spectrum-container.properties reference

This section provides a reference to properties in the spectrum-container.properties file, located in SpectrumDirectory/server/conf/spectrum-container.properties.

Note: Properties prefaced with the # symbol in the properties file are commented out in the properties file. We recommend that you work with Precisely Technical Support before changing any properties that are commented out.

Server settings

Property Default value More information

spectrum.agent.address

None. Use your site's agent address
spectrum.bind.address None. Use your site's default binding address/URL

Cluster settings

Property Default value More information
spectrum.cluster.enabled true Cluster Properties
spectrum.cluster.name SpectrumCluster
spectrum.cluster.password encrypted string
spectrum.cluster.seeds 127.0.0.1 Upgrading a cluster, Cluster Properties
spectrum.cluster.port 5701 Each node in the cluster must have a unique integer nodeId
spectrum.cluster.nodeId 1 Each node in the cluster must have a unique integer nodeId.
spectrum.socketgateway.port 10119 Network Ports

SSL settings

Property Default value More information
spectrum.encryption.enabled false Encryption Methods.
Note: By default, encryption is disabled for all portions of the server, including HTTP/HTTPS, indexing, model store, and caching. Set this property as "true" to enable encryption for all portions of the server using the global settings.
spectrum.encryption.algorithm JASYPT
spectrum.encryption.keystoreAlias spectrum Encryption Methods
spectrum.encryption.keystoreType pkcs12 Encryption Methods
spectrum.encryption.keystore ../conf/certs/spectrum-keystore.p12 Encryption Methods
spectrum.encryption.keystorePassword encrypted string Encryption Methods
spectrum.encryption.truststoreType pkcs12 Encryption Methods
spectrum.encryption.truststore ../conf/certs/spectrum-truststore.p12 Encryption Methods
spectrum.encryption.truststorePassword encrypted string Encryption Methods
spectrum.encryption.validateCerts true Set to true to implement self-signed certificates in Spectrum Technology Platform.
spectrum.encryption.trustAllHosts false Set to true to implicitly trust all certificates; during verification, ignore host name specified on certificate
spectrum.encryption.selfSignedCert false Set to true to bypass CA trust validation.

Data Federation Model Store SSL settings

Property Default value More information
spectrum.modelstore.
encryption.type.twoway
false
Encryption Methods.
Note: Set it to true to enable two-way SSL mode. If set to false, one way SSL mode is enabled.
spectrum.modelstore.encryption.
truststoreCheckExpired
true
Set to true to check the truststore certificate expiry.
spectrum.modelstore.
encryption.algorithm
JASYPT
spectrum.modelstore.
encryption.keystoreAlias
spectrum
Encryption Methods
spectrum.modelstore.encryption.keystoreType
pkcs12
Encryption Methods
spectrum.modelstore.encryption.keystore
../conf/certs/
spectrum-keystore.p12
Encryption Methods
spectrum.modelstore.encryption.
keystorePassword
encrypted string
Encryption Methods
For more information:
spectrum.modelstore.
encryption.truststore
../conf/certs/
spectrum-truststore.p12
Encryption Methods
spectrum.encryption.
truststorePassword
encrypted string
Encryption Methods
For more information:

Cache settings

Property Default value More information
spectrum.cache.encryption.enabled
false
Encryption Methods - Caching properties
spectrum.cache.encryption.keystoreType
pkcs12
Encryption Methods - Caching properties
spectrum.cache.encryption.keystore
../conf/certs/spectrum-keystore.p12
Encryption Methods - Caching properties
spectrum.cache.encryption.keystorePassword
encrypted string
Encryption Methods - Caching properties
spectrum.cache.encryption.truststoreType
pkcs12
Encryption Methods - Caching properties
spectrum.cache.encryption.truststore
../conf/certs/spectrum-truststore.p12
Encryption Methods - Caching properties
spectrum.cache.cache.encryption.truststorePassword
encrypted string
Encryption Methods - Caching properties
spectrum.cache.encryption.trustAllHosts
false
spectrum.cache.encryption.selfSignedCerts
false
spectrum.cache.mancenter.url
http://127.0.0.1:8090/mancenter
spectrum.cache.slow.operation.detection.enabled
false
spectrum.cache.slow.operation.detection.log.enabled
false
spectrum.cache.slow.operation.detection.threshold
300

HTTP settings

Property Default value More information
spectrum.http.default.protocol
http
spectrum.http.enabled
true
spectrum.http.port
8080
Network port for HTTP
spectrum.https.enabled
false
Set to true to enable HTTPS.
spectrum.https.port
8443
Network port for HTTPS.
spectrum.https.encryption.keystoreType
pkcs12
spectrum.https.encryption.keystore
../conf/certs/spectrum-keystore.p12
spectrum.https.encryption.keystorePassword
encrypted string
spectrum.https.encryption.keystoreAlias
spectrum
spectrum.https.encryption.truststoreType
pkcs12
spectrum.https.encryption.truststore
../conf/certs/spectrum-truststore.p12
spectrum.https.encryption.truststorePassword
encrypted string
spectrum.https.encryption.validateCerts
true
Set this to
false
for a self-signed certificate.
Note: This property is set to
true
after an upgrade to the 20.1 version of Spectrum Technology Platform even if it was previously set to
false
.
spectrum.https.encryption.selfSignedCert
false
Set to true to use a self-signed certificate.
spectrum.https.encryption.trustAllHosts
false

CORS

Property Default value More information
spectrum.http.cors.enabled false
spectrum.http.cors.allowedOrigins http://127.0.0.1:8080,http://127.0.0.1:443
spectrum.http.cors.allowedMethods POST,GET,OPTIONS,PUT,DELETE,HEAD
spectrum.http.cors.allowedHeaders X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
spectrum.http.cors.preflightMaxAge 1800
spectrum.http.cors.allowCredentials false

Other HTTP

Property Default value More information
spectrum.http.sendVersion false
spectrum.http.log.request.enabled false
spectrum.http.cache.control.headers.enable true
spectrum.http.useFileMappedBuffer false
spectrum.http.allowDirectoryListing false
spectrum.http.minimumThreads 10
spectrum.http.maximumThreads 250
spectrum.http.client.maxConnectionsPerHost 32
spectrum.http.client.maxTotalConnections 128
spectrum.http.request.header.size 8192
spectrum.http.response.header.size 8192

Configuration settings

Property Default value More information
spectrum.configuration.hostname
spectrum.configuration.port

Transaction settings

Property Default value More information
spectrum.transaction.hostname
spectrum.transaction.port

Runtime settings

Property Default value More information
spectrum.runtime.hostname The fully qualified domain name for the host machine.
spectrum.runtime.port Specifies the port (for example, 8443 when configuring Spectrum for SSL).

Repository settings

Property Default value More information
spectrum.repository.addresses 127.0.0.1

Comma separated list of host:port pairs indicating members of cluster. If port not specified it defaults to default repository port.

spectrum.repository.port 7687
spectrum.repository.username neo4j
spectrum.repository.password encrypted string
spectrum.repository.pool.size 50
spectrum.repository.timeout 1200
spectrum.repository.cluster.mode CASUAL The default setting is for a cluster configuration.
spectrum.repository.server.seeds 127.0.0.1
spectrum.repository.server.path ${g1.server.dir}/../repository
spectrum.repository.server.startup.timeout 120

Repository backup settings

Property Default value More information
spectrum.backup.enabled false

Enable or disable backups.

spectrum.backup.cron 0 0 0 * * ?

Quartz cron configuration for scheduled backups. Default cron schedule is every night at midnight. For more information, see Cron Expression Generator & Explainer.

spectrum.backup.repository.enabled true

To specifically enable/disable backup of the neo4j repository. Uncomment this option to override the more general spectrum.backup.enabled setting.

spectrum.backup.repository.databaseURL 127.0.0.1 URL/Host of the machine that Neo4J is running on. Normally only change this setting if Neo4J is running on a different machine than the server. For more information, seeAbout scheduled backups
spectrum.backup.repository.port 6362 The port number Neo4J is listening on for backups. Only change this when the configured port for Neo4J was modified.
spectrum.backup.repository.directory ${g1.server.dir}/backup/repository

Spectrum backup directory. Directory where backup stores files. If in a cluster, it may be advantageous to have this setting point to a network share directory.

Note: In earlier versions the default location was SpectrumDirectory/server/app/repository/store/backup.
spectrum.backup.index.enabled true To specifically enable or disable backup of the Elasticsearch index repository specifically. Uncomment this option to override the more general spectrum.backup.enabled setting.
spectrum.backup.index.directory

${g1.server.dir}/backup/index

Directory where backup will store Elasticsearch index repository files.

Important: For a cluster, this must be set to a network share directory.

Index settings

Property Default value More information
spectrum.index.enabled true
spectrum.index.addresses 127.0.0.1
spectrum.index.port 9200
spectrum.index.username admin
spectrum.index.password encrypted string
spectrum.index.tcp.port 9300
spectrum.index.encryption.enabled true
spectrum.index.encryption.keystoreType pkcs12
spectrum.index.encryption.keystoreAlias spectrum
spectrum.index.encryption.keystore ../conf/certs/spectrum-keystore.p12
spectrum.index.encryption.keystorePassword encrypted string
spectrum.index.encryption.truststoreType pkcs12
spectrum.index.encryption.truststore ../conf/certs/spectrum-truststore.p12
spectrum.index.encryption.truststorePassword encrypted string
spectrum.index.encryption.trustAllHosts false Set to true to implicitly trust all certificates; during verification, ignore host.
spectrum.index.encryption.selfSignedCerts false
spectrum.index.connect.timeout 180000
spectrum.index.server.path ${g1.server.dir}/../index
spectrum.index.server.encryption.keystore ../config/certs/spectrum-keystore.p12
spectrum.index.server.encryption.truststore ../config/certs/spectrum-truststore.p12

Debug manager settings

Property Default value More information
spectrum.debug.dump.dir ../exports/dumps
spectrum.debug.dump.tmp.dir ${g1.server.tmp.dir}/dump/
spectrum.debug.dump.maxFiles 5
spectrum.debug.dump.crash.location .
spectrum.debug.dump.lib.dirs server/deploy,server/lib
spectrum.debug.dump.container.log.dir server/logs
spectrum.debug.dump.container.log.destination server/logs
spectrum.debug.dump.container.properties.files server/conf/spectrum-container.properties
spectrum.debug.dump.repository.log.dir repository/logs
spectrum.debug.dump.repository.log.destination repository/logs
spectrum.debug.dump.repository.properties.files repository/conf/neo4j.conf
spectrum.debug.dump.index.log.dir index/logs
spectrum.debug.dump.index.log.destination index/logs
spectrum.debug.dump.index.properties.files index/config/elasticsearch.yml

Security settings

Property Default value More information
spectrum.security.authentication.session.timeout 1800 Number of seconds of inactivity before client session times out (30 minutes).
spectrum.security.authentication.session.cleanup.intervalInMinutes 60
spectrum.security.authentication.maxFailedAttempts 5 Number of failed login attempts before local account is disabled.
spectrum.security.authentication.basic.authenticator INTERNAL

Type of authenticator used to validate username/password credentials within Spectrum. Valid values are INTERNAL, LDAP, STS, SSO_STS.

For LDAP STS and SSO_STS additional configuration is needed to connect to the external authentication provider.

  • LDAP - /server/conf/spring/security/spectrum-config-ldap.properties
  • STS - /server/conf/spring/security/spectrum-config-sts.properties
  • SSO_STS - /server/conf/spring/security/spectrum-config-sso-sts.properties
spectrum.security.authentication.webservice.enabled.REST true Whether authentication is required for REST webservice calls.
spectrum.security.authentication.webservice.enabled.SOAP true Whether authentication is required for SOAP webservice calls.
spectrum.security.authentication.webservice.basicauth.enabled true Whether basic authorization is enabled for SOAP and REST webservice calls. If false, then only token-based authentication is available for those webservice calls.

Data manager settings

Property Default value More information
spectrum.data.manager.storage.dir ../ref-data

Online help site

Property Default value More information
spectrum.help.url https://lookup.docs.precisely.com Folder containing JSP file.

Audit archive settings

Property Default value More information
spectrum.audit.archive.enabled true
spectrum.audit.archive.cron 0 0 0 ? * SUN Default is to occur every Sunday at midnight. For more information, see Cron Expression Generator & Explainer.
spectrum.audit.archive.days.retain 180 Default is to retain 180 of audit data.
spectrum.audit.archive.directory ../archive/audit Export audit data in this location before purging data.

Advanced settings

Do not modify any of these settings without contacting customer support first.

Property Default value More information
spectrum.remote.method.call.defaultTimeout 120000 Remote method call setting.
spectrum.security.account.createNonExisting true If using an external account repository, whether to create an instance of the user inside of Spectrum automatically if the user has been authenticated in that external repository.
spectrum.security.authentication.internal.users

Comma separated list of usernames that will be authenticated internally using Basic-Auth if authentication is configured to be external (that is, LDAP, STS). To disable all internal authentication, leave the property in place with no value. This has no effect on SSO authentication through Spectrum web applications.

Note: Removing the property or commenting it out will not have the same behavior as leaving the property blank.
spectrum.https.encryption.excludeCipherSuites ^.*_(MD5|SHA|SHA1)$, ^TLS_RSA_.*$, ^.NULL.$, ^.anon.$, ^SSL_.*$

Comma separated regex expression for the excluded protocols.

  • Exclude weak / insecure ciphers.
  • Exclude ciphers that don't support forward secrecy.

The following exclusions are present to cleanup known bad cipher suites that may be accidentally included via include patterns.

  • Excludes Null patterns
  • In case of IBM Java (AIX environment remove ^SSL_.*$ from the list):

    ^.*_(MD5|SHA|SHA1)$, ^TLS_RSA_.*$, ^.NULL.$, ^.anon.$

spectrum.https.encryption.includeCipherSuites ^SSL_ECDHE.*$, ^SSL_DHE.*$, SSL_RSA.*$, TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Only uncomment in case of IBM JRE/JDK on AIX environment. Comma separated values for the included cipher suites only in case of AIX IBM JRE. And remove ^SSL_.*$ from the excludeCipherSuites list.

spectrum.log.skip.service.override no_service_override,org.teiid Skip override logs in service for define loggers
spectrum.security.enable.successful.login.audit false

In case you running a high volume of web services with Spectrum, you may have a huge amount of login/logout audit events in the audit log and so overflow the audit queue. Setting this property to false will disable audit successful login/logouts.

Metadata settings

Property Default value More information
spectrum.metadata.jdbc.port 32750

By default, this TCP port number makes the JDBC connection to deployed model stores. Use this property to change the default TCP port.

spectrum.metadata.odbc.port 32751

By default, this TCP port number makes the ODBC connection to deployed model stores. Use this property to change the default ODBC port.

spectrum.job.microflow.serializer kryo
spectrum.job.reporting.useNumberForId true
g1.client.status.convert false
spectrum.jdbc.connectionPool.maxActive 64
spectrum.jdbc.connectionPool.maxIdle 8
spectrum.jdbc.connectionPool.timeBetweenEvictionRunsMillis 300000
spectrum.jdbc.connectionPool.minEvictableIdleTimeMillis 1000000
oracle.jdbc.defaultNChar false
spectrum.dir ../..
spectrum.conf.dir ../conf
spectrum.deploy.dir ../deploy
spectrum.log.dir ../logs
spectrum.artifacts.dir ../artifacts
spectrum.types.dir ../types
spectrum.resource.dir ../archive/bundles
spectrum.modules.dir ../modules
spectrum.archive.dir ../archive
spectrum.microflow.dir ../tmp/microflow
spectrum.import.dir ../import
spectrum.exports.dir ../exports
spectrum.jdbc.drivers.dir ../drivers

For more information, see Importing a JDBC Driver

Other settings

Property Default value More information
spectrum.server.directory.access.symlink.enable false

Server directory access restriction property. When server directory access restriction is enabled, users can create symbolic links of directories on server and add these links to the list of accessible directories.

Setting this property to true may create a security loophole.

spectrum.configuration.filesynch.commaseparatedfolders ../import

This property specifies the folders (comma separated) that need to be synchronized across the nodes in the cluster. This could either be absolute path or the relative path. Use / as the file separator.

spectrum.security.account.case.sensitive false Specifies whether the login username is case sensitive.