Skip to main content

Privacera Documentation

Table of Contents

UserSync system properties on Privacera Platform

UserSync property

Description

Property

Default

PRIVACERA_USERSYNC_RANGER_URL

Address of Ranger instance.

ranger.url

http://ranger:6080

PRIVACERA_USERSYNC_RANGER_USERNAME

Username of Ranger user.

ranger.username

admin

PRIVACERA_USERSYNC_RANGER_PASSWORD

Password of Ranger user.

ranger.password

welcome1

PRIVACERA_USERSYNC_CONTEXT_CLASS

Implementation class used for USContext. Storage of synced Users and Groups.

usersync.context.class

com.privacera.usersync.context.USContextRocksDB Options: com.privacera.usersync.context.USContextRocksDB com.privacera.usersync.context.USContextMemory

PRIVACERA_USERSYNC_CONTEXT_DATASOURCE_PRIORITY_LIST

Priority list of configured datasources. Sources nearest the beginning of the list will be used over sources later in the list.

usersync.context.datasource.priority.list

PRIVACERA_USERSYNC_LOADER_BULK_ENABLED

Load users to Portal in batches.

usersync.user.loader.bulk.enabled

TRUE

PRIVACERA_USERSYNC_LOADER_BULK_BATCHSIZE

Size of batches to load Users into Portal.

usersync.user.loader.bulk.batchsize

100

PRIVACERA_USERSYNC_UPDATE_GROUP_MEMBERSHIPS_BATCH_ENABLE

Load group memberships to Portal in batches.

usersync.user.loader.update.group.memberships.batch.enable

FALSE

PRIVACERA_USERSYNC_UPDATE_GROUP_MEMBERSHIPS_BATCHSIZE

Size of batches to load Group memberships into Portal.

usersync.user.loader.update.group.memberships.batchsize

1000

PRIVACERA_USERSYNC_STARTUP_PERFORM_OPERATIONS_ENABLED

Scan for and perform any pending operations in cache (User/Group objects) at service start-up

usersync.startup.performoperations.enabled

TRUE

PRIVACERA_USERSYNC_LOADER_PROCESS_THREAD_MIN

Minimum threads for processing user/group updates (<=0 will use a cached thread pool)

usersync.user.loader.process.thread.min

1

PRIVACERA_USERSYNC_LOADER_PROCESS_THREAD_MAX

Maximum threads for processing user/group updates (if min is <= 0, this has no effect)

usersync.user.loader.process.thread.max

1

PRIVACERA_USERSYNC_LOADER_PROCESS_THREAD_KEEPALIVE

Keep alive value for threads in pool.

usersync.user.loader.process.thread.keepalive

30

JCEKS KeyStore File Paths

privacera.usersync.keystore.files

JCEKS KeyStore Files Passwords

privacera.usersync.keystore.passwords

Secure keys alias prefix

privacera.usersync.secure.key.prefix

jceks

PRIVACERA_USERSYNC_AUTH_SSL_TRUSTSTORE_FILE

SSL Truststore path

ssl.truststore

PRIVACERA_USERSYNC_AUTH_SSL_TRUSTSTORE_PASSWORD

SSL Truststore password

ssl.truststore.password

PRIVACERA_USERSYNC_RANGER_INIT_RETRY_INTERVAL_IN_MILLIS

Delay in milliseconds between retry attempts for initializing Ranger user loader.

usersync.user.loader.ranger.init.retryinterval.ms

30000

PRIVACERA_USERSYNC_RANGER_INIT_RETRY_LIMIT

Maximum retry attempts for initializing Ranger user loader. (<0 indicates unlimited retries)

usersync.user.loader.ranger.init.retrylimit

-1

PRIVACERA_USERSYNC_RANGER_REQUEST_RETRY_INTERVAL_IN_MILLIS

Delay in milliseconds between retry attempts for requests to Ranger

ranger.request.retryinterval.ms

10000

PRIVACERA_USERSYNC_RANGER_REQUEST_RETRY_LIMIT

Maximum retry attempts for requests to Ranger

ranger.request.retrylimit

3

PRIVACERA_USERSYNC_UPDATE_GROUP_MEMBERSHIPS_BULK_ENABLED

Enable bulk update of group memberships to Ranger

usersync.user.loader.update.group.memberships.bulk.enabled

TRUE

PRIVACERA_USERSYNC_CONTEXT_OPEN_MAX_RETRY

Maximum retry attempts to open RocksDB cache.

usersync.context.rocksdb.open.max.retry

5

PRIVACERA_USERSYNC_CONTEXT_OPEN_DESTROY_ON_FAIL

Enable automatic destroy of RocksDB cache if unable to open (corrupted). Cache will be rebuilt.

usersync.context.rocksdb.open.destroyonfail

TRUE

PRIVACERA_USERSYNC_LOADER_ASSIGN_ROLE_PRIORITY_LIST

Priority list of roles if a user has multiple roles mapped. Highest priority role will be applied to the user.

usersync.user.loader.assign.role.priority.list

ROLE_SYS_ADMIN,ROLE_ADMIN_AUDITOR

PRIVACERA_USERSYNC_API_SECURITY_USER_NAME

If configured, Usersync REST APIs are available with basic auth.

usersync.api.security.user.name

PRIVACERA_USERSYNC_API_SECURITY_USER_PASSWORD

If configured, Usersync REST APIs are available with basic auth.

usersync.api.security.user.password