AclTokenType

Acl token type is either "client" (meaning the token cannot modify ACL rules) or "management" (meaning the token is allowed to perform all actions).

Name

Description

CLIENT

-

MANAGEMENT

-

AllowForwardHeaders

What kind of forward header parsing are we allowing.

Name

Description

NONE

No parsing shall be performed.

FORWARD

Only process the standard Forward header as defined by For more info see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded

X_FORWARD

Only process the non standard but widely used X-Forward-* headers.

These headers are not official standards but widely used. Users are advised to avoid them for new applications.

ALL

Will process both and . Be aware that mixing the 2 headers can open security holes has specially crafted requests that are not validated as proxy level can allow bypassing the proxy desired forward value.

For example, a proxy will add the X-Forward-* headers to a request but not filter out if the original request includes the Forward header.

ApolloWSMessageType

The link types.

Name

Description

CONNECTION_INIT

-

CONNECTION_TERMINATE

-

START

-

STOP

-

CONNECTION_ACK

-

CONNECTION_ERROR

-

CONNECTION_KEEP_ALIVE

-

DATA

-

ERROR

-

COMPLETE

-

Attestation

Name

Description

NONE

-

DIRECT

-

INDIRECT

-

AuthenticatorAttachment

Name

Description

CROSS_PLATFORM

-

PLATFORM

-

BridgeEventType

Bridge Event Types.

Name

Description

SOCKET_CREATED

This event will occur when a new SockJS socket is created.

SOCKET_CLOSED

This event will occur when a SockJS socket is closed.

SOCKET_IDLE

This event will occur when SockJS socket is on idle for longer period of time than configured.

SOCKET_PING

This event will occur when the last ping timestamp is updated for the SockJS socket.

SEND

This event will occur when a message is attempted to be sent from the client to the server.

PUBLISH

This event will occur when a message is attempted to be published from the client to the server.

RECEIVE

This event will occur when a message is attempted to be delivered from the server to the client.

REGISTER

This event will occur when a client attempts to register a handler.

REGISTERED

This event will occur when a client successfully registered. The raw message used for registration, notified with event

UNREGISTER

This event will occur when a client attempts to unregister a handler.

CanonicalizationAlgorithm

Canonicalization Algorithm for DKIM.

Name

Description

SIMPLE

-

RELAXED

-

CheckStatus

Represents an check status.

Name

Description

PASSING

-

WARNING

-

CRITICAL

-

CircuitBreakerState

Circuit breaker states.

Name

Description

OPEN

The OPEN state. The circuit breaker is executing the fallback, and switches to the state after the specified time.

CLOSED

The CLOSED state. The circuit breaker lets invocations pass and collects the failures. IF the number of failures reach the specified threshold, the cricuit breaker switches to the state.

HALF_OPEN

The HALF_OPEN state. The circuit breaker has been opened, and is now checking the current situation. It lets pass the next invocation and determines from the result (failure or success) if the circuit breaker can be switched to the state again.

ClientAuth

Configures the engine to require/request client authentication.

Created by manishk on 10/2/2015.


Name

Description

NONE

No client authentication is requested or required.

REQUEST

Accept authentication if presented by client. If this option is set and the client chooses not to provide authentication information about itself, the negotiations will continue.

REQUIRED

Require client to present authentication, if not presented then negotiations will be declined.

ContainerSerializationStyle

This enum contains supported object and arrays serialization styles. Every style has a enum value, and an array of strings to refeer to it.

Name

Description

csv

Comma separated values: "value1,value2,value3" aliases: "csv", "commaDelimited", "form", "simple"

ssv

Space separated values: "value1 value2 value3" aliases: "ssv", "spaceDelimited"

psv

+ Pipe separated values: "value1

value2

value3" aliases: "psv", "pipeDelimited" +

dsv

Dot delimited values: "value1.value2.value3" aliases: "dsv", "dotDelimited", "label"

simple_exploded_object

For internal usage, don't use it

matrix_exploded_array

For internal usage, don't use it

CookieSameSite

Represents the Cookie SameSite policy to be used. For more info https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#SameSite_cookies.

Name

Description

NONE

The browser will send cookies with both cross-site requests and same-site requests.

STRICT

The browser will only send cookies for same-site requests (requests originating from the site that set the cookie). If the request originated from a different URL than the URL of the current location, none of the cookies tagged with the Strict attribute will be included.

LAX

Same-site cookies are withheld on cross-site subrequests, such as calls to load images or frames, but will be sent when a user navigates to the URL from an external site; for example, by following a link.

DKIMSignAlgorithm

Signing Algorithm specified by DKIM spec.

Name

Description

RSA_SHA1

-

RSA_SHA256

-

DnsResponseCode

Represents the possible response codes a server may send after receiving a query. A response code of 0 indicates no error.

Name

Description

NOERROR

ID 0, no error

FORMERROR

ID 1, format error

SERVFAIL

ID 2, server failure

NXDOMAIN

ID 3, name error

NOTIMPL

ID 4, not implemented

REFUSED

ID 5, operation refused

YXDOMAIN

ID 6, domain name should not exist

YXRRSET

ID 7, resource record set should not exist

NXRRSET

ID 8, rrset does not exist

NOTAUTH

ID 9, not authoritative for zone

NOTZONE

ID 10, name not in zone

BADVERS

ID 11, bad extension mechanism for version

BADSIG

ID 12, bad signature

BADKEY

ID 13, bad key

BADTIME

ID 14, bad timestamp

ExecStatus

The status of an execution.

Name

Description

READY

The job is ready, it can be running or terminated.

RUNNING

The job is running, it can be stopped or terminated.

STOPPED

The job is stopped, it can be running or terminated.

TERMINATED

The job is terminated.

FetchDirection

Represents the fetch direction hint

Name

Description

FORWARD

-

REVERSE

-

UNKNOWN

-

HashAlgorithm

Name

Description

SHA512

The default algorithm for backward compatible systems.

Should not be used for new projects as OWASP recommends stronger hashing algorithms.

PBKDF2

Stronger hashing algorithm, recommended by OWASP as of 2018.

HashSaltStyle

Password hash salt configuration.

Name

Description

NO_SALT

Password hashes are not salted

COLUMN

Salt is in a separate column for each user in the database

EXTERNAL

Salt is NOT stored in the database, but defined as external value like application preferences or so

HealthState

Represents an health states.

Name

Description

PASSING

-

WARNING

-

CRITICAL

-

ANY

-

HttpVersion

Represents the version of the HTTP protocol.

Name

Description

HTTP_1_0

-

HTTP_1_1

-

HTTP_2

-

JsonEventType

The possibles types of link emitted by the link.

Name

Description

START_OBJECT

Signals the start of a JSON object.

END_OBJECT

Signals the end of a JSON object.

START_ARRAY

Signals the start of a JSON array.

END_ARRAY

Signals the end of a JSON array.

VALUE

Signals a JSON value.

Label

List of labels used in various Vert.x metrics. Labels that may not have bounded values are disabled by default.

Name

Description

LOCAL

Local address in client-host or host-client connections (used in net, http and datagram domains)

REMOTE

Remote address in client-host or host-client connections (used in net and http domains)

HTTP_PATH

Path of the URI for client or server requests (used in http domain)

HTTP_ROUTE

Route as provided by routing modules to the http requests

HTTP_METHOD

Method (GET, POST, PUT, etc.) of an HTTP requests (used in http domain)

HTTP_CODE

HTTP response code (used in http domain)

CLASS_NAME

Class name. When used in error counters (in net, http, datagram and eventbus domains) it relates to an exception that occurred. When used in verticle domain, it relates to the verticle class name.

EB_ADDRESS

Event bus address

EB_SIDE

Event bus side of the metric, it can be either "local" or "remote"

EB_FAILURE

Event bus failure name from a ReplyFailure object

POOL_TYPE

Pool type, such as "worker" or "datasource" (used in pools domain)

POOL_NAME

Pool name (used in pools domain)

NAMESPACE

Client namespace

LoggerFormat

The possible out of the box formats.

Name

Description

DEFAULT

remote-client - - [timestamp] "method uri version" status content-length "referrer" "user-agent"

SHORT

remote-client - method uri version status content-length duration ms

TINY

method uri status - content-length duration

CUSTOM

Will use user defined formatter function.

LoginOption

possible options for a login into a SMTP server
either DISABLED, OPTIONAL, REQUIRED or XOAUTH2

DISABLED means no login will be attempted

NONE means a login will be attempted if the server supports in and login credentials are set

REQUIRED means that a login will be attempted if the server supports it and the send operation will fail otherwise

XOAUTH2 means that a login will be attempted using Google Gmail Oauth2 tokens


Name

Description

DISABLED

-

NONE

-

REQUIRED

-

XOAUTH2

-

MatchType

The type of match.

Name

Description

EQUALS

-

REGEX

-

MatchType

The type of match.

Name

Description

EQUALS

-

REGEX

-

MetricsDomain

Metric domains with their associated prefixes.

Name

Description

NET_SERVER

Net server metrics.

NET_CLIENT

Net client metrics.

HTTP_SERVER

Http server metrics.

HTTP_CLIENT

Http client metrics.

DATAGRAM_SOCKET

Datagram socket metrics.

EVENT_BUS

Event bus metrics.

NAMED_POOLS

Named pools metrics.

VERTICLES

Verticle metrics.

MySQLSetOption

MySQL set options which can be used by link.

Name

Description

MYSQL_OPTION_MULTI_STATEMENTS_ON

-

MYSQL_OPTION_MULTI_STATEMENTS_OFF

-

OAuth2FlowType

OAuth2 Flows

Name

Description

AUTH_CODE

The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner. Instead of requesting authorization directly from the resource owner, the client directs the resource owner to an authorization server (via its user-agent as defined in [RFC2616]), which in turn directs the resource owner back to the client with the authorization code.

Before directing the resource owner back to the client with the authorization code, the authorization server authenticates the resource owner and obtains authorization. Because the resource owner only authenticates with the authorization server, the resource owner's credentials are never shared with the client.

The authorization code provides a few important security benefits, such as the ability to authenticate the client, as well as the transmission of the access token directly to the client without passing it through the resource owner's user-agent and potentially exposing it to others, including the resource owner.

IMPLICIT

The implicit grant is a simplified authorization code flow optimized for clients implemented in a browser using a scripting language such as JavaScript. In the implicit flow, instead of issuing the client an authorization code, the client is issued an access token directly (as the result of the resource owner authorization). The grant type is implicit, as no intermediate credentials (such as an authorization code) are issued (and later used to obtain an access token).

When issuing an access token during the implicit grant flow, the authorization server does not authenticate the client. In some cases, the client identity can be verified via the redirection URI used to deliver the access token to the client. The access token may be exposed to the resource owner or other applications with access to the resource owner's user-agent.

Implicit grants improve the responsiveness and efficiency of some clients (such as a client implemented as an in-browser application), since it reduces the number of round trips required to obtain an access token. However, this convenience should be weighed against the security implications of using implicit grants, especially when the authorization code grant type is available.

PASSWORD

The resource owner password credentials (i.e., username and password) can be used directly as an authorization grant to obtain an access token. The credentials should only be used when there is a high degree of trust between the resource owner and the client (e.g., the client is part of the device operating system or a highly privileged application), and when other authorization grant types are not available (such as an authorization code).

Even though this grant type requires direct client access to the resource owner credentials, the resource owner credentials are used for a single request and are exchanged for an access token. This grant type can eliminate the need for the client to store the resource owner credentials for future use, by exchanging the credentials with a long-lived access token or refresh token.

CLIENT

The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client, or to protected resources previously arranged with the authorization server. Client credentials are used as an authorization grant typically when the client is acting on its own behalf (the client is also the resource owner) or is requesting access to protected resources based on an authorization previously arranged with the authorization server.

AUTH_JWT

RFC7523

ParameterLocation

ParameterLocation describe the location of parameter inside HTTP Request

Name

Description

HEADER

-

QUERY

-

PATH

-

FILE

-

BODY_FORM

-

BODY

-

BODY_JSON

-

BODY_XML

-

COOKIE

-

ParameterType

ParameterType contains prebuilt type validators. To access to ParameterTypeValidator of every ParameterType, use link

Name

Description

GENERIC_STRING

STRING Type accept every string

EMAIL

-

URI

-

BOOL

It allows true, false, t, f, 1, 0

INT

INT type does the validation with Integer.parseInt(value)

FLOAT

FLOAT type does the validation with Float.parseFloat(value)

DOUBLE

DOUBLE type does the validation with Double.parseDouble(value)

DATE

DATE as defined by full-date - RFC3339

DATETIME

DATETIME as defined by date-time - RFC3339

TIME

TIME as defined by partial-time - RFC3339

BASE64

-

IPV4

-

IPV6

-

HOSTNAME

-

UUID

UUID as defined by RFC4122

ProxyType

The type of a TCP proxy server.

Name

Description

HTTP

HTTP CONNECT ssl proxy

SOCKS4

SOCKS4/4a tcp proxy

SOCKS5

SOCSK5 tcp proxy

RedisClientType

Define what kind of behavior is expected from the client.

Name

Description

STANDALONE

The client should work in single server mode (the default).

SENTINEL

The client should work in sentinel mode. When this mode is active use the link to define which role to get the client connection to.

CLUSTER

The client should work in cluster mode. When this mode is active use the link to define when slave nodes can be used for read only queries.

RedisRole

Define which kind of role to be used in HA mode.

Name

Description

MASTER

Use a MASTER node connection.

SLAVE

Use a SLAVE node connection.

SENTINEL

Use a SENTINEL node connection.

RedisSlaves

When should Redis Slave nodes be used for queries.

Name

Description

NEVER

Never use SLAVES, queries are always run on a MASTER node.

SHARE

Queries can be randomly run on both MASTER and SLAVE nodes.

ALWAYS

Queries are always run on SLAVE nodes (never on MASTER node).

ReplyFailure

Represents the type of reply failure

Name

Description

TIMEOUT

The message send failed because no reply was received before the timeout time.

NO_HANDLERS

The message send failed because no handlers were available to handle the message.

RECIPIENT_FAILURE

The message send failed because the recipient actively sent back a failure (rejected the message)

ResponseType

Define the response types that the client can receive from REDIS.

Name

Description

SIMPLE

C String simple String.

ERROR

C String simple String representing an error.

BOOLEAN

boolean value.

NUMBER

numeric value.

BULK

byte array value.

PUSH

Push message

ATTRIBUTE

Attribute message

MULTI

List of multiple bulk responses (List, Set, Map).

ResultSetConcurrency

Represents the resultset concurrency hint

Name

Description

READ_ONLY

-

UPDATABLE

-

ResultSetType

Represents the resultset type hint

Name

Description

FORWARD_ONLY

-

SCROLL_INSENSITIVE

-

SCROLL_SENSITIVE

-

SessionBehavior

When a session is invalidated, it is destroyed and can no longer be used. What happens to the associated locks depends on the behavior specified at creation time. Consul supports a release and delete behavior. The release behavior is the default if none is specified.

If the release behavior is being used, any of the locks held in association with the session are released, and the ModifyIndex of the key is incremented. Alternatively, if the delete behavior is used, the key corresponding to any of the held locks is simply deleted. This can be used to create ephemeral entries that are automatically deleted by Consul.


Name

Description

RELEASE

-

DELETE

-

ShiroAuthRealmType

The type of the Shiro auth realm

Name

Description

PROPERTIES

The realm is a Shiro properties auth provider

LDAP

The realm is a Shiro LDAP auth provider

SslMode

This parameter specifies the desired security state of the connection to the server. More information can be found in MySQL Reference Manual

Name

Description

DISABLED

establish an unencrypted connection.

PREFERRED

establish an encrypted connection if the server supports encrypted connections, falling back to an unencrypted connection if an encrypted connection cannot be established.

REQUIRED

establish an encrypted connection if the server supports encrypted connections. The connection attempt fails if an encrypted connection cannot be established.

VERIFY_CA

Like REQUIRED, but additionally verify the server Certificate Authority (CA) certificate against the configured CA certificates. The connection attempt fails if no valid matching CA certificates are found.

VERIFY_IDENTITY

Like VERIFY_CA, but additionally perform host name identity verification by checking the host name the client uses for connecting to the server against the identity in the certificate that the server sends to the client.

SslMode

The different values for the sslmode parameter provide different levels of protection. See more information in Protection Provided in Different Modes.

Name

Description

DISABLE

only try a non-SSL connection.

ALLOW

first try a non-SSL connection; if that fails, try an SSL connection.

PREFER

first try an SSL connection; if that fails, try a non-SSL connection.

REQUIRE

only try an SSL connection. If a root CA file is present, verify the certificate in the same way as if verify-ca was specified.

VERIFY_CA

only try an SSL connection, and verify that the server certificate is issued by a trusted certificate authority (CA).

VERIFY_FULL

only try an SSL connection, verify that the server certificate is issued by a trusted CA and that the requested server host name matches that in the certificate.

StartTLSOptions

possible options for a secure connection using TLS
either DISABLED, OPTIONAL or REQUIRED

DISABLED means STARTTLS will not be used in any case

OPTIONS means STARTTLS will be used if the server supports it and a plain connection will be used otherwise please note that this option is not a secure as it seems since a MITM attacker can remove the STARTTLS line from the capabilities reply.

REQUIRED means that STARTTLS will be used if the server supports it and the send operation will fail otherwise


Name

Description

DISABLED

-

OPTIONAL

-

REQUIRED

-

Status

Service publication status.

Name

Description

UP

The service is published and is accessible.

DOWN

The service has been withdrawn, it is not accessible anymore.

OUT_OF_SERVICE

The service is still published, but not accessible (maintenance).

UNKNOWN

Unknown status.

TransactionIsolation

Represents a Transaction Isolation Level

Name

Description

READ_UNCOMMITTED

Implements dirty read, or isolation level 0 locking, which means that no shared locks are issued and no exclusive locks are honored. When this option is set, it is possible to read uncommitted or dirty data; values in the data can be changed and rows can appear or disappear in the data set before the end of the transaction. This is the least restrictive of the four isolation levels.

READ_COMMITTED

Specifies that shared locks are held while the data is being read to avoid dirty reads, but the data can be changed before the end of the transaction, resulting in nonrepeatable reads or phantom data.

REPEATABLE_READ

Locks are placed on all data that is used in a query, preventing other users from updating the data, but new phantom rows can be inserted into the data set by another user and are included in later reads in the current transaction. Because concurrency is lower than the default isolation level, use this option only when necessary.

SERIALIZABLE

Places a range lock on the data set, preventing other users from updating or inserting rows into the data set until the transaction is complete. This is the most restrictive of the four isolation levels. Because concurrency is lower, use this option only when necessary.

NONE

For engines that support it, none isolation means that each statement would essentially be its own transaction.

Transport

The available SockJS transports

Name

Description

WEBSOCKET

rfc 6455

EVENT_SOURCE

Event source

HTML_FILE

HtmlFile.

JSON_P

Slow and old fashioned JSONP polling. This transport will show "busy indicator" (aka: "spinning wheel") when sending data.

XHR

Long-polling using cross domain XHR

TxnKVVerb

Holds type of KV operation in transaction

Name

Description

SET

Sets the Key to the given Value

CAS

Sets the Key to the given Value with check-and-set semantics. The Key will only be set if its current modify index matches the supplied Index

LOCK

Locks the Key with the given Session. The Key will only obtain the lock if the Session is valid, and no other session has it locked

UNLOCK

Unlocks the Key with the given Session. The Key will only release the lock if the Session is valid and currently has it locked

GET

Gets the Key during the transaction. This fails the transaction if the Key doesn't exist. The key may not be present in the results if ACLs do not permit it to be read

GET_TREE

Gets all keys with a prefix of Key during the transaction. This does not fail the transaction if the Key doesn't exist. Not all keys may be present in the results if ACLs do not permit them to be read

CHECK_INDEX

Fails the transaction if Key does not have a modify index equal to Index

CHECK_SESSION

Fails the transaction if Key is not currently locked by Session

DELETE

Deletes the Key

DELETE_TREE

Deletes all keys with a prefix ofKey

DELETE_CAS

Deletes the Key with check-and-set semantics. The Key will only be deleted if its current modify index matches the supplied Index

TxnOperationType

Represents the type of operation in a transaction. KV is the only available operation type, though other types of operations may be added in future versions of Consul to be mixed with key/value operations

Name

Description

KV

-

UserVerification

Name

Description

REQUIRED

-

PREFERRED

-

DISCOURAGED

-

ValidatorPriority

Name

Description

MAX_PRIORITY

-

NORMAL_PRIORITY

-

CONTEXTUAL_VALIDATOR

-

WebsocketVersion

Represents the WebSocket version

Name

Description

V00

-

V07

-

V08

-

V13

-

WriteOption

Enum representing the mongoDB Java Driver's link

Name

Description

ACKNOWLEDGED

UNACKNOWLEDGED

FSYNCED

JOURNALED

REPLICA_ACKNOWLEDGED

MAJORITY