000022409 - cleartrust.agent.rtapi.connection_poolsize

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022409
Applies ToRSA ClearTrust Agent 3.5.2 for BEA WebLogic
The connection pool parameter is restricted to 10 in the GUI
CauseThe GUI at ./agentconfig places an artificial limit on the value and can be overcome by editing the cleartrust_realm.properties file directly
ResolutionThere is no specific performance or tuning reason for the chosen validity range. The range of 1-10 has been selected and set just for field validation to ensure that illegal values (e.g. non-integer) are not entered so need some integer range for the .JSP page to do the field validation. However, in the RuntimeAPI code, the only constraint is that cleartrust.agent.rtapi.connection_poolsize at least has 1 as the value - there is no explicit upper-limit check, but the value should be something (e.g. must not be commented out and must have a valid value).

Obviously, using the parameter will have an impact where heap memory will be used in the JVM by each of the connections and RSA Security has not tested for memory issues beyond the value of 10. So, it is acceptable to edit the cleartrust_realm.properties to have a value higher than 10. However, if the value is set to something greater than 10 (e.g. 20), then the next time the GUI at ./agentconfig is used, the value 20 is displayed in the field, which will be invalid for the page validation tests. So if you now try to save the web page, you will see the same error you've already seen unless the value of the field "Connection Pool size" is reset in the GUI within the range 1-10.

Overall, many such field validations in the .JSP pages with hard-coded ranges exist. Some of these have been set with specific ranges, but some are more specific, such as using 65355 for one "Idle timeout" field. Care should also be taken during upgrade of an RSA ClearTrust Agent where custom values were previously used, and on the upgraded version, tighter validation has been implemented on the newer GUI page.
Legacy Article IDa28363