Application server properties

WebSphere® Application Server or application server properties define values that are specific to integrating Identity Manager with the application server.

Table 1 lists these WebSphere Application Server properties.

Table 2 lists these Application server properties.

Table 1. WebSphere application server properties
Platform Context Factory Name 
enrole.platform.contextFactory
 

Do not modify this property key and value.

Specifies the Java™ class for the platform context factory that defines the integration point for Identity Manager with the WebSphere Application Server.

Example (default, entered as a single line):

enrole.platform.contextFactory=com.ibm.itim.apps.impl.websphere.
   WebSpherePlatformContextFactory
 
Application server 
enrole.appServer.contextFactory
 

Do not modify this property key and value.

Specifies the Java class that determines which JNDI factory to use with the WebSphere Application Server.

Example (default):

enrole.appServer.contextFactory=com.ibm.websphere.naming.
   WsnInitialContextFactory
 
enrole.appServer.url
 

This property key and value can be changed only by a qualified administrator.

Specifies the location of the application server naming service. This value is obtained during Identity Manager installation.

Example:

enrole.appServer.url=iiop://localhost:2809
 
enrole.appServer.usertransaction.jndiname
 

Do not modify this property key and value.

Specifies the JNDI name of the JTA (Java Transaction API) User Transaction object.

Example (default):

enrole.appServer.usertransaction.jndiname=jta/usertransaction
 
enrole.appServer.systemUser
 

This property key and value can be changed only by a qualified administrator. Modify with the runConfig utility only.

Specifies the name of the administrator for the WebSphere Application Server when security is enabled. In a WebSphere Application Server environment, this value is required only when global security is enabled. The value is not set if security is not enabled.

The value is used to start, stop, and configure the Identity Manager Server. The value is also used by Identity Manager installation and configuration routines to authenticate to the WebSphere Application Server.

Example:

enrole.appServer.systemUser=system
 
enrole.appServer.systemUser.credentials
 

This property key and value can be changed only by a qualified administrator. Modify with the runConfig utility only. This value is stored in an encrypted format that depends on the option selected with the runConfig utility.

Specifies the password for the systemUser.

Example:

enrole.appServer.systemUser.credentials=password
 
enrole.appServer.ejbuser.principal
 

This property key and value can be changed only by a qualified administrator. Modify with the runConfig utility only.

Specifies the name used by Identity Manager to authenticate when it makes calls on Java beans.

Example:

enrole.appServer.ejbuser.principal=rasweb
 
enrole.appServer.ejbuser.credentials
 

This property key and value can be changed only by a qualified administrator. Modify with the runConfig utility only.

Specifies the password for the principal specified.

Encryption of this value is specified by the enrole.password.appServer.encrypted property in enRole.properties.

Example:

enrole.appServer.ejbuser.credentials=password
 
enrole.appServer.realm
 

This property key and value can be changed only by a qualified administrator.

Specifies the target server security realm name if Identity Manager is running on a different WebSphere Application Server instance that is configured to run with different security realm.

Example (on a single line):

enrole.appServer.realm=itimCustomRealm

The default value is itimCustomRealm; it can be updated during the installation of Identity Manager.

 
enrole.appServer.registry
 

Do not modify this property key and value.

Describes the registry to which Identity Manager is configured.

Example (default):

enrole.appServer.registry=ITIM_Custom_registry
 
enrole.appServer.security.domain
 

Do not modify this property key and value.

Specifies the name of the Security domain created for Identity Manager.

Example (default):

enrole.appServer.security.domain=ISIMSecurityDomain
 
enrole.appServer.alwayssetisolevelrc
 

Do not modify this property key and value.

This property specifies that Identity Manager must always set the transaction isolation level to Read-Committed when it acquires database connections.

Because the WebSphere Application Server has internal support for setting the isolation level, this property must be set to false.

Example (default):

enrole.appServer.alwayssetisolevelrc=false
 
Login helper 
enrole.appServer.loginHelper.class
 

Do not modify this property key and value.

Specifies the Java class that is used to log each thread in to Java EE Security.

Example (default):

enrole.appServer.loginHelper.class=com.ibm.itim.util.was.WAS40LoginHelper
 
Application server servlet path separator 
enrole.servlet.path.separator
 

Do not modify this property key and value.

Specifies the separator character used to specify path names to required resources.

Example (default):

enrole.servlet.path.separator=.
 
Event notification system login 
SystemLoginContextFactory
 

Do not modify this property key and value.

Specifies the Java factory class for event notification system login appropriate for WebSphere Application Server.

Example (default, entered as a single line):

SystemLoginContextFactory=com.ibm.itim.remoteservices.provider.itim.
   websphere.WSSystemLogonContextFactory
Table 2. Application server properties
Platform Context Factory Name 
enrole.platform.contextFactory
 

Do not modify this property key and value.

Specifies the Java class for the platform context factory that defines the integration point for Identity Manager with the Application server.

Example (default, entered as a single line):

enrole.platform.contextFactory=com.ibm.itim.apps.impl.websphere.
   WebSpherePlatformContextFactory
 
Application server 
enrole.appServer.contextFactory
 

Do not modify this property key and value.

Specifies the Java class that determines which JNDI factory to use with the Application server.

Example (default):

enrole.appServer.contextFactory=com.ibm.websphere.naming.
   WsnInitialContextFactory
 
enrole.appServer.url
 

This property key and value can be changed only by a qualified administrator.

Specifies the location of the application server naming service. This value is obtained during Identity Manager installation.

Example:

enrole.appServer.url=iiop://localhost:2809
 
enrole.appServer.usertransaction.jndiname
 

Do not modify this property key and value.

Specifies the JNDI name of the JTA (Java Transaction API) User Transaction object.

Example (default):

enrole.appServer.usertransaction.jndiname=jta/usertransaction
 
enrole.appServer.realm
 

This property key and value can be changed only by a qualified administrator.

Specifies the target server security realm name if Identity Manager is running on a different Application server instance that is configured to run with different security realm.

Example (on a single line):

enrole.appServer.realm=itimCustomRealm

The default value is itimCustomRealm; it can be updated during the installation of Identity Manager.

 
enrole.appServer.registry
 

Do not modify this property key and value.

Describes the registry to which Identity Manager is configured.

Example (default):

enrole.appServer.registry=ITIM_Custom_registry
 
enrole.appServer.security.domain
 

Do not modify this property key and value.

Specifies the name of the Security domain that is created for Identity Manager.

Example (default):

enrole.appServer.security.domain=ISIMSecurityDomain
 
enrole.appServer.alwayssetisolevelrc
 

Do not modify this property key and value.

This property specifies that Identity Manager must always set the transaction isolation level to Read-Committed when it acquires database connections.

Because the Application server has internal support for setting the isolation level, this property must be set to false.

Example (default):

enrole.appServer.alwayssetisolevelrc=false
 
Login helper 
enrole.appServer.loginHelper.class
 

Do not modify this property key and value.

Specifies the Java class that is used to log each thread in to J2EE Security.

Example (default):

enrole.appServer.loginHelper.class=com.ibm.itim.util.was.WAS40LoginHelper
 
Application server servlet path separator 
enrole.servlet.path.separator
 

Do not modify this property key and value.

Specifies the separator character that is used to specify path names to required resources.

Example (default):

enrole.servlet.path.separator=.
 
Event notification system login 
SystemLoginContextFactory
 

Do not modify this property key and value.

Specifies the Java factory class for event notification system login appropriate for Application server.

Example (default, entered as a single line):

SystemLoginContextFactory=com.ibm.itim.remoteservices.provider.itim.
   websphere.WSSystemLogonContextFactory
User-selected locale 
locale
 

Specifies the locale setting for the Identity Manager environment.

Example (default):

locale=en
 
Context factory name 
enrole.appServer.name
 

Specifies the unique name of the application server.

In a cluster environment, it is important that this name is unique for each member within a node in the cluster. Cluster members on different nodes can have same names.

Example (default):

enrole.appServer.name=myserver