Skip to main content
Version: 7.2402.x.x RR

Built in variables in templates

This page shows the variables supported in template files by the administrative CLI instance creation command.

Remarks

  • Environment variable values will not be used unless stated in the list below.
  • Some variables are only defined for the sake of completeness or legacy reasons. Not all variables listed here are used in the current default templates.
  • The "Used in templates" remarks in the below list shows which variables are used in the default templates supplied by nevisAuth.
Example command to list all variables from the templates
grep -ohr "@[A-Za-z0-9_]*@" /opt/nevisauth/template | grep -v "^Binary" | sort | uniq
Example command to find where a variable is used
grep -r "@SERVER_URL_PROTOCOL@" /opt/nevisauth/template | sort

Server configuration

  • AUTH_SERVER_URL

    Default value: https://localhost:8991

    Used in template: indirectly

    Short form to set all 3 SERVERURL* properties (listed below) at once. If any of the 3 variables below are provided, those will override the specific part of this URL

  • SERVER_URL_PROTOCOL

    Default value: https

    Used in template: yes

    If not provided, the protocol part of AUTH_SERVER_URL will be used. If that was not specified, we set the default.

  • SERVER_URL_SERVER

    Default value: localhost

    Used in template: yes

    If not provided, the host part of AUTH_SERVER_URL will be used. If that was not specified, we set the default.

  • SERVER_URL_PORT

    Default value: 8991

    Used in template: yes

    If not provided, the port part of AUTH_SERVER_URL will be used. If that was not specified, we set the default.

  • SERVER_MANAGEMENT_PORT

    Default value: <SERVER_URL_PORT> + 9

    Used in template: yes

  • SERVER_SSL_KEYSTORE

    Default value: <KEYBOX_VAR>/default/node_keystore.jks

    Used in template: yes

  • SERVER_SSL_KEYSTORE_TYPE

    Default value: JKS

  • SERVER_SSL_KEYSTORE_PASSWORD

    Default value: PASSPHRASE

    Used in template: yes

  • SERVER_SSL_TRUSTSTORE

    Default value: <KEYBOX_VAR>/default/truststore.jks

    Used in template: yes

  • SERVER_SSL_TRUSTSTORE_TYPE

    Default value: JKS

    Used in template: yes

  • SERVER_SSL_TRUSTSTORE_PASSWORD

    Default value: PASSPHRASE

  • PASSPHRASE

    Default value: password

    Used in template: indirectly

    If the PASSPHRASE is not supplied, but a PASSPHRASE environment variable is defined, neviAuth will use the latter, otherwise the default one.

Environment configuration

  • JAVA_HOME

    Default value: nA

    Used in template: yes

  • JVM_INITIAL_HEAP

    Default value: 256m

    Used in template: yes

  • JVM_MAX_HEAP

    Default value: 1024m

    Used in template: yes

  • AUTH_TRANSPORT_KEYSTORE

    Default value: <KEYBOX_VAR>/default/node_keystore.jks

  • AUTH_TRANSPORT_KEYSTORE_TYPE

    Default value: JKS

  • AUTH_TRANSPORT_KEYSTORE_PASSWORD

    Default value: {PASSPHRASE}

  • AUTH_TRANSPORT_TRUSTSTORE

    Default value: <KEYBOX_VAR>/default/truststore.jks

    Used in template: yes

    Used in -Djavax.net.ssl.trustStore in JAVA_OPTS

  • AUTH_TRANSPORT_TRUSTSTORE_TYPE

    Default value: JKS

    Used in template: yes

  • AUTH_TRANSPORT_TRUSTSTORE_PASSWORD

    Default value: {PASSPHRASE}

    Used in template: yes

NevisAuth configuration

  • AUTH_STATE_CLASSPATH

    Default value: /var/opt/nevisauth/{instance}/plugin:/opt/nevsauth/plugin:

    Used in template: yes

    classPath attribute of the AuthEngine element

  • AUTH_SIGNER_SLOT

    Default value: nevis

    Used in template: indirectly

  • AUTH_SIGNER_LABEL

    Default value: authSigner

    Used in template: indirectly

  • AUTH_SIGNER_KEYSTORE

    Default value: <KEYBOX_HOME>/<AUTH_SIGNER_SLOT>/<AUTH_SIGNER_LABEL>_keystore.jks?alias=<AUTH_SIGNER_LABEL>

    Used in template: yes

    DefaultSigner KeyObject privateKey property

  • AUTH_SIGNER_PASSWORD

    Default value: pipe://<KEYBOX_HOME>/<KEYBOX_VERSION>/bin/keystorepwget <AUTH_SIGNER_KEYSTORE>

    Used in template: yes

    DefaultSigner KeyObject passPhrase property

  • AUTH_SIGNER_TRUSTSTORE

    Default value: <AUTH_SIGNER_KEYSTORE>

    Used in template: yes

    DefaultSigner KeyObject certificate property

  • AUTH_SIGNER_PKCS11_SLOT

    Default value: 1

    Used in template: yes

  • AUTH_SIGNER_PKCS11_LIBRARY

    Default value: /usr/lib/libpkcs11.so

    Used in template: yes

  • AUTH_CONFIG_AUTH

    Default value: /var/opt/nevisauth/{instance}/conf/esauth4.xml

  • AUTH_CONFIG_LOG

    Default value: /var/opt/nevisauth/{instance}/conf/bc.properties

  • AUTH_CONFIG_SEC

    Default value: /var/opt/nevisauth/{instance}/conf/esauth4.security

  • AUTH_CONFIG_JAAS

    Default value: /var/opt/nevisauth/{instance}/conf/jaas.conf

    Used in template: yes

  • KRB5_CONFIG

    Default value: /var/opt/nevisauth/{instance}/conf/java-krb5.conf

    Used in template: yes

  • KRB_CREDS_CONFIG

    Default value: /var/opt/nevisauth/{instance}/conf/kerberos-credentials.properties

  • NEVISEVENTS_CONFIG

    Default value: /var/opt/nevisauth/{instance}/conf/nevisevents.xml

  • AUTH_LOGFILE

    Default value: /var/opt/nevisauth/{instance}/log/esauth4sv.log

    Used in template: yes

    Only used in bc.properties

Keybox

  • KEYBOX_VAR

    Default value: /opt/neviskeybox

    Used in template: indirectly

  • KEYBOX_HOME

    Default value: /var/opt/keybox

    Used in template: indirectly

  • KEYBOX_VERSION

    Default value: nA

    Used in template: indirectly

Other

  • PKG_INSTANCE

    Default value: {instance}

    Used in template: yes

    The {instance} name specified in the nevisauth inst create command.

  • PKG_VAR

    Default value: /var/opt/nevisauth/{instance}

    Used in template: yes

  • AUTH_SERVER_HOST

    Default value: {SERVER_URL_SERVER}

    Used in template: yes

    Only used in jaas.conf

Last updated on