Deployment Manual / Version 2104
Table Of Contentscap.server.allow-synthetic-replay
| |
Type | java.lang.Boolean |
Default | true |
Description | Whether it is allowed for clients to request a synthetic replay of the content repository, for example using the constant Timestamp.SYNTHETIC_REPLAY Unified API. This is a very expensive operation that is rarely used except when setting up a Replication Live Server from scratch. |
cap.server.blob-channel-timeout
| |
Type | java.lang.Integer |
Default | 60 |
Description | This property sets the timeout for streaming blobs to and from the database in seconds. In general, you don't have to change the default value. It is provided for exceptional cases, when the connection to the database is unreliable. |
cap.server.blob-url-pattern
| |
Type | java.lang.String |
Default | https?:.* |
Description | A regular expression that must match the entire URL string for URL blobs, that is, blobs that are only referenced by their URL in the content repository and are resolved at the client side on access. Using URL blobs can significantly reduce the storage requirements of the Content Server. The pattern must match the entire URL string, starting with the protocol. Before matching, the path component of the URL is normalized according to java.net.URI#normalize() where applicable. URLs with the schemes s3: and classpath: are not normalized. By default, only http: and https: URLs are allowed. Allowing too many URLs may cause security problems. For example, allowing file:.* would also grant access to all configuration files. Instead, a single path like file:///share/blobData/.* should be sufficient in most cases. Alternative patterns can be given according to the Java regular expression syntax as implemented by java.util.regex.Pattern: file:///share/blobData/.*|http://blobstorage.internal/.* |
cap.server.cache.group-cache-size
| |
Type | java.lang.Integer |
Default | 500 |
Description | This property defines the size of the group cache. It limits the maximum number of groups which can be found in one search for groups in the user window of the Site Manager. Set the property so that all groups connected to rights can be cached in memory. |
cap.server.cache.group-cache-status-interval
| |
Type | java.lang.Integer |
Default | 0 |
Description | The time between two log messages reporting the current state of the group cache, in seconds; the maximum value is 3600, the minimum value is 10. |
cap.server.cache.member-folder-rights-cache-size
| |
Type | java.lang.Integer |
Default | 1000 |
Description | This property defines the size of the folder-specific rights cache. This cache stores the results of right calculations per folder and member, aggregating the results for all content types. This cache might help custom code using APIs other than the Unified API, but mainly it affects the performance of the Site Manager in rare cases. Change this setting only if you observe the method getRights(MemberKey) in thread dumps of a slow Content Server. |
cap.server.cache.resource-cache-size
| |
Type | java.lang.Integer |
Default | 60000 |
Description | The capacity of the resource cache of the Content Server; the maximum value is 1000000, the minimum value is 100. This property defines the resource cache size, that is, the number of resources the server holds in memory. This value should sometimes be adapted to the increasing number of resources in the actual working set. If the value is too small, the server does not perform well. One resource needs about 2kB of heap space. |
cap.server.cache.resource-cache-status-interval
| |
Type | java.lang.Integer |
Default | 300 |
Description | The time between two log messages reporting the current state of the resource cache, in seconds; the maximum value is 3600, the minimum value is 10. |
cap.server.cache.rights-cache-size
| |
Type | java.lang.Integer |
Default | 3000 |
Description | This property defines the size of the rights cache. This cache stores the results of right calculations per resource, content type and member. If you have lots of different resources, content types and users you might need to adapt the value of the property. Check the proper size of the cache by examining the cache misses and faults in the log. To activate the log output of the rights cache set the cap.server.cache.rights-cache-status-interval property to a value larger than zero. |
cap.server.cache.rights-cache-status-interval
| |
Type | java.lang.Integer |
Default | 0 |
Description | This property defines the interval (in seconds) at which log output of the rights cache is written. "0" means, that no log output is written. |
cap.server.cache.user-cache-size
| |
Type | java.lang.Integer |
Default | 500 |
Description | This property defines the size of the user cache. It limits the maximum number of users which can be found in one search for users in the user window of the Site Manager. Set the property to the size of the largest user search you want to perform, or the number of concurrently working users, whichever is greater. |
cap.server.cache.user-cache-status-interval
| |
Type | java.lang.Integer |
Default | 0 |
Description | The time between two log messages reporting the current state of the user cache, in seconds; the maximum value is 3600, the minimum value is 10. |
cap.server.check-unique-db-access
| |
Type | java.lang.Boolean |
Default | true |
Description | This property determines whether to check for another server that is running concurrently on the same database on server startup. |
cap.server.document-types
| |
Type | java.lang.String |
Default | classpath*:/framework/doctypes/**/*.xml,config/contentserver/doctypes/**/*.xml |
Description | This property defines where the server finds the XML file(s) containing the content type definitions. You can specify multiple files as a comma separated list or use Ant-style patterns with wildcards like '*', '?' and '**'. Example: config/contentserver/doctypes/**/*.xml matches all XML files below the config/contentserver/doctypes directory. |
cap.server.encrypt-passwords-key-file
| |
Type | java.lang.String |
Default | |
Description | The location of the key generated by cm encryptpasswords. If empty, defaults to etc/keys/DATABASE_NAME.DATABASE_USER.rijndael |
cap.server.http-port
| |
Type | java.lang.Integer |
Default | 0 |
Description | Defines the HTTP(S) port of the application container containing the Content Server. The entry /Server/Service/Connector@port in server.xml has to have the same value as this property. |
cap.server.init-runlevel
| |
Type | java.lang.String |
Default | online |
Description | The initial runlevel that the server will try to reach on startup. Possible runlevels are: online, administration, maintenance. This property does not override the default behavior of the Replication Live Server for the initial replication. |
cap.server.initial-password
| |
Type | java.util.Map<java.lang.String,java.lang.String> |
Default | |
Description | The initial password to set for the default user with the indicated name. This password is set when the server is started for the first time. You can change the passwords later on at any time. |
cap.server.license
| |
Type | java.lang.String |
Default | properties/corem/license.zip |
Description | Defines where the server finds the license file. |
cap.server.login-service-webserver-privileged
| |
Type | java.lang.Boolean |
Default | false |
Description | This property specifies whether client connections of the login service 'webserver' are privileged and may log in as different users without further authentication. The default is false. It may be set to true to make the 'webserver' login service a privileged service as it was the case in releases before 1907. |
cap.server.login.authentication
| |
Type | java.lang.String |
Default | properties/corem/jaas.conf |
Description | Arguments for jaas login authentication, will be set on the java.security.auth.login.config System property. |
cap.server.login.bouncers
| |
Type | java.lang.String |
Default | |
Description | This property points to the optional login bouncer configuration. A login bouncer can grant or deny access to the Content Server based on the characteristics of the user and the set of currently logged in users. |
cap.server.login.password-hash-algorithm
| |
Type | java.lang.String |
Default | bcrypt:10 |
Description | A specification of the hash algorithm used for storing passwords. Allowed values are md5 for MD5-based password hashing and bcrypt:N with N being an integer between 4 and 31 (inclusive) for bcrypt-based password hashing. In the latter case N denotes the work factor which should adapted to the available CPU resources. This parameter applies to passwords of users defined in the built-in user repository of the Content Server, only. The value md5 is discouraged, because it makes brute-force attacks on passwords of low and medium strength possible. It should only be used if passwords need to be changed by clients (Studio, Site Manager, cm changepassword) that have not been updated to a CMS release that supports configurable password hashing. Old clients can login even after a password change without any restrictions. After changing this property, it is recommended to update the passwords of all users to ensure that all hashes have been computed according to the desired algorithm. |
cap.server.maximum-startup-delay
| |
Type | java.lang.Integer |
Default | 60 |
Description | Configured maximum time for Content Server startup in seconds. This is the maximum time after which the Content Server is treated as initialized if it was started as Windows Service or as web application. Dependent Windows Services / other web applications will be started when the Content Server has reached its initial runlevel or after this time. |
cap.server.multiple-live-servers
| |
Type | java.lang.Boolean |
Default | false |
Description | This property defines whether the server publishes to multiple live servers. Note that this flag cannot be easily changed after the first start of the Content Management Server. |
cap.server.naming-policy-allow-at
| |
Type | java.lang.Boolean |
Default | false |
Description | Allow '@' in member names (may cause confusion with user domains) |
cap.server.persistent-property-writers
| |
Type | java.util.List<java.lang.String> |
Default | * |
Description | A list of names of groups that may write or delete persistent properties. The magic group "*" grants rights to all users. This is the default for compatibility reasons. Connections using the publisher and replicator login service are always allowed to write persistent properties. |
cap.server.repository-home
| |
Type | java.lang.String |
Default | /Home |
Description | Defines the folder which will be used to store the home folders of the users. The whole folder hierarchy of the home folders is only visible to the administrator. Other user will only see one home folder with the path defined in cap.server.repository-home containing his personal files, such as the preferences. The default folder is /Home which will be automatically created by the system. If you define another folder, you need to create this folder by your own. |
cap.server.repository-system
| |
Type | java.lang.String |
Default | /System |
Description | Defines the system folder. It contains for example the public dictionary of the spell checker. The default folder is /System which will be automatically created by the system. If you define another folder, you need to create this folder by your own. |
cap.server.search.enable
| |
Type | java.lang.Boolean |
Default | false |
Description | If true full text search is enabled. |
cap.server.session-ping-interval
| |
Type | java.lang.Integer |
Default | 60 |
Description | The maximum number of seconds that a ping is delayed when there are no available events |
cap.server.termination-timeout-seconds
| |
Type | java.lang.Integer |
Default | 30 |
Description | Timeout for waiting on running threads on shutdown |
cap.server.unique-db-access-write-interval
| |
Type | java.lang.Integer |
Default | 0 |
Description | If unique DB access is checked and if this property is positive, this property determines the number of seconds between two writes of the current timestamp to the database to indicate the liveliness of the server; if 0 or negative the server neither writes a timestamp regularly nor expects a timestamp to be written; |
cap.server.use-strict-workflow
| |
Type | java.lang.Boolean |
Default | false |
Description | This property enforces the strict workflow mode. That is, the approver of a resource must be different from the editor. This is checked independently of the workflow engine, and should only be used in cases where a custom workflow definition is not an option. |
cap.server.userproviders
| |
Type | java.util.List<hox.corem.server.ServerConfigurationProperties$Userproviders> |
Default | |
Description | Configurations for UserProviders For details see hox.corem.server.ServerConfigurationProperties.Userproviders. |
cap.server.blobstore.s3.bucketname
| |
Type | java.lang.String |
Default | |
Description | The name of the S3 bucket that is used to store blobs. If this property is not specified, the S3 media store is not enabled. |
cap.server.blobstore.s3.rootdir
| |
Type | java.lang.String |
Default | |
Description | The name of an S3 path prefix, used to disambiguate multiple media stores in one S3 bucket. If possible, it is recommended to use separate buckets instead, improving performance by avoiding constant path prefixes. |
Table 4.7. Content Server Properties