Service Cluster Properties

The following cluster properties configure services on the .
The following cluster properties configure services on the
Layer7 API Gateway
.
Property
Description
service.anonFederatedPolicies
Controls policies with federated identity assertions. Value is a Boolean.
  • true
    = Treats a policy as if it contains no identity assertions to check whether a policy allows anonymous access.
  • false
    = Maintains the federated identity assertions as is.
Default:
true
service.disabledDownloads
Controls which requestors can download WSDL and policy documents for disabled services. The values are:
  • none
    = forbid all requestors
  • all
    = allow all requestors
  • passthrough
    = permit requestors defined by the cluster property
    service.passthroughdownloads
    (described next)
Default:
none
serviceMetrics.enabled
Controls whether the Gateway collects service metrics in the Gateway database. View these metrics in the Service Metrics window of the Gateway Dashboard.
  • true
    = Metrics are collected. The Gateway adds the log entry:
    INFO: Enabling service metrics collection
    .
  • false
    = Metrics are not collected. The Gateway adds the log entry:
    INFO: Disabling service metrics collection
    .
Default:
true
The
serviceMetrics.enabled
cluster property does
not
affect the collection of metrics data being sent to an external location. Once the Gateway is configured for external metrics, these metrics are collected even if the cluster property is disabled.
serviceMetricsEventListener.maxPoolSize
The maximum number of worker threads for the service metrics event listener. Minimum is 1.
Default:
25
service.passthroughdownloads
Remote IPs of requestors allowed to download WSDL and policy documents without credentials. Separate each entry with a space. You may optionally add a netmask to the IP address. Both IPv4 and IPv6 addresses are supported.
Default:
127.0.0.1
The default value allows only pass-through from the localhost. The full IP address of a client must match one of the items in the list before a download is permitted.
Sample values
:
  • 127.0.0.1 192.168.1 allows pass-through from localhost and from any remote address beginning with 192.168.1
  • 127.0.0.1 10.5.4.41 192.168.1 allows pass-through from localhost, from 10.5.4.41, and from any remote address beginning with 192.168.1
  • 10.7.32.0/24 allows pass-through from remote addresses 10.7.32.0 with a 24-bit network mask (which translates to a permitted address range of 10.7.32.0 to 10.7.32.254)
For details, see Manage Interfaces.
service.validateWssTimestamps
Controls whether the built-in services (token service, policy service) on the
Layer7 API Gateway
validate WS-Security timestamps. Value is a Boolean.
Default:
true
service.wsdlDependenciesEnabled
Controls whether download of WSDL dependencies (WSDL/Schema) is permitted.
  • true
    =  Available WSDL dependencies can be downloaded.
  • false
    = Only the primary WSDL document for a service is served by the
    Layer7 API Gateway
    .
Default:
false
service.wsdlQueryEnabled
Controls whether the download of WSDL using the "?wsdl" URL suffix is permitted. When enabled, the WSDL document can be downloaded using the resolution path of the service. Value is a Boolean.
Default:
true
For details, see Downloading WSDL Documents.
serviceUsage.updateInterval
Applicable to Gateway Version 10 CR2 or Newer
As part of the final phase of its roll out, this property now lets you tune the frequency or intervals (in Time Units) of service usage data collection.
If a number or value is entered without specifying the time unit, the Gateway will assume the value is in minutes.
Default value: 5m
Default: 4 s (i.e., property enabled)
Enables or disables the Gateway's ability to collect service usage statistics .
Inserting a value of 0 disables the collection of this data. Any other value greater than 0 enables the collection of service usage statistics.
If you choose to disable service usage statistics collection, we strongly recommend that you clear the contents of the 'service_usage' table to avoid any data inconsistencies if you decide to re-enable it later. Use the following SQL command to delete its contents:
use ssg; delete from service_usage;
Disabling Service Statistics Data Collection: Impact on Services/Assertions
There are three Gateway services/assertions that rely on service usage statistics to operate. If the collection of service usage statistics is disabled, the following may not function:
  • SNMP Query Built-In Service
  • SNMP Agent Tactical Assertion
  • Gateway Metrics Tactical Assertion