) function.

String

Next Execution

ohi.enrollment.server.
connect.timeout

This property specifies the number of milliseconds allowed to
establish a connection with the Enrollment Service.

1000

Integer ≥ 1

Next Execution

ohi.enrollment.server.
read.timeout

This property specifies the number of milliseconds allowed to get the
result from the Enrollment Service, once it is invoked.

1000

Integer ≥ 1

Next Execution

ohi.enrollment.server.
status.operation

This property specifies the request path to identify the Enrollment
operation to be invoked. Do not add a leading or trailing slash.

api/enrollments

String

Next Execution

ohi.enrollment.server.
uri

This property specifies the scheme + authority part that hosts the
Enrollment system. Example value: 'http://acme.net:7998' (do not add a
trailing slash).

String

Next Execution

Enrollment inquiries log at a fairly low level. In particular, this enables to trace of HTTP requests and responses between the system that starts the request for enrollment status information and the enrollment system that responds to these inquiries. To set this up, add the following piece of information to the logging configuration.

<logger name="ohi.enrollment_client" level="info"/>

User Interface

Name Description Default Value Possible Values Change Effective

ohi.
accessibilitypreference.
popup

Can be used to initiate showing a modal popup for UI accessibility
settings, in case that has not been done for the user earlier.

false

Boolean

Next Execution

ohi.environment.
identifier

Text string on the home page of the system that helps the user to
identify the environment. Samples are 'User Acceptance Test' or
'Development'.

ohi

String

Next Execution

ohi.ui.maxrowstoretrieve

Maximum number of rows retrieved to show in a UI table. Note that
memory usage and page load times are impacted by this value.

200

Integer ≥ 1

Next Execution

ohi.ui.
maxrowstoretrieve.<0>

Maximum number of rows retrieved to show in a UI table for an
individual page. The function code is the one shown in the 'About this
page' popup, and is case sensitive. Note: it is not possible to change
the number of rows shown for an individual LOV. LOV are always
restricted by ohi.ui.maxrowstoretrieve. If this property is not set,
the value of ohi.ui.maxrowstoretrieve will be taken (which has in its
turn a default of '200')

Integer ≥ 1

Next Execution

ohi.ui.pollinterval

This property controls the interval between automatic page refreshes
for pages that support it. Value in milliseconds

5000

Integer ≥ 1

Next Execution

ohi.ui.pollinterval.<0>

This property controls the interval between automatic page refreshes
for pages that support it. The <function_code> is an optional suffix
that can be used to differentiate poll intervals between different
pages.

5000

Integer ≥ 1

Next Execution

Outbound RESTful Service Invocation Specific to Notifications

Name Description Default Value Possible Values Change Effective

ohi.eventing.ui.path

MANDATORY
This is the URI of the deployed ADF UI application - used as the base
for creation of ADF Deeplinks. A typical example of this value would
be: 'http://acme.net:8090/auths'. Default equals the application name.

String

Next Execution

Data Replication

You can replicate the member data from another Oracle Health Insurance application that is the source system. The following table lists the parameters for that:

Name Description Default Value Possible Values Change Effective

ohi.ws.sourcesystem.<0>.
baseurl

MANDATORY
Base URI to the source system; must include the context root for
accessing HTTP API services; by default that context root is '/api',
you may change it with a deployment plan.

String

Immediate

ohi.datareplication.
event.retrieval.interval

For specifying the number of seconds between consecutive polls for
retrieving events from a replication source.

300

Integer ≥ 1

Immediate

Extract

Name Description Default Value Possible Values Change Effective

ohi.extract.<0>.
notification.endpoint

For sending out an extract completion notification related to a
specific notification key. <0> is replaced by the notification key.
Example: http://machine.domain:port/notifications

String

Next Execution

Monitoring and Metrics

Name Description Default Value Possible Values Change Effective

ohi.healthcheck.url.
mapping

Defines the mapping between the Healthcheck servlet and a URL pattern.
Value is a URL Mapping (For example, /up).

String

After Restart

ohi.instrumentation.
common.application.tag

Set to true to tag each metric with the name of the application.

false

Boolean

After Restart

ohi.instrumentation.
filter.ohi.nameprefix

Set to false to enable recording of non-OHI metrics.

true

Boolean

After Restart

ohi.instrumentation.
gather.
applicationmetrics

Set to true to enable recording of metrics.

false

Boolean

Immediate

ohi.instrumentation.
gather.jvmtelemetry

Set to true to enable recording of JVM telemetry.

false

Boolean

After Restart

ohi.instrumentation.
resourceclienttimer.
segment.prefixes

Comma-separated list of resource path segment prefixes for resource
client timers that the system interprets as not being the last segment
of the resource path.

Comma-
separated string,
e.g. api,oig-api,
policies-ws

After Restart

ohi.instrumentation.<0>.
histogram

Determines whether to publish histogram buckets for the timer you
configure.

false

Boolean

After Restart

ohi.instrumentation.<0>.
percentiles

Percentiles for the timer you configure.

Comma-
separated string,
e.g. 0.5,0.75,0.
95,0.99

After Restart

ohi.instrumentation.<0>.
regex

The system publishes data for the timer if the tag name that you
specify as property ohi.instrumentation.<0>.regex.tagname matches
this regular expression.

Regular expression

After Restart

ohi.instrumentation.<0>.
regex.tagname

Tag name subject to testing with the regular expression that you
specify as property ohi.instrumentation.<0>.regex. The system
publishes data for the timer if the tag name matches the regular
expression.

String

After Restart

ohi.prometheusservlet.
url.mapping

Defines the mapping between the Prometheus servlet and a URL pattern.

String, URL Mapping

After Restart

See the Operations Guide for details about metric-related properties.