Administration guide > Configure the deployment environment > Configuring clients
Client properties file
Sample client properties file
Use the sampleClient.properties file that is in the wxs_home/properties directory to create the properties file.
Client properties file
You can specify the client properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the client properties file, the properties in that file override the values in the objectGridClient.properties file that is in the class path.
- As a well-named file anywhere in the class path. Putting this file in the system current directory is not supported:
objectGridClient.properties
- As a system property in either a stand-alone or WAS configuration. This value can specify a file in the system current directory, but not a file in the class path:
-Dobjectgrid.client.props=file_name
- As a programmatic override using the ClientClusterContext.getClientProperties method. The data in the object is populated with the data from the properties files. You cannot configure security properties with this method.
Client properties
![[v7.1 and later]](./icons/v71x.gif)
listenerHost- Host name to which the ORB binds.
For a multiple network card configuration, set the listener host and port to let the Object Request Broker in the JVM know the IP address on which to bind. For the client, use the client properties file. If you do not specify which IP address to use, the following problems might occur: connection timeouts, unusual API failures, and clients that seem to hang.
- listenerPort
- Port number to which the ORB binds.
- preferLocalProcess
- This property is not currently used. It is reserved for future use.
- preferLocalHost
- This property is not currently used. It is reserved for future use.
- preferZones
- List of preferred routing zones. Each specified zone is separated by a comma in the form: preferZones=ZoneA,ZoneB,ZoneC
Default: no value
- requestRetryTimeout
- How long to retry a request (in milliseconds). Use one of the following valid values:
- A value of 0 indicates that the request
should fail fast and skip over the internal retry logic.
- A value of -1 indicates that the request
retry timeout is not set, meaning that the request duration is governed
by the transaction timeout. (Default)
- A value over 0 indicates the request entry timeout value in milliseconds. Exceptions that cannot succeed even if tried again such as a DuplicateException exception are returned immediately. The transaction timeout is still used as the maximum time to wait.
- A value of 0 indicates that the request
should fail fast and skip over the internal retry logic.
Security client properties
- securityEnabled
- Enables WebSphere eXtreme Scale client
security. This setting should match with the securityEnabled setting
in theWebSphere eXtreme Scale server properties
file. If the settings do not match, an exception results.
Default: false
Credential authentication configuration properties
- credentialAuthentication
- Client credential authentication support. Use one of the following valid values:
Never The client does not support credential authentication. Supported The client supports credential authentication if the server also supports credential authentication. (Default) Required The client requires credential authentication. - authenticationRetryCount
- Number of times that authentication is tried if the credential is expired. If the value is set to 0, attempts to authenticate are not tried again.
Default: 3
- credentialGeneratorClass
- Name of the class that implements the com.ibm.websphere.objectgrid.security.plugins.CredentialGenerator interface.
This class is used to get credentials for clients.
Default: no value
- credentialGeneratorProps
- Properties for the CredentialGenerator implementation class. The properties are set to the object with the setProperties(String) method. The credentialGeneratorprops value is used only if the value of the credentialGeneratorClass property is not null.
Transport layer security configuration properties
- transportType
- Client transport type. The possible values are:
TCP/IP Indicates that the client only supports TCP/IP connections. SSL-Supported Indicates that the client supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default) SSL-Required Indicates that the client requires SSL connections.
SSL configuration properties
- alias
- Alias name in the keystore. This property is used
if the keystore has multiple key pair certificates and to
select one of the certificates.
Default: no value - contextProvider
- Name of the context provider for the trust service.
If you indicate a value that is not valid, a security exception results
that indicates that the context provider type is incorrect.
Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.
- protocol
- Indicates the type of security protocol to use for the client. Set this protocol value based on which Java Secure Socket Extension (JSSE) provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.
Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.
- keyStoreType
- Indicates the type of keystore. If you indicate a value that is
not valid, a runtime security exception occurs.
Valid values: JKS, JCEK, PKCS12, and so on.
- trustStoreType
- Indicates the type of truststore. If you indicate a value that
is not valid, a runtime security exception results.
Valid values: JKS, JCEK, PKCS12, and so on.
- keyStore
- Fully qualified path to the keystore file.
Example:etc/test/security/client.private
- trustStore
- Fully qualified path to the truststore file.
Example:etc/test/security/server.public
- keyStorePassword
- String password to the keystore. You can encode this value or use the actual value.
- trustStorePassword
- String password to the truststore. You can encode this value or use the actual value.
Parent topic:
Configure clients
Related concepts
Configure clients with WebSphere eXtreme Scale
Enable the client invalidation mechanism
Plan for network ports
Security integration with external providers
Related tasks
Configure request retry timeout values
Stop secure servers
Stop stand-alone servers
Configure SSL parameters for clients or servers
Related information
ClientSecurityConfigurationFactory class