Configure properties - assure_dq - 10.1.0

Assure DQ Server Installation
Product type
Software
Portfolio
Verify
Product family
Assure
Product
Assure DQ
Version
10.1.0
ft:locale
en-US
Product name
Assure DQ, ER, Insight and Perceive
ft:title
Assure DQ Server Installation
Copyright
2025
First publish date
2005
ft:lastEdition
2025-11-28
ft:lastPublication
2025-11-28T07:35:54.959000
L1_Product_Gateway
Verify
L2_Product_Segment
Data Quality
L3_Product_Brand
Precisely Infogix
L4_Investment_Segment
Legacy Infogix DQ
L5_Product_Group
Legacy Infogix DQ
L6_Product_Name
Assure DQ
Product Feature

Customize installation and runtime properties to match your environment. Edit the appropriate properties files in the Infogix/config/<myConfigName> directory before running deployment scripts; see each section below for details.

Overview

Some property values are populated automatically during deployment; you do not need to edit properties that begin with $. For general guidance on property formats and encryption, see the Properties Guide. If you want to encrypt property values, we recommend running the encryption script after deployment for easier debugging. See Encrypt Passwords.

Application server properties

The deployment script references application server properties. Before running the script:

  • Open <install_folder>/Infogix/config/<myConfigName>

  • Edit appserver.properties to match your environment.
  • Use a single forward slash (/) as the file separator.
  • Do not edit appserver.advance.properties unless Customer Support instructs you to do so.
OKTA authentication configuration

Before running the deployment script, configure OKTA as a prerequisite:

  1. OKTA setup

    • Add callback URLs to the OKTA Admin Console.

    • Provide the OKTA certificate at: <liberty-install>/usr/servers/<server-name>/resources/security/

  2. Update properties

    Add the following properties in appserver.properties:
    
# Enable OKTA Authentication
ENABLE_OKTA_AUTH=true

# OKTA Client ID
OKTA_CLIENT_ID=<your-client-id>

# OKTA Client Secret
OKTA_CLIENT_SECRET=<your-client-secret>

# OKTA Discovery Endpoint URL
OKTA_DISCOVERY_ENDPOINT_URL=https://your-domain.okta.com/oauth2/default/.well-known/openid-configuration

# OKTA Signature Algorithm
OKTA_SIGNATURE_ALGORITHM=RS256

# Require HTTPS for OKTA
OKTA_HTTPS_REQUIRED=true

# OKTA User Identifier Claim
OKTA_USER_IDENTIFIER=email

# OKTA Scope
OKTA_SCOPE=openid profile email

# OKTA Truststore Settings
OKTA_TRUSTSTORE_FILENAME=oktaTrust.jks
OKTA_TRUSTSTORE_TYPE=JKS
OKTA_TRUSTSTORE_PASSWORD=changeit
Note: These properties are mandatory when ENABLE_OKTA_AUTH=true. Place the truststore file in /resources/security/.

After configuring OKTA, proceed with the standard product installation process on Liberty.

LDAP Signing and Kerberos settings

Update the following properties in appserver.properties and appserver.advance.properties:

# Enable LDAP Signing
ENABLE_LDAP_SIGNING=true

# Kerberos Principal (replace with actual values)
KERBEROS_PRINCIPAL=HTTP/your-hostname@YOUR.REALM

# Kerberos Keytab File Path
KERBEROS_KEYTAB=/path/to/yourfile.keytab

# Kerberos Configuration File Path
Note:
  • For Liberty: Place the keytab and configuration file in: ${server.config.dir}/resources/security/<liberty-install>/usr/servers/<server-name>
  • WildFly: Ensure the files are accessible by the WildFly server.
After updating these properties, complete the standard installation process for your application server.

Configure WildFly ports

This applies only to WildFly deployments. WildFly selects port sets using the port offset property (for example, WILDFLY.1.PORT_OFFSET). The table shows the typical HTTP/HTTPS ports for each offset.

WildFly PORT_OFFSET HTTP HTTPS
0 8080 8443
100 8180 8543
200 8280 8643
300 8380 8743
400 8480 8843
500 8580 8943

For WildFly port configuration instructions, see the Configure WildFly ports section in the Properties Guide.

Database properties

The database installation scripts reference a database properties file. Work with your DBA to obtain the required values and configure the file for each product you install.

  1. Open <install_folder>/Infogix/config/<myConfigName>/<product>.
  2. Edit database.properties. Do not edit database.advanced.properties unless Customer Support advises you to do so.

Embedded security directory

For single-application deployments, embedded security settings are taken from the database properties file. If two or more Precisely applications share the embedded directory, configure the shared embedded directory using embedded.directory.properties. Configure this directory once per JVM.

  1. Open <install_folder>/Infogix/config/<myConfigName>.
  2. Edit embedded.directory.properties to match your directory schema.

For shared embedded-security deployments, see Shared Embedded Security.

LDAP security directory (authentication)

If you use an enterprise LDAP directory for authentication, configure the application to use it so users can sign in with their directory credentials. Edit security.directory.properties to match your LDAP schema. If your LDAP server uses a self-signed certificate and SSL is enabled, import the certificate into a keystore.

  1. Open <install_folder>/Infogix/config/<myConfigName>.
  2. Edit security.directory.properties.
  3. Import any self-signed certificates into the keystore if SSL is enabled.

LDAP Signing configuration for WildFly and Liberty

Use this procedure if your environment requires LDAP signing and Kerberos authentication for enhanced security.

Prerequisites

Before you begin, confirm the following configurations are in place:

  1. Active Directory Server Setup

  2. Browser Configuration

    Configure your browser to support Kerberos/SPNEGO authentication. For details, see:

    Configuring SPNEGO authentication in Liberty

Important: These steps must be carried out by your IT team or Active Directory (AD) administrators in accordance with your organization's security policies.

LDAP user information directory

To store user metadata (for example, email addresses) in an enterprise LDAP directory, configure userinfo.directory.properties. If you prefer embedded directories for user info, leave the user-info directory property pointed at the embedded directory in the application server properties.

  1. Open <install_folder>/Infogix/config/<myConfigName>.
  2. Edit userinfo.directory.properties to match your LDAP schema.
  3. Import self-signed certificates into a keystore if SSL is enabled.

External data sources (WildFly)

For WildFly deployments, external data sources are created from datasources.properties. Assure DQ and Perceive use these properties. You can define multiple external data sources; provide a separate properties set for each.

  1. Open <install_folder>/Infogix/config/<myConfigName>/<product>.
  2. Edit datasources.properties for each external data source.

Product-specific properties

Edit product-specific properties (role mappings and other settings) before running the deployment script.

  1. Open <install_folder>/Infogix/config/<myConfigName>/<product>.
  2. Edit the product properties file:
    • Assure DQ — IA.properties
    • ER — ER.properties
    • Insight — II.properties
    • Perceive — IV.properties

If you install multiple applications that must integrate, see the product integration procedures. If you use externalized queues on WebSphere, see Externalize Queues on WebSphere.

Adding external data sources in Liberty

For Liberty, define external Oracle and SQL Server data sources in external_datasource.xml inside the Liberty server instance configuration folder (for example, <path-to-liberty-server>/wlp/usr/servers/<your-server>/configuration/). The template contains placeholders for variables you must update with JNDI details.

  1. Locate the template external_datasource.xml in your distribution or documentation.
  2. Edit the template: update JNDI names, driver paths, credentials, database host, port, and database name.
  3. Save the file and restart the Liberty server to apply the configuration.
Tip: The external_datasource.xml file is removed by the clean command. Keep a backup copy and restore it after each clean operation if needed.

Sample external_datasource.xml (template)


<server>
    <!-- Oracle DataSource 1 Configuration -->
    <variable name="oracle1.user" value=""/>
    <variable name="oracle1.password" value=""/>
    <variable name="oracle1.databaseName" value=""/>
    <variable name="oracle1.serverName" value=""/>
    <variable name="oracle1.portNumber" value=""/>
    <variable name="oracle1.driver.path" value=""/>
    <variable name="oracle1.jndiName" value=""/>
    <authData id="INFOGIXDSAuthID1" password="${oracle1.password}" user="${oracle1.user}"/>
    <jdbcDriver id="INFOGIXDSJDBCID1">
        <library>
            <file name="${oracle1.driver.path}"/>
        </library>
    </jdbcDriver>
    <dataSource containerAuthDataRef="INFOGIXDSAuthID1" id="oracle1.id" jdbcDriverRef="INFOGIXDSJDBCID1" jndiName="${oracle1.jndiName}">
        <properties.oracle databaseName="${oracle1.databaseName}" serverName="${oracle1.serverName}" portNumber="${oracle1.portNumber}"/>
        <connectionManager connectionTimeout="180" enableContainerAuthForDirectLookups="true" maxPoolSize="100" minPoolSize="1"/>
    </dataSource>

    <!-- SQL Server DataSource 1 Configuration -->
    <variable name="sqlserver1.user" value=""/>
    <variable name="sqlserver1.password" value=""/>
    <variable name="sqlserver1.databaseName" value=""/>
    <variable name="sqlserver1.serverName" value=""/>
    <variable name="sqlserver1.portNumber" value=""/>
    <variable name="sqlserver1.driver.path" value=""/>
    <variable name="sqlserver1.jndiName" value=""/>
    <authData id="INFOGIXDSAuthID2" password="${sqlserver1.password}" user="${sqlserver1.user}"/>
    <jdbcDriver id="INFOGIXDSJDBCID2">
        <library>
            <file name="${sqlserver1.driver.path}"/>
        </library>
    </jdbcDriver>
    <dataSource containerAuthDataRef="INFOGIXDSAuthID2" id="sqlserver1.id" jdbcDriverRef="INFOGIXDSJDBCID2" jndiName="${sqlserver1.jndiName}">
        <properties.microsoft.sqlserver databaseName="${sqlserver1.databaseName}" serverName="${sqlserver1.serverName}" portNumber="${sqlserver1.portNumber}"/>
        <connectionManager connectionTimeout="180" enableContainerAuthForDirectLookups="true" maxPoolSize="100" minPoolSize="1"/>
    </dataSource>
</server>
Tip: Update the value attributes for each <variable> element with your database connection details.

Data-source variable reference

Oracle DataSource variables

  • oracle1.user: Oracle database username
  • oracle1.password: Oracle database password
  • oracle1.databaseName: Oracle database name
  • oracle1.serverName: Oracle host or IP
  • oracle1.portNumber: Oracle listener port
  • oracle1.driver.path: Path to Oracle JDBC driver JAR
  • oracle1.jndiName: JNDI name for the Oracle data source

SQL Server DataSource variables

  • sqlserver1.user: SQL Server username
  • sqlserver1.password: SQL Server password
  • sqlserver1.databaseName: SQL Server database name
  • sqlserver1.serverName: SQL Server host or IP
  • sqlserver1.portNumber: SQL Server port
  • sqlserver1.driver.path: Path to SQL Server JDBC driver JAR
  • sqlserver1.jndiName: JNDI name for the SQL Server data source

Operational notes

- Keep backups of edited properties and any Liberty external_datasource.xml files that the clean command may remove.

- After editing properties, restart the affected servers (application server or Liberty) where required to apply changes.

- If you encrypt passwords, keep an unencrypted backup until you confirm the encrypted values work in environment.