| Anchor | ||||
|---|---|---|---|---|
|
...
| Property | Description | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
add_csrf_token_header_to_external_responses |
When enabled, an X-CSRF-Token header is included in the response to GET requests from external domains, which must be used in a subsequent POST or PUT request. The | ||||||||||||||||||||||||||||||||||||||||
authorization_lockout_ip_whitelist | A list of IP's that can not be locked out of XperienCentral's Edit environment. Enter a valid IPv4 or IPv6 address. | ||||||||||||||||||||||||||||||||||||||||
channels_using_fallback | Specifies the channel(s) that use the default design configuration when no custom JSP can be found for it. | ||||||||||||||||||||||||||||||||||||||||
check_url_signature | If this option is turned on, URL's containing a presentation ID and/or an SSI object ID are suffixed with a sign parameter when they are rendered, which contains a hash of the parameters in the URL. When the URL is called, the value of the sign parameter is checked versus a newly calculated hash based on that URL. If the value of the sign parameter does not match that of the newly calculated hash, that means that the URL has been tampered with and the request will be refused. | ||||||||||||||||||||||||||||||||||||||||
clusternode_eventlistener_heartbeat_ms |
Specifies how often, in milliseconds, the cluster event service listens for events on other servers in the cluster. | ||||||||||||||||||||||||||||||||||||||||
clusternode_registration_heartbeat_ms |
Specifies how often, in milliseconds, the cluster event service checks for multiple active sessions for the same XperienCentral user. See Active Sessions for more information, | ||||||||||||||||||||||||||||||||||||||||
company_name |
This setting allows you to add your company name (or another string) to the XperienCentral Login page. See Customizing the Login Page for complete information. | ||||||||||||||||||||||||||||||||||||||||
contentindex_index_readonly_nodes |
If the Search & Retrieve API is used on a clustered environment, this setting should be enabled, otherwise the API will not return any results. When this setting is enabled, the content index must be rebuilt. | ||||||||||||||||||||||||||||||||||||||||
content_item_lock_poll_interval | A content locking poll thread that checks whether a content item lock is expired. If so, the lock is removed. The value is in milliseconds. | ||||||||||||||||||||||||||||||||||||||||
content_item_lock_timeout | Specifies the number of milliseconds that have to elapse after a lock on a content item has been claimed before the lock is closed. | ||||||||||||||||||||||||||||||||||||||||
contentindex_location | The directory where the content index and its configuration are stored. | ||||||||||||||||||||||||||||||||||||||||
contentindex_optimize_schedule | The Crontab schedule that dictates when the content index is optimized. This should be set to happen at least once a day, preferably at the time that website activity is at its lowest (typically at night).The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_database_entries_schedule | The Crontab schedule that dictates when to put database entities in the queue for the search indexing. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_empty_reindex | Specifies whether to disable the regeneration of the full background index when the queue is empty. Because a full index regeneration is performed regularly according to the contentindex_queue_reindex_schedule, you might want to block a full index generation at other times for performance reasons. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_iteration_limit | The maximum batch size for each poller iteration. The default is 100. The larger the number, the greater the impact is on performance. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_janitor_schedule | The Crontab schedule that dictates when the index journal is cleaned up. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_poller_schedule | The Crontab schedule that dictates when the index journal is polled for changes. The more frequently this is performed, the more up to date the index will be. Note that each cycle must be able to finish before the next begins. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
contentindex_queue_reindex_schedule | The Crontab schedule that dictates the triggering of a full background index. This should happen no more then once a day, preferably at the time that website activity is at its lowest (typically at night). The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
context_static |
The root URL of the static web application. In XperienCentral versions R36 and higher, use the setting | ||||||||||||||||||||||||||||||||||||||||
|
Specifies whether XperienCentral automatically creates revisions of content items. See Reverting a Content Item for more information. See also the settings | ||||||||||||||||||||||||||||||||||||||||
|
Specifies the URL paths that are not checked for CSRF vulnerabilities. Define the excluded URLs using a Regular Expressions that matches the URL path, excluding the context path. For example, to disable the protection for all requests to "myservlet" (https://mydomain.com/web/myservlet/foo/bar?q=xxx), add an expression like the following:
| ||||||||||||||||||||||||||||||||||||||||
current_rollover_detector_schedule | The Crontab schedule that dictates when the rollover detector service runs. The detector service detects changes in the outcome of ContentItem.getCurrent(Language) and if any is detected, it updates the caching timestamps and friendly URLs. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
date_format | The format in which dates are represented (for example, dd-MM-yyyy). | ||||||||||||||||||||||||||||||||||||||||
default_timezone | Specify the default time zone for the XperienCentral installation. The time zone you specify is the absolute time upon which all timestamps in XperienCentral are based (creation date, publication date, expiration date, etc.). When users select their own time zone in My Settings, the time zone they select is calculated as an offset based on the default XperienCentral time zone. The following are the most commonly used time zones. For the full list of acceptable time zones, see http://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
| ||||||||||||||||||||||||||||||||||||||||
disable_unused_content_schedule | Schedule in cron format for the disable unused content job. The Crontab schedule for disabling unused content. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning.For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
enable_non_jndi_database_configuration | Select this option if you are using a non-JNDI database for your XperienCentral project. | ||||||||||||||||||||||||||||||||||||||||
form_handler_base | Specifies the URL where the definitions for Interactive Forms are located. | ||||||||||||||||||||||||||||||||||||||||
google_sitemap_automatic_upload |
Specifies whether XperienCentral automatically uploads generated sitemaps to Google. When enabled, if a Google sitemap is generated, it is automatically uploaded according to the schedule configured in the setting | ||||||||||||||||||||||||||||||||||||||||
google_sitemap_generator_schedule | The Crontab schedule that dictates when the Google sitemap will be generated. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
http_non_proxy_hosts | Specifies the hosts that should be directly contacted for requests via HTTP and HTTPS (not through the proxy server). You can enter multiple host names separated by the pipe character (|) and also use wildcards. For example:
| ||||||||||||||||||||||||||||||||||||||||
http_proxy_host | The name of the HTTP proxy host server to use to send requests to the XperienCentral server. | ||||||||||||||||||||||||||||||||||||||||
http_proxy_password | The password to use to log in to the proxy host via HTTP. If no password is required, leave this field blank. | ||||||||||||||||||||||||||||||||||||||||
http_proxy_port | The port number to connect to on the HTTP proxy host. | ||||||||||||||||||||||||||||||||||||||||
http_proxy_username | The username to use on the HTTP proxy host. | ||||||||||||||||||||||||||||||||||||||||
http_use_proxy | Specifies whether to use one or more proxy servers to log in to the XperienCentral server.
| ||||||||||||||||||||||||||||||||||||||||
https_proxy_host |
The name of the HTTPS proxy host server to use to send requests to the XperienCentral server. | ||||||||||||||||||||||||||||||||||||||||
https_proxy_password |
The password to use to log in to the proxy host via HTTPS. If no password is required, leave this field blank. | ||||||||||||||||||||||||||||||||||||||||
https_proxy_port |
The port number to connect to on the HTTPS proxy host. | ||||||||||||||||||||||||||||||||||||||||
https_proxy_username |
The username to use on the HTTPS proxy host. | ||||||||||||||||||||||||||||||||||||||||
https_use_http_page_links |
When this setting is enabled, a visitor will use HTTP to link to a page even if the Use HTTPS setting for that page is enabled. | ||||||||||||||||||||||||||||||||||||||||
https_use_proxy |
Specifies whether to use one or more proxy servers to log in to the XperienCentral server. Proxy system properties set outside of XperienCentral are not overwritten when this setting is clear (false). | ||||||||||||||||||||||||||||||||||||||||
internal_backend_address | For use with IBM WebSphere. Contact your GX Software consultant for more information. | ||||||||||||||||||||||||||||||||||||||||
internal_frontend_address | For use with IBM WebSphere. Contact your GX Software consultant for more information. | ||||||||||||||||||||||||||||||||||||||||
internal_http_authentication_password | The password to use in conjunction with the username (below) for connections XperienCentral makes with itself through the front- or backend. | ||||||||||||||||||||||||||||||||||||||||
internal_http_authentication_username | The username to use for connections XperienCentral makes with itself through the front or backend. | ||||||||||||||||||||||||||||||||||||||||
internal_http_use_authentication | Specifies whether to use a username/password combination for authenticating connections that XperienCentral makes with itself through the front or backend. | ||||||||||||||||||||||||||||||||||||||||
internal_http_use_form_authentication | Specifies whether internal HTTP connections use HTTP form | ||||||||||||||||||||||||||||||||||||||||
internal_http_use_form_authentication_session_expiration | The configuration entry for the expiration of the session cookie used for HTTP form authentication | ||||||||||||||||||||||||||||||||||||||||
jcr_datastore_cleaner_schedule | The Crontab schedule that dictates when the JCR datastore cleaner runs. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs.
| ||||||||||||||||||||||||||||||||||||||||
languagelabels_cache_size | This setting determines the maximum size of the language label cache. Ideally the maximum size should be equal or slightly higher than the number of language labels across all channels. The default is 10000. | ||||||||||||||||||||||||||||||||||||||||
limboelement_cleanup_schedule | The Crontab schedule that dictates when limbo elements are cleaned up. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
limboelement_expiration_interval | The Crontab schedule that dictates when limbo elements expire and are deleted. The Crontab schedule used is a variant of the standard UNIX Crontab scheduler with a "seconds" field prefixed to the beginning. For complete information on scheduling jobs in XperienCentral, see Scheduling Jobs. | ||||||||||||||||||||||||||||||||||||||||
password_banned_words | Specifies the string(s) that may not be used as passwords. To add a new value, enter the string in the text field and click [Add value]. | ||||||||||||||||||||||||||||||||||||||||
password_min_distance | Password minimum distance. Specifies the extent to which a string to be used as a password must differ from any of the banned passwords. Take the following example: the string "Administrator" is banned as a password. If the minimum distance is 2, then the allowed strings to be used as a password must differ in at least two ways from "Administrator". The password "Administrat0r" (using a zero "0" instead of an "o") is unacceptable because it differs in only one way from "Administrator". | ||||||||||||||||||||||||||||||||||||||||
password_min_entropy | Specifies how complicated a password must be. The allowed values are between 50 and 100, 100 being the most strict setting. | ||||||||||||||||||||||||||||||||||||||||
profiler_entry_children_limit | Specifies the limit of child entries for a profiler. | ||||||||||||||||||||||||||||||||||||||||
render_threads | Specifies the number of parallel threads to use when rendering content on the website front-end. If the content on your website does not change at a high rate, it is recommended that you do not set this value too high. | ||||||||||||||||||||||||||||||||||||||||
render_threads_incontext | Specifies the number of parallel threads to use when rendering content on the website backend. Using multiple threads can significantly increase the performance of rendering content in the Editor. | ||||||||||||||||||||||||||||||||||||||||
|
Specifies one or more context paths that are reserved in XperienceCentral. Reserving a context path is necessary if a website's friendly URLs have no extension and one or more external applications are running on the same host as XperienCentral and you want to avoid a friendly URL being created that matches the internal path of an external application. Enter a context path (without slashes) in the field and click [Add value]. If you run XperienCentral without friendly URL extensions, add the following values:
See also Running XperienCentral without a Friendly URL Extension. | ||||||||||||||||||||||||||||||||||||||||
secret_key | The key used to sign configuration. | ||||||||||||||||||||||||||||||||||||||||
secure_rest_against_csrf | Specifies whether XperienCentral protects against CSRF attacks on its REST API.
| ||||||||||||||||||||||||||||||||||||||||
session_tracking_cookie_name | The name of the cookie used for tracking XperienCentral user sessions. | ||||||||||||||||||||||||||||||||||||||||
smtp_host | The host name of the SMTP-server. | ||||||||||||||||||||||||||||||||||||||||
smtp_start_tls | Specifies whether TLS should be used when XperienCentral sends emails. | ||||||||||||||||||||||||||||||||||||||||
stale_cluster_lock_retry_time | The amount of time, in seconds, that indicates that a lock that a server in a clustered environment has for a particular item is no longer valid. | ||||||||||||||||||||||||||||||||||||||||
static_files_url | The URL where static files from plugins are stored. In XperienCentral versions R36 and higher, this setting is used instead of the old setting application_settings.context_static. The value can be either a relative or an absolute path. This is especially useful to configure a CDN URL to serve the statics from. | ||||||||||||||||||||||||||||||||||||||||
statistics_cycle_duration | Specifies the number of milliseconds into the past that the XperienCentral performance statistics are saved. The minimum value is 10000. The default is 7200000 (2 hours). GX Software advises that you do not set the cycle duration to a value lower than the default value.
| ||||||||||||||||||||||||||||||||||||||||
streaming_file_directory | The folder where streaming files are stored. | ||||||||||||||||||||||||||||||||||||||||
strict_servlet_api | Specifies whether to use the content-type header set by the first included JSP for the entire request. | ||||||||||||||||||||||||||||||||||||||||
url_cache_clean | Specifies the age (in milliseconds) that items can become before they are deleted from the cache. | ||||||||||||||||||||||||||||||||||||||||
url_cache_timeout | Specifies the amount of time (in milliseconds) between cache cleanups. | ||||||||||||||||||||||||||||||||||||||||
url_encoding | The encoding to use for encoding URLs, "UTF-8" for example. | ||||||||||||||||||||||||||||||||||||||||
urlsign_key | The key used to sign URLs. | ||||||||||||||||||||||||||||||||||||||||
weblogging_logfile_location | The location of the web logging log file. | ||||||||||||||||||||||||||||||||||||||||
xss_allowlist_siteworks_expressions |
/wiki/spaces/PD/pages/24707222 (login required). | ||||||||||||||||||||||||||||||||||||||||
xss_allowlist_siteworks_qs_parameters |
/wiki/spaces/PD/pages/24707222 (login required). |
...
| Property | Description |
|---|---|
| Specifies the expiration time, in minutes, of the GraphQL cache. |
enable_api | Specifies whether to enable the GraphQL API. |
max_query_complexity | Specifies the maximum number of characters allowed in a query. |
rate_limit_call_limit | Specifies the maximum number of calls that may be processed from the same IP address. |
rate_limit_enabled | Specifies whether rate limiting is enabled. |
rate_limit_ignored_ips | Specifies the IP address that are not subject to rate limiting. To enter an IP address, type the string in the field and then click [Add value]. |
rate_limit_time_frame_in_minutes | Specifies the time window, in minutes, that is used by the setting rate_limit_call_limit. |
require_authentication | Specifies whether an API key is required when communicating with the XperienCentral GraphQL API. |
...