Runtime Configuration
The Runtime Configuration tab on the Settings screen of App Services enables you to view and edit the runtime configuration settings of the Fabric Server. The configuration details comprise of the following sections:
- General Configuration
- Log Configuration
- CORS Configuration
- SSL Configuration
- Storage Database Configuration
- GDPR Policy
- File Storage Configuration
- Web Apps Configuration
- Cache Configuration
- Global Throttling Configuration
General Configuration
The General Configuration section displays the general settings of the Fabric server. You can modify any setting and click Save to update the change.
The following table describes the settings in the General Configuration section:
Log Configuration
The Log Configuration section displays the configuration settings related to the server logs. You can modify any setting and click Save to update the changes.
The following table describes the settings in the Log Configuration section:
Property Name | Description |
---|---|
Server Log Option |
Select the log option from the list to specify where the logs can be collected. The available log options are as follows:
|
Server Log Location |
When log option is logfile, use this to specify the location of the log file. NOTE: After upgrading the server to the latest version, verify that the specified log location on the Admin Console matches with the current log location. |
Server Logger JNDI Name |
When log option is database, use this to specify the JNDI name of the data-source. |
CORS Configuration
The CORS Configuration section displays the configuration settings related to Cross Origin Resource Sharing (CORS) access. You can modify any setting and click Save to update the changes.
The following table describes the settings in the CORS Configuration section:
Property Name | Description |
---|---|
CORS Enabled | Enable this option for Cross Origin Resource Sharing (CORS) support. It will allow users to access resources across internet domains. |
Fabric Server Access Control Allow Origin Value |
If you set the Fabric Server Access Control Allow Origin Value to
|
Fabric Server Access Control Echo Whitelist Domains |
If Fabric Server Access Control Allow Origin Value is set to ECHO, then this whitelist (comma separated list) is used to specify the list of valid domains that you echo back in the response. The request should specify the domain to echo back as "Origin" header. |
Control Allow Credentials | If the value is not NONE and Fabric server Access Control Allow Origin Value is not ALL, then this value is set as Access-Control-Allow-Credentials header in the response. |
Control Vary Header | If the value is not NONE and Fabric server Access Control Allow Origin Value is not ALL, then this value is set as Vary header in the response. |
SSL Configuration
The SSL Configuration section is used to connect the Fabric Server to the customer enterprise server using appropriate SSL certificates and settings. This type of configuration is required only when you want to connect the Fabric Server by using the HTTPS protocol. You can modify any setting and click Save to update the changes.
The following table describes the settings in the SSL Configuration section:
Property Name | Description |
---|---|
SSL Trust Store | The trust store location where the public SSL certificates are stored. |
SSL Trust Store Password | The password of trust store file. |
SSL Trust Store Type | The extension of the trust store file. If not specified, then the default value is jks. |
SSL Key Store | The key store location where the private SSL certificates are stored. |
SSL Key Store Password | The password of key store file. |
SSL Key Store Type | The extension of the key store file. If not specified, then the default value is jks. |
SSL Algorithm |
The SSL algorithm used. For IBM application servers, the algorithm value is SSLv3. For any other application server, the algorithm value is TLS. |
SSL Socket Factory Provider | The security provider of SSL Socket Factory. |
SSL Server Socket Factory Provider | The security provider of SSL Server Socket Factory. |
SSL Socket Factory Host Name Verifier |
Select the SSL Socket Factory Host Name Verifier:
|
Storage Database Configuration
The Storage Database Configuration section displays the database properties of storage services of Fabric server. This is used only for on-premise installs. You can modify any setting and click Save to update the changes.
The following table describes the settings in the Storage Database Configuration section:
Property Name | Description |
---|---|
Database Type | The type of database to be used. By default, this will be same as the type of the Fabric database. |
Database Host Name | The host name of the database. By default, this will be same as the host name of the Fabric database. |
Database Port | The port number at which your database is running. By default, this will be same as the port number of the Fabric database. |
Database User Name | The username for accessing the database. By default, this will be same as the username of the Fabric database. |
Database Password | The password for accessing the database. By default, this will be same as the password of the Fabric database. |
Database Instance |
The name of the database instance, if the database type is Oracle database, |
Data Tablespace Name |
The name of the tablespace in which data is stored, if the database type is Oracle database, |
Index Tablespace Name |
The name of the tablespace in which index is created, if the database type is Oracle database, |
LOB Tablespace Name |
The name of the large object tablespace created in the server, if the database type is Oracle database, |
SQL Server Default Schema |
The default schema of the SQL Server database. |
Max Allowed Connections | The maximum number of allowed connections to access the database. |
Connection Timeout in Seconds | The time out interval in seconds for server to reply to the client request for the Storage services. |
GDPR Policy
The GDPR Policy section provides settings that enable the protection of the Personally Identifiable Information (PII) of a user. When the settings are enabled, data such as the User ID and the IP Address is not stored in the integration server logs. Additionally, a flag variable is sent to the metrics pipeline along with the PII to protect the data.
The GDPR Policy section contains the following settings:
Property | Description |
---|---|
Protect PII |
Enables or disables the protection of the PII that is sent for reporting. If this setting is enabled, PII of the users is removed from the log files of the integration server. Additionally, the PII is sent to the metrics payload along with a key (protectpii) that notifies the Metrics pipeline to protect the data. |
The metrics pipeline encodes the PII (UserID and IP Address) in the reports and metrics if the request originates from any of the following countries.
Austria Belgium Bulgaria Germany Denmark Estonia Spain Finland France |
Greece Croatia Hungary Ireland Iceland Italy Liechtenstein Luxembourg Latvia |
Malta Netherlands Norway Poland Portugal Romania Sweden Slovenia Slovakia |
If the Protect PII property is enabled, the metrics pipeline encodes the PII (userID and IP Address) for all requests (irrespective of the country of origin).
File Storage Configuration
The File Storage Configuration section displays the configuration properties related to File Storage adapter. It is applicable only for on-premise install.
The following table describes the settings in the File Storage Configuration section:
Property | Description |
---|---|
File Storage Root Directory | The root directory of Network File System (NFS) for storing the files. |
Web Apps Configuration
The Web Apps configuration section displays the configuring properties of the new optimized web apps package format that improves the app performance and minimize the downtime during deployments. The section displays the properties such as Response Content Type Mappings, Cache Control age, HTTP session caching, and Custom Response Headers. You can modify any setting and click Save to update the changes.
The following table describes the settings in the Web Apps Configuration section:
Property | Description |
---|---|
Response Content Type Mapping |
The property is used to set the Content-Type header in the response based on the matching file extension. Example: If the file extension is .css, the Content-Type header value of the response will be text/css. Similarly, there are other common extensions that are mapped by default. NOTE: If the response header is not defined, the server displays an empty string leaving it to the browser to sniff the mime types placed in Quantum Fabric to intercept and alter the mime types of the requested resource. |
Cache Control Age (in secs) | The Cache-Control header in the response i.e. the maximum cache duration in seconds. The default value is 86400 seconds (i.e. 1 day). |
HTTP Session Caching | Enable this to cache the user session data. The value is set to True, by default. |
Custom Response Headers |
You can use the property to return additional custom headers in every response. For every requested resource of SPA application, the mentioned headers are added to the response. You can add the response header and its value to the field. It takes an array of JSON objects. Each JSON object contains two keys name and value. Name is the header name and value as the header value. Example: [ {'name': 'X-Content-Type-Options', 'value': 'nosniff'} ] Limitations:
NOTE: User is responsible to provide a valid header key and value. |
Enable iPad Redirect | Enable this to redirect requests coming from iPad devices above iOS 13 to iPad view instead of Desktop view. By default, it is False. |
Cache Configuration
Quantum Fabric supports EHCache, Memcached, and Redis cache vendors. An On-premise setup of Quantum Fabric uses EHCache as the default cache mechanism. A cloud environment uses Memcached as the default cache mechanism. The Cache Configuration section displays the configuration properties of the new cache mechanism. The section displays the properties such as Cache Type, Expiry time, Cache Server URLs, Advanced Cache properties, and Enable Session Distribution. You can modify any setting and click Save to update the change.
IMPORTANT: If Ehcache is chosen, the middleware automatically configures the cache to hold a maximum of 4000 entries. After reaching this limit, eviction will occur to make room for new entries.
To adjust this setting, you can specify a new value for "cacheSize" in the environment_properties section of the Advanced Properties.
For example: {"environment_properties": {“cacheSize" : “6000”},"jcache_configuration_properties":{},"additional_properties":{}}
The following table describes the settings in the Cache Configuration section:
Property | Description |
---|---|
Cache Type | The type of cache to use. The list displays the following possible options - EHCACHE, MEMECACHED, and REDIS. |
Cache Expiry |
The cache expiry time in seconds for each cache entry. The default value is 20 minutes. NOTE: The default cache expiry time is 20 minutes. |
Cache Server URLs |
The URLs of the external cache servers. For example, MEMCACHED -
REDIS
• For a Redis Sentinel setup, provide the list of sentinel node ip/port (not the redis server ip:port)
For example:
For the above three modes, you can also provide node details in the format:
For example:
For TLS, it is mandatory to provide cache server urls in the format rediss:// <IP address1/hostname1>:<port1>, rediss:// <IP address1/hostname1>:<port2> |
Advanced Properties |
The advanced properties, specific to cache type, in JSON format. Default JSON template property: environment_properties: Add the cache properties that are utilized by Quantum Fabric. From V9 ServicePack 4, you can enable secure connections to Redis. To do so, add the following parameter: For example, to identify the mode of the Redis server, you must add the following property. The Advanced properties of REDIS cluster mode:
Advanced properties of REDIS SENTINEL mode
Environment properties for providing redis password and username (Any of the 3 Redis cache mode)
Note: Please note that REDIS_CACHE_MODE is mandatory. For Sentinel, REDIS_SENTINEL_MASTER_NAME is mandatory. REDIS_PASSWORD/ REDIS_USERNAME needs to be added if configured in your Redis Server.
NOTE: If jcache_configurations_properties: Custom properties related to JCache configuration are configured in this section. The configured custom properties are sent directly to JCache. additional_properties: The properties that are not related to REDIS or JCache configuration must be added in this section. |
Enable Session Distribution |
Enable the property to distribute the cache session among multiple nodes. NOTE: EHCache does not support session distribution. If you want to distribute the session data among the multiple nodes, the cache type must be MEMCACHE or REDIS, and Temenos recommends REDIS. |
NOTE: It is advised to avoid directly inserting Custom Objects into Session or ResultCache within Preprocessors, Postprocessors, and Java Services.
Instead, Custom Objects should be converted to a byte Array before insertion into Session or ResultCache. The Serialization and Deserialization of Custom Objects should be managed by implementation classes to guarantee proper data handling.
Global Throttling Configuration
Apart from configuring the service level throttling from the Quantum Fabric console, you can also configure the operation level throttling from the Global Throttling Configuration field. The throttling limit set for a service is applicable to all the operations within the service, whereas, the throttling information given here will be implied to the respective operation of the service that you mention here.
NOTE: If you have set the throttling limit at both service and operation level, then the service will not respond when either of the limit is met first.
The following table describes the settings in the Global Throttling Configuration section:
Property | Description |
---|---|
Operation Level Throttling |
You can limit the number of times the operation is invoked per minute. You can provide the throttling information in a JSON array format NOTE: If an API exceeds the throttling limit, it will not return the service response. |
Following are the parameters required to define the throttling limit for the respective service type:
Integration and Orchestration Service:
[ { "resourcePath":"NameService/getFirstName", "httpMethod":"POST", "totalRateLimitPerMinute":100, "ipRateLimitPerMinute":10 }, { "resourcePath":"NameService/getLastName", "httpMethod":"POST", "totalRateLimitPerMinute":110, "ipRateLimitPerMinute":11 }
]
Object Service:
[ { "resourcePath":"ObjectServiceName/Object", "httpMethod":"GET", "totalRateLimitPerMinute":100, "ipRateLimitPerMinute":10 }, { "resourcePath":"ObjectServiceName/Object", "httpMethod":"GET", "totalRateLimitPerMinute":100, "ipRateLimitPerMinute":10 } ]
IMPORTANT: You can only configure the POST httpMethod for Integration service and Orchestration service types. For Object service, you can configure GET and DELETE httpMethod as is, whereas, the POST and PUT httpMethod should be configured as CREATE and UPDATE respectively.
NOTE: If you want to apply throttling on some custom verb, then you can configure the custom verb as the httpMethod.
NOTE: ** displayed beside the property implies the changes to the property groups required restart of the server to reflect modified values.