Quick Reference |
Note:
This section lists all EntireX Broker parameters. Not all parameters are
applicable to all supported operating
systems.
The Broker attribute file contains a series of parameters (attributes) that control the availability and characteristics of clients and servers, publishers and subscribers as well as of the Broker itself. You can customize the Broker environment by modifying the attribute settings.
This document covers the following topics:
The name and location of the broker attribute file is platform-dependent.
Platform | File Name/Location |
---|---|
z/OS | Member EXBATTR in the EntireX Broker source library. |
UNIX | File etbfile in directory <InstDir>/EntireX/config/etb/<BrokerName> (default) * |
Windows | File <BrokerName>.atr in directory <InstDir>\EntireX\config\etb\<BrokerName> (default) * |
BS2000/OSD | File ETB-ATTR in library EXX970.JOBS. |
z/VSE | Library member
ETBnnn.ATR, where
nnn is a placeholder specifying the broker instance (e.g.nnn = the assigned broker ID).
|
* |
When starting a broker manually, name and location of the broker attribute file can be overwritten with the environment variable
ETB_ATTR .
|
Each entry in the attribute file has the format:
ATTRIBUTE-NAME=value
The following rules and restrictions apply:
A line can contain multiple entries separated by commas.
Attribute names can be entered in mixed upper and lowercase.
Spaces between attribute names, values and separators are ignored.
Spaces in the attribute names are not allowed.
Commas and equal signs are not allowed in value notations.
Lines starting with an asterisk (*) are treated as comment lines. Within a line, characters following an * or # sign are also treated as comments.
The CLASS
keyword must be the first keyword in a service
definition.
Multiple services can be included in a single service definition section. The attribute settings will apply to all services defined in the section.
Multiple topics can be included in a single topic definition section. The attribute settings will apply to all topics defined in the section.
Attributes specified after the service definition (CLASS
, SERVER
,
SERVICE
keywords) overwrite the default
characteristics for the service.
Attributes specified after the topic definition (TOPIC
keyword) override the default characteristics for
the topic.
Attribute values can contain variables of the form
${variable name}
or
$variable name
:
Due to variations in EBCDIC codepages, braces should only be used on ASCII (UNIX or Windows) platforms or EBCDIC platforms using the IBM-1047 (US) codepage.
The variable name can contain only alphanumeric characters and the underscore (_) character.
The first non-alphanumeric or underscore character terminates the variable name.
under UNIX and Windows, the string
${variable name}
is replaced with the value of the corresponding environment
variable.
On z/OS, variable values are read from a file defined by the DD name
ETBVARS
. The syntax of this file is the same as the
attribute file.
If a variable has no value: if the variable name is enclosed in
braces, error 00210594 is given, otherwise
$variable name
will be used as the variable value.
If you encounter problems with braces (and this is quite possible in a z/OS environment), we suggest you omit the braces.
The broker-specific attribute section begins with the keyword
DEFAULTS=BROKER
. It contains attributes that apply to the broker.
At startup time, the attributes are read and duplicate or missing
values are treated as errors. When an error occurs, the broker stops
execution until the problem is corrected.
Tip:
To avoid resource shortages for your applications, be sure to specify
sufficiently large values for the broker attributes that define the global
resources.
Attribute | Values | Opt/ Req |
Operating System | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ABEND‑LOOP‑DETECTION |
YES | NO | O | z | u | w | v | b | |||||||||||
|
||||||||||||||||||
ABEND‑MEMORY‑DUMP |
YES | NO | O | z | u | w | v | b | |||||||||||
|
||||||||||||||||||
ACCOUNTING |
NO | 128-255 | O | z | |||||||||||||||
NO | YES [SEPARATOR=char] | O | u | w | v | b | |||||||||||||
Determines whether accounting records are created.
See also Accounting in EntireX Broker. |
||||||||||||||||||
ACCOUNTING‑VERSION |
1 | 2 | 3 | 4 | 5 | O | z | u | w | v | b | |||||||||||
Determines whether accounting records are created.
This parameter applies when
|
||||||||||||||||||
APPLICATION‑MONITORING or APPMON |
YES | NO | O | z | u | w | v | ||||||||||||
Enable application monitoring in EntireX Broker.
|
||||||||||||||||||
AUTOLOGON |
YES | NO | O | z | u | w | v | b | |||||||||||
|
||||||||||||||||||
BLACKLIST‑PENALTY‑TIME |
5m | n | n S | n M | n H | R | z | u | w | v | b | |||||||||||
Define the length of time a participant is placed on the
See Protecting a Broker against Denial-of-Service Attacks under z/OS | UNIX | Windows. |
||||||||||||||||||
BROKER‑ID |
A32 | R | z | u | w | v | b | |||||||||||
Identifies the broker to which the
attribute file applies. The broker ID must be unique per machine.
Note: |
||||||||||||||||||
CLIENT‑NONACT |
15M | n | nS | nM | nH | R | z | u | w | v | b | |||||||||||
Define the non-activity time for clients.
A client that does not issue a broker request within the specified time limit is treated as inactive and all resources for the client are freed. |
||||||||||||||||||
CMDLOG |
NO | YES | O | z | u | w | v | b | |||||||||||
|
||||||||||||||||||
CMDLOG‑FILE‑SIZE |
1024 | n | O | z | u | w | v | b | |||||||||||
Defines the maximum size of the file that the command log is written to, in kilobytes. The value must be 1024 or higher. The default value is 1024. When one command log file grows to this size, broker starts writing to the other file. For more details, see Command Logging in EntireX. | ||||||||||||||||||
CONTROL‑INTERVAL |
60s | n | nS | nM | nH | | O | z | u | w | v | b | |||||||||||
Defines the time interval of time-driven broker-to-broker calls.
|
||||||||||||||||||
CONV‑DEFAULT |
UNLIM | n | O | z | u | w | v | b | |||||||||||
Default number of conversations that are allocated for every service.
This value can be overridden by specifying a
|
||||||||||||||||||
DEFERRED |
NO | YES | O | z | u | w | v | b | |||||||||||
Disable or enable deferred processing of units of work.
|
||||||||||||||||||
DYNAMIC‑MEMORY‑MANAGEMENT |
YES | NO | O | z | u | w | v | b | |||||||||||
If you run your broker with attribute
Caution: |
||||||||||||||||||
DYNAMIC‑WORKER‑MANAGEMENT |
NO | YES | O | z | u | w | b | ||||||||||||
If you run broker with The attribute |
||||||||||||||||||
FORCE |
NO | YES | O | u | |||||||||||||||
Notes:
|
||||||||||||||||||
HEAP‑SIZE |
1024 | n | O | z | u | w | v | b | |||||||||||
Defines the size of the internal heap in KB. Not required if you are using |
||||||||||||||||||
ICU‑CONVERSION |
YES | NO | O | z | u | w | v | b | |||||||||||
Disable or enable ICU conversion. Default for z/VSE is
If any of the broker service definitions uses the
internationalization approach "ICU conversion", that is, the
conversion methods SAGTCHA and SAGTRPC are defined by the
service-specific or
topic-specific attribute
ICU requires additional storage to run properly. If ICU conversion
is not needed, setting |
||||||||||||||||||
ICU‑SET‑DATA‑DIRECTORY |
YES | NO | O | u | w | ||||||||||||||
Disable or enable ICU custom converter usage. Not defined for mainframe platforms.
|
||||||||||||||||||
IPV6 |
YES | NO | O | z | u | w | b | ||||||||||||
This attribute applies to EntireX version 9.0 and above. |
||||||||||||||||||
LONG‑BUFFER‑DEFAULT |
UNLIM | n | O | z | u | w | v | b | |||||||||||
Number of long buffers to be allocated for each service or topic.
This value can be overridden by specifying a
|
||||||||||||||||||
MAX‑MEMORY |
0 | n | nK | nM | nG | UNLIM | O | z | u | w | v | b | |||||||||||
Defines the upper limit of memory allocated by broker if
|
||||||||||||||||||
MAX‑MESSAGE‑LENGTH |
2147483647 | n | O | z | u | w | v | b | |||||||||||
Maximum message size that the broker kernel can process. This value is transport-dependent. The default value represents the highest positive number that can be stored in a four-byte integer. | ||||||||||||||||||
MAX‑MESSAGES‑IN‑UOW |
16 | n | O | z | u | w | v | b | |||||||||||
Maximum number of messages in a UOW (or publication). | ||||||||||||||||||
MAX‑MSG |
See MAX-MESSAGE-LENGTH .
|
|||||||||||||||||
MAX‑UOW‑MESSAGE‑LENGTH |
See MAX-MESSAGE-LENGTH .
|
|||||||||||||||||
MAX‑UOWS |
0 | n | O | z | u | w | v | b | |||||||||||
The maximum number of UOWs that can
be concurrently active broker-wide. The default value is 0 (zero), which means
that the broker will process only messages that are not part of a unit of work.
If UOW processing is to be done by any service, a MAX-UOWS value must be 1 or
larger for the broker.
The |
||||||||||||||||||
MESSAGE‑CASE |
NONE | UPPER | LOWER | O | z | u | w | v | b | |||||||||||
Indicates if certain error message texts returned by the broker to its clients or written by the broker to its log file are to be in mixed case, uppercase, or lowercase.
|
||||||||||||||||||
MUOW |
See NUM-UOW .
|
|||||||||||||||||
NEW‑UOW‑MESSAGES |
YES | NO | O | z | u | w | v | b | |||||||||||
This applies to UOW when using Persistence and should not be used for non-persistent UOWs. A usage example could be the following: The broker persistent store reaches capacity and the broker shuts
down. You can set |
||||||||||||||||||
NUM‑BLACKLIST‑ENTRIES |
256 | n | O | z | u | w | v | b | |||||||||||
Number of entries in the participant
blacklist. Default value is 256 entries. Together with
BLACKLIST-PENALTY-TIME and
PARTICIPANT-BLACKLIST , this attribute is used to protect a
broker running with SECURITY=YES against
denial-of-service attacks. See Protecting a Broker against Denial-of-Service Attacks under
z/OS |
UNIX |
Windows.
|
||||||||||||||||||
NUM‑CLIENT |
n | R | z | u | w | v | b | |||||||||||
Number of clients that can access the broker concurrently. A value of 0 (zero) is invalid. | ||||||||||||||||||
NUM‑CMDLOG‑FILTER |
1 | n | O | z | u | w | v | b | |||||||||||
Maximum number of filters that can
be specified simultaneously.
Tip: |
||||||||||||||||||
NUM‑COMBUF |
1 - 999999 | R | z | u | w | v | b | |||||||||||
Determines the maximum number of communication buffers available for processing commands arriving in the broker kernel. The size of one communication buffer is usually 16 KB split into 32 slots of 512 bytes, but it ultimately depends on the hardware architecture of your CPU. A value of 0 (zero) is invalid. | ||||||||||||||||||
NUM‑CONVERSATION or NUM-CONV |
n | AUTO | R | z | u | w | v | b | |||||||||||
Defines the number of conversations that can be active concurrently. The number specified should be high enough to account for both conversational and non-conversational requests. (Non-conversational requests are treated internally as one-conversation requests.)
Notes:
|
||||||||||||||||||
NUM‑LONG‑BUFFER or NUM-LONG |
n | AUTO | R | z | u | w | v | b | |||||||||||
Defines the number of long message containers. Long message containers have a fixed length of 4096 bytes and are used to store requests that are larger than 2048 bytes. Storing a request of 8192 bytes, for example, would require two long message containers.
A value of 0 (zero) is invalid. In non-conversational mode, message containers are released as soon as the client receives a reply from the server. If no reply is requested, message containers are released as soon as the server receives the client request. In conversational mode, the last message received is always kept until a new one is received. Notes:
|
||||||||||||||||||
NUM‑PUBLICATION |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the number of publications that can be active concurrently.
Notes:
|
||||||||||||||||||
NUM‑PARTICIPANT‑EXTENSION |
n | O | z | u | w | v | b | |||||||||||
Defines the number of participant extensions to link participants as clients and servers.
A value of 0 (zero) is invalid. |
||||||||||||||||||
NUM‑PUBLISHER |
n | O | z | u | w | v | b | |||||||||||
Number of publishers that can access the broker concurrently. A value of 0 (zero) is invalid. | ||||||||||||||||||
NUM‑SERVER |
n | AUTO | R | z | u | w | v | b | |||||||||||
Defines the number of servers that can offer services concurrently
using the broker. This is not the number of services that can be
registered to the broker (see
Notes:
|
||||||||||||||||||
NUM‑SERVICE |
n | R | z | u | w | v | b | |||||||||||
Defines the number of services that
can be registered to the broker. This is not the number of servers
that can offer the services (see NUM-SERVER ).
A value of 0 (zero) is invalid.
|
||||||||||||||||||
NUM‑SERVICE‑EXTENSION |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the number of service extensions to link servers to services.
The minimum value is Caution is recommended with this attribute:
|
||||||||||||||||||
NUM‑SHORT‑BUFFER or NUM-SHORT |
n | AUTO | R | z | u | w | v | b | |||||||||||
Defines the number of short message containers. Short message containers have a fixed length of 256 bytes and are used to store requests of no more than 2048 bytes. To store a request of 1024 bytes, for example, would require four short message containers.
Notes:
|
||||||||||||||||||
NUM‑SUBSCRIBER |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the number of subscribers that can be active concurrently.
A value of 0 (zero) is invalid. If a wildcard topic is defined in the topic-specific section of the attribute file, the value of AUTO is invalid. |
||||||||||||||||||
NUM‑SUBSCRIBER‑TOTAL |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the total number of subscribers that can be durably subscribed. Their subscription information is saved in the persistent store.
A value of 0 (zero) is invalid. This value must be greater than or
equal to the |
||||||||||||||||||
NUM‑TOPIC |
n | O | z | u | w | v | b | |||||||||||
Defines the number of topics that can be active in the broker. A value of 0 (zero) is invalid. |
||||||||||||||||||
NUM‑TOPIC‑EXTENSION |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the number of topic extensions to link subscribers to topics.
The minimum value is Caution is recommended with this attribute.
|
||||||||||||||||||
NUM‑TOPIC‑TOTAL |
n | AUTO | O | z | u | w | v | b | |||||||||||
Defines the total number of topics for which durable subscribers are allowed.
This value must be greater than or equal to the
|
||||||||||||||||||
NUM‑UOW |
0 | n | O | z | u | w | v | b | |||||||||||
The maximum number of UOWs that can
be concurrently active broker-wide. The default value is 0 (zero), which means
that the broker will process only messages that are not part of a unit of work.
If UOW processing is to be done by any service, a
NUM-UOW value must be 1 or larger for the
broker. (MAX-UOWS is an alias for this
attribute.)
The |
||||||||||||||||||
NUM‑WORKER |
1 | n (max. 10) | R | z | u | w | v | b | |||||||||||
Number of worker tasks that the
broker can use. The number of worker tasks determines the number of functions
(SEND , RECEIVE ,
REGISTER , etc.) that can be processed concurrently.
At least one worker task is required; this is the default value.
|
||||||||||||||||||
NUM‑WQE |
1 - 32768 | R | z | u | w | v | b | |||||||||||
Maximum number of requests that can
be processed by the broker in parallel, over all transport mechanisms.
Each broker command is assigned a worker queue element, regardless of the transport mechanism being used. This element is released when the user has received the results of the command, including the case where the command has timed out. |
||||||||||||||||||
PARTICIPANT‑BLACKLIST |
YES | NO | R | z | u | w | v | b | |||||||||||
Determines whether participants attempting a denial-of-service attack on the broker are to be put on a blacklist.
See Protecting a Broker against Denial-of-Service Attacks under z/OS | UNIX | Windows. |
||||||||||||||||||
PARTNER‑CLUSTER‑ADDRESS |
A32 | R | z | u | w | v | b | |||||||||||
This is the address of the load/unload broker in transport-method-style.
Transport methods TCP and SSL are supported. See Transport-method-style Broker ID for more details. This attribute is
required if the attribute |
||||||||||||||||||
POLL |
YES | NO | O | z | u | v | |||||||||||||
In earlier EntireX versions, the maximum number of TCP/IP connections per communicator was limited; see Maximum TCP/IP Connections per Communicator for platform-specific list.
With attribute
Note: |
||||||||||||||||||
PSTORE |
NO | HOT | COLD | O | z | u | w | v | b | |||||||||||
Defines the status of the persistent store at broker startup,
including the condition of persistent units of work (UOWs). With any value
other than "NO",
Note: |
||||||||||||||||||
PSTORE‑REPORT |
NO | YES | O | z | u | w | v | b | |||||||||||
Determines whether PSTORE report is created.
See also Persistent Store Report. |
||||||||||||||||||
PSTORE‑TYPE |
DIV (z/OS) | CTREE (UNIX, Windows) | Adabas (all platforms) | FILE (UNIX, Windows) | O | z | u | w | v | b | |||||||||||
Describes the type of persistent store driver required.
|
||||||||||||||||||
PSTORE‑VERSION |
2 | 3 | 4 | O | z | u | w | v | b | |||||||||||
Determines the version of the persistent store.
The DIV PSTORE requires Caution:
|
||||||||||||||||||
PUBLICATION‑DEFAULT |
n | UNLIM | O | z | u | w | v | b | |||||||||||
Default number of publications that are allocated for every topic.
This value can be overridden by specifying a
|
||||||||||||||||||
PUBLICATION‑LIFETIME |
n | nS | nM | nH | nD | nY | O | z | u | w | v | b | |||||||||||
Lifetime of a publication in absolute time units. Publications are retained by broker until they are either received by all subscribers or the publication lifetime has expired.
The publication lifetime is calculated even for periods of time when broker is stopped. |
||||||||||||||||||
PUBLISH‑AND‑SUBSCRIBE |
YES | NO | O | z | u | w | v | b | |||||||||||
Run publish and subscribe subsystem. Subsystem requires a license. | ||||||||||||||||||
RUN‑MODE |
STANDARD | STANDBY | PSTORE-LOAD | PSTORE-UNLOAD | O | z | u | w | v | b | |||||||||||
Determines the initial run mode of the broker.
|
||||||||||||||||||
SECURITY |
NO | YES | O | z | u | w | v | b | |||||||||||
Determines whether the EntireX Broker security exits are activated.
Broker trace reports the type of security which is active and from where the security module USRSEC is loaded:
|
||||||||||||||||||
SECURITY‑PATH |
A255 | O | z | u | w | b | ||||||||||||
Full path and file name of an
executable file (for example, DLL for Windows or shared library for UNIX)
containing the user security exit which the kernel will load and call. Example:
SECURITY-PATH=usersec.dll This assumes the DLL is in the default path. Or: SECURITY-PATH=c:\brokerexit\yoursecu.dll If the path name contains spaces, enclose it in quotation marks. Example: SECURITY-PATH="c:\Software AG\broker exit\yoursecu.dll" Note: |
||||||||||||||||||
SERVER‑DEFAULT |
n | UNLIM | O | z | u | w | v | b | |||||||||||
Default number of servers that are allowed for every service.
This value can be overridden by specifying a
|
||||||||||||||||||
SERVICE‑UPDATES |
YES | NO | O | z | u | w | v | b | |||||||||||
Switch on/off the automatic update mode of the broker.
|
||||||||||||||||||
SHORT‑BUFFER‑DEFAULT |
UNLIM | n | O | z | u | w | v | b | |||||||||||
Number of short buffers to be allocated for each service.
This value can be overridden by specifying a
|
||||||||||||||||||
SSLPORT |
See PORT .
|
|||||||||||||||||
SSL‑RESTART |
See RESTART .
|
|||||||||||||||||
SSL‑RETRY‑LIMIT |
See RETRY-LIMIT .
|
|||||||||||||||||
SSL‑RETRY‑TIME |
See RETRY-TIME .
|
|||||||||||||||||
SSTORE SSTORE‑TYPE |
These parameters are obsolete. The
subscriber store in a secondary store is no longer supported. We recommend you
use the PSTORE persistent store to store your subscriber data. For this, set
broker-specific parameter
SUBSCRIBER-STORE=PSTORE .
|
|||||||||||||||||
STORAGE‑REPORT |
NO | YES | O | z | u | w | v | b | |||||||||||
Create a storage report about broker memory usage.
See Storage Report. |
||||||||||||||||||
STORE |
OFF | BROKER | O | z | u | w | v | b | |||||||||||
Sets the default STORE attribute for all units of work. This
attribute can be overridden by the
|
||||||||||||||||||
SUBSCRIBER‑DEFAULT |
n | UNLIM | O | z | u | w | v | b | |||||||||||
Default number of subscribers that are allowed for every topic.
This value can be overridden by specifying a
|
||||||||||||||||||
SUBSCRIBER‑STORE |
NO | PSTORE | O | z | u | w | v | b | |||||||||||
Determines whether subscriber information is stored and where.
Tip: |
||||||||||||||||||
TCPPORT |
See PORT .
|
|||||||||||||||||
SWAP‑OUT‑NEW‑UOWS |
NO | YES | O | z | u | w | v | b | |||||||||||
Determines whether conversations with units of work remain in memory or are swapped. See also Swapping out New Units of Work.
Note: See also Swapping out New Units of Work. |
||||||||||||||||||
TCP‑RESTART |
See RESTART .
|
|||||||||||||||||
TCP‑RETRY‑LIMIT |
See RETRY-LIMIT .
|
|||||||||||||||||
TCP‑RETRY‑TIME |
See RETRY-TIME .
|
|||||||||||||||||
TOPIC‑UPDATES |
YES | NO | O | z | u | w | v | b | |||||||||||
Switch on/off automatic update of topic defaults in the broker.
|
||||||||||||||||||
TRACE‑DD |
A255 | O | z | |||||||||||||||
A string containing data set attributes enclosed in quotation marks. These attributes describe the trace output file and must be defined if you are using using a GDG (generation data group) as output data set. See Flushing Trace Data to a GDG Data Set under Tracing EntireX Broker. The following keywords are supported as part of the
Refer to your JCL Reference Manual for a complete description of the syntax. Example: TRACE-DD = "DSNAME=EXX.GDG, DCB=(BLKSIZE=1210,DSORG=PS,LRECL=121,RECFM=FB), DISP=(NEW,CATLG,CATLG), SPACE=(CYL,(100,10)), STORCLAS=SMS" |
||||||||||||||||||
TRACE‑LEVEL |
0 - 4 | O | z | u | w | v | b | |||||||||||
The level of tracing to be performed while the broker is running.
If you modify the Trace levels 2, 3, and 4 should be used only when requested by Software AG support. |
||||||||||||||||||
TRANSPORT |
TCP-NET | TCP | SSL | NET | O | z | v | b | |||||||||||||
TCP | SSL | O | u | w | |||||||||||||||
The broker transport may be specified as any combination of one or more of the following methods:
Examples:
The parameters for each transport method are described in the respective section: TCP | SSL | NET. |
||||||||||||||||||
TRAP‑ERROR |
nnnn | O | z | u | w | b | ||||||||||||
Where nnnn is the four-digit API error number that triggers the trace handler, for example 0007 (Service not registered). Leading zeros are not required. There is no default value. |
||||||||||||||||||
TRBUFNUM |
n | O | z | u | w | b | ||||||||||||
Changes the trace to write trace data to internal trace buffers. n is the size of the trace buffer in 64 KB units. There is no default value. |
||||||||||||||||||
TRMODE |
WRAP | O | z | u | w | b | ||||||||||||
Changes the trace mode. "WRAP" is the
only possible value. This value instructs broker to write the trace buffer (see |
||||||||||||||||||
UMSG |
See |
|||||||||||||||||
UOW‑MSGS |
See |
|||||||||||||||||
UWSTAT‑LIFETIME |
no value | n[S] | nM | nH | nD | O | z | u | w | v | b | |||||||||||
The value to be added to the
The lifetime determines how much additional time the UOW status is
retained in the persistent store and is calculated from the time at which the
associated UOW enters any of the following statuses:
"PROCESSED", "TIMEOUT",
"BACKEDOUT", "CANCELLED",
"DISCARDED". The additional lifetime of the UOW
status is calculated only when broker is executing. Value in
Note: |
||||||||||||||||||
UWSTATP |
0 | n | O | z | u | w | v | b | |||||||||||
Contains a multiplier used to compute the lifetime of a persistent
status for the service. The
Note: |
||||||||||||||||||
UWTIME |
1D | nS | nM | nH | nD | O | z | u | w | v | b | |||||||||||
Defines the default lifetime for units of work for the service.
If the UOW is inactive - that is, is not processed within the time
limit - it is deleted and given a status of
"TIMEOUT". This attribute can be overridden by the
|
||||||||||||||||||
WAIT‑FOR‑ACTIVE‑PSTORE |
NO | YES | O | z | u | w | v | b | |||||||||||
Determines whether broker should wait for the Adabas Persistent Store to become active.
|
||||||||||||||||||
WORKER‑MAX |
32 | n (min. 1, max. 32) | O | z | u | w | b | ||||||||||||
Maximum number of worker tasks the broker can use. |
||||||||||||||||||
WORKER‑MIN |
1 | n (min. 1, max. 32) | O | z | u | w | b | ||||||||||||
Minimum number of worker tasks the broker can use. |
||||||||||||||||||
WORKER‑NONACT |
70S n | nS | nM | nH | O | z | u | w | b | ||||||||||||
Non-activity time to elapse before
a worker tasks is stopped.
Caution: |
||||||||||||||||||
WORKER‑QUEUE‑DEPTH |
1 | n (min. 1) | O | z | u | w | b | ||||||||||||
Number of unassigned user requests in the input queue before another worker task gets started. The default and recommended value is 1. A higher value will result in longer broker response times. |
||||||||||||||||||
WORKER‑START‑DELAY |
internal-value | n | O | z | u | w | b | ||||||||||||
Delay after a successful worker task invocation before another worker task can be started to handle current incoming workload. This attribute is used to avoid the risk of recursive invocation of worker tasks, because starting a worker task itself causes workload increase. If no value is specified, an internal value calculated by the broker is used to optimize dynamic worker management. This calculated value is the maximum time required to start a worker task. |
Each section begins with the keyword DEFAULTS=SERVICE
.
Services with common attribute values can be grouped together. The attributes
defined in the grouping apply to all services specified within it. However, if
a different attribute value is defined immediately following the service
definition, that new value applies. See also the sections
Wildcard Service Definition and
Service Update Modes below the table.
Attribute | Values | Opt/ Req |
Operating System | |||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
APPLICATION‑MONITORING orAPPMON |
YES | NO | O | z | u | w | v | ||||||||||||||||||||
|
||||||||||||||||||||||||||
APPLICATION‑MONITORING‑NAME orAPPMON-NAME |
A100 | O | z | u | w | v | ||||||||||||||||||||
Specifies the application
monitoring name. Used to set the value of the
ApplicationName KPI.
If omitted, the default value from the
|
||||||||||||||||||||||||||
CLASS |
A32 (case-sensitive) | R | z | u | w | v | b | |||||||||||||||||||
Part of the name that identifies the
service together with the SERVER and
SERVICE attributes.
CLASS must be specified first, followed
immediately by SERVER and
SERVICE .
Classes starting with any of the following are reserved for use by
Software AG and should not be used in customer-written applications: BROKER,
SAG, ENTIRE, ETB, RPC, ADABAS, NATURAL. Valid characters for class name are letters a-z, A-Z, numbers 0-9, hyphen and
underscore. Do not use dollar, percent, period or comma. See also the restriction for
|
||||||||||||||||||||||||||
CLIENT‑RPC‑AUTHORIZATION |
N | Y | O | z | b | ||||||||||||||||||||||
Determines whether this service is
subject to RPC authorization checking.
To allow conformity with Natural Security, the
|
||||||||||||||||||||||||||
CONV‑LIMIT |
UNLIM | n | O | z | u | w | v | b | |||||||||||||||||||
Allocates a number of conversations especially for this service.
A value of 0 (zero) is invalid. |
||||||||||||||||||||||||||
CONV‑NONACT |
5M | n | nS | nM | nH | R | z | u | w | v | b | |||||||||||||||||||
Non-activity time for connections.
A value of 0 (zero) is invalid. If a connection is not used for the specified time, that is, a server or a client does not issue a broker request that references the connection in any way, the connection is treated as inactive and the allocated resources are freed. |
||||||||||||||||||||||||||
CONVERSION |
Format: A255
|
O | z | u | w | v | b | |||||||||||||||||||
Defines conversion for internationalization. See Internationalization with EntireX and What is the Best Internationalization Approach to use? for help on making decisions about the internationalization approach.
Only one internationalization approach can be active at one time for
a service. The Notes:
TRACE
If tracing is switched on, the trace output is written to the broker log file:
OPTION
See table of possible values under |
||||||||||||||||||||||||||
DEFERRED |
NO | YES | O | z | u | w | v | b | |||||||||||||||||||
|
||||||||||||||||||||||||||
ENCRYPTION‑LEVEL |
0 | 1 | 2 | O | z | u | w | v | b | |||||||||||||||||||
Enforce encryption when data is transferred between client and server.
See also Note: |
||||||||||||||||||||||||||
LOAD‑BALANCING |
YES | NO | O | z | u | w | v | b | |||||||||||||||||||
|
||||||||||||||||||||||||||
LONG‑BUFFER‑LIMIT |
UNLIM | n | O | z | u | w | v | b | |||||||||||||||||||
Allocates a number of long message buffers for the service.
A value of 0 (zero) is invalid. If
|
||||||||||||||||||||||||||
MAX‑MESSAGES‑IN‑UOW |
16 | n | O | z | u | w | v | b | |||||||||||||||||||
Maximum number of messages in a UOW. | ||||||||||||||||||||||||||
MAX‑MESSAGE‑LENGTH |
2147483647 | n | O | z | u | w | b | ||||||||||||||||||||
Maximum message size that can be sent to a service. This is transport-dependent. The default value represents the highest positive number that can be stored in a four-byte integer. |
||||||||||||||||||||||||||
MAX‑MSG |
See |
|||||||||||||||||||||||||
MAX‑UOW‑MESSAGE‑LENGTH |
See |
|||||||||||||||||||||||||
MAX‑UOWS |
0 | n | O | z | u | w | v | b | |||||||||||||||||||
Specify |
||||||||||||||||||||||||||
MIN‑UOW‑CONVERSATIONS‑IN‑MEMORY |
256 | n | O | z | u | w | v | b | |||||||||||||||||||
Defines the minimum number of UOW conversations (
Note: |
||||||||||||||||||||||||||
MUOW |
See |
|||||||||||||||||||||||||
NOTIFY‑EOC |
NO | YES | O | z | u | w | v | b | |||||||||||||||||||
Specifies whether timed-out conversations are to be stored or discarded.
If a server is not ready to receive an EOC notification, it can be stored or discarded. If it is stored, the server is notified, if possible, when it is ready to receive. Caution: |
||||||||||||||||||||||||||
NUM‑UOW |
Alias for |
|||||||||||||||||||||||||
SERVER |
A32 (case-sensitive) | R | z | u | w | v | b | |||||||||||||||||||
Part of the name that identifies the service together with the
Valid characters for server name are letters a-z, A-Z, numbers 0-9, hyphen and underscore. Do not use dollar, percent, period or comma. |
||||||||||||||||||||||||||
SERVER‑DEFAULT |
n | UNLIM | O | z | u | w | v | b | |||||||||||||||||||
Default number of servers that are allowed for every service.
A value of 0 (zero) is invalid. This value can be overridden by specifying a |
||||||||||||||||||||||||||
SERVER‑LIMIT |
n | UNLIM | O | z | u | w | v | b | |||||||||||||||||||
Allows a number of servers especially for this service.
A value of 0 (zero) is invalid. If |
||||||||||||||||||||||||||
SERVER‑NONACT |
5M | n | nS | nM | nH | R | z | u | w | v | b | |||||||||||||||||||
Non-activity time for servers. A server that does not issue a broker request within the specified time limit is treated as inactive and all resources for the server are freed.
If a server registers multiple services, the highest value of all the services registered is taken as non-activity time for the server. |
||||||||||||||||||||||||||
SERVICE |
A32 (case-sensitive) | R | z | u | w | v | b | |||||||||||||||||||
Part of the name that identifies the service together with the
The |
||||||||||||||||||||||||||
SHORT‑BUFFER‑LIMIT |
UNLIM | n | O | z | u | w | v | b | |||||||||||||||||||
Allocates a number of short message buffers for the service.
If |
||||||||||||||||||||||||||
STORE |
OFF | BROKER | O | z | u | w | v | b | |||||||||||||||||||
Sets the default
This attribute can be overridden by the |
||||||||||||||||||||||||||
TRANSLATION |
Format: A255
SAGTCHA | NO | <name> |
O | z | u | w | v | b | |||||||||||||||||||
Activates translation or translation user exit for internationalization (see Translation User Exit). For help on deciding the right internationalization approach for your environment, see What is the Best Internationalization Approach to use?
The |
||||||||||||||||||||||||||
UMSG |
Alias for |
|||||||||||||||||||||||||
UOW‑MSGS |
Alias for |
|||||||||||||||||||||||||
UWSTAT‑LIFETIME |
no value | n[S] | nM | nH | nD | O | z | u | w | v | b | |||||||||||||||||||
The value to be added to the
The lifetime determines how much additional time the UOW status is
retained in the persistent store and is calculated from the time at which the
associated UOW enters any of the following statuses:
"PROCESSED", "TIMEOUT",
"BACKEDOUT", "CANCELLED",
"DISCARDED". The additional lifetime of the UOW
status is calculated only when broker is executing. Value in
Note: |
||||||||||||||||||||||||||
UWSTATP |
0 | n | O | z | u | w | v | b | |||||||||||||||||||
Contains a multiplier used to compute the lifetime of a persistent
status for the service. The
Note: |
||||||||||||||||||||||||||
UWTIME |
1D | n S | n M | n H | nD | O | z | u | w | v | b | |||||||||||||||||||
Defines the default lifetime for units of work for the service.
If the unit of work (UOW) is inactive, that is, not processed within
the time limit, it is deleted and given a status of
|
The special names of CLASS = *
,
SERVER = *
and SERVICE =
*
are allowed in the service-specific section of the broker
attribute file. These are known as "wildcard" service definitions. If this name
is present in the attribute file, any service that registers with the broker
and does not have its own entry in the attribute file will inherit the
attributes that apply to the first wildcard service definition found.
For example, a server that registers with
CLASS=ACLASS
,
SERVER=ASERVER
and
SERVICE=ASERVICE
can inherit attributes from any
of the following entries in the attribute file (this list is not necessarily
complete):
CLASS = *, SERVER = ASERVER, SERVICE = ASERVICE CLASS = ACLASS, SERVER = *, SERVICE = * CLASS = *, SERVER = *, SERVICE = *
Of course, if there is a set of attributes that are specifically defined
for CLASS=ACLASS
,
SERVER=ASERVER
,
SERVICE=ASERVICE
, then all of the wildcard
service definitions will be ignored in favor of the exact matching
definition.
EntireX has two modes for handling service-specific attributes. See broker-specific attribute SERVICE-UPDATES
.
In service update mode
(SERVICE-UPDATES=YES
), the service configuration
sections of the attribute file are read whenever the first replica of a
particular service registers.
In non-update mode
(SERVICE-UPDATES=NO
), the attribute file is not
reread. All attributes are read during startup and the broker does not honor
any changes in the attribute file. This mode is useful if
there is a high frequency of REGISTER
operations, or
the attribute file is rather large and results in a high I/O rate for the broker.
The disadvantage to using non-update mode is that if specific attributes are modified, the broker must be restarted to effect the changes. Generally, this mode should be used only if the I/O rate of the broker is considerably high, and if the environment seldom changes.
The different option values allow you to either handle character conversion deficiencies as errors, or to ignore them:
Do not ignore any character conversion errors and force an error
always (value STOP
). This is the default behavior.
Ignore if characters can not be converted into the receiver's
codepage, but force an error if sender characters do not match the sender's
codepage (value SUBSTITUTE-NONCONV
).
Ignore any character conversion errors (values SUBSTITUTE
and
BLANKOUT
).
The situations 1 and 2 above are reported to the broker log file if
TRACE
option for CONVERSION
is set to level 1.
Value | Description | Options Supported for | Report Situation in Broker Log File if TRACE Option for CONVERSION is set to 1
|
||
---|---|---|---|---|---|
SAGTCHA | SAGTRPC | Bad Input Characters (Sender's Codepage) | Non-convertible Characters (Receiver's Codepage) | ||
SUBSTITUTE |
Substitutes both non-convertible characters (receiver's codepage) and bad input characters (sender's codepage) with a codepage-dependent default replacement character. | yes | yes | No message. | No message |
SUBSTITUTE-NONCONV |
If a corresponding code point is not available in the receiver's codepage, the character cannot be converted and is substituted with a codepage-dependent default replacement character. Bad input characters in sender's codepage are not substituted and result in an error. | yes | yes | Write detailed conversion error message. | No message. |
BLANKOUT |
Substitutes non-convertible characters with a codepage-dependent default replacement; blanks out the complete RPC IDL field containing one or more bad input characters. | no | yes | No message. | No message. |
STOP |
Signals an error on detecting a non-convertible or bad input character. This is the default behavior if no option is specified. | yes | yes | Write detailed conversion error message. | Write detailed conversion error message. |
The topic-specific attribute section begins with the keyword
DEFAULTS=TOPIC
as shown in the sample attribute file. It contains
attributes that apply to the publish and subscribe communication model.
Attribute | Values | Opt/ Req |
Operating System | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ALLOW‑DURABLE |
YES | NO | O | z | u | w | v | b | |||||||||||||||
Determines whether a subscriber is allowed to perform a durable subscription to a topic.
If users are allowed to durably subscribe to any topic, you must
specify a value for the |
||||||||||||||||||||||
ALLOW‑USER‑SUBSCRIBE |
YES | NO | O | z | u | w | v | b | |||||||||||||||
Determines if it is possible for a user to subscribe to a topic directly (YES) or only by Administrator.
|
||||||||||||||||||||||
AUTO‑COMMIT‑FOR‑SUBSCRIBER |
NO | YES | O | z | u | w | v | b | |||||||||||||||
|
||||||||||||||||||||||
CONVERSION |
Format: A255 | O | z | u | w | v | b | |||||||||||||||
Defines conversion for internationalization. See Internationalization with EntireX. For help on making decisions about the internationalization approach, see What is the Best Internationalization Approach to use?
Only one internationalization approach can be active at one time for
a topic. The TRACE
If tracing is switched on, the trace output is written to the broker log file:
OPTION
See |
||||||||||||||||||||||
LONG‑BUFFER‑LIMIT |
UNLIM | n | O | z | u | w | v | b | |||||||||||||||
Allocates a number of long message buffers for the topic.
A value of 0 (zero) is invalid. If
|
||||||||||||||||||||||
MAX‑MESSAGES‑IN‑PUBLICATION |
16 | n | O | z | u | w | v | b | |||||||||||||||
Maximum number of messages in a publication. |
||||||||||||||||||||||
MAX‑PUBLICATION‑MESSAGE‑LENGTH |
31647 | n | O | z | u | w | v | b | |||||||||||||||
Maximum size of a message in a publication. The actual publication size is transport-dependent. |
||||||||||||||||||||||
PUBLICATION‑LIFETIME |
n | nS | nM | nH | nD | nY | O | z | u | w | v | b | |||||||||||||||
Lifetime of a publication in absolute time units. Publications are retained by broker until they are either received by all subscribers or the publication lifetime has expired.
The publication lifetime is calculated even for periods of time when broker is stopped. |
||||||||||||||||||||||
PUBLICATION‑LIMIT |
n | UNLIM | O | z | u | w | v | b | |||||||||||||||
There is no default. Maximum number of publications possible for
this topic. If specified, this overrides the publication default value, which
is a general maximum value per topic. If neither parameter is specified, the
total number of publications for the topic is limited only by
A value of 0 (zero) is invalid. If |
||||||||||||||||||||||
PUBLISHER‑NONACT |
5M | n | nS | nM | nH | nD | nY | O | z | u | w | v | b | |||||||||||||||
Non-activity of the publisher, after which an auto-logoff is performed and the publisher's resources are freed.
If not specified, defaults to 5 minutes. This is the time after which the publisher's internal memory structures will be cleaned up and a subsequent logon is required. |
||||||||||||||||||||||
SHORT‑BUFFER‑LIMIT |
UNLIM | n | O | z | u | w | v | b | |||||||||||||||
Allocates a number of short message buffers for the topic.
A value of 0 (zero) is invalid. If
|
||||||||||||||||||||||
SSTORE SSTORE‑TYPE |
These parameters are obsolete. The
subscriber store in a secondary store is no longer supported. We recommend you
use the primary persistent store (PSTORE ) to
store your subscriber data. For this, set broker-specific parameter
SUBSCRIBER-STORE=PSTORE .
|
|||||||||||||||||||||
SUBSCRIBER‑LIMIT |
n | UNLIM | O | z | u | w | v | b | |||||||||||||||
There is no default. Maximum number of subscriptions possible for
this topic. If specified, this overrides the subscriber default value, which is
a general maximum value per topic. If neither parameter is specified, the total
number of subscribers for the topic is limited only by
A value of 0 (zero) is invalid. If
|
||||||||||||||||||||||
SUBSCRIBER‑NONACT |
5M | n | nS | nM | nH | nD | nY | O | z | u | w | v | b | |||||||||||||||
Non-activity of the subscriber after which an auto-logoff is performed and the publisher's resources are freed.
In the case of a non-durable subscriber, the user's subscription is
also cancelled. In the case of a durable subscriber, the user's subscription is
persisted, and it is not necessary for the user to issue any subsequent
If not specified, defaults to 5 minutes. This is the time after which the subscriber's internal memory structures will be cleaned up and a subsequent logon is required. |
||||||||||||||||||||||
SUBSCRIPTION‑EXPIRATION |
NEVER | n | nS | nM | nH | nD | nY | O | z | u | w | v | b | |||||||||||||||
Lifetime of a user's subscription in absolute time units.
Subscriptions are retained by broker until either the user issues an
Durable subscriptions remain effective even if the user performs the
If |
||||||||||||||||||||||
TOPIC |
A96 (case-sensitive) | R | z | u | w | v | b | |||||||||||||||
Name of the topic for publish and subscribe processing. Valid characters for topic name are letters a-z, A-Z, numbers 0-9, hyphen and underscore. Do not use dollar, percent, period or comma. |
||||||||||||||||||||||
TRANSLATION |
Format: A255
SAGTCHA | NO | <name> |
O | z | u | w | v | b | |||||||||||||||
Activates translation or translation user exit for internationalization (see Translation User Exit). See also What is the Best Internationalization Approach to use?
The |
The codepage-specific attribute section begins with the keyword
DEFAULTS=CODEPAGE
as shown in the sample attribute file. You can
use the attributes in this section to customize the broker's locale string
defaults and customize the mapping of locale strings to codepages for the
internationalization approaches ICU conversion and SAGTRPC user exit. These
attributes do not apply to other approaches. See Internationalization with EntireX for more
information.
Attribute | Values | Opt/ Req |
Operating System | ||||
---|---|---|---|---|---|---|---|
DEFAULT_ASCII |
Any ICU converter name or alias. See also Additional Notes below. | O | z | u | w | v | b |
Customize the broker's locale string defaults by assigning the default codepage for EntireX components (client or server, publisher or subscriber). See Broker's Locale String Defaults. This value is used instead of the broker's locale string defaults if
Example: DEFAULTS=CODEPAGE /* Broker Locale String Defaults */ DEFAULT_ASCII=windows-950 For more examples, see Configuring Broker's Locale String Defaults and also Additional Notes below. |
|||||||
DEFAULT_EBCDIC_IBM |
Any ICU converter name or alias | O | z | u | w | v | b |
Customize the broker's locale string defaults by assigning the default codepage for EntireX components (client or server, publisher or subscriber). See Broker's Locale String Defaults. This value is used instead of the broker's locale string defaults if
Example: DEFAULT=CODEPAGE DEFAULT_EBCDIC_IBM=ibm-937 For more examples, see Configuring Broker's Locale String Defaults and also Additional Notes below. |
|||||||
DEFAULT_EBCDIC_SNI |
Any ICU converter name or alias | O | z | u | w | v | b |
Customize the broker's locale string defaults by assigning the default codepage for EntireX components (client or server, publisher or subscriber). See Broker's Locale String Defaults. This value is used instead of the locale string defaults if
Example: DEFAULT=CODEPAGE DEFAULT_EBCDIC_SNI= bs2000-edf03drv For more examples, see Configuring Broker's Locale String Defaults and also Additional Notes below. |
|||||||
locale‑string |
Any ICU converter name or alias. See also Additional Notes below. | O | z | u | w | v | |
Customize the mapping of locale strings to codepages and bypass the broker's locale string processing mechanism. See Broker's Locale String Processing. This is useful:
The attribute (locale string) is the locale string sent by your EntireX component (client or server, publisher or subscriber) and the value is the codepage that you want to use in place of that locale string. In the first line of the example below, the client or server application sends ASCII as a locale string; the broker maps this to the codepage ISO 8859_1. In the same way EUC_JP_LINUX is mapped to ibm-33722_P12A-1999. All other locale strings are mapped by the broker's mapping mechanism, see Broker's Built-in Locale String Mapping. Example: DEFAULTS=CODEPAGE /* Broker Locale String Codepage Assignments */ ASCII=ISO8859 EUC_JP_LINUX=ibm-33722_P12A-1999 /* Customer-written ICU converters */ CP1140=myebcdic CP0819=myascii For more examples, see Bypassing Broker's Built-in Locale String Mapping and also Additional Notes below. |
Locale string matching is case insensitive when bypassing the broker's built-in mechanism, that is, when the broker examines the codepages section in the attribute file.
If ICU is used for the internationalization approach and if the style in not known by ICU, e.g. ECSnnnn, <ll>_<cc> etc., the name will be mapped to a suitable ICU alias. For more details on the mapping mechanism, see Broker's Built-in Locale String Mapping. For more details on ICU and ICU converter name standards, see ICU Resources.
If SAGTRPC user exit is used for the internationalization approach, we recommend assigning the codepage in the form CP<nnnnn>. To determine the number given to SAGTRPC user exit, see Broker's Built-in Locale String Mapping.
See CONVERSION
and CONVERSION
attribute
CONVERSION
on this page for the
internationalization approach in use.
The Adabas SVC/Entire Net-Work-specific attribute section begins with the
keyword DEFAULTS=NET
as shown in the sample attribute file. The
attributes in this section are needed to execute the Adabas SVC/Entire Net-Work
communicator of the EntireX Broker kernel.
Note:
This section applies to mainframe platforms only. It does not apply to
UNIX and Windows.
The security-specific attribute section begins with the keyword
DEFAULTS=SECURITY
as shown in the sample attribute file. This
section applies only if broker-specific attribute SECURITY=YES
is specified.
Attribute | Values | Opt/ Req |
Operating System | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
ACCESS‑SECURITY‑SERVER |
NO | YES | O | b | |||||||||
Determines where authentication is checked.
|
||||||||||||
APPLICATION‑NAME |
A8 | O | z | |||||||||
Specifies the name of the application to be checked if RDEFINE APPL BROKER UACC(NONE) PERMIT BROKER CLASS(APPL) ID(DOE) ACCESS(READ) SETROPTS CLASSACT(APPL) See attribute |
||||||||||||
AUTHENTICATION‑TYPE |
OS | ldapUrl | O | z | u | w | b | ||||||
If no port number is specified, the default is the standard LDAP
port number 389 for TCP transport. Examples for TCP and SSL/TLS: |
||||||||||||
AUTHORIZATIONDEFAULT |
YES | NO | O | u | w | ||||||||
Determines whether access is granted to a specified service if the specified could not be found listed in the repository of authorization rules.
Applies only when using EntireX Security under UNIX and Windows.
Authorization rules can be stored within a repository. When an authorization
call occurs, EntireX Security uses the values of this parameter and
See also Administering Authorization Rules using System Management Hub under UNIX | Windows. |
||||||||||||
AUTHORIZATIONRULE |
A32 | O | u | w | ||||||||
List of authorization rules. Multiple sets of rules can be defined,
each set is limited to 32 chars. The maximum number of Applies only when using EntireX Security under UNIX or Windows.
Authorization rules can be stored within a repository. When an authorization
call occurs, EntireX Security uses the values of this parameter and
See also Administering Authorization Rules using System Management Hub under UNIX | Windows. |
||||||||||||
CHECK‑IP‑ADDRESS |
YES | NO | O | z | |||||||||
Determines whether the TCP/IP address of the caller is subject to a resource check. |
||||||||||||
ERRTXT‑MODULE |
NA2MSG0 | NA2MSG1 | NA2MSG2 | ModuleName | O | z | |||||||||
Specifies the name of the security error text module. Default is "NA2MSG0", English messages. For instructions on how to customize messages, see Build Language-specific Messages (Optional) under Installing EntireX Security under z/OS. |
||||||||||||
FACILITY‑CHECK |
NO | YES | O | z | |||||||||
It is possible to check whether a particular user is at all allowed to use an application
before performing a password check. The advantage of this additional check is that when the user
is not allowed to use this application, the broker returns error 00080013 and does not
try to authenticate the user. Failing an authentication check may lead to the user's password being revoked;
this situation is avoided if the facility check is performed first.
See attribute Note: |
||||||||||||
IGNORE‑STOKEN |
NO | YES | O | z | u | w | b | ||||||
Determines whether the value of the ACI field |
||||||||||||
INCLUDE‑CLASS |
YES | NO | O | z | |||||||||
Determines whether the class name is included in the resource check. |
||||||||||||
INCLUDE‑NAME |
YES | NO | O | z | |||||||||
Determines whether the server name is included in the resource check. |
||||||||||||
INCLUDE‑SERVICE |
YES | NO | O | z | |||||||||
Determines whether the service name is included in the resource check. |
||||||||||||
LDAP‑PERSON‑BASE‑BINDDN |
ldapDn | O | z | u | w | |||||||
Used with LDAP authentication to specify the distinguished name where authentication information is stored. This value is prefixed with the user ID field name (see below). Example:
|
||||||||||||
LDAP‑REPOSITORY‑TYPE |
OpenLDAP | ActiveDirectory | SunOneDirectory | Tivoli | Novell | ApacheDS | O | z | u | w | |||||||
Use predefined known fields for the respective repository type. Specify the repository type that most closely matches your actual repository. In the case of Windows Active Directory, the user ID is typically in the form domainName\userId. | ||||||||||||
LDAP‑SASL‑AUTHENTICATION |
NO | YES | O | w | |||||||||
Specifies whether or not Simple Authentication and Security Layer (SASL) is to perform the authentication check. In practice, this determines whether or not the password supplied by the user is passed in plain text between the broker kernel and the LDAP server. If SASL is activated, this implies that the password is encrypted.
|
||||||||||||
LDAP‑USERID‑FIELD |
cn | uidFieldName | O | z | u | w | |||||||
Used with LDAP authentication to specify the first field name of a user in the Distinguished Name, for example:
|
||||||||||||
MAX‑SAF‑PROF‑LENGTH |
1-256 | O | z | |||||||||
This parameter should be increased if the length of the resource checks - that is, the length of the profile comprising "<class>.<server>.<service>" - is greater than 80 bytes. This parameter defaults to 80 if a value is not specified. |
||||||||||||
PASSWORD‑TO‑UPPER‑CASE |
NO | YES | O | z | v | ||||||||
Determines whether the password and new password are converted to uppercase before verification. |
||||||||||||
PRODUCT |
RACF | ACF2 | TOP-SECRET | O | z | |||||||||
Specifies the name of the installed security product. This attribute is used to analyze security-system-specific errors. The following systems are currently supported:
The default value is used if an incorrect or no value is specified. |
||||||||||||
PROPAGATE‑TRUSTED‑USERID |
YES | NO | O | z | |||||||||
Determines whether a client user ID obtained by means of the trusted
user ID mechanism is propagated to a server using the ACI field |
||||||||||||
SAF‑CLASS |
NBKSAG | SAFClassName | O | z | |||||||||
Specifies the name of the SAF class/type used to hold the EntireX-related resource profiles. |
||||||||||||
SAF‑CLASS‑IP |
NBKSAG | SAFClassName | O | z | |||||||||
Specifies the name of the SAF class/type used when performing IP address authorization checks. |
||||||||||||
SECURITY‑LEVEL |
AUTHORIZATION | AUTHENTICATION | ENCRYPTION | O | z | u | w | v | b | |||||
Specifies the mode of operation.
Caution: |
||||||||||||
SECURITY‑NODE |
YES | name | O | z | |||||||||
This parameter can be used to specify a prefix that is added to all authorization checks, enabling different broker kernels, in different environments, to perform separate authorization checks according to each broker kernel. For example, it is often important to distinguish between production, test, and development environments.
Note: |
||||||||||||
TRACE‑LEVEL |
0 - 4 | O | z | u | w | v | b | |||||
Trace level for EntireX Security. It overrides the global value of trace level in the attribute file. |
||||||||||||
TRUSTED‑USERID |
YES | NO | O | z | |||||||||
Activates the trusted user ID mechanism for broker requests arriving over the local Adabas IPC mechanism. |
||||||||||||
USERID‑TO‑UPPER‑CASE |
NO | YES | O | z | v | ||||||||
Determines whether user ID is converted to uppercase before verification. |
||||||||||||
UNIVERSAL |
NO | YES | O | z | |||||||||
Determines whether access to undefined resource profiles is allowed. |
||||||||||||
WARN‑MODE |
NO | YES | O | z | u | w | b | ||||||
Determines whether a resource check failure results in just a warning or an error. |
The TCP/IP-specific attribute section begins with the keyword
DEFAULTS=TCP
as shown in the sample attribute file. It contains
attributes that apply to the TCP/IP transport communicator. The transport is
activated by TRANSPORT=TCP
in the
Broker-specific section of the attribute file. A maximum of five TCP/IP
communicators can be activated by specifying up to five HOST
/PORT
pairs.
Attribute | Values | Opt/ Req |
Operating System | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CONNECTION‑NONACT |
n | nS | nM | nH | O | z | u | w | v | b | |||||||||
Non-activity of the TCP/IP connection, after which a close is performed and the connection resources are freed. If this parameter is not specified here, broker will close the connection only when the application (or the network itself) terminates the connection.
If not specified, the connection non-activity test is disabled. On the stub side, non-activity can be set
with the environment variable |
||||||||||||||||
HOST |
0.0.0.0 | HostName | IP address | O | z | u | w | v | b | |||||||||
The address of the network interface on which broker will listen for connection requests. If A maximum of five |
||||||||||||||||
MAX‑MESSAGE‑LENGTH |
2147483647 | n | O | z | u | w | v | b | |||||||||
Maximum message size that the broker kernel can process using transport method TCP/IP. The default value represents the highest positive number that can be stored in a four-byte integer. | ||||||||||||||||
PORT |
1025 - 65535 | O | z | u | w | v | b | |||||||||
The TCP/IP port number on which the broker will listen for connection requests. If specified, Note: If If A maximum of five |
||||||||||||||||
RESTART |
YES | NO | O | z | u | w | v | b | |||||||||
If specified, Note: If The |
||||||||||||||||
RETRY‑LIMIT |
20 | n | UNLIM | O | z | u | w | v | b | |||||||||
Maximum number of attempts to restart the TCP/IP communicator. If specified, RETRY-LIMIT overrides broker attribute
Note: If The |
||||||||||||||||
RETRY‑TIME |
3M | n | nS | nM | nH | O | z | u | w | v | b | |||||||||
Wait time between stopping the TCP/IP communicator due to an unrecoverable error and the next attempt to restart it.
Minimum wait time is 1S. If specified, Note: If The |
||||||||||||||||
REUSE‑ADDRESS |
YES | NO | O | z | u | v | b | ||||||||||
YES | NO | O | w | ||||||||||||||
|
||||||||||||||||
STACK‑NAME |
StackName | O | z | |||||||||||||
Name of the TCP/IP stack that the broker is using. If not specified, broker will connect to the default TCP/IP stack running on the machine. |
||||||||||||||||
TRACE‑LEVEL |
0 - 4 | O | z | u | w | v | b | |||||||||
The level of tracing to be performed while the broker is running with transport method TCP/IP. It overrides the global value of trace level for all TCP/IP routines.
If you modify the Trace levels 2, 3, and 4 should be used only when requested by Software AG support. |
The c-tree-specific attribute section begins with the keyword
DEFAULTS = CTREE
. The attributes in this section are optional.
This section applies only if PSTORE-TYPE = CTREE
is specified.
Not available under z/OS, BS2000/OSD, z/VSE.
Attribute | Values | Opt/ Req |
Operating System | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
MAXSIZE |
n | nM | nG | O | u | w | ||||||||
Defines the maximum size of c-tree data files. Broker allocates one data file for control data and another data file for message data:
|
||||||||||||
PAGESIZE |
n | nK | O | u | w | ||||||||
Determines how many bytes are available in each c-tree node.
The default and minimum value is 8 KB. If |
||||||||||||
PATH
|
A255 | O | u | w | ||||||||
Path name of the target directory for c-tree index and data files. |
||||||||||||
SYNCIO |
NO | YES | O | u | w | ||||||||
Controls the open mode of the c-tree transaction log.
|
||||||||||||
TRACE‑LEVEL |
0-8 | O | u | w | ||||||||
Trace level for c-tree persistent store. It overrides the global value of trace level in the attribute file. |
The SSL-specific attribute section begins with the keyword
DEFAULTS=SSL
as shown in the sample attribute file. The attributes
in this section are needed to execute the SSL communicator of the EntireX Broker kernel.
In this section, "SSL" also applies to TLS (Transport Layer Security).
Attribute | Values | Opt/ Req |
Operating System | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CIPHER‑SUITE |
string | O | z | u | w | b | ||||||||||
String that is passed to the underlying SSL/TLS implementation. SSL/TLS is a standardized protocol that uses different cryptographic
functions (hash functions, symmetric and asymmetric encryption etc.). Some of these must be implemented in the SSL/TLS stack;
others are optional. When an SSL/TLS connection is created, both parties agree by "handshake" on the Under UNIX, Windows and BS2000/OSD, the OpenSSL implementation is used; under z/OS it is GSK. The SSL protocol is obsolete and should no longer be used for secure operations. The TLS protocol is the successor of SSL and is readily available in OpenSSL and GSK. The following examples show how to configure strong encryption:
|
||||||||||||||||
CONNECTION‑NONACT |
n | nS | nM | nH | O | z | u | w | b | ||||||||||
Non-activity of the SSL connection, after which a close is performed and the connection resources are freed. If this parameter is not specified here, broker will close the connection only when the application (or the network itself) terminates the connection.
If not specified, the connection non-activity test is disabled. |
||||||||||||||||
HOST |
hostname | O | z | u | w | b | ||||||||||
The address of the network interface on which broker will listen for connection requests. If A maximum of five |
||||||||||||||||
KEY‑LABEL |
name | O | z | |||||||||||||
The label of the key in the RACF keyring that is used to
authenticate the broker kernel (see also
(Example: "ETBCERT") |
||||||||||||||||
KEY‑FILE |
file name | R | u | w | b | |||||||||||
File that contains the broker's private key (if not contained in
(Example: MyAppKey.pem) Note: |
||||||||||||||||
KEY‑PASSWD |
password (A32) | R | u | w | b | |||||||||||
Password used to protect the private key. Unlocks
MyAppKey.pem. Deprecated. See |
||||||||||||||||
KEY‑PASSWD‑ENCRYPTED |
encrypted value (A64) | R | u | w | b | |||||||||||
Password used to protect the private key. Unlocks
MyAppKey.pem. This attribute replaces |
||||||||||||||||
KEY‑STORE |
file name | R | u | w | b | |||||||||||
SSL certificate; may contain the private key. (Example: ExxAppCert.pem) Note: |
||||||||||||||||
MAX‑MESSAGE‑LENGTH |
2147483647 | n | O | z | u | w | b | ||||||||||
Maximum message size that the broker kernel can process using transport method SSL. The default value represents the highest positive number that can be stored in a four-byte integer. | ||||||||||||||||
PORT |
1025 - 65535 | O | z | u | w | b | ||||||||||
The SSL port number on which the broker will listen for connection requests. If not changed, this parameter takes the standard value as specified in the example attribute file. If the port number is not specified, the broker will use the default value of 1958. |
||||||||||||||||
RESTART |
YES | NO | O | z | u | w | b | ||||||||||
|
||||||||||||||||
RETRY‑LIMIT |
20 | n | UNLIM | O | z | u | w | b | ||||||||||
Maximum number of attempts to restart the SSL communicator. |
||||||||||||||||
RETRY‑TIME |
3M | n | nS | nH | O | z | u | w | b | ||||||||||
Wait time between suspending SSL communication due to unrecoverable error and the next attempt to restart it.
Minimum: 1S |
||||||||||||||||
REUSE‑ADDRESS |
YES | NO | O | z | u | w | b | ||||||||||
|
||||||||||||||||
STACK‑NAME |
name | O | z | u | w | |||||||||||
Name of the TCP/IP stack that the broker is using. If not specified, broker will connect to the default TCP/IP stack running on the machine. |
||||||||||||||||
TRACE‑LEVEL |
0 - 4 | O | z | u | w | b | ||||||||||
The level of tracing to be performed while the broker is running with transport method SSL/TLS. It overrides the global value of trace level for all SSL/TLS routines.
If you modify the Trace levels 2, 3, and 4 should be used only when requested by Software AG support. |
||||||||||||||||
TRUST‑STORE |
file name|keyring | R | z | u | w | b | ||||||||||
Location of the store containing certificates of trust Certificate Authorities (or CAs).
|
||||||||||||||||
VERIFY‑CLIENT |
NO | YES | O | z | u | w | b | ||||||||||
|
The DIV-specific attribute section begins with the keyword DEFAULTS
= DIV
. The attributes in this section are required if
PSTORE-TYPE = DIV
is specified.
Attribute | Values | Opt/ Req |
Operating System | ||||
---|---|---|---|---|---|---|---|
DIV |
A511 | R | z | ||||
The VSAM Persistent Store parameters, enclosed in double quotes (""). The value can span more than one line. See Format Parameters for details of the parameters. In previous versions of EntireX, these parameters were read from the SYSIN DD during broker kernel startup. |
The Adabas-specific attribute section begins with the keyword
DEFAULTS = ADABAS
. The attributes in this section are required if
PSTORE-TYPE = ADABAS
is specified. In previous
versions of EntireX, these Adabas-specific attributes and values were
specified in the broker-specific PSTORE-TYPE
attribute.
Attribute | Values | Opt/ Req |
Operating System | ||||
---|---|---|---|---|---|---|---|
BLKSIZE |
126-20000 | O | z | u | w | v | b |
Optional blocking factor used for message data. If not specified, broker will split the message data into 2 KB blocks to be stored in Adabas records. The maximum value depends on the physical device assigned to data storage. See the Adabas documentation. For reasons of efficiency, do not specify a
The Default value is 2000. |
|||||||
DBID |
1 - 32535 | R | z | u | w | v | b |
Database ID of Adabas database where the persistent store resides. |
|||||||
FNR |
1 - 32535 | R | z | u | w | v | b |
File number of broker persistent store file. |
|||||||
FORCE‑COLD |
N | Y | O | z | u | w | v | b |
Determines whether a broker cold start is permitted to overwrite a persistent store file that has been used by another broker ID and/or platform. Specify |
|||||||
MAXSCAN |
0-n | O | z | u | w | v | b |
Limits display of persistent UOW information in the persistent store through Command and Information Services. Default value is 1000. |
|||||||
OPENRQ |
N | Y | O | z | u | w | v | b |
Determines whether driver for Adabas persistent store is to issue an
|
|||||||
SVC |
200-255 | R | z | v | |||
Use this parameter to specify the Adabas SVC number to be used by the Adabas persistent store driver. |
|||||||
TRACE‑LEVEL |
0-8 | O | z | u | w | v | b |
Trace level for Adabas persistent store. It overrides the global value of trace level in the attribute file. |
The application monitoring-specific attribute section begins with the
keyword DEFAULTS=APPLICATION-MONITORING
. It contains attributes
that apply to the application monitoring functionality. At startup time, the
attributes are read if the Broker-specific attribute
APPLICATION-MONITORING=YES
is specified. Duplicate or missing
values are treated as errors. When an error occurs, application monitoring is
turned off and EntireX Broker continues execution. See Application Monitoring.
Attribute | Values | Opt/ Req |
Operating System | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
APPLICATION‑MONITORING‑NAME orAPPMON-NAME |
A100 | O | z | u | w | v | ||||||||
Specifies a default application monitoring name. Used to set the value of the ApplicationName KPI. | ||||||||||||||
COLLECTOR‑BROKER‑ID |
A64 | R | z | u | w | v | ||||||||
Identifies the Application
Monitoring Data Collector. Has the format
host_name :port_number ,
where host_name is the host where the Application
Monitoring Data Collector is running and port_number
is the port number of the Application Monitoring Data Collector. The default
port is 57900.
|
||||||||||||||
TRACE‑LEVEL |
0 - 3 | O | z | u | w | v | ||||||||
The level of tracing to be
performed while the Broker is running with application monitoring.
A trace level should be used only when requested by Software AG support. |
The broker attribute file contains the configuration of one EntireX Broker instance. In order to share attribute files between different brokers, you identify the attributes that are unique and move them to a variable definition file. This file enables you to share one attribute file among different brokers. Each broker in such a scenario requires its own variable definition file.
The following attributes are considered unique for each machine:
BROKER-ID
(in Broker-specific Attributes)
PORT
(in
SSL-specific Attributes and
TCP/IP-specific Attributes)
How you use the variable definition file will depend upon your particular
needs. For instance, some optional attributes may require uniqueness - for
example, DBID
and
FNR
in
DEFAULTS=ADABAS
- so that you may specify the
persistent store.