Webflow Session

CAS uses Spring Webflow to manage the authentication sequence. Spring Webflow provides a pluggable architecture whereby various actions, decisions and operations throughout the primary authentication workflow can be easily controlled and navigated. In order for this navigation to work, some form of conversational session state must be maintained.

 Provides information about the application’s HTTP sessions that are managed by Spring Session.

 Provides information about the application’s HTTP sessions that are managed by Spring Session.

 Provides information about the application’s HTTP sessions that are managed by Spring Session.


Client-side Sessions

CAS provides a facility for storing flow execution state on the client in Spring Webflow. Flow state is stored as an encoded byte stream in the flow execution identifier provided to the client when rendering a view. By default, CAS automatically attempts to store and keep track of this state on the client in an encrypted form via encryption and signing keys to remove the need for session cleanup, termination and replication.

The following settings and properties are available from the CAS configuration catalog:

The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

  • cas.webflow.crypto.encryption.key=

    • The encryption key. The encryption key by default and unless specified otherwise must be randomly-generated string whose length is defined by the encryption key size setting.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing.key=

    • The signing key is a JWT whose length is defined by the signing key size setting.

    This setting supports the Spring Expression Language.

    org.apereo.cas.configuration.model.core.util.SigningJwtCryptoProperties.

    How can I configure this property?

  • cas.webflow.session.storage=false

    • Controls whether spring webflow sessions are to be stored server-side or client side. By default state is managed on the client side, that is also signed and encrypted.

    org.apereo.cas.configuration.model.core.web.flow.WebflowSessionManagementProperties.

    How can I configure this property?

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

  • cas.webflow.crypto.alg=AES

    • The signing/encryption algorithm to use.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.enabled=true

    • Whether crypto operations are enabled.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.encryption.key-size=16

    • Encryption key size.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing-enabled=true

    • Whether signing encryption operations are enabled.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing.key-size=512

    • The signing key size.

    org.apereo.cas.configuration.model.core.util.SigningJwtCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.encryption.key=

    • The encryption key. The encryption key by default and unless specified otherwise must be randomly-generated string whose length is defined by the encryption key size setting.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing.key=

    • The signing key is a JWT whose length is defined by the signing key size setting.

    This setting supports the Spring Expression Language.

    org.apereo.cas.configuration.model.core.util.SigningJwtCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.alg=AES

    • The signing/encryption algorithm to use.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.enabled=true

    • Whether crypto operations are enabled.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.encryption.key-size=16

    • Encryption key size.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedCryptoProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing-enabled=true

    • Whether signing encryption operations are enabled.

    org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties.

    How can I configure this property?

  • cas.webflow.crypto.signing.key-size=512

    • The signing key size.

    org.apereo.cas.configuration.model.core.util.SigningJwtCryptoProperties.

    How can I configure this property?

    This CAS feature is able to accept signing and encryption crypto keys. In most scenarios if keys are not provided, CAS will auto-generate them. The following instructions apply if you wish to manually and beforehand create the signing and encryption keys.

    Note that if you are asked to create a JWK of a certain size for the key, you are to use the following set of commands to generate the token:

    

    1
2

    		

    wget https://raw.githubusercontent.com/apereo/cas/master/etc/jwk-gen.jar
java -jar jwk-gen.jar -t oct -s [size]

    The outcome would be similar to:

    

    1
2
3
4
5

    		

    {
  "kty": "oct",
  "kid": "...",
  "k": "..."
}

    The generated value for k needs to be assigned to the relevant CAS settings. Note that keys generated via the above algorithm are processed by CAS using the Advanced Encryption Standard (AES) algorithm which is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology.

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.

    In the event that keys are not generated by the deployer, CAS will attempt to auto-generate keys and will output the result for each respected key. The deployer MUST attempt to copy the generated keys to their CAS properties file, specially when running a multi-node CAS deployment. Failure to do so will prevent CAS to appropriate decrypt and encrypt the webflow state and will prevent successful single sign-on.

    :warning: Usage Warning!

    While the above settings are all optional, it is recommended that you provide your own configuration and settings for encrypting and transcoding of the web session state.

    Server-side Sessions

    In the event that you wish to use server-side session storage for managing the webflow session, you will need to enable this behavior via CAS properties.

    The following settings and properties are available from the CAS configuration catalog:

    The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

  • cas.webflow.session.storage=false

    • Controls whether spring webflow sessions are to be stored server-side or client side. By default state is managed on the client side, that is also signed and encrypted.

    org.apereo.cas.configuration.model.core.web.flow.WebflowSessionManagementProperties.

    How can I configure this property?

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

  • cas.webflow.session.server.compress=false

    • Whether or not the snapshots should be compressed. Only relevant if session storage is done on the server.

    org.apereo.cas.configuration.model.core.web.flow.WebflowServerSessionsProperties.

    How can I configure this property?

  • cas.webflow.session.server.lock-timeout=PT30S

    • Sets the time period that can elapse before a timeout occurs on an attempt to acquire a conversation lock. The default is 30 seconds. Only relevant if session storage is done on the server.

    This settings supports the java.time.Duration syntax [?].

    org.apereo.cas.configuration.model.core.web.flow.WebflowServerSessionsProperties.

    How can I configure this property?

  • cas.webflow.session.server.max-conversations=5

    • Using the maxConversations property, you can limit the number of concurrently active conversations allowed in a single session. If the maximum is exceeded, the conversation manager will automatically end the oldest conversation. The default is 5, which should be fine for most situations. Set it to -1 for no limit. Setting maxConversations to 1 allows easy resource cleanup in situations where there should only be one active conversation per session. Only relevant if session storage is done on the server.

    org.apereo.cas.configuration.model.core.web.flow.WebflowServerSessionsProperties.

    How can I configure this property?

    The configuration settings listed below are tagged as Third Party in the CAS configuration metadata. This flag indicates that the configuration setting is not controlled, owned or managed by the CAS ecosystem, and affects functionality that is offered by a third-party library, such as Spring Boot or Spring Cloud to CAS. For additional info, you might have to visit the third-party source to find more details.

  • spring.session.hazelcast.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.map-name=spring:session:sessions

    • Name of the map used to store sessions.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.cleanup-cron=0 * * * * *

    • Cron expression for expired session cleanup job.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.initialize-schema=embedded

    • Database schema initialization mode.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.platform=

    • Platform to use in initialization scripts if the @@platform@@ placeholder is used. Auto-detected by default.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.schema=classpath:org/springframework/session/jdbc/schema-@@platform@@.sql

    • Path to the SQL file to use to initialize the database schema.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.table-name=SPRING_SESSION

    • Name of the database table used to store sessions.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.mongodb.collection-name=sessions

    • Collection name used to store sessions.

    org.springframework.boot.autoconfigure.session.MongoSessionProperties.

    How can I configure this property?

  • spring.session.redis.cleanup-cron=0 * * * * *

    • Cron expression for expired session cleanup job. Only supported when repository-type is set to indexed.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.configure-action=notify-keyspace-events

    • The configure action to apply when no user defined ConfigureRedisAction bean is present.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.namespace=spring:session

    • Namespace for keys used to store sessions.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.repository-type=default

    • Type of Redis session repository to configure.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.servlet.filter-dispatcher-types=asyncerrorrequest

    • Session repository filter dispatcher types.

    org.springframework.boot.autoconfigure.session.SessionProperties$Servlet.

    How can I configure this property?

  • spring.session.servlet.filter-order=

    • Session repository filter order.

    org.springframework.boot.autoconfigure.session.SessionProperties$Servlet.

    How can I configure this property?

  • spring.session.timeout=

    • Session timeout. If a duration suffix is not specified, seconds will be used.

    org.springframework.boot.autoconfigure.session.SessionProperties.

    How can I configure this property?

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.

    Doing so will likely require you to also enable sticky sessions and/or session replication in a clustered deployment of CAS.

    :warning: Usage Warning!

    Generally speaking, you do not need to enable server-side sessions unless you have a rather specialized deployment or are in need of features that store bits and pieces of data into a sever-backed session object. It is recommended that you stick with the default client-side session storage and only switch if and when mandated by a specific CAS behavior.

    Hazelcast Session Replication

    If you don’t wish to use the native container’s strategy for session replication, you can use CAS’s support for Hazelcast session replication.

    This feature is enabled via the following module:

    

    1
2
3
4
5

    		

    <dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-session-hazelcast</artifactId>
    <version>${cas.version}</version>
</dependency>

    		

    

    1

    		

    implementation "org.apereo.cas:cas-server-support-session-hazelcast:${project.'cas.version'}"

    		

    

    1
2
3
4
5
6
7
8
9

    		

    dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-session-hazelcast"
}

    		

    

    1
2
3
4
5
6
7
8
9
10

    		

    dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-session-hazelcast"
}

    The following settings and properties are available from the CAS configuration catalog:

    The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

  • cas.webflow.session.server.hazelcast.cluster.core.instance-name=

    • The instance name.

    This setting supports the Spring Expression Language.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.members=

    • Sets the well known members. If members is empty, calling this method will have the same effect as calling clear(). A member can be a comma separated string, e..g 10.11.12.1,10.11.12.2 which indicates multiple members are going to be added. The list of members must include ALL CAS server node, including the current node that owns this configuration.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.port=5701

    • You can specify the ports which Hazelcast will use to communicate between cluster members. The name of the parameter for this is port and its default value is 5701. By default, Hazelcast will try 100 ports to bind. Meaning that, if you set the value of port as 5701, as members are joining to the cluster, Hazelcast tries to find ports between 5701 and 5801.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.access-key=

    • AWS access key.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.secret-key=

    • AWS secret key.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.client-id=

    • The Azure Active Directory Service Principal client ID.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.client-secret=

    • The Azure Active Directory Service Principal client secret.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.cluster-id=

    • The name of the tag on the hazelcast vm resources. With every Hazelcast Virtual Machine you deploy in your resource group, you need to ensure that each VM is tagged with the value of cluster-id defined in your Hazelcast configuration. The only requirement is that every VM can access each other either by private or public IP address.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.group-name=

    • The Azure resource group name of the cluster. You can find this in the Azure portal or CLI.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.subscription-id=

    • The Azure subscription ID.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.azure.tenant-id=

    • The Azure Active Directory tenant ID.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAzureDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.credential=

    • Cloud Provider credential, can be thought of as a password for cloud services.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.identity=

    • Cloud Provider identity, can be thought of as a user name for cloud services.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.provider=

    • String value that is used to identify ComputeService provider. For example, "google-compute-engine" is used for Google Cloud services. See here for more info.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.zookeeper.group=

    • Name of this Hazelcast cluster. You can have multiple distinct clusters to use the same ZooKeeper installation

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastZooKeeperDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.zookeeper.path=/discovery/hazelcast

    • Path in zookeeper to be used for auto-discovery of members where members are tracked.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastZooKeeperDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.zookeeper.url=

    • Zookeeper url address typically in the format of ip-address:port.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastZooKeeperDiscoveryProperties.

    How can I configure this property?

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

  • cas.webflow.session.server.hazelcast.cluster.core.async-backup-count=0

    • Hazelcast supports both synchronous and asynchronous backups. By default, backup operations are synchronous. In this case, backup operations block operations until backups are successfully copied to backup members (or deleted from backup members in case of remove) and acknowledgements are received. Therefore, backups are updated before a put operation is completed, provided that the cluster is stable. Asynchronous backups, on the other hand, do not block operations. They are fire and forget and do not require acknowledgements; the backup operations are performed at some point in time.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.async-fillup=true

    • Used when replication is turned on with #isReplicated().

    If a new member joins the cluster, there are two ways you can handle the initial provisioning that is executed to replicate all existing values to the new member. Each involves how you configure the async fill up.
    • First, you can configure async fill up to true, which does not block reads while the fill up operation is underway. That way, you have immediate access on the new member, but it will take time until all the values are eventually accessible. Not yet replicated values are returned as non-existing (null).
    • Second, you can configure for a synchronous initial fill up (by configuring the async fill up to false), which blocks every read or write access to the map until the fill up operation is finished. Use this with caution since it might block your application from operating.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.backup-count=1

    • To provide data safety, Hazelcast allows you to specify the number of backup copies you want to have. That way, data on a cluster member will be copied onto other member(s). To create synchronous backups, select the number of backup copies. When this count is 1, a map entry will have its backup on one other member in the cluster. If you set it to 2, then a map entry will have its backup on two other members. You can set it to 0 if you do not want your entries to be backed up, e.g., if performance is more important than backing up. The maximum value for the backup count is 6. Sync backup operations have a blocking cost which may lead to latency issues.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.cp-member-count=0

    • CP Subsystem is a component of a Hazelcast cluster that builds a strongly consistent layer for a set of distributed data structures. Its data structures are CP with respect to the CAP principle, i.e., they always maintain linearizability and prefer consistency over availability during network partitions. Besides network partitions, CP Subsystem withstands server and client failures. All members of a Hazelcast cluster do not necessarily take part in CP Subsystem. The number of Hazelcast members that take part in CP Subsystem is specified here. CP Subsystem must have at least 3 CP members.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.eviction-policy=LRU

    • Hazelcast supports policy-based eviction for distributed maps. Currently supported policies are LRU (Least Recently Used) and LFU (Least Frequently Used) and NONE. See this for more info.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.logging-type=slf4j

    • Hazelcast has a flexible logging configuration and doesn't depend on any logging framework except JDK logging. It has in-built adaptors for a number of logging frameworks and also supports custom loggers by providing logging interfaces. To use built-in adaptors you should set this setting to one of predefined types below.

    • jdk: JDK logging
    • log4j: Log4j
    • slf4j: Slf4j
    • none: Disable logging

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.map-merge-policy=PUT_IF_ABSENT

    • Define how data items in Hazelcast maps are merged together from source to destination. By default, merges map entries from source to destination if they don't exist in the destination map. Accepted values are:

    • PUT_IF_ABSENT: Merges data structure entries from source to destination if they don't exist in the destination data structure.
    • HIGHER_HITS: * Merges data structure entries from source to destination data structure if the source entry has more hits than the destination one.
    • DISCARD: Merges only entries from the destination data structure and discards all entries from the source data structure.
    • PASS_THROUGH: Merges data structure entries from source to destination directly unless the merging entry is null
    • EXPIRATION_TIME: Merges data structure entries from source to destination data structure if the source entry will expire later than the destination entry. This policy can only be used if the clocks of the nodes are in sync.
    • LATEST_UPDATE: Merges data structure entries from source to destination data structure if the source entry was updated more frequently than the destination entry. This policy can only be used if the clocks of the nodes are in sync.
    • LATEST_ACCESS: Merges data structure entries from source to destination data structure if the source entry has been accessed more recently than the destination entry. This policy can only be used if the clocks of the nodes are in sync.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.max-no-heartbeat-seconds=300

    • Max timeout of heartbeat in seconds for a node to assume it is dead.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.max-size=85

    • Sets the maximum size of the map.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.max-size-policy=USED_HEAP_PERCENTAGE

    • FREE_HEAP_PERCENTAGE: Policy based on minimum free JVM heap memory percentage per JVM.
    • FREE_HEAP_SIZE: Policy based on minimum free JVM heap memory in megabytes per JVM.
    • FREE_NATIVE_MEMORY_PERCENTAGE: Policy based on minimum free native memory percentage per Hazelcast instance.
    • FREE_NATIVE_MEMORY_SIZE: Policy based on minimum free native memory in megabytes per Hazelcast instance.
    • PER_NODE: Policy based on maximum number of entries stored per data structure (map, cache etc) on each Hazelcast instance.
    • PER_PARTITION: Policy based on maximum number of entries stored per data structure (map, cache etc) on each partition.
    • USED_HEAP_PERCENTAGE: Policy based on maximum used JVM heap memory percentage per data structure (map, cache etc) on each Hazelcast instance .
    • USED_HEAP_SIZE: Policy based on maximum used JVM heap memory in megabytes per data structure (map, cache etc) on each Hazelcast instance.
    • USED_NATIVE_MEMORY_PERCENTAGE: Policy based on maximum used native memory percentage per data structure (map, cache etc) on each Hazelcast instance.
    • USED_NATIVE_MEMORY_SIZE: Policy based on maximum used native memory in megabytes per data structure (map, cache etc) on each Hazelcast instance .

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.partition-member-group-type=

    • With PartitionGroupConfig, you can control how primary and backup partitions are mapped to physical Members. Hazelcast will always place partitions on different partition groups so as to provide redundancy. Accepted value are: PER_MEMBER, HOST_AWARE, CUSTOM, ZONE_AWARE, SPI. In all cases a partition will never be created on the same group. If there are more partitions defined than there are partition groups, then only those partitions, up to the number of partition groups, will be created. For example, if you define 2 backups, then with the primary, that makes 3. If you have only two partition groups only two will be created.

    • {}PER_MEMBER Partition Groups}: This is the default partition scheme and is used if no other scheme is defined. Each Member is in a group of its own.</li>
    • {}HOST_AWARE Partition Groups}: In this scheme, a group corresponds to a host, based on its IP address. Partitions will not be written to any other members on the same host. This scheme provides good redundancy when multiple instances are being run on the same host.</li>
    • {}CUSTOM Partition Groups}: In this scheme, IP addresses, or IP address ranges, are allocated to groups. Partitions are not written to the same group. This is very useful for ensuring partitions are written to different racks or even availability zones.</li>
    • {}ZONE_AWARE Partition Groups}: In this scheme, groups are allocated according to the metadata provided by Discovery SPI Partitions are not written to the same group. This is very useful for ensuring partitions are written to availability zones or different racks without providing the IP addresses to the config ahead.</li>
    • {}SPI Partition Groups}: In this scheme, groups are allocated according to the implementation provided by Discovery SPI.</li> </ul> </p>

      org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

      How can I configure this property?

      </div></td> </tr>
  • cas.webflow.session.server.hazelcast.cluster.core.replicated=false

    • A Replicated Map is a distributed key-value data structure where the data is replicated to all members in the cluster. It provides full replication of entries to all members for high speed access. A Replicated Map does not partition data (it does not spread data to different cluster members); instead, it replicates the data to all members. Replication leads to higher memory consumption. However, a Replicated Map has faster read and write access since the data is available on all members. Writes could take place on local/remote members in order to provide write-order, eventually being replicated to all other members.

    If you have a large cluster or very high occurrences of updates, the Replicated Map may not scale linearly as expected since it has to replicate update operations to all members in the cluster. Since the replication of updates is performed in an asynchronous manner, Hazelcast recommends you enable back pressure in case your system has high occurrences of updates.

    Note that Replicated Map does not guarantee eventual consistency because there are some edge cases that fail to provide consistency.

    Replicated Map uses the internal partition system of Hazelcast in order to serialize updates happening on the same key at the same time. This happens by sending updates of the same key to the same Hazelcast member in the cluster.

    Due to the asynchronous nature of replication, a Hazelcast member could die before successfully replicating a "write" operation to other members after sending the "write completed" response to its caller during the write process. In this scenario, Hazelcast’s internal partition system promotes one of the replicas of the partition as the primary one. The new primary partition does not have the latest "write" since the dead member could not successfully replicate the update.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.core.timeout=5

    • Connection timeout in seconds for the TCP/IP config and members joining the cluster.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.enabled=false

    • Whether discovery should be enabled via the configured strategies below.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.enabled=false

    • Enables a multicast configuration using a group address and port. Contains the configuration for the multicast discovery mechanism. With the multicast discovery mechanism Hazelcast allows Hazelcast members to find each other using multicast. So Hazelcast members do not need to know concrete addresses of members, they just multicast to everyone listening. It depends on your environment if multicast is possible or allowed; otherwise you need to have a look at the tcp/ip cluster

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.group=

    • The multicast group address used for discovery. With the multicast auto-discovery mechanism, Hazelcast allows cluster members to find each other using multicast communication. The cluster members do not need to know the concrete addresses of the other members, as they just multicast to all the other members for listening. Whether multicast is possible or allowed depends on your environment.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.port=0

    • The multicast port used for discovery.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.time-to-live=32

    • Gets the time to live for the multicast package in seconds. This is the default time-to-live for multicast packets sent out on the socket

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.timeout=2

    • specifies the time in seconds that a member should wait for a valid multicast response from another member running in the network before declaring itself the leader member (the first member joined to the cluster) and creating its own cluster. This only applies to the startup of members where no leader has been assigned yet. If you specify a high value, such as 60 seconds, it means that until a leader is selected, each member will wait 60 seconds before moving on. Be careful when providing a high value. Also, be careful not to set the value too low, or the members might give up too early and create their own cluster.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.multicast.trusted-interfaces=

    • Multicast trusted interfaces for discovery. With the multicast auto-discovery mechanism, Hazelcast allows cluster members to find each other using multicast communication. The cluster members do not need to know the concrete addresses of the other members, as they just multicast to all the other members for listening. Whether multicast is possible or allowed depends on your environment.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastClusterMulticastProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ipv4-enabled=true

    • IPv6 support has been switched off by default, since some platforms have issues in use of IPv6 stack. And some other platforms such as Amazon AWS have no support at all. To enable IPv6 support set this setting to false.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.local-address=

    • If this property is set, then this is the address where the server socket is bound to.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.network-interfaces=

    • You can specify which network interfaces that Hazelcast should use. Servers mostly have more than one network interface, so you may want to list the valid IPs. Range characters ('*' and '-') can be used for simplicity. For instance, 10.3.10.* refers to IPs between 10.3.10.0 and 10.3.10.255. Interface 10.3.10.4-18 refers to IPs between 10.3.10.4 and 10.3.10.18 (4 and 18 included). If network interface configuration is enabled (it is disabled by default) and if Hazelcast cannot find an matching interface, then it will print a message on the console and will not start on that node.

    Interfaces can be separated by a comma.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.outbound-ports=

    • The outbound ports for the Hazelcast configuration.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.port-auto-increment=true

    • You may also want to choose to use only one port. In that case, you can disable the auto-increment feature of port.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.public-address=

    • The default public address to be advertised to other cluster members and clients.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.cipher-suites=

    • Comma-separated list of cipher suite names allowed to be used. Its default value are all supported suites in your Java runtime.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.key-manager-algorithm=

    • Name of the algorithm based on which the authentication keys are provided.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.key-store-type=JKS

    • Type of the keystore. Its default value is JKS. Another commonly used type is the PKCS12. Available keystore/truststore types depend on your Operating system and the Java runtime. Only needed when the mutual authentication is used.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.keystore=

    • Path of your keystore file. Only needed when the mutual authentication is used.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.keystore-password=

    • Password to access the key from your keystore file. Only needed when the mutual authentication is used.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.mutual-authentication=

    • Mutual authentication configuration. It’s empty by default which means the client side of connection is not authenticated. Available values are:

    • REQUIRED - server forces usage of a trusted client certificate
    • OPTIONAL - server asks for a client certificate, but it doesn't require it

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.protocol=TLS

    • Name of the algorithm which is used in your TLS/SSL. For the protocol property, we recommend you to provide TLS with its version information, e.g., TLSv1.2. Note that if you write only TLS, your application chooses the TLS version according to your Java version.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.trust-manager-algorithm=

    • Name of the algorithm based on which the trust managers are provided.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.trust-store=

    • Path of your truststore file. The file truststore is a keystore file that contains a collection of certificates trusted by your application.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.trust-store-password=

    • Password to unlock the truststore file.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.trust-store-type=JKS

    • Type of the truststore. Its default value is JKS. Another commonly used type is the PKCS12. Available keystore/truststore types depend on your Operating system and the Java runtime.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.ssl.validate-identity=false

    • Flag which allows enabling endpoint identity validation. It means, during the TLS handshake client verifies if the server’s hostname (or IP address) matches the information in X.509 certificate (Subject Alternative Name extension).

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkSslProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.network.tcpip-enabled=true

    • Enable TCP/IP config. Contains the configuration for the Tcp/Ip join mechanism. The Tcp/Ip join mechanism relies on one or more well known members. So when a new member wants to join a cluster, it will try to connect to one of the well known members. If it is able to connect, it will now about all members in the cluster and doesn't rely on these well known members anymore.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastNetworkClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.enabled=false

    • Whether WAN should be enabled.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.replication-name=apereo-cas

    • Name of this replication group.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets=

    • List of target clusters to be used for synchronization and replication.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].acknowledge-type=ACK_ON_OPERATION_COMPLETE

    • Accepted values are:

    • ACK_ON_RECEIPT: ACK after WAN operation is received by the target cluster (without waiting the result of actual operation invocation).
    • ACK_ON_OPERATION_COMPLETE: Wait till the operation is complete on target cluster.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].batch-maximum-delay-milliseconds=1000

    • Maximum amount of time, in milliseconds, to be waited before sending a batch of events in case batch.size is not reached.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].batch-size=500

    • Maximum size of events that are sent to the target cluster in a single batch.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].cluster-name=

    • Sets the cluster name used as an endpoint group password for authentication on the target endpoint. If there is no separate publisher ID property defined, this cluster name will also be used as a WAN publisher ID. This ID is then used for identifying the publisher.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].consistency-check-strategy=NONE

    • Strategy for checking the consistency of data between replicas.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].endpoints=

    • Comma separated list of endpoints in this replication group. IP addresses and ports of the cluster members for which the WAN replication is implemented. These endpoints are not necessarily the entire target cluster and WAN does not perform the discovery of other members in the target cluster. It only expects that these IP addresses (or at least some of them) are available.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].executor-thread-count=2

    • The number of threads that the replication executor will have. The executor is used to send WAN events to the endpoints and ideally you want to have one thread per endpoint. If this property is omitted and you have specified the endpoints property, this will be the case. If necessary you can manually define the number of threads that the executor will use. Once the executor has been initialized there is thread affinity between the discovered endpoints and the executor threads - all events for a single endpoint will go through a single executor thread, preserving event order. It is important to determine which number of executor threads is a good value. Failure to do so can lead to performance issues - either contention on a too small number of threads or wasted threads that will not be performing any work.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].properties=

    • The WAN publisher properties.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].publisher-class-name=com.hazelcast.enterprise.wan.replication.WanBatchReplication

    • Publisher class name for WAN replication.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].publisher-id=

    • Returns the publisher ID used for identifying the publisher.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].queue-capacity=10000

    • For huge clusters or high data mutation rates, you might need to increase the replication queue size. The default queue size for replication queues is 10,000. This means, if you have heavy put/update/remove rates, you might exceed the queue size so that the oldest, not yet replicated, updates might get lost.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].queue-full-behavior=THROW_EXCEPTION

    • Accepted values are:

    • THROW_EXCEPTION: Instruct WAN replication implementation to throw an exception and doesn't allow further processing.
    • DISCARD_AFTER_MUTATION: Instruct WAN replication implementation to drop new events when WAN event queues are full.
    • THROW_EXCEPTION_ONLY_IF_REPLICATION_ACTIVE: Similar to THROW_EXCEPTION but only throws exception when WAN replication is active. * Discards the new events if WAN replication is stopped.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].response-timeout-milliseconds=60000

    • Time, in milliseconds, to be waited for the acknowledgment of a sent WAN event to target cluster.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.wan-replication.targets[0].snapshot-enabled=

    • When set to true, only the latest events (based on key) are selected and sent in a batch.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastWANReplicationTargetClusterProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.core.enable-compression=false

    • Enables compression when default java serialization is used.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.core.enable-jet=true

    • Enable Jet configuration/service on the hazelcast instance. Hazelcast Jet is a distributed batch and stream processing system that can do stateful computations over massive amounts of data with consistent low latency. Jet service is required when executing SQL queries with the SQL service.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.core.enable-management-center-scripting=true

    • Enables scripting from Management Center.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.core.license-key=

    • Hazelcast enterprise license key.

    org.apereo.cas.configuration.model.support.hazelcast.HazelcastCoreProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.cluster=

    • ECS cluster short name or ARN; default is the current cluster.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.connection-timeout-seconds=5

    • The maximum amount of time Hazelcast will try to connect to a well known member before giving up. Setting this value too low could mean that a member is not able to connect to a cluster. Setting the value too high means that member startup could slow down because of longer timeouts (for example, when a well known member is not up). Increasing this value is recommended if you have many IPs listed and the members cannot properly build up the cluster. Its default value is 5.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.family=

    • Filter to look only for ECS tasks with the given family name; mutually exclusive with #getServiceName().

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.host-header=

    • Host header. i.e. ec2.amazonaws.com. The URL that is the entry point for a web service.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.iam-role=

    • If you do not want to use access key and secret key, you can specify iam-role. Hazelcast fetches your credentials by using your IAM role. This setting only affects deployments on Amazon EC2. If you are deploying CAS in an Amazon ECS environment, the role should not be specified. The role is fetched from the task definition that is assigned to run CAS.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.port=-1

    • Hazelcast port. Typically may be set to 5701. You can set searching for other ports rather than 5701 if you've members on different ports.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.region=us-east-1

    • AWS region. i.e. us-east-1. The region where your members are running.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.security-group-name=

    • If a security group is configured, only instances within that security group are selected.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.service-name=

    • Filter to look only for ECS tasks from the given service; mutually exclusive with #getFamily().

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.tag-key=

    • If a tag key/value is set, only instances with that tag key/value will be selected.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.aws.tag-value=

    • If a tag key/value is set, only instances with that tag key/value will be selected.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastAwsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.hz-port=5701-5708

    • A range of ports where the plugin looks for Hazelcast members.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.label=

    • A filter to look only for instances labeled as specified; property format: key=value.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.private-key-path=

    • A filesystem path to the private key for GCP service account in the JSON format; if not set, the access token is fetched from the GCP VM instance.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.projects=

    • A list of projects where the plugin looks for instances; if not set, the current project is used.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.region=

    • A region where the plugin looks for instances; if not set, the #getZones() property is used; if it and #getZones() property not set, all zones of the current region are used.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.gcp.zones=

    • A list of zones where the plugin looks for instances; if not set, all zones of the current region are used.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastGoogleCloudPlatformDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.credential-path=

    • Used for cloud providers which require an extra JSON or P12 key file. This denotes the path of that file. Only tested with Google Compute Engine. (Required if Google Compute Engine is used.)

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.endpoint=

    • Defines the endpoint for a generic API such as OpenStack or CloudStack (optional).

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.group=

    • Filters instance groups (optional). When used with AWS it maps to security group.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.port=-1

    • Port which the hazelcast instance service uses on the cluster member. Default value is 5701. (optional)

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.regions=

    • Defines region for a cloud service (optional). Can be used with comma separated values for multiple values.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.role-name=

    • Used for IAM role support specific to AWS (optional, but if defined, no identity or credential should be defined in the configuration).

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.tag-keys=

    • Filters cloud instances with tags (optional). Can be used with comma separated values for multiple values.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.tag-values=

    • Filters cloud instances with tags (optional) Can be used with comma separated values for multiple values.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.jclouds.zones=

    • Defines zone for a cloud service (optional). Can be used with comma separated values for multiple values.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastJCloudsDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.api-retries=3

    • Defines the number of retries to Kubernetes API. Defaults to: 3.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.api-token=

    • Defines an oauth token for the kubernetes client to access the kubernetes REST API. Defaults to reading the token from the auto-injected file at: /var/run/secrets/kubernetes.io/serviceaccount/token.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.ca-certificate=

    • CA Authority certificate from Kubernetes Master. Defaults to reading the certificate from the auto-injected file at: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.kubernetes-master=

    • Defines an alternative address for the kubernetes master. Defaults to: https://kubernetes.default.svc

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.namespace=

    • Defines the namespace of the application POD through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.pod-label-name=

    • Defines the pod label to lookup through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.pod-label-value=

    • Defines the pod label value to lookup through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.resolve-not-ready-addresses=false

    • Defines if not ready addresses should be evaluated to be discovered on startup.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-dns=

    • Defines the DNS service lookup domain. This is defined as something similar to my-svc.my-namespace.svc.cluster.local.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-dns-timeout=-1

    • Defines the DNS service lookup timeout in seconds. Defaults to 5 secs.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-label-name=

    • Defines the service label to lookup through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-label-value=

    • Defines the service label value to lookup through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-name=

    • Defines the service name of the POD to lookup through the Service Discovery REST API of Kubernetes.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.service-port=0

    • If specified with a value greater than 0, its value defines the endpoint port of the service (overriding the default).

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.kubernetes.use-node-name-as-external-address=false

    • Defines if the node name should be used as external address, instead of looking up the external IP using the /nodes resource. Default is false.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastKubernetesDiscoveryProperties.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.dns-provider.enabled=false

    • Enable provider.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.DnsRProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.dns-provider.peer-services=

    • Comma separated list of docker services and associated ports to be considered peers of this service. Note, this must include itself (the definition of serviceName and servicePort) if the service is to cluster with other instances of this service.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.DnsRProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.dns-provider.service-name=

    • Name of the docker service that this instance is running in.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.DnsRProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.dns-provider.service-port=5701

    • Internal port that hazelcast is listening on.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.DnsRProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.docker-network-names=

    • Comma delimited list of Docker network names to discover matching services on.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.docker-service-labels=

    • Comma delimited list of relevant Docker service label=values to find tasks/containers on the networks.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.docker-service-names=

    • Comma delimited list of relevant Docker service names to find tasks/containers on the networks.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.enabled=false

    • Enable provider.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.hazelcast-peer-port=5701

    • The raw port that hazelcast is listening on. IMPORTANT: This is NOT a docker "published" port, nor is it necessarily a EXPOSEd port. It is the hazelcast port that the service is configured with, this must be the same for all matched containers in order to work, and just using the default of 5701 is the simplest way to go.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.skip-verify-ssl=false

    • If Swarm Mgr URI is SSL, to enable skip-verify for it.

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

  • cas.webflow.session.server.hazelcast.cluster.discovery.docker-swarm.member-provider.swarm-mgr-uri=

    • Swarm Manager URI (overrides DOCKER_HOST).

    org.apereo.cas.configuration.model.support.hazelcast.discovery.HazelcastDockerSwarmDiscoveryProperties.MemberAddressProvider.

    How can I configure this property?

    The configuration settings listed below are tagged as Third Party in the CAS configuration metadata. This flag indicates that the configuration setting is not controlled, owned or managed by the CAS ecosystem, and affects functionality that is offered by a third-party library, such as Spring Boot or Spring Cloud to CAS. For additional info, you might have to visit the third-party source to find more details.

  • spring.session.hazelcast.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.map-name=spring:session:sessions

    • Name of the map used to store sessions.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.map-name=spring:session:sessions

    • Name of the map used to store sessions.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

  • spring.session.hazelcast.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.HazelcastSessionProperties.

    How can I configure this property?

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.

    Redis Session Replication

    If you don’t wish to use the native container’s strategy for session replication, you can use CAS’s support for Redis session replication.

    This feature is enabled via the following module:

    

    1
2
3
4
5

    		

    <dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-session-redis</artifactId>
    <version>${cas.version}</version>
</dependency>

    		

    

    1

    		

    implementation "org.apereo.cas:cas-server-support-session-redis:${project.'cas.version'}"

    		

    

    1
2
3
4
5
6
7
8
9

    		

    dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-session-redis"
}

    		

    

    1
2
3
4
5
6
7
8
9
10

    		

    dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-session-redis"
}

    The following settings and properties are available from the CAS configuration catalog:

    The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

    The configuration settings listed below are tagged as Third Party in the CAS configuration metadata. This flag indicates that the configuration setting is not controlled, owned or managed by the CAS ecosystem, and affects functionality that is offered by a third-party library, such as Spring Boot or Spring Cloud to CAS. For additional info, you might have to visit the third-party source to find more details.

  • spring.redis.client-name=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.client-name.
  • spring.redis.client-type=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.client-type.
  • spring.redis.cluster.max-redirects=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.cluster.max-redirects.
  • spring.redis.cluster.nodes=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.cluster.nodes.
  • spring.redis.connect-timeout=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.connect-timeout.
  • spring.redis.database=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.database.
  • spring.redis.host=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.host.
  • spring.redis.jedis.pool.enabled=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.jedis.pool.max-active=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.jedis.pool.max-idle=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.jedis.pool.max-wait=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.jedis.pool.min-idle=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.jedis.pool.time-between-eviction-runs=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.cluster.refresh.adaptive=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.lettuce.cluster.refresh.adaptive.
  • spring.redis.lettuce.cluster.refresh.dynamic-refresh-sources=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.lettuce.cluster.refresh.dynamic-refresh-sources.
  • spring.redis.lettuce.cluster.refresh.period=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.lettuce.cluster.refresh.period.
  • spring.redis.lettuce.pool.enabled=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.pool.max-active=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.pool.max-idle=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.pool.max-wait=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.pool.min-idle=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.pool.time-between-eviction-runs=

    • How can I configure this property?

    Deprecation status is ERRORwithout a replacement setting.
  • spring.redis.lettuce.shutdown-timeout=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.lettuce.shutdown-timeout.
  • spring.redis.password=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.password.
  • spring.redis.port=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.port.
  • spring.redis.sentinel.master=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.sentinel.master.
  • spring.redis.sentinel.nodes=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.sentinel.nodes.
  • spring.redis.sentinel.password=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.sentinel.password.
  • spring.redis.sentinel.username=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.sentinel.username.
  • spring.redis.ssl=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.ssl.
  • spring.redis.timeout=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.timeout.
  • spring.redis.url=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.url.
  • spring.redis.username=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.redis.username.
  • spring.session.redis.cleanup-cron=0 * * * * *

    • Cron expression for expired session cleanup job. Only supported when repository-type is set to indexed.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.configure-action=notify-keyspace-events

    • The configure action to apply when no user defined ConfigureRedisAction bean is present.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.namespace=spring:session

    • Namespace for keys used to store sessions.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.repository-type=default

    • Type of Redis session repository to configure.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

  • spring.session.redis.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.RedisSessionProperties.

    How can I configure this property?

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.

    MongoDb Session Replication

    If you don’t wish to use the native container’s strategy for session replication, you can use CAS’s support for Mongo session replication.

    This feature is enabled via the following module:

    

    1
2
3
4
5

    		

    <dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-session-mongo</artifactId>
    <version>${cas.version}</version>
</dependency>

    		

    

    1

    		

    implementation "org.apereo.cas:cas-server-support-session-mongo:${project.'cas.version'}"

    		

    

    1
2
3
4
5
6
7
8
9

    		

    dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-session-mongo"
}

    		

    

    1
2
3
4
5
6
7
8
9
10

    		

    dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-session-mongo"
}

    The following settings and properties are available from the CAS configuration catalog:

    The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

    The configuration settings listed below are tagged as Third Party in the CAS configuration metadata. This flag indicates that the configuration setting is not controlled, owned or managed by the CAS ecosystem, and affects functionality that is offered by a third-party library, such as Spring Boot or Spring Cloud to CAS. For additional info, you might have to visit the third-party source to find more details.

  • spring.data.mongodb.additional-hosts=

    • Additional server hosts. Cannot be set with URI or if 'host' is not specified. Additional hosts will use the default mongo port of 27017. If you want to use a different port you can use the "host:port" syntax.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.authentication-database=

    • Authentication database name.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.auto-index-creation=

    • Whether to enable auto-index creation.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.database=

    • Database name. Overrides database in URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.field-naming-strategy=

    • Fully qualified name of the FieldNamingStrategy to use.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.grid-fs-database=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.data.mongodb.gridfs.database.
  • spring.data.mongodb.gridfs.bucket=

    • GridFS bucket name.

    org.springframework.boot.autoconfigure.mongo.MongoProperties$Gridfs.

    How can I configure this property?

  • spring.data.mongodb.gridfs.database=

    • GridFS database name.

    org.springframework.boot.autoconfigure.mongo.MongoProperties$Gridfs.

    How can I configure this property?

  • spring.data.mongodb.host=

    • Mongo server host. Cannot be set with URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.password=

    • Login password of the mongo server. Cannot be set with URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.port=

    • Mongo server port. Cannot be set with URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.replica-set-name=

    • Required replica set name for the cluster. Cannot be set with URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.repositories.type=auto

    • Type of Mongo repositories to enable.

    How can I configure this property?

  • spring.data.mongodb.ssl.bundle=

    • SSL bundle name.

    org.springframework.boot.autoconfigure.mongo.MongoProperties$Ssl.

    How can I configure this property?

  • spring.data.mongodb.ssl.enabled=

    • Whether to enable SSL support. Enabled automatically if "bundle" is provided unless specified otherwise.

    org.springframework.boot.autoconfigure.mongo.MongoProperties$Ssl.

    How can I configure this property?

  • spring.data.mongodb.uri=mongodb://localhost/test

    • Mongo database URI. Overrides host, port, username, and password.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.username=

    • Login user of the mongo server. Cannot be set with URI.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.data.mongodb.uuid-representation=java-legacy

    • Representation to use when converting a UUID to a BSON binary value.

    org.springframework.boot.autoconfigure.mongo.MongoProperties.

    How can I configure this property?

  • spring.session.mongodb.collection-name=sessions

    • Collection name used to store sessions.

    org.springframework.boot.autoconfigure.session.MongoSessionProperties.

    How can I configure this property?

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.

    JDBC Session Replication

    If you don’t wish to use the native container’s strategy for session replication, you can use CAS’s support for JDBC session replication.

    This feature is enabled via the following module:

    

    1
2
3
4
5

    		

    <dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-session-jdbc</artifactId>
    <version>${cas.version}</version>
</dependency>

    		

    

    1

    		

    implementation "org.apereo.cas:cas-server-support-session-jdbc:${project.'cas.version'}"

    		

    

    1
2
3
4
5
6
7
8
9

    		

    dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-session-jdbc"
}

    		

    

    1
2
3
4
5
6
7
8
9
10

    		

    dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-session-jdbc"
}

    The following settings and properties are available from the CAS configuration catalog:

    The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. In other words, you should only include this field in your configuration if you need to modify the default value or if you need to turn on the feature controlled by the setting.

    The configuration settings listed below are tagged as Third Party in the CAS configuration metadata. This flag indicates that the configuration setting is not controlled, owned or managed by the CAS ecosystem, and affects functionality that is offered by a third-party library, such as Spring Boot or Spring Cloud to CAS. For additional info, you might have to visit the third-party source to find more details.

  • spring.datasource.azure.credential.client-certificate-password=

    • Password of the certificate file.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.client-certificate-path=

    • Path of a PEM certificate file to use when performing service principal authentication with Azure.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.client-id=

    • Client ID to use when performing service principal authentication with Azure.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.client-secret=

    • Client secret to use when performing service principal authentication with Azure.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.managed-identity-enabled=false

    • Whether to enable managed identity to authenticate with Azure. If true and the client-id is set, will use the client ID as user assigned managed identity client ID.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.password=

    • Password to use when performing username/password authentication with Azure.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.credential.username=

    • Username to use when performing username/password authentication with Azure.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.passwordless-enabled=false

    • Whether to enable passwordless connections to Azure databases by using OAuth2 Microsoft Entra token credentials.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.profile.cloud-type=

    • Name of the Azure cloud to connect to. Supported types are: AZURE, AZURE_CHINA, AZURE_US_GOVERNMENT, OTHER. The default value is `AZURE`.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.profile.environment.active-directory-endpoint=

    • The Microsoft Entra endpoint to connect to.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.azure.profile.tenant-id=

    • Tenant ID for Azure resources.

    com.azure.spring.cloud.autoconfigure.implementation.passwordless.properties.AzureJdbcPasswordlessProperties.

    How can I configure this property?

  • spring.datasource.continue-on-error=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.continue-on-error.
  • spring.datasource.data=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.data-locations.
  • spring.datasource.data-password=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.password.
  • spring.datasource.data-username=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.username.
  • spring.datasource.dbcp2.abandoned-usage-tracking=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.access-to-underlying-connection-allowed=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.auto-commit-on-return=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.cache-state=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.clear-statement-pool-on-return=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.connection-factory-class-name=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.connection-init-sqls=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.default-auto-commit=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.default-catalog=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.default-query-timeout=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.default-read-only=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.default-schema=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.default-transaction-isolation=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.disconnection-sql-codes=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.driver=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.driver-class-name=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.duration-between-eviction-runs=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.enable-auto-commit-on-return=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.eviction-policy-class-name=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.fast-fail-validation=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.initial-size=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.jmx-name=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.lifo=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.log-abandoned=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.log-expired-connections=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.login-timeout=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.max-conn-lifetime-millis=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.max-idle=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.max-open-prepared-statements=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.max-total=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.max-wait-millis=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.min-evictable-idle-time-millis=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.min-idle=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.num-tests-per-eviction-run=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.password=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.pool-prepared-statements=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.remove-abandoned-on-borrow=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.remove-abandoned-on-maintenance=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.remove-abandoned-timeout=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.rollback-on-return=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.soft-min-evictable-idle-time-millis=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.test-on-borrow=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.test-on-create=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.test-on-return=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.test-while-idle=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.time-between-eviction-runs-millis=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.url=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.username=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.dbcp2.validation-query=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

  • spring.datasource.dbcp2.validation-query-timeout=

    • org.apache.commons.dbcp2.BasicDataSource.

    How can I configure this property?

    Deprecation status is WARNINGwithout a replacement setting.
  • spring.datasource.driver-class-name=

    • Fully qualified name of the JDBC driver. Auto-detected based on the URL by default.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.embedded-database-connection=

    • Connection details for an embedded database. Defaults to the most suitable embedded database that is available on the classpath.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.generate-unique-name=true

    • Whether to generate a random datasource name.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.hikari.allow-pool-suspension=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.auto-commit=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.catalog=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.connection-init-sql=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.connection-test-query=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.connection-timeout=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.data-source-class-name=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.data-source-j-n-d-i=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.data-source-properties=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.driver-class-name=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.exception-override-class-name=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.health-check-properties=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.idle-timeout=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.initialization-fail-timeout=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.isolate-internal-queries=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.jdbc-url=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.keepalive-time=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.leak-detection-threshold=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.login-timeout=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.max-lifetime=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.maximum-pool-size=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.metrics-tracker-factory=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.minimum-idle=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.password=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.pool-name=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.read-only=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.register-mbeans=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.scheduled-executor=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.schema=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.transaction-isolation=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.username=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.hikari.validation-timeout=

    • com.zaxxer.hikari.HikariDataSource.

    How can I configure this property?

  • spring.datasource.initialization-mode=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.mode.
  • spring.datasource.jmx-enabled=false

    • Whether to enable JMX support (if provided by the underlying pool).

    How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.datasource.tomcat.jmx-enabled.
  • spring.datasource.jndi-name=

    • JNDI location of the datasource. Class, url, username and password are ignored when set.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.name=

    • Datasource name to use if "generate-unique-name" is false. Defaults to "testdb" when using an embedded database, otherwise null.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.oracleucp.abandoned-connection-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-factory-class-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-factory-properties=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-harvest-max-count=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-harvest-trigger-count=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-labeling-high-cost=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-pool-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-properties=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-repurpose-threshold=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-validation-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.connection-wait-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.data-source-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.database-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.description=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.fast-connection-failover-enabled=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.high-cost-connection-reuse-threshold=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.inactive-connection-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.initial-pool-size=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.login-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-connection-reuse-count=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-connection-reuse-time=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-connections-per-shard=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-idle-time=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-pool-size=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.max-statements=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.min-pool-size=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.network-protocol=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.o-n-s-configuration=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.pdb-roles=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.port-number=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.property-cycle=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.query-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.read-only-instance-allowed=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.role-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.s-q-l-for-validate-connection=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.seconds-to-trust-idle-connection=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.server-name=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.sharding-mode=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.time-to-live-connection-timeout=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.timeout-check-interval=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.u-r-l=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.user=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.oracleucp.validate-connection-on-borrow=

    • oracle.ucp.jdbc.PoolDataSourceImpl.

    How can I configure this property?

  • spring.datasource.password=

    • Login password of the database.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.platform=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.platform.
  • spring.datasource.schema=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.schema-locations.
  • spring.datasource.schema-password=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.password.
  • spring.datasource.schema-username=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.username.
  • spring.datasource.separator=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.separator.
  • spring.datasource.sql-script-encoding=

    • How can I configure this property?

    Deprecation status is ERRORwith a replacement setting: spring.sql.init.encoding.
  • spring.datasource.tomcat.abandon-when-percentage-full=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.access-to-underlying-connection-allowed=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.alternate-username-allowed=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.commit-on-return=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.connection-properties=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.data-source-j-n-d-i=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.db-properties=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.default-auto-commit=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.default-catalog=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.default-read-only=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.default-transaction-isolation=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.driver-class-name=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.fair-queue=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.ignore-exception-on-pre-load=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.init-s-q-l=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.initial-size=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.jdbc-interceptors=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.jmx-enabled=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.log-abandoned=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.log-validation-errors=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.login-timeout=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.max-active=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.max-age=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.max-idle=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.max-wait=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.min-evictable-idle-time-millis=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.min-idle=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.name=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.num-tests-per-eviction-run=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.password=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.propagate-interrupt-state=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.remove-abandoned=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.remove-abandoned-timeout=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.rollback-on-return=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.suspect-timeout=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.test-on-borrow=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.test-on-connect=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.test-on-return=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.test-while-idle=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.time-between-eviction-runs-millis=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.url=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.use-disposable-connection-facade=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.use-equals=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.use-lock=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.use-statement-facade=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.username=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.validation-interval=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.validation-query=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.validation-query-timeout=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.tomcat.validator-class-name=

    • org.apache.tomcat.jdbc.pool.DataSource.

    How can I configure this property?

  • spring.datasource.type=

    • Fully qualified name of the connection pool implementation to use. By default, it is auto-detected from the classpath.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.url=

    • JDBC URL of the database.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.username=

    • Login username of the database.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties.

    How can I configure this property?

  • spring.datasource.xa.data-source-class-name=

    • XA datasource fully qualified name.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties$Xa.

    How can I configure this property?

  • spring.datasource.xa.properties=

    • Properties to pass to the XA data source.

    org.springframework.boot.autoconfigure.jdbc.DataSourceProperties$Xa.

    How can I configure this property?

  • spring.session.jdbc.cleanup-cron=0 * * * * *

    • Cron expression for expired session cleanup job.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.flush-mode=on-save

    • Sessions flush mode. Determines when session changes are written to the session store.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.initialize-schema=embedded

    • Database schema initialization mode.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.platform=

    • Platform to use in initialization scripts if the @@platform@@ placeholder is used. Auto-detected by default.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.save-mode=on-set-attribute

    • Sessions save mode. Determines how session changes are tracked and saved to the session store.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.schema=classpath:org/springframework/session/jdbc/schema-@@platform@@.sql

    • Path to the SQL file to use to initialize the database schema.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

  • spring.session.jdbc.table-name=SPRING_SESSION

    • Name of the database table used to store sessions.

    org.springframework.boot.autoconfigure.session.JdbcSessionProperties.

    How can I configure this property?

    Configuration Metadata

    The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.

    Be Selective

    This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.

    YAGNI

    Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.

    Naming Convention

    Property names can be specified in very relaxed terms. For instance cas.someProperty, cas.some-property, cas.some_property are all valid names. While all forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those that might be presented to the system via an external library or framework such as Spring Boot, etc.

    :information_source: Note

    When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value. The only possible exception to this rule is when naming actuator endpoints; The name of the actuator endpoints (i.e. ssoSessions) MUST remain in camelCase mode.

    Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas. All other settings are controlled and provided to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the way you intend.

    Validation

    Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.

    Indexed Settings

    CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value. The index [0] is meant to be incremented by the adopter to allow for distinct multiple configuration blocks.