SDK properties
Most SDK settings are inherited.
Data store
The following properties are available under the Data Store tab:
- Enable Datastore Notification
-
When enabled, AM uses datastore notification. Otherwise, AM uses in-memory notification.
Changes to this property take effect immediately. No server restart is necessary.
Default:
EnabledProperty:
com.sun.identity.sm.enableDataStoreNotification - Enable Directory Proxy
-
When enabled, AM accounts for the use of a directory proxy to access the directory server, for example, by enabling delegation privileges rather than ACIs for access control to the proxy.
Enable this option if you have deployed PingDS as a directory proxy in front of a number of additional DS instances. For more information, see Directory Proxy in the DS documentation.
Default:
DisabledProperty:
com.sun.identity.sm.ldap.enableProxy - Notification Pool Size
-
Specifies the size of the thread pool used to send notifications. A value of
1causes notifications to be processed sequentially, avoiding any potential out-of-order conditions. In production, where configuration is unlikely to change often, keeping the default of1is recommended.Default:
1Property:
com.sun.identity.sm.notification.threadpool.size
Event service
The following properties are available under the Event Service tab:
- Number of retries for Event Service connections
-
Specifies the maximum number of attempts to reestablish event service connections.
Default:
3Property:
com.iplanet.am.event.connection.num.retries - Delay between Event Service connection retries
-
Specifies the time in milliseconds between attempts to reestablish entry service connections.
Default:
3000Property:
com.iplanet.am.event.connection.delay.between.retries - Error codes for Event Service connection retries
-
Specifies the LDAP error codes for which AM retries rather than returning failure.
Default:
80,81,91Property:
com.iplanet.am.event.connection.ldap.error.codes.retries - Disabled Event Service Connection
-
Specifies which persistent search connections AM can disable. Any connection that is not specified as disabled is enabled.
Multiple values should be separated with a comma ,.
Default:
aci,umProperty:
com.sun.am.event.connection.disable.listPossible values are:
-
aci. Obtain notification changes to theaciattribute. -
um. Obtain notification changes in AM’s user store. For example, modifying a password. -
sm. Obtain notification changes in AM’s configuration store. For example, modifying a realm.
-
LDAP connection
The following properties are available under the LDAP Connection tab:
- Number of retries for LDAP Connection
-
Specifies the maximum number of attempts to reestablish LDAP connections.
Default:
3Property:
com.iplanet.am.ldap.connection.num.retries - Delay between LDAP connection retries
-
Specifies the time, in milliseconds, between attempts to reestablish LDAP connections.
Default:
1000Property:
com.iplanet.am.ldap.connection.delay.between.retries - Error Codes for LDAP connection retries
-
Specifies the LDAP error codes for which AM retries rather than returning failure.
Default:
80,81,91Property:
com.iplanet.am.ldap.connection.ldap.error.codes.retries
Caching and replica
The following properties are available under the Caching and Replica tab:
- SDK Caching Max. Size
-
Specifies the cache size used when SDK caching is enabled. The size should be an integer greater than
0, or the default size of10000will be used.Changes to this property clear the contents of the cache. No server restart is necessary.
Default:
10000Property:
com.iplanet.am.sdk.cache.maxSize - SDK Replica Retries
-
Specifies the maximum number of attempts to retry when an entry not found error is returned to the SDK.
Changes to this property take effect immediately. No server restart is necessary.
Default:
0Property:
com.iplanet.am.replica.num.retries - Delay between SDK Replica Retries
-
Specifies the time in milliseconds between attempts to retrieve entries through the SDK.
Changes to this property take effect immediately. No server restart is necessary.
Default:
1000Property:
com.iplanet.am.replica.delay.between.retries
Time to live configuration
The following properties are available under the Time to Live Configuration tab:
- Cache Entry Expiration Enabled
-
When disabled, cache entries expire based on the User Entry Expiration Time property.
Default:
DisabledProperty:
com.iplanet.am.sdk.cache.entry.expire.enabled - User Entry Expiration Time
-
Specifies the time in minutes for which user entries remain valid in cache after their last modification. When AM accesses a user entry that has expired, it reads the entry from the directory server instead of from the cache.
Default:
15Property:
com.iplanet.am.sdk.cache.entry.user.expire.time - Default Entry Expiration Time
-
Specifies the time in minutes for which non-user entries remain valid in cache after their last modification. When AM accesses a non-user entry that has expired, it reads the entry from the directory server instead of from the cache.
Default:
30Property:
com.iplanet.am.sdk.cache.entry.default.expire.time