spectrum-container.properties reference
This section provides a reference to properties in the spectrum-container.properties file, located in SpectrumDirectory/server/conf/spectrum-container.properties.
Note: Properties prefaced with the
# symbol in the properties file are commented out in the properties file. We recommend that you work with Precisely Technical Support before changing any properties that are commented out.- Server settings
- Cluster settings
- SSL settings
- Cache settings
- HTTP settings
- CORS
- Other HTTP
- Configuration settings
- Transaction settings
- Runtime settings
- Repository settings
- Repository backup settings
- Index settings
- Debug manager settings
- Security settings
- Data manager settings
- Online help site
- Audit archive settings
- Advanced settings
- Metadata settings
- Other settings
Server settings
| Property | Default value | More information |
|---|---|---|
|
|
None. Use your site's agent address | |
spectrum.bind.address |
None. Use your site's default binding address/URL |
Cluster settings
| Property | Default value | More information |
|---|---|---|
spectrum.cluster.enabled |
true |
Cluster Properties |
spectrum.cluster.name |
SpectrumCluster |
|
spectrum.cluster.password |
encrypted string |
|
spectrum.cluster.seeds |
127.0.0.1 |
Upgrading a cluster, Cluster Properties |
spectrum.cluster.port |
5701 |
Each node in the cluster must have a unique integer
nodeId |
spectrum.cluster.nodeId |
1 |
Each node in the cluster must have a unique integer nodeId. |
spectrum.socketgateway.port |
10119 |
Network Ports |
SSL settings
| Property | Default value | More information |
|---|---|---|
spectrum.encryption.enabled |
false |
Encryption Methods |
spectrum.encryption.algorithm |
JASYPT |
|
spectrum.encryption.keystoreAlias |
spectrum |
Encryption Methods |
spectrum.encryption.keystoreType |
pkcs12 |
Encryption Methods |
spectrum.encryption.keystore |
../conf/certs/spectrum-keystore.p12 |
Encryption Methods |
spectrum.encryption.keystorePassword |
encrypted string |
Encryption Methods |
spectrum.encryption.truststoreType |
pkcs12 |
Encryption Methods |
spectrum.encryption.truststore |
../conf/certs/spectrum-truststore.p12 |
Encryption Methods |
spectrum.encryption.truststorePassword |
encrypted string |
Encryption Methods |
spectrum.encryption.validateCerts |
true |
Set to true to implement self-signed certificates in Spectrum Technology Platform. |
spectrum.encryption.trustAllHosts |
false |
Set to true to implicitly trust all certificates; during verification, ignore host name specified on certificate |
spectrum.encryption.selfSignedCert |
false |
Set to true to bypass CA trust validation. |
Cache settings
| Property | Default value | More information |
|---|---|---|
spectrum.cache.encryption.enabled |
false |
Encryption Methods - Caching properties |
spectrum.cache.encryption.keystoreType |
pkcs12 |
Encryption Methods - Caching properties |
spectrum.cache.encryption.keystore |
../conf/certs/spectrum-keystore.p12 |
Encryption Methods - Caching properties |
spectrum.cache.encryption.keystorePassword |
encrypted string |
Encryption Methods - Caching properties |
spectrum.cache.encryption.truststoreType |
pkcs12 |
Encryption Methods - Caching properties |
spectrum.cache.encryption.truststore |
../conf/certs/spectrum-truststore.p12 |
Encryption Methods - Caching properties |
spectrum.cache.cache.encryption.truststorePassword |
encrypted string |
Encryption Methods - Caching properties |
spectrum.cache.encryption.trustAllHosts |
false |
|
spectrum.cache.encryption.selfSignedCerts |
false |
|
spectrum.cache.mancenter.url |
http://127.0.0.1:8090/mancenter |
|
spectrum.cache.slow.operation.detection.enabled |
false |
|
spectrum.cache.slow.operation.detection.log.enabled |
false |
|
spectrum.cache.slow.operation.detection.threshold |
300 |
HTTP settings
| Property | Default value | More information |
|---|---|---|
spectrum.http.default.protocol |
http |
|
spectrum.http.enabled |
true |
|
spectrum.http.port |
8080 |
Network port for HTTP |
spectrum.https.enabled |
false |
Set to true to enable HTTPS. |
spectrum.https.port |
8443 |
Network port for HTTPS. |
spectrum.https.encryption.keystoreType |
pkcs12 |
|
spectrum.https.encryption.keystore |
../conf/certs/spectrum-keystore.p12 |
|
spectrum.https.encryption.keystorePassword |
encrypted string |
|
spectrum.https.encryption.keystoreAlias |
spectrum |
|
spectrum.https.encryption.truststoreType |
pkcs12 |
|
spectrum.https.encryption.truststore |
../conf/certs/spectrum-truststore.p12 |
|
spectrum.https.encryption.truststorePassword |
encrypted string |
|
spectrum.https.encryption.validateCerts |
true |
Set this to Note: This property is set to
true after an upgrade to the 20.1 version of Spectrum Technology Platform even if it was previously set to false. |
spectrum.https.encryption.selfSignedCert |
false |
Set to true to use a self-signed certificate. |
spectrum.https.encryption.trustAllHosts |
false |
CORS
| Property | Default value | More information |
|---|---|---|
spectrum.http.cors.enabled |
false |
|
spectrum.http.cors.allowedOrigins |
http://127.0.0.1:8080,http://127.0.0.1:443 |
|
spectrum.http.cors.allowedMethods |
POST,GET,OPTIONS,PUT,DELETE,HEAD |
|
spectrum.http.cors.allowedHeaders |
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept |
|
spectrum.http.cors.preflightMaxAge |
1800 |
|
spectrum.http.cors.allowCredentials |
false |
Other HTTP
| Property | Default value | More information |
|---|---|---|
spectrum.http.sendVersion |
false |
|
spectrum.http.log.request.enabled |
false |
|
spectrum.http.cache.control.headers.enable |
true |
|
spectrum.http.useFileMappedBuffer |
false |
|
spectrum.http.allowDirectoryListing |
false |
|
spectrum.http.minimumThreads |
10 |
|
spectrum.http.maximumThreads |
250 |
|
spectrum.http.client.maxConnectionsPerHost |
32 |
|
spectrum.http.client.maxTotalConnections |
128 |
|
spectrum.http.request.header.size |
8192 |
|
spectrum.http.response.header.size |
8192 |
Configuration settings
| Property | Default value | More information |
|---|---|---|
spectrum.configuration.hostname |
||
spectrum.configuration.port |
Transaction settings
| Property | Default value | More information |
|---|---|---|
spectrum.transaction.hostname |
||
spectrum.transaction.port |
Runtime settings
| Property | Default value | More information |
|---|---|---|
spectrum.runtime.hostname |
The fully qualified domain name for the host machine. | |
spectrum.runtime.port |
Specifies the port (for example, 8443 when configuring Spectrum for SSL). |
Repository settings
| Property | Default value | More information |
|---|---|---|
spectrum.repository.addresses |
127.0.0.1
|
Comma separated list of |
spectrum.repository.port |
7687
|
|
spectrum.repository.username |
neo4j |
|
spectrum.repository.password |
encrypted string
|
|
spectrum.repository.pool.size |
50 |
|
spectrum.repository.timeout |
1200 |
|
spectrum.repository.cluster.mode |
HA
|
|
spectrum.repository.server.seeds |
127.0.0.1 |
|
spectrum.repository.server.path |
${g1.server.dir}/../repository |
|
spectrum.repository.server.startup.timeout |
120 |
Repository backup settings
| Property | Default value | More information |
|---|---|---|
spectrum.backup.enabled |
false |
Enable or disable backups. |
spectrum.backup.cron |
0 0 0 * * ? |
Quartz cron configuration for scheduled backups. Default cron schedule is every night at midnight. For more information, see Cron Expression Generator & Explainer. |
spectrum.backup.repository.enabled
|
true |
To specifically enable/disable backup of the neo4j repository. Uncomment this option to override the more general |
spectrum.backup.repository.databaseURL |
127.0.0.1 |
URL/Host of the machine that Neo4J is running on. Normally only change this setting if Neo4J is running on a different machine than the server. For more information, seeAbout scheduled backups |
spectrum.backup.repository.port |
6362 |
The port number Neo4J is listening on for backups. Only change this when the configured port for Neo4J was modified. |
spectrum.backup.repository.directory |
${g1.server.dir}/backup/repository |
Spectrum backup directory. Directory where backup stores files. If in a cluster, it may be advantageous to have this setting point to a network share directory. Note: In earlier versions the default location was
SpectrumDirectory/server/app/repository/store/backup. |
spectrum.backup.index.enabled |
true |
To specifically enable or disable backup of the Elasticsearch index repository specifically. Uncomment this option to override the more general spectrum.backup.enabled setting. |
spectrum.backup.index.directory |
|
Directory where backup will store Elasticsearch index repository files. Important: For a cluster, this must be set to a network share directory.
|
Index settings
| Property | Default value | More information |
|---|---|---|
spectrum.index.enabled |
true |
|
spectrum.index.addresses |
127.0.0.1 |
|
spectrum.index.port |
9200 |
|
spectrum.index.username |
admin |
|
spectrum.index.password |
encrypted string |
|
spectrum.index.tcp.port |
9300 |
|
spectrum.index.encryption.enabled |
true |
|
spectrum.index.encryption.keystoreType |
pkcs12 |
|
spectrum.index.encryption.keystoreAlias |
spectrum |
|
spectrum.index.encryption.keystore |
../conf/certs/spectrum-keystore.p12 |
|
spectrum.index.encryption.keystorePassword |
encrypted string |
|
spectrum.index.encryption.truststoreType |
pkcs12 |
|
spectrum.index.encryption.truststore |
../conf/certs/spectrum-truststore.p12 |
|
spectrum.index.encryption.truststorePassword |
encrypted string |
|
spectrum.index.encryption.trustAllHosts |
false |
Set to true to implicitly trust all certificates; during verification, ignore host. |
spectrum.index.encryption.selfSignedCerts |
false |
|
spectrum.index.connect.timeout |
180000 |
|
spectrum.index.server.path |
${g1.server.dir}/../index |
|
spectrum.index.server.encryption.keystore |
../config/certs/spectrum-keystore.p12 |
|
spectrum.index.server.encryption.truststore |
../config/certs/spectrum-truststore.p12 |
Debug manager settings
| Property | Default value | More information |
|---|---|---|
spectrum.debug.dump.dir |
../exports/dumps |
|
spectrum.debug.dump.tmp.dir |
${g1.server.tmp.dir}/dump/ |
|
spectrum.debug.dump.maxFiles |
5 |
|
spectrum.debug.dump.crash.location |
. |
|
spectrum.debug.dump.lib.dirs |
server/deploy,server/lib |
|
spectrum.debug.dump.container.log.dir |
server/logs |
|
spectrum.debug.dump.container.log.destination |
server/logs |
|
spectrum.debug.dump.container.properties.files |
server/conf/spectrum-container.properties |
|
spectrum.debug.dump.repository.log.dir |
repository/logs |
|
spectrum.debug.dump.repository.log.destination |
repository/logs |
|
spectrum.debug.dump.repository.properties.files |
repository/conf/neo4j.conf |
|
spectrum.debug.dump.index.log.dir |
index/logs |
|
spectrum.debug.dump.index.log.destination |
index/logs |
|
spectrum.debug.dump.index.properties.files |
index/config/elasticsearch.yml |
Security settings
| Property | Default value | More information |
|---|---|---|
spectrum.security.authentication.session.timeout |
1800 |
Number of seconds of inactivity before client session times out (30 minutes). |
spectrum.security.authentication.session.cleanup.intervalInMinutes |
60 |
|
spectrum.security.authentication.maxFailedAttempts |
5 |
Number of failed login attempts before local account is disabled. |
spectrum.security.authentication.basic.authenticator |
INTERNAL |
Type of authenticator used to validate username/password credentials within Spectrum. Valid values are For LDAP STS and SSO_STS additional configuration is needed to connect to the external authentication provider.
|
spectrum.security.authentication.webservice.enabled.REST |
true |
Whether authentication is required for REST webservice calls. |
spectrum.security.authentication.webservice.enabled.SOAP |
true |
Whether authentication is required for SOAP webservice calls. |
spectrum.security.authentication.webservice.basicauth.enabled |
true |
Whether basic authorization is enabled for SOAP and REST webservice calls. If false, then only token-based authentication is available for those webservice calls. |
Data manager settings
| Property | Default value | More information |
|---|---|---|
spectrum.data.manager.storage.dir |
../ref-data |
Online help site
| Property | Default value | More information |
|---|---|---|
spectrum.help.url |
https://lookup.docs.precisely.com |
Folder containing JSP file. |
Audit archive settings
| Property | Default value | More information |
|---|---|---|
spectrum.audit.archive.enabled |
true |
|
spectrum.audit.archive.cron |
0 0 0 ? * SUN |
Default is to occur every Sunday at midnight. For more information, see Cron Expression Generator & Explainer. |
spectrum.audit.archive.days.retain |
180 |
Default is to retain 180 of audit data. |
spectrum.audit.archive.directory |
../archive/audit |
Export audit data in this location before purging data. |
Advanced settings
Do not modify any of these settings without contacting customer support first.
| Property | Default value | More information |
|---|---|---|
spectrum.remote.method.call.defaultTimeout |
120000 |
Remote method call setting. |
spectrum.security.account.createNonExisting |
true |
If using an external account repository, whether to create an instance of the user inside of Spectrum automatically if the user has been authenticated in that external repository. |
spectrum.security.authentication.internal.users |
Comma separated list of usernames that will be authenticated internally using Basic-Auth if authentication is configured to be external (that is, LDAP, STS). To disable all internal authentication, leave the property in place with no value. This has no effect on SSO authentication through Spectrum web applications. Note: Removing the property or commenting it out will not have the same behavior as leaving the property blank. |
|
spectrum.https.encryption.excludeCipherSuites |
^.*_(MD5|SHA|SHA1)$, ^TLS_RSA_.*$, ^.NULL.$, ^.anon.$, ^SSL_.*$ |
Comma separated regex expression for the excluded protocols.
The following exclusions are present to cleanup known bad cipher suites that may be accidentally included via include patterns.
|
spectrum.https.encryption.includeCipherSuites |
^SSL_ECDHE.*$, ^SSL_DHE.*$, SSL_RSA.*$, TLS_EMPTY_RENEGOTIATION_INFO_SCSV |
Only uncomment in case of IBM JRE/JDK on AIX environment. Comma separated values for the included cipher suites only in case of AIX IBM JRE. And remove ^SSL_.*$ from the |
spectrum.log.skip.service.override |
no_service_override,org.teiid |
Skip override logs in service for define loggers |
spectrum.security.enable.successful.login.audit |
false |
In case you running a high volume of web services with Spectrum, you may have a huge amount of login/logout audit events in the audit log and so overflow the audit queue. Setting this property to |
Metadata settings
| Property | Default value | More information |
|---|---|---|
spectrum.metadata.jdbc.port |
32750 |
By default, this TCP port number makes the JDBC connection to deployed model stores. Use this property to change the default TCP port. |
spectrum.metadata.odbc.port |
32751 |
By default, this TCP port number makes the ODBC connection to deployed model stores. Use this property to change the default ODBC port. |
spectrum.job.microflow.serializer |
kryo |
|
spectrum.job.reporting.useNumberForId |
true |
|
g1.client.status.convert |
false |
|
spectrum.jdbc.connectionPool.maxActive |
64 |
|
spectrum.jdbc.connectionPool.maxIdle |
8 |
|
spectrum.jdbc.connectionPool.timeBetweenEvictionRunsMillis |
300000 |
|
spectrum.jdbc.connectionPool.minEvictableIdleTimeMillis |
1000000 |
|
oracle.jdbc.defaultNChar |
false |
|
spectrum.dir |
../.. |
|
spectrum.conf.dir |
../conf |
|
spectrum.deploy.dir |
../deploy |
|
spectrum.log.dir |
../logs |
|
spectrum.artifacts.dir |
../artifacts |
|
spectrum.types.dir |
../types |
|
spectrum.resource.dir |
../archive/bundles |
|
spectrum.modules.dir |
../modules |
|
spectrum.archive.dir |
../archive |
|
spectrum.microflow.dir |
../tmp/microflow |
|
spectrum.import.dir |
../import |
|
spectrum.exports.dir |
../exports |
|
spectrum.jdbc.drivers.dir |
../drivers |
For more information, see Importing a JDBC Driver |
Other settings
| Property | Default value | More information |
|---|---|---|
spectrum.server.directory.access.symlink.enable |
false |
Server directory access restriction property. When server directory access restriction is enabled, users can create symbolic links of directories on server and add these links to the list of accessible directories. Setting this property to |
spectrum.configuration.filesynch.commaseparatedfolders |
../import |
This property specifies the folders (comma separated) that need to be synchronized across the nodes in the cluster. This could either be absolute path or the relative path. Use |
spectrum.security.account.case.sensitive |
false |
Specifies whether the login username is case sensitive. |