VDB properties:
This is list of properties for VDB.
These options are inside given virtual database configuration file. For example: postgresTest-vdb_1.conf. The filename depends on the name of the vdb → nameOfVdb.conf.
These are stored in the following format under properties:
"properties": [
{
"key": "suppressNoResult",
"value": "true"
}
],
So each key name is used under properties with its value.
⚠️ Note: You can use SHIFT with mouse scroll to scroll horizontally!
| Key | Description | Possible values | Default |
|---|---|---|---|
| suppressNoResult | With Postgres, if an update query is executed via the executeQuery result, it will generate an exception on return saying "No results were returned by the query". In some frameworks, this is detected and suppressed when using the native Postgres driver, but not with the Heimdall driver. In order to work around this behavior, this option can trigger us returning a null instead of a resultset, which appears to allow the calling code to work fine. | Boolean | false |
| dnsCacheTTL | The cache time (in s) to use for the dns resolution cache, defaults to 5s to conform with AWS requirements. Note: This will impact the global JVM setting for this if used in JDBC mode. | Integer | 5 (seconds) |
| dnsNegativeTTL | The time to cache negative DNS (non-existent) queries, defaults to 10s per Java standard. Note: This will impact the global JVM setting for this if used in JDBC mode. | Integer | 10 (seconds) |
| delayCacheInit | The time in seconds to delay initializing the cache, normally not needed. | Integer | 0 |
| reparsePrepared | In cases where prepared statements include dynamic variables, this triggers the reparsing of the expanded query for the purposes of isolating it's base query pattern. This can resolve issues when patterns overflow the proxy or driver memory, or analytics show the pattern with variables included. | Boolean | false |
| rejectPrepared | As many features end up disabled with prepared statements, it may be needed to reject prepared statements in a QA environment to ensure they don't creep into production code. This will result in an SQL exception if they are attempted. | Boolean | false |
Proxy only
These properties are applicable only to VDB working in Proxy mode.
| Key | Requirements | Description | Possible values | Default |
|---|---|---|---|---|
| connectionIdleTimeout | healthcheck port AND interval | Connection timeout (in ms) for an idle client-side connection, will terminate connection's thread. | Integer | 0 |
| queryTimeout | healthcheck port AND interval | Timeout (in ms) for a connection executing a query, will terminate connection's thread. | Integer | 0 |
| maxConnectionThreads | connectionsCleanupPercentage | Max amount of connection threads allowed. Exceeding the limit will terminate the connections that were idle for the longest time. | Integer | 0 |
| connectionsCleanupPercentage | - | Percentage of connection threads that will be terminated after maxConnectionThreads limit is exceeded. The excess connection is not included in calculation, for example when limit of 10 connections is exceeded (we get 11th connection), the amount to be deleted is calculated from 10. Setting this property to 10 means 10%. | Integer | 0 |
| desiredCipherSuite | - | Forces defined cipherSuite to be used, for TLS connections. All other than defined ciphers will be disabled, use it with caution. Example values: TLS_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | String (see desc.) | - |
| extractTlsSecrets | Verbose Debug Mode | Extract the shared secrets from secure TLS connections for use with Wireshark. Secrets are stored in log folder. To apply this property, Proxy restart is required. It is also recommended to enable "Close connections" checkbox in packets capture configuration to close connections so that every connection has secrets extracted correctly for packet decryption. | Boolean | false |
| enableBlacklist | - | Enable adding address to blacklist after many failed database authentication attempts. | Boolean | false |
| VerboseKerberosDebug | - | Enable verbose debugging of kerberos - encryption wont be supported. | Boolean | false |
| defaultTimeZone | PostgreSQL | Default Time Zone for proxy. Example values: Europe/Warsaw, America/New_York. | String | - |
| legacyEncryptingStream | - | Uses legacy encrypting streams for TLS and GSS. By default, new streams are used for encryption. If something starts to malfunction, it is possible to revert to the old streams by setting this flag to true. | Boolean | false |
| ignoreParametersBindingForSpExecuteSql | - | Ignore binding parameters when executing stored procedure with "sp_executesql". Applicable only for SQLServer Proxy. | Boolean | false |
| disableSetReadOnly | PostgreSQL OR MySQL | Disable any kind of SET READ ONLY type of queries. Just log them and ignore. | Boolean | false |