Professional Documents
Culture Documents
ig
yr
op
C
e
cl
na
Fi
ht
Overview
rig
The Finacle Core Banking Solution is built using state-of-the-art
technology providing new generation IT architecture for the e-age. A
future proof solution, it is easily adaptable to changing business and
y
operational requirements, ensuring that the banks' investment is
safeguarded. Designed with an Oracle RDBMS/DB2 backend, the
Finacle Core Banking Solution's open architecture supports a wide
op
range of UNIX/LINUX servers.
C
The Finacle Core Banking Solution is based on the internet
technology. The front-end is web-enabled and works on the bank’s
intranet. The solution employs a message-based architecture, which
le
The key technical highlights of the Finacle Core Banking Solution are
as follows:
ht
Well thought and architected security framework
ig
Universal Banking Solution
yr
Signature Verification System
Reporting Infrastructure
Finacle Integrator
cl
Connect24
na
Config Editor
Single Signon
Fi
Deployment Scenarios
Interoperability
ht
ig
yr
op
C
e
cl
na
Fi
ig
Finacle - the universal banking solution can be represented in a
diagram as:
yr
op
C
e
cl
na
Fi
ht
ig
yr
op
C
e
cl
na
Fi
ig
Single Signon (SSO) framework is used by applications in the Finacle
Universal Banking Solution suite for authentication into the system.
yr
The SSO framework enables the application users to access multiple
applications through a single login ID and password. All the login-
related validations happen in SSO.
op
The SSO framework enables the application users of Finacle suite of
products (Finacle Core and CRM) to login once and get authenticated
C
to each application for which the user has the valid user ID and
access permissions. This framework also supports browser level
integration of other applications.
e
cl
External
Confidential
Fi
ig
The Finacle Core Banking Solution is one of the first Online
Transaction Processing (OLTP) applications which fully leverages the
yr
web technology based IT paradigm. Running on any standard
browser, the Finacle Core Banking Solution caters to all the functional
requirements of tellers and managers, through the bank’s intranet.
op
This means that Bank users can access Finacle Core Banking
Solution using the standard browser, without installing any client
software.
C
Benefits of this new generation web architecture over the traditional
client-server technology are:
e
The web paradigm works over multiple platforms. This enables the
bank to choose from multiple hardware platforms.
Providing Scalability
ht
architecture, it is highly scalable. Starting with investments only for
current needs, banks can seamlessly scale up to their future
requirements by simply adding supporting hardware to each tiers of
ig
Finacle Core Banking Solution.
yr
Eliminating Software Distribution Issues
In web paradigm, the server has all the business rules built in and the
op
client is a thin client. This means that every time a new feature is to be
added to the software, the required upgradation can be done at
central server only. The banks can thus eliminate major issues
C
regarding software distribution and version control in a typical client-
server application.
e
new applications such as chat, news, mail, and white boarding. The
Core Banking Solution and its menus are defined as being present in
the transaction space and the surrounding web applications appear in
Fi
the surround space. This means that the employee of the bank can
open several applications at the same time like - Finacle for Core
Banking, chat to converse with the head office for a loan appraisal
perhaps, e-mail for communicating with the customer, and so on. This
ensures that the Finacle Core Banking Solution - a completely web
enabled application - can co-exist with the existing intranet
architecture of the bank.
ht
ig
yr
op
C
e
cl
na
Fi
ig
The Finacle Core Banking Solution is one of the first Online
Transaction Processing (OLTP) applications which fully leverages the
yr
web technology based IT paradigm. Running on any standard
browser, the Finacle Core Banking Solution caters to all the functional
requirements of tellers and managers, through the bank’s intranet.
op
This means that the employees of the bank using the Finacle Core
Banking Solution do not need to install any client software on their
PCs and can access the Finacle Core Banking Solution through a
C
standard browser.
e
cl
Confidential
Fi
ig
Connect24 is a unified customer delivery channel which acts as a
bridge between the various Delivery Channel Controllers (DCC) and
yr
the Finacle database.
A DCC controlling delivery channels such as ATM, Point of Sale
op
(PoS), tele-banking and internet banking can interface in real-time with
Finacle through Connect24 using the ISO-8583 message format or
MQ format as per applicable.
C
Connect24 caters to the real-time data requirements of all delivery
channels. Real-time in this case refers to the contacting bank’s main
database responding back to the Delivery Channel Controllers (DCC).
e
ig
Finacle Integration Framework is an architectural and functional
framework that provides a unique multi-functional and multi-channel
yr
banking solution for interfacing Finacle to multiple external systems.
Finacle Integration Framework provides support for seamless
op
integration of Finacle Core Banking Solution with the bank’s various
backend systems and channels. It offers synchronous and
asynchronous data communication in either direction, while being able
C
to integrate with standard middleware applications. It has the
necessary adaptors to align with industry standard tools for security,
application monitoring and error handling.
e
cl
External
Confidential
Fi
ig
The Finacle Configuration Service and Editor (FCSE) tool is designed
to read the configuration information from a centralized Configuration
yr
Service. The Configuration Service accesses a central repository to
retrieve the Listener Monitor (LIMO) - specific configuration
information. It is a centralized, secure, browser-based configuration
op
editor designed to manage the configuration information in the
repository.
C
LIMO is an application server that distributes applications across
multiple platforms, databases and operating systems (Windows and
UNIX Flavors – Sun Solaris, IBM AIX, HP UX) using message-based
e
ht
ig
yr
op
C
e
cl
na
Fi
ig
This is a Finacle suite of product, which acts as a central repository for
all the reports at Finacle. It can hold the reports of Finacle Core, CRM
yr
and other solutions. It has various features, like batch scheduling
based on the ONS framework. It has been built in such a way that it
supports both open source reporting solution of jasper and crystal
enterprise reporting solutions.
op
C
© EdgeVerve Systems Limited
e
External
cl
Confidential
na
Fi
ig
CRM refers to Customer Relationship Management. As the name
suggests, CRM deployment is required for managing excellent
yr
relationship with the clients of the bank, which in turn helps the bank
enhance its business. CRM supports value based services by
differentiating the customers based on customer segmentation,
op
business support provided, potential available for business growth,
social status and so on.
C
CRM application supports marketing, sales and support activities of
clients apart from logging in the interactions (message exchanges)
and unified view of the entity relationship across multiple applications.
e
ig
The Finacle Core Application Banking Solution supports storage of
signatures, photographs and ID cards of customers and the bank's
yr
employees through the Signature Verification System (SVS). The SVS
is an intelligent independent system integrated in a seamless manner
with the Finacle Core Banking Solution database. It can be used in
op
conjunction with the Finacle Core Banking Solution or as a standalone
system.
C
It is used to scan images and store them in the database for later use.
In this manner, signatures are stored and retrieved for verification at
the time of conducting transactions. This also helps in automating the
e
The SVS indexes all stored images by generating an ID for each item.
It also provides options for efficient user management, role
na
ig
The Finacle Core Application Banking Solution has a number of
individual functions required for operations at a bank. These are
yr
accessed through different menu options. However, since these
options are highly granular, the completion of a specific business
transaction in a branch might require a number of these menu options
op
to be executed. Workflow is a tool that facilitates the bank to define,
automate and execute various business processes in the Finacle Core
Banking Solution. A process in workflow is a logical arrangement of
C
business activities in which the Finacle Core Banking Solution menu
options have been chained.
e
Workflow has been designed to help the bank map their existing
business processes and optimize their existing business processes. A
cl
banking event has many steps from the start to the end of the event.
na
across the menus are passed to the forms which follow, thus reducing
data entry.
ht
External
Confidential
ig
yr
op
C
e
cl
na
Fi
ig
In today's scenario where banks are moving towards enhanced
customer service by providing anywhere, anytime banking it has
yr
become imperative as a solution provider to ensure that banks are in a
position to serve their customers on a 24x7x365 basis. One of the
unique features of the Finacle Core Banking Solution is that it provides
op
24x7x365 architecture not only through delivery channels, but also
through the branches.
C
This section discusses:
24 X 7 X 365 Functionality
e
External
Confidential
ig
The key components are Connect24 and Finacle Integrator (FI). The
unified delivery channel strategy can be represented as:
yr
op
C
e
cl
na
Fi
ht
from end users. Clients can not directly access the Finacle App
server. They have only access to Web server which consequently
ig
accesses the App server.
yr
Web Server
op
Web Server holds presentation logic for Finacle application. It contains
finbranch directory which holds java server pages, java beans, java
scripts for all the screens of Finacle menu options.
C
Web server is the machine where the Finacle Login page is available.
This server has the ability to load the login page for the user. Apart
from login page the screens for all Finacle menu options are also
e
SSO
na
ht
Connect24
ig
Connect24 is a single real-time interface for all delivery channels. It
yr
integrates a wide range of delivery channels such as Treasury,
ATM/POS, Telephone, Call Center and Internet Banking with Finacle.
Finacle Integrator
ht
ONS.
ig
Finacle Integrator consists of the server and the client side. The client
to the Finacle Integrator can be CRM (Customer Relationship
Management), IVR (Interactive Voice Response) or any other channel
yr
or third party software. These channels contain the client side files and
contact the Finacle Integrator server through RMI (Remote Method
op
Invocation) or IIOP (Internet Inter-ORB Protocol where ORB is the
Object Request Broker). The Finacle Integrator server contacts the
Finacle Core Banking Solution through Connect24 or through Online
C
services (ONS) network.
e
cl
Confidential
Fi
ig
A typical branch deployment can be represented as:
yr
op
C
e
cl
na
Fi
Finacle@Branch
ht
branch application requests. It is linked to the local branch database
and services requests pertaining to the branch only. The local stand-in
ig
server database is refreshed from the Central Stand-in Server in a
streamlined fashion from time to time, based on the frequency set for
yr
that branch.
FAB supports commonly used retail functions such as the following:
Some scenarios where the bank has to function normally in the case
of non-availability of either Connect24 or Finacle are as follows:
Branch is offline
When the branch is offline, FAB talks to the branch stand-in server or
the LSIS. In this case there is limited retail functionality. Once the
branch is online, the Central DB server (CDBS) is updated through
ht
If the Central Database goes down, the CSIS takes over in Risk
ig
Limiting Mode (RLM). The Finacle@Branch starts communicating with
CSIS through Connect24. Once the CDBS is up, CSIS updates CDBS
yr
through SAF replay and hands over the control to CDBS.
ig
Though banking practices and procedures remain constant globally,
local laws, customs, and traditions drive individual banks to follow
yr
certain procedures and systems which are by and large isolated to
that particular region or bank.
op
In this scenario, it becomes necessary to have an application software
that caters to those local and isolated needs of the bank. This
necessitates the application software to be more open, flexible,
C
scalable, and inter-operable with certain other application software
products running at such banks.
The Finacle Core Banking Solution has been developed keeping the
e
ONS Customization
Fi
Reports
ht
ig
yr
op
C
e
cl
na
Fi
ig
Scripting is a unique and powerful tool that makes the Finacle Core
Banking Solution a truly open, customizable, extensible and
yr
interoperable system. It is an interpretive language processor. An
easy English-like language that has a varied number of applications
can be used for writing a script. The Finacle Core Banking Solution
op
provides hooks at various points from where custom logics written
using scripts is executed by the Scripting Engine. Some of the
applications of scripting are:
C
Enhance and define new business rules
e
Allows you to apply your own logic on the data associated with
that event
na
For Example:
The bank wants to segregate the front office and back office
operations as per their practice and needs to customize the
ht
relevant screens. Scripts allow for changing field values thus
allowing minimum data entry at the front office. In this manner
ig
the bank can not only customize screens to achieve this, but
also optimize their customer turn-around time.
yr
Apart from this, there are a number of other events where scripting
has been enabled to increase the scope of customization. These
op
events allow the bank to transfer data of the Finacle Core Banking
Solution events to other applications and vice-versa.
See Scripting Events module for further details.
C
e
External
Confidential
na
Fi
ig
Finacle Online Services menus are developed on Java or JSP
platform, while C and UNIX are selected as the technology for
yr
backend functionality. A summary of the architecture includes HTML
pages with javascripts for front end, Java / JSP technology on the web
tier and backend service hosted on the LIMO app server.
op
Various customization features are available for the Finacle Core
Banking Solution ONS menu options. There are different types of
C
customizations in ONS which include:
All the ONS menu options are built using the Java Server Pages
Fi
ht
menu option must be created which calls the new jsp page. This jsp
contains all the details regarding the fields that must be included in the
new menu option and how the screen would look. These jsps
ig
communicate directly with the scripts in the backend. The user can
send data from the jsp page created to a Finacle Core script in the
yr
backend.
op
JSP pages contain the logic to capture fields on the screen.
C
Addition of Custom Tab
extended custom beans and reposmgr. The custom tabs can only be
added to existing tabs.
cl
External
Confidential
ig
The Reporting Infrastructure is a module in Finacle Universal Banking
Solution which can be used for all type of reporting requirements. The
yr
Infrastructure has been designed to use various reporting tools to get
the required reports without dependency on the Finacle Product
release.
The reporting Infrastructure supports: op
C
Maha Reports Template
Crystal Reports
e
Jasper Reports
cl
Reports in various formats like PDF, XLS, DOC, RTF, HTM and Text
na
ht
Confidential
ig
yr
op
C
e
cl
na
Fi
ig
The Finacle Core Banking Solution has an in-built report writer tool
which enables generation of customized report templates. It is a
yr
special reporting tool called Maha Reports Template (MRT). Using this
report formatting tool the bank can prepare its own reporting format
and generate various reports. The bank can define the layout of the
op
report, the page size, margins, position of data and literals to be
printed. You can also define the grouping and sorting order and
control totals required at different levels. Different functions like
C
maximum, minimum, average are also available.
See Maha Reports Template module for further details.
e
cl
External
Confidential
Fi
ig
Crystal Report is a powerful reporting tool that has the ability to deliver
reports in various formats like PDF, DOC, XLS and so on based on
yr
the user’s requirement. Crystal reports can be used for generating
adhoc reports. The product also uses a graphic user interface (GUI)
based designer that can be used to design the report template. The
op
template along with the data can be used to generate required report
containing rich content.
C
e
Confidential
na
Fi
ig
Jasper Reports is an open source reporting tool which can be used to
generate a wide variety of reports in various formats like PDF, XLS,
yr
RTF, CSV, and HTM. Jasper Reports can be used along with a
graphic user interface (GUI) based designer to produce reports in the
required format.
op
C
© EdgeVerve Systems Limited
External
e
Confidential
cl
na
Fi
ig
Finacle provides various menu options for performing different
functions. These are the only base or product menus. This may not
yr
suffice all the requirements from the bank. So, there is an option
provided in the Custom Work Bench tool with which the new menus
can be created based on the requirements. The Customization Work
op
Bench (CWB) is an automation tool for customizing ONS menu
options and significantly reduces the build time for front end. These
new menus are called custom menus.
C
e
External
Confidential
na
Fi
ig
Finacle Integrator Online Customization is a module used to
customize and implement integration cases. There are various
yr
scenarios which can be handled through FI. Some of the cases are
where external channel is a service requestor or Finacle is a service
requestor and so on.
op
C
© EdgeVerve Systems Limited
External
e
Confidential
cl
na
Fi
ig
The Finacle Core Banking Solution supports storage of signatures,
photographs and ID cards of customers and the bank's employees
yr
through the Signature Verification System ( SVS ). The SVS is an
intelligent independent system integrated in a seamless manner with
the Finacle Core Banking Solution database. It can be used in
op
conjunction with the Finacle Core Banking Solution or as a standalone
system.
C
It is used to scan images and store them in the database for later use.
In this manner, signatures are stored and retrieved for verification at
the time of conducting transactions. This also helps in automating the
e
The SVS indexes all stored images by generating an ID for each item.
It also provides options for efficient user management, role
na
ig
LIMO (LIstener MOnitor) is an application server that distributes
applications across multiple platforms, databases and operating
yr
systems (Windows, Sun-Solaris Unix, HP-Itanium and IBM-AIX Unix)
using message-based communication.
op
Limo comprises of various components – LiSrvr, MARIA, OP-Console
and Limo Clients. This document explains in detail, the usage and
functionality of each of the above defined components and also
C
explains the usage and functionality of different parameters of the
configuration file written by client as well as server.
e
cl
External
Confidential
Fi
ht
2. Usage and functionality of different components of LIMO.
ig
3. Explains the different parameters of configuration and also how
to write this file.
yr
4. Provides a basic description of OP-Console.
op
C
© EdgeVerve Systems Limited
External
e
Confidential
cl
na
Fi
ig
The following are the features of Limo Architecture:
yr
1. Terminology Used
2. Flow Diagram
3. Components op
C
4. Process Flow
5. Features
e
6. Usage Scenarios
cl
na
External
Confidential
ig
Various components of LIMO are as follows:
yr
1. Lisrvr – Limo Server executable. These executable are used for
processing the client requests.
2.
op
MARIA – Multiple Asynchronous Request Interface Adapter
(MARIA) is used as a broker whose main function is to administer
the Limo servers i.e. to bring up the Lisrvrs as and when required.
C
3. OP-Console – Main purpose of this is to send alert messages to
event viewer on Windows machine machine and to the syslog of
e
UNIX.
cl
4. Limo Client – These are the clients that send the requests to the
Limo server.
na
Fi
ig
yr
op
C
e
cl
na
Fi
Figure 1-1 illustrates the LIMO Framework. External client (those who
sends the request) sends the request to MARIA and then for
processing the request, MARIA can send this request to any of the
Lisrvrs or can invoke a new Lisrvr. For processing the requests,
business logic is written by the user in a file which is then compiled in
a SO/DLL and this SO/DDL is subsequently loaded by the Lisrvr.
Lisrvrs can also send the requests to other Lisrvr for processing the
ht
specified Windows machine. Messages logged in UNIX can be viewed
in /var/adm in messages file.
ig
yr
© EdgeVerve Systems Limited
Confidential
op External
C
e
cl
na
Fi
ig
In this framework following components/libraries are provided:
1. LIMO.EXE (Parent Monitor Exe)
yr
2. LISRVR.EXE (Application Server Exe )
3. MARIA.EXE (Multiple Async Request Adapter Exe )
op
For each installation there will be bin, fce, work and log directories. Bin
directory will include all the exe’s and DLL’s/so’s , fce will contain
C
configuration files (client and server configuration files ) , work is used
for internal use and Log directory for Error/Event logging.
e
Usage:
cl
limo ../fce/limoserver.cfg
Fi
ig
Client can send the requests by invoking different sevices. When
these requests come from a client, it can either go to MARIA or
yr
directly to the Lisrvr. This behaviour depends solely on the
configuration file parameters.
ig
1. All the common communication functionalities are at one place.
yr
2. Common Application Servers – MARIA, OP-Console will be
provided.
3. op
Application developer needs to know and concentrate only on
business functionality
C
4. MARIA – one and only one interface for outside world clients
ig
The Limo architecture can be used in the following defined ways:
yr
1. Rendered Limo Client and Rendered Limo Server
Confidential
Fi
ig
Limo client and Limo server – both are delivered with the product i.e.
application SO/DLL (where business logic is written) is already
yr
present on server side and services (that are used by the users) are
already defined in the Limo client.
ig
Customer can prepare his/her own Limo client by defining the services
but Limo server is delivered with the product.
yr
© EdgeVerve Systems Limited op External
C
Confidential
e
cl
na
Fi
ig
Limo client is delivered with the product but customer can write his/her
own Limo server.
yr
© EdgeVerve Systems Limited op External
C
Confidential
e
cl
na
Fi
ig
Customer has to write both Limo client as well as Limo server.
yr
© EdgeVerve Systems Limited
Confidential
op External
C
e
cl
na
Fi
ig
Server Configuration File:
yr
The file <ServiceName>-<IP Address>.cfg stores the Configuration
details in encrypted form.The administrator can obtain the parameters
and values from Configuration Editor.
Following are the parameters related to Liserver: op
C
1. LISERVER_SECTION=LISERVER_CONF
2. LISERVER_SECTION=STDENV
e
3. LISERVER_SECTION=SRVC_<SERVICE NAME> 6
cl
4. LISERVER_SECTION=ENV_<Service Name>
na
Fi
ig
This is the global section for server configuration file. All the Services
declared in the file will use this global information.
yr
LISERVER_LOG_DIR:
op
Log directory path should be given here. All the Error logs / Trace
logs/ Event logs will be created in this directory. Log file name will be
LISRVR_<Service Name>_<PID>.log and trace/event file will be
C
having same name with .evt extension. This directory should have
write permissions for the LIMO user.
e
LISERVER_WORK_DIR
cl
Work directory will be used for internal purpose. LIMO user should
have write permissions for this directory.
na
LISERVER_OPCCFG_FILE
This file will contain entries for Op Console host and port numbers.
Fi
ig
This is global environment section for LIMO services. Any
environment variable set under this section will be available in all the
yr
services.
LISERVER_EVENT_LOGGING
op
This is used for Event/Trace logging. It can have two values ON/OFF.
C
OPC_LIMO_ID
LIMO_MONITOR_PORT
na
ig
This is section defines a service. The length of Service Name should
be less than 30 characters. It will be having following parameter
yr
values:
PORT_NUM
op
Port Number on which Service will be brought up. All the clients will
use this Port Number for connecting to the <Service Name> Service.
C
LISTEN_Q_SIZE
PATH
na
START_NUM_INST
Fi
MAX_NUM_INST
This parameter enables SSL and specifies the SSL server certificate
and private key path. The server certificate and private key should be
in a single file in PEM format. The Private Key should be password
encrypted by PEM standards. FinacleComponent.pem is a default
ht
certificate and the password for the key is- finacle. The CA certificate
is also available, as FinacleCA.pem. The Distinguished Names of the
certificate are:
ig
C=IN, ST=Karnataka, L=Bangalore, O=Infosys Ltd.,
yr
OU= Banking Business Unit,
CN=Finacle Component, emailAddress=banksinfo@infosys.com
CERT_PASSWORD_FILE op
C
This parameter enables limo to read the encrypted password from the
specified file. If this parameter is not specified in the SRVC section of
service, the limo will prompt for the password. The password written in
e
ig
This section includes environment variables for Service. The length of
Service Name should be less than 30 characters.
yr
LIMOC_CONFIG_PATH
op
LIMO Client configurations file will be specified here. This will be
having entries for OP Console Service and other Services. This is a
mandatory entry.
C
LIMOC_SOCKARRAY_SIZE
for usage.
na
CONNECTION_TIMEOUT
This is connection timeout value. Lisrvr will wait for client connections
for this timeout value. If this is set as –1, it means infinite.
Fi
RECV_TIMEOUT
Lisrvr will wait in Receive for this timeout value after a connection is
established. If this is set as –1, it means infinite.
VALID_CLIENT_IP
INIT_FUNC
SIGNAL_HANDLER_FUNC
ht
This defines the DLL/SO name and Signal Handler Cleanup Function
ig
name.
CLEANUP_FUNC
yr
This defines the DLL/SO name and Error Cleanup Function name.
PROC_MSG_FUNC op
This defines the DLL/SO name and Main Process Message Function
C
name. This is mandatory, if Service is not Non Listening type of
Service.
e
SSO_ENV
cl
SSO_SERVICE_NAME
SSO Admin.
ENCDEC_FUNC
NON_LISTEN_FUNC
This defines the DLL/SO name and Non Listening Function name.
OPC_APP_ID
ht
the messages sent by Application Server to Op Console will be logged
with Service Name as this name.
ig
CONN_TMOUT
yr
This is the connect Timeout value in seconds. Application Server will
try connecting only for specified time . If Application Server could not
SSL_AUTH_FUNC
op
connect to destination server within the specified time, error will be
C
This defines the DLL/SO name and SSL Authentication Function
name. This should be defined only if SSL_CERT_NAME is defined.
e
cl
SSL_CLEANUP_FUNC
This defines the DLL/SO name and SSL Cleanup Function name. This
na
SSL_CIPHER_LIST
Fi
This defines the Protocol and SSL cipher list the server would be
supporting. The protocol and ciphers are separated by a ‘ ’ and the
ciphers themselves are separated with a ‘:’. When this option is not
defined then the default is DES-CBC3-SHA (triple Des with RSA and
the protocol is TLSv1). Any lexical errors regarding the ciphers are
ignored and will not be reported. When the server does not find a
matching cipher suit then the connection is closed immediately.
An example with the protocol would be –
ht
Supported cipher suits under SSLv3- RC4-MD5, RC4-SHA, IDEA-
CBC-SHA, DES-CBC-SHA, DES-CBC3-SHA.
ig
Supported cipher suits under TLSv1- AES128-SHA, RC4-MD5, RC4-
yr
SHA, IDEA-CBC-SHA, DES-CBC3-SHA, DES-CBC-SHA.
SSL_ CLIENT_AUTH
op
This defines the Client authentication feature. This parameter can take
2 values viz. MANDATORY and OPTIONAL. By default the server
C
runs with the optional value where clients are not forced to produce a
client certificate. If the parameter is defined with “mandatory” then
clients have to produce a client certificate for authenticatication.
e
CERT_VERIFICATION_FILE
cl
SerialNumber=9%10%11%12%1
IssuerCountry=IN% US % GM %GU
IssuerState=Karnataka%Delhi%UP%MP
IssuerLocality=Bangalore%Delhi%Chennai%Lucknow
IssuerOrg=Infosys Ltd.%ABC%DEF
IssuerOrgUnit=Finacle IBU%BCMD
ht
SubjectState=Karnataka%Delhi%UP%MP
SubjectLocality=Bangalore%Delhi%Chennai%Lucknow
ig
SubjectOrg=Infosys Ltd.%ABC%DEF
SubjectOrgUnit=Finacle IBU%BCMD
yr
SubjectCommonName=Finacle Component%My CN%Finacle
Architecture Group
SubjectEMail=
@infosys.com%finacle@infosys.com
op FinacleComponent
C
“%” is the delimiter here.
The genpwdfile utility is provided which encrypts the input plain text
e
LIS_SHUTDOWN_COUNT
ht
Upper Limit for Shutdown Count
ig
LIS_MIN_SHUTDOWN_COUNT
Lower Limit for Shutdown Count
yr
These parameters are read from the configuration only in the case
when LIS_SHUTDOWN_COUNT parameter is not available.
op
If LIS_SHUTDOWN_COUNT parameter is not present, the upper and
lower limits are read from the environment and the random values in
C
the range are calculated for the shutdown count of LISRVRS. The
random shutdown count is required so that all LISRVRs do not die
together.
e
Algorithm is:
If LIS_SHUTDOWN_COUNT is available in the environment, same is
Fi
ht
ig
© EdgeVerve Systems Limited
yr
External
Confidential
op
C
e
cl
na
Fi
ig
1.
yr
Flow Diagram
3.
4.
Limo Client Configuration File (LIMOCLIENT.CFG)
LIMOC_SECTION=SERVICENAME_OPC
op
C
e
External
na
Confidential
Fi
ig
yr
op
C
e
cl
na
yr
External
Confidential
op
C
e
cl
na
Fi
ig
The file <ServiceName>-<IP Address>.cfg stores the Configuration
details in encrypted form.The administrator can obtain the parameters
yr
and values from Configuration Editor.
LISERVER_SECTION=LISERVER_CONF
LISERVER_LOG_DIR=../log
LISERVER_WORK_DIR=../work
op
C
LISERVER_SECTION=STDENV
LISERVER_EVENT_LOGGING=ON
e
LISERVER_SECTION=SRVC_<SERVICE NAME>_MARIA
cl
PORT_NUM=8095
na
LISTEN_Q_SIZE=10
PATH=../bin/MARIA.exe
Fi
START_NUM_INST=1
MAX_NUM_INST=1
SSL_CERT_NAME=FinacleComponent.pem
CERT_PASSWORD_FILE= FinacleComponent.password
LISERVER_SECTION=ENV_<SERVICE NAME>_MARIA
LIMOC_CONFIG_PATH=../fce/limoclient.cfg
ht
MAX_CLIENTS=10
APP_PRIMARY_HOST=192.168.78.51
ig
APP_ALTERNATE_HOST=192.168.78.51
yr
APP_PORT=5666
MARIA_MAX_Q_LEN=10
MARIA_WARN_Q_LEN=5
MONITOR_LISTEN_PORT=8891
op
C
VALID_MONITOR_IP=192.168.78.51
RECV_FORMAT=H50(13,6,AS)
e
RECV_FORMAT=CUSTOM
cl
CUSTOM_RECV_FUNC=appso.dll BCCustomRecv
na
AUTH_FUNC=appso.dll ClientAuthFn
SSL_CUSTOM_RECV_FUNC=appso.dll BCSSLCustomRecv
Fi
1. LISERVER_SECTION=SRVC_<SERVICE NAME>_MARIA
2.
ht
LISERVER_SECTION=ENV_<SERVICE NAME>_MARIA
ig
© EdgeVerve Systems Limited
yr
External
Confidential
op
C
e
cl
na
Fi
ig
The file <ServiceName>-client.cfg stores the Configuration details in
encrypted form.The administrator can obtain the parameters and
yr
values from Configuration Editor.
# Env to be set for all client operation
LIMOC_SECTION=GLOBAL_INFO
LIMOC_LOG_DIR=../log
op
C
ENABLE_OPC_LOG=N
OPC_PRODUCT_ID=Core Banking
e
OPC_APP_ID=LimoClient
cl
LIMOC_SECTION=SERVICENAME_MyService001
PRIMARY_IP=192.168.78.51
Fi
ALTERNATE_IP=192.168.78.169
PORT_NUM=6666
RECV_TIMEOUT=60
CONN_TMOUT=0.030
AUTH_RECV_TIMEOUT=500
SRVR_APPID=SR001
ht
AUTHENTICATION_LIB=certicomm.dll CRTCMAuthFn
ENCDEC_CLASS=ClntEncDec
ig
ENCDEC_FUNC=userdef.dll ClntEncDecFn
yr
REVERSAL_RECON_CLASS=ClntRevRecon.class
REVERSAL_FUNC=userdef.dll ClntRevFn
RECONN_FUNC=userdef.dll ClntReconFn
HANDLE_DUPLICATE_MSG=Y
op
C
SSL_AUTH_FUNC=limossl.dll limoc_SSLauth_fn
SSL_CERT_VERIFY_FUNC=limossl.dll limo_testverify
e
SSL_CIPHER_LIST= AES128-SHA:RC4-MD5
na
CERT_PASSWORD_FILE= FinacleComponent.password
CERT_VERIFICATION_FILE= TrustedCertificates
Fi
2. LIMOC_SECTION=SERVICENAME_<SERVICE NAME>
ht
© EdgeVerve Systems Limited
External
ig
Confidential
yr
op
C
e
cl
na
Fi
ig
This section defines the OP CONSOLE, to which all the alert
messages from the client will be sent. OP CONSOLE logs all the alert
yr
messages received into the Event Viewer of the machine.
Service names starting with “OPC” are reserved for OP CONSLE.
PRIMARY_IP op
This is the IP address of the machine, where OP CONSOLE is
C
running. This parameter is mandatory.
ALTERNATE_IP
e
PORT_NUM
Fi
ig
Messages sent to Op Console by LIMO Clients and Servers will be
displayed in Windows Event Viewer. Alert Code sent will be parsed for
yr
Module Id and Error code. Error Code will be displayed as Event ID
and Module Id will appear in the message.
ht
ig
yr
op
C
e
cl
na
Fi
ig
This is a utility for starting LIMO Application Server .
yr
USAGE :
op
startlimo <Windows Service Name> - will start the already installed
Windows LIMO Service
C
e.g. startlimo FAB Service
startlimo – install - will install a Windows LIMO
e
Service
cl
LIMO Service
startlimo – stop - will stop a running Windows
Fi
LIMO Service
ht
If this file is already present in the directory, then LIMO will not be
ig
brought up .
For Installing new LIMO Service:
yr
>startlimo –install.
BANCSCONNECT
>Please Enter the Display
op
>Please Enter Service Name to be installed (e.g. FAB Server):
c:\bancsconnect\v2.0\bin\limo.exe
cl
>Please Enter the full Path where LIMO configuration file is present :
c:\ bancsconnect\v2.0 \fce\portcodes.cfg
na
Fi
ig
The following are the codes :
yr
1. Alert Codes Used by Maria
ig
The Alert Codes used by Maria are:
yr
1. ALRT_MARIA_INVALID_CLIENT 5000
2. ALRT_MARIA_APPS_FULL_INQ 5001
3. ALRT_MARIA_WARN_Q_REACHED 5002 op
C
4. ALRT_MARIA_CLIENT_SEND 5003
5. ALRT_MARIA_APP_RECV 5004
e
6. ALRT_MARIA_CLIENT_RECV 5005
cl
7. ALRT_MARIA_APP_CONNECT 5006
na
8. ALRT_MARIA_ACCEPT_CLIENT 5007
9. ALRT_MARIA_ACCEPT_MONITOR 5008
Fi
18.
ht
ALRT_MARIA_APP_SEND 5017
ig
© EdgeVerve Systems Limited
yr
External
Confidential
op
C
e
cl
na
Fi
ig
The Alert Codes used by LISRVR are:
1. ALRT_LISRVR_DECRYPT_ERR 6000
yr
2. ALRT_LISRVR_ECRYPT_ERR 6001
3. ALRT_LISRVR_SEND_TO_CLIENT_ERR 6002
4. ALRT_LISRVR_APPINIT_ERR 6003
op
C
5. ALRT_LISRVR_PROCMSG_NOTDEFINED_ERR 6004
6. ALRT_LISRVR_UNAUTH_CLIENT_CONNECT_ERR 6005
e
7. ALRT_LISRVR_AUTH_ERR 6006
cl
8. ALRT_LISRVR_AUTH_SEND_ERR 6007
9. ALRT_LISRVR_RESPONSE_DROPPED_ERR 6008
na
Fi
ig
The Limo Client uses these alert codes internally, to send the alerts to
Op Console. The Module Id is LIC followed by the error code given
yr
below:
1. ALRT_LIMOC_UNABLE_TO_CONTACT_SRVC 4000
2. ALRT_ LIMOC_AUTHENTICATION_FAILURE 4001
3. ALRT_ LIMOC_REV_FN_FAILED_PREP_SEND 4002
op
C
4. ALRT_ LIMOC_REV_FN_FAILED_ERR_IN_SEND 4003
5. ALRT_ LIMOC_RECV_RESEND_ERROR 4004
e
ht
ig
yr
op
C
e
cl
na
Fi
ig
The Limo (parent) uses these alert codes internally, to send the alerts
to Op Console. The Module Id is LIM followed by the error code given
yr
below:
1. ALRT_LIMO_CHILD_NOT_RESTART 7001
2. ALRT_ LIMO_DEAD_CHILD 7002
op
C
© EdgeVerve Systems Limited
e
External
cl
Confidential
na
Fi
ig
The Monitoring Tool uses these alert codes internally, to send the
yr
alerts to Op Console. The Module Id is MON followed by the error
code given below:
1. 7501
2. 7502
op
C
3. 7503
4. 7504
e
5. 7505
cl
na
Confidential
ig
The Finacle Core Banking Solution is an open system providing three
layers of integration, including:
yr
To delivery Channels
The Finacle Core Banking Solution supports both inward and outward,
e
Online inward
na
Online outward
Script hooks enable any event within Finacle Core Banking Solution
to talk online to external applications
ht
ig
yr
op
C
e
cl
na
Fi
ig
The directories created by./finacleinstall.sh after completion of
installation include:
yr
Finacle
a.FC10.4
app
op
C
CDCI_LOG
DBInfo
e
DBSeed
cl
MCIS
na
SEQGEN
b2k
Fi
cust
doc
isp
iviews
mrt
prod
ht
images
jasper
ig
jrxml
yr
mdt
mrt
scripts
ser
op
C
sql
uxml
e
exe
cl
jasper
lib
na
menu
sample
Fi
sercon
services
tables
util
views
ht
app
ig
variable TBA_PROD_ROOT and B2K_PROD_ROOT.
yr
b2k
op
This is the directory which contains directories for all the installation
IDs on the server. These directories will also be linked into the
/etc/b2k. These directories contain important site specific files like
C
comonenv.com, custoption file, modules.dat and so on.
prodbase
e
cl
cust
Fi
The cust directory is for custom file programs. Bank has to create cust
directory under TBA_PROD_ROOT. In the cust directory, bank can
create directories for the ‘entity’ and put the com, mrt, menu and script
files for the customized solutions.
tables
sql
ht
All the sql scripts needed for the application are stored here.
ig
mrt
yr
The MRT directory contains all the purge related report templates for
Finacle. The Finacle Core Banking Solution looks into the TBA_MRT
op
directory initially and if the template referred by the application is not
found then it looks for the template in TBA_PROD_ROOT/cust/<BANK
ID>/INFENG/mrt directory.
C
samples
e
The sample directory contains the sample scripts, sql, mrt and other
cl
prod
This directory contains the repository files for the report templates.
Fi
util
CDCI_LOGS
doc
ht
services, also contains the script names to be used for customization
of finacle core menus at various levels.
ig
services
yr
This directory holds all the services for finacle core.
op
C
© EdgeVerve Systems Limited
External
e
Confidential
cl
na
Fi
ig
The abbreviations used in the Architecture and Directory Structure
module are:
yr
DB Database
FT Finacle Treasury
CRM
SVS
Customer Relationship Management
apps Application
e
ig
Message:
yr
Instance of Application Server brought up by LIMO is
dead
Type:
Error
op
C
Description:
Corrective Action:
Please inform the Admin and check the error log files.
ig
Message:
yr
Unable to Restart Application Server
Type:
Description:
Error op
C
LIMO is re start the dead Application Server.
e
Corrective Action:
cl
ig
Message:
yr
Error in receiving response from Service <Service Name> Server App
Id <Server Name>
Type:
Error
op
C
Description:
Transieve.
cl
Corrective Action:
na
ig
Message:
yr
Response not matching, from Service <Service Name> Server App Id
<Server Name>
Type:
Error
op
C
Description:
the server and the response from the server should have the same
cl
ig
Message:
yr
Max no of connections for Limo Client exceeded.
Type:
Error
Description:
op
C
You have tried to open more than the maximum number of
connections (mention during the client initialisation).
e
cl
Corrective Action:
ig
Message:
yr
Decryption function failed for Service <Service Name> Server App Id
<Server Name>
Type:
Error
op
C
Description:
Corrective Action:
na
• The Encrypt/Decrypt Function of the client and the server may not be
matching.
Fi
ht
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Send message to Service <Service Name> Server App Id <Server
Name> failed.
Type:
Error
op
C
Description:
The Client was unable to send the message to the server. This may
e
be because of:
cl
• After the Client had established the connection the servers may have
gone down.
na
Corrective Actions:
Fi
• Check the Server status. Restart the servers if they are down.
• Contact the System Administrator in case of network problems.
ht
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Encryption function for Service <Service Name> failed
Type:
Error
Description:
op
C
The Encrypt/Decrypt Function of the client returned error while trying
to encrypt the message.
e
cl
Corrective Action:
ig
Message:
yr
Recon function of message to Service <Service Name> failed after
receiving message.
Type: op
C
Error
Description:
e
The Recon Function returned failure during the reconciliation after the
cl
Corrective Action:
ig
Message:
yr
Failed to receive from Service <Service Name> Server App Id <Server
Name>
Type:
Error
op
C
Description:
to the server.
cl
Corrective Action:
• Add the IP address of the client in the configuration file of the server.
• Check the Error logs of the Process Message function of the server
for any possible application errors.
• In case of Network errors contact System Administrator.
ht
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Reversal function failed while reversing message, message to Service
<Service Name> Server AppId <Server Name>
Type: op
C
Error
Description:
e
The Reversal function failed while trying to carry out the reversal
cl
action, because the client was unable to receive a response from the
server.
na
Corrective Action:
ig
Message:
yr
Error in receiving, resending message.
Type:
Warning
Description:
op
C
This error can occur only if the HANDLE_DUPLICATE_MESSAGE
flag is Y in the client configuration file and the client was unable to
e
receive a response to the sent message, from the server, and the
cl
Corrective Action:
ig
Message:
yr
Reversal function failed while handling error in send message to
Service <Service Name> Server App Id <Server Name>
Type: op
C
Error
Description:
e
message and the Reversal function failed while handling this error.
na
Corrective Action:
ig
Message:
yr
Reversal function failed while preparing to send message to Service
<Service Name>
Type: op
C
Error
Description:
e
Server.
na
Corrective Action:
ig
Message:
yr
Could not receive Authentication message from Service <Service
Name> OR Client <Client Name> was unable to authenticate Service
<Service Name>
Type: op
C
Error
Description:
e
Client was either not able to receive the authentication message from
cl
• Server could not authenticate the Client and hence did not send an
authentication reply to the client (The client may be an unauthorised
one or there may be a mismatch between the Client and the Server
authentication functions).
Corrective Action:
ht
External
Confidential
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Unable to contact Service <Service Name>
Type:
Error
op
C
Description:
e
Corrective Action:
na
ht
External
Confidential
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Response message will not be sent to client.
Type:
Error
Description:
op
C
There is some error while processing the client request. So Response
will be dropped. Application Process Message function returned error.
e
cl
Corrective Action:
Please check the error logs. There is some error in processing the
na
client request.
Fi
ig
Message:
yr
Client Authentication response message could not be sent to client.
Type:
Error
Description:
op
C
There is some error while sending Authentication response back to
client.
e
cl
Corrective Action:
Please check the network connectivity. Also check the client logs. It is
na
possible that client has closed connection with the Application server.
Fi
ig
Message:
yr
Client Authentication is failed for client.
Type:
Error
Description:
op
C
Client is not authenticated to connect to Application Server.
AUTH_FUNC returned error.
e
cl
Corrective Action:
ig
Message:
yr
Unauthorized client IP Address tried to connect.
Type:
Warning
Description:
op
C
IP Address of the client is not specified in the server configuration file.
e
cl
Corrective Action:
ig
Message:
yr
There is an error in starting the Application server.
Type:
Error
op
C
Description:
e
Corrective Action:
na
ig
Message:
yr
There is an error in initializing the application server.
Type:
Error
Description:
op
C
Application server could not be initialized properly. User Defined
application initialization function returned error.
e
cl
Corrective Action:
ig
Message:
yr
There is an error while sending the response message to client.
Type:
Error
Description:
op
C
Response message could not be sent to client. It is possible that client
has already closed connection for that request.
e
cl
Corrective Action:
Check the network connectivity. Also check the client error logs.
na
Fi
ig
Message:
yr
There is an error while encoding the response message.
Type:
Error
Description:
op
C
There is an error, returned by user defined Encode-Decode function.
This error is returned when response message is to be encoded
e
cl
Corrective Action:
ig
Message:
yr
There is an error while decoding the client request.
Type:
Error
Description:
op
C
There is an error, returned by user defined Encode-Decode function.
This error is returned when client message is decoded.
e
cl
Corrective Action:
ig
Message:
yr
An error has been occurred while sending request message to
application server.
Type:
Error
op
C
Description:
Corrective Action:
Check if this is the proper error (Application had actually closed the
connection) or check the network connectivity. Please check the
Fi
ig
Message:
yr
For the client request, no free Application server instance was found
and also Maximum Queue Length is full
Type:
Error
op
C
Description:
there is some error while inserting in Queue. So this Client request will
cl
be dropped.
na
Corrective Action:
without processing.
ig
Message:
yr
Maximum application servers configured for MARIA are full.
Type:
Warning
Description:
op
C
MAX_APPS configured for MARIA are full. Next client request will be
put in Queue.
e
cl
Corrective Action:
Please increase the MAX_APPS for MARIA and also check if there
na
ig
Message:
yr
MAX_CLIENTS configured for MARIA has been reached.
Type:
Error
Description:
op
C
MARIA has reached its maximum capacity to serve clients.
MAX_CLIENTS as full as per configuration.
e
cl
Corrective Action:
ig
Message:
yr
There is some error in MARIA internal processing.
Type:
Error.
Description:
op
C
Some internal error is occurred in MARIA process.
e
Corrective Action:
cl
ig
Message:
yr
Maximum Queue has been reached.
Type:
Error
Description:
op
C
Due to more load on MARIA, maximum Queue which was configured
in MARIA configuration file is reached.
e
cl
Corrective Action:
ig
Message:
yr
Some internal error has happened while accepting new client
connection
Type:
Error
op
C
Description:
occurred.
cl
Corrective Action:
na
ig
Message:
yr
MARIA did not accept new client connection
Type:
Information
Description:
op
C
MARIA has been instructed not accept any further client connections.
e
Corrective Action:
cl
Accept connection flag for MARIA has been set as NO. If more client
connections are required please set this flag as YES.
na
Fi
ig
Message:
yr
Client Authentication is failed for client.
Type:
Error
Description:
op
C
Client is not authenticated to connect to MARIA. AUTH_FUNC
returned error.
e
cl
Corrective Action:
ig
Message:
yr
MARIA is unable to accept more client connections.
Type:
Error
Description:
op
C
MARIA is unable to accept more client connections as MAX_CLIENTS
has been reached.
e
cl
Corrective Action:
ig
Message:
yr
MARIA is unable to connect to more Application Servers
Type:
Error
Description:
op
C
MARIA was unable to connect to more Application servers due to
e
Corrective Action:
ig
Message:
yr
There is some error while receiving request from client
Type:
Information
Description:
op
C
This error can be due to number of reasons.
e
Corrective Action:
ht
ig
yr
op
C
e
cl
na
Fi
ig
Message:
yr
There is some error while receiving response from Application Server.
Type:
Error
Description:
op
C
Some error while receiving response from Application Server. This
may happen due to some improper request sent to Application Server
e
Corrective Action:
ig
Message:
yr
An error has been occurred while sending response to client.
Type:
Error
Description:
op
C
There is an error in sending the response to client. This may happen
because client has closed the connection with MARIA.
e
cl
Corrective Action:
Check if this is the proper error (Client had actually closed the
na
ig
Message:
yr
Warning Queue level is reached in MARIA
Type:
Warning
Description:
op
C
Current Queue size in MARIA has reached to its warning level as
specified in MARIA configuration file as MARIA_WARN_Q_LEN
e
cl
Corrective Action:
ig
Message:
yr
All the Application server’s are processing right now. So this message
is being put in Queue.
Type:
Warning
op
C
Description:
to MARIA are full. So MARIA could not find free application server
instance.
na
Corrective Action:
ht
© EdgeVerve Systems Limited
External
ig
Confidential
yr
op
C
e
cl
na
Fi
ig
Message:
yr
Unauthorized client IP Address tried to connect.
Type:
Warning
Description:
op
C
IP Address of the client is not specified in the server configuration file.
e
cl
Corrective Action:
Please check the server configuration file for MARIA section. Add the
na
ht
ig
yr
op
C
e
cl
na
Fi
ig
This section defines a service
yr
PRIMARY_IP
op
This specifies the IP address of the primary host/server and is a
mandatory parameter. While opening a connection, client will first try
to connect to this IP address
C
ALTERNATE_IP
e
PORT_NUM
This is the port number at which both the primary and the alternate
Fi
RECV_TIMEOUT
This is the period in seconds, for which the client will wait for a
response from the Host/Server. If this value is not specified in the
configuration file, the client assumes a default value of 500 seconds.
CONN_TMOUT
ht
The applications using java limo client usually keeps a pool of the
connections always ready for the processing. If primary server is up, all
ig
the connections in the pool are made with the primary server only.
But in a scenario where at later point in time, primary server goes
yr
down for some reason, limo client used to send the message using
the stale connection from the pool and the request used to fail as a
consequence of this. And this process used to continue until all the
op
connection in the pool are tried with and marked stale. Resources and
time wasted in this scenario was uncalled for.
C
To avoid this, before sending a message, limo client peeks on the
socket always. If socket is null, message is sent to secondary server
after making a fresh connection.
e
AUTH_RECV_TIMEOUT
cl
This is the period in seconds, for which the client will wait for a
na
SRVR_APPID
SSL_MODE
This is the flag which makes the Java Limo client to operate with SSL
ht
SSL_CERT_NAME
This parameter enables SSL and specifies the SSL client certificate
ig
and private key path.
yr
For C/CPP limo clients:
The server certificate and private key should be in a single file in PEM
op
format. The Private Key should be password encrypted by PEM
standards. FinacleComponent.pem is a default certificate and the
password for the key is- finacle.
C
For Java limo clients:
e
The server certificate and private key should be in the JSSE provider
supported keystore format. For example, SUN JSSE supports the
cl
SSL_CERT_VERIFY_CLASS
This specifies the class name that is to be used for validating the
certificate chain that is received from the Limo server during the
handshaking phase of making an SSL connection with the server. This
ht
to Java documentation regarding the significance of CLASSPATH
environment variable and how to set it.
ig
This is NOT a mandatory parameter. This parameter is valid only
while using the Java client library AND SSL_MODE is set to Y.
yr
AUTHENTICATION_CLASS
op
This specifies the class name that is to be used to authenticate the
client to the server that it is connecting to. The authentication class
MUST implement the Java interface com.limo.bbu. LimoConnAuth
C
that is present in arlimoc.jar file. When the client is instantiated, the
authentication class, if present, MUST be accessible from the
CLASSPATH environment variable. Please refer to Java
e
AUTHENTICATION_LIB
ENCDEC_CLASS
ht
refer to Java documentation regarding the significance of
CLASSPATH environment variable and how to set it. Please refer to
documentation later in this section for details about the interface
ig
com.limo.bbu.LimoEncrDecr.
yr
This is NOT a mandatory parameter. This parameter is valid only
while using the Java client library.
ENCDEC_FUNC
op
This parameter specifies the Encryption/Decryption dll/so name and
C
the function name in the dll/so. The dll/so name and the function name
should be separated by space(s). This parameter is not mandatory. If
not required, comment the line in the configuration file.
e
REVERSAL_RECON_CLASS
na
ht
file.
This parameter is valid only while using the C client library.
ig
RECONN_FUNC
yr
This parameter defines the Reconciliation dll/so name and the
corresponding function name in the dll/so. The dll/so name and the
op
function name should be separated by space(s). This parameter is
not mandatory. If not required, comment the line in the configuration
file.
C
This parameter is valid only while using the C client library.
HANDLE_DUPLICATE_MSG
e
SSL_AUTH_FUNC
This parameter defines the SSL Authentication dll/so name and the
corresponding function name in the dll/so. The dll/so name and the
function name should be separated by space(s). This parameter is not
mandatory. If not required, comment the line in the configuration file.
When enabled then the communication between the client and server
is always via SSL. The Encryption/Decryption Algorithm used is RC4
and the Authentication Algorithm used is RSA.
ht
configuration file. This parameter should not be used without having
the above SSL_AUTH_FUNC defined.
ig
SSL_CLEANUP_FUNC
yr
This parameter defines the SSL Clean up dll/so name and the
corresponding function name in the dll/so. The dll/so name and the
function name should be separated by space(s). This parameter is not
op
mandatory. If not required, comment the line in the configuration file.
This parameter should not be used without having the above
SSL_AUTH_FUNC defined.
C
SSL_CIPHER_LIST
e
This defines the Protocol and SSL cipher list the server would be
supporting. The protocol and ciphers are separated by a ‘ ’ and the
cl
regarding the ciphers are ignored and will not be reported. When the
server does not find a matching cipher suit then the connection is
closed immediately.
An example with the protocol would be –
SSL_CIPHER_LIST= SSLv3:AES128-SHA:RC4-MD5
Supported protocols are- SSLv2 , SSLv3 , TLSv1
ht
Supported cipher suits under TLSv1- AES128-SHA, RC4-MD5, RC4-
SHA, IDEA-CBC-SHA, DES-CBC3-SHA, DES-CBC-SHA.
ig
For Java limo clients:
yr
When this option is not defined then the default is
SSL_RSA_WITH_DES_CBC_SHA(Des with RSA) and the protocol is
op
TLSv1. Any lexical errors regarding the ciphers are ignored and will
not be reported. When the server does not find a matching cipher suit
then the connection is closed immediately.
C
An example with the protocol would be –
SSL_CIPHER_LIST= SSLv3
SSL_RSA_WITH_3DES_EDE_CBC_SHA
e
CERT_PASSWORD_FILE
CERT_VERIFICATION_FILE
ht
that MAC is not generated (MAC is defaulted to 20spaces). There is
no overhead on generation of MAC. If we need the parameter value
ig
to be MD5, then we must add this parameter manually under the
specific service and set the value as 'MD5'.
yr
A2_MSG_LIMT parameter can be added in client or server side
and it is used to impose an intermediate limit on request or
op
response. The request length (Header length + Message length) is
within the specified limit. If request is greater than the specified limit
then an error is thrown.
C
For Example:
e
Response length > Message length exceeds the specified limit change
A2_MSG_LIMIT A2_MSG_LIMIT param accordingly default[999999],
Max[2GB/2147483647B]
Note:
If value is not specified in Client or Server side, then the limit is
ht
Confidential
ig
yr
op
C
e
cl
na
Fi
ig
This is the global section for Limo Client configuration file. All the
Services declared in the file will use this global information. This is a
yr
mandatory section.
LIMOC_LOG_DIR
op
This is the directory where all Error, Trace and Event log files are
written. The log file name has to be supplied by the user of the client
C
library, during the initialization of the client. The error logs will have
.log extension and the trace and event log files will have .evt
extension. The user must have write permissions for this directory.
e
ENABLE_OPC_LOG
cl
This flag is used to enable the logging of errors into OpConsole. It can
na
be either ‘Y’ or ‘N’. If its value is ‘Y’, all the error logs which used to go
in .log file, will appear in Event Viewer also.
OPC_APP_ID
Fi
OPC_PRODUCT_ID
LIMOC_EVENT_DIR
This is the directory where all Event log files are written. The file name
has to be supplied by the user of the client library, during the
ht
initialization of the client. The event log files will have .evt extension.
The user must have write permissions for this directory.
ig
yr
© EdgeVerve Systems Limited
External
Confidential op
C
e
cl
na
Fi
ig
This section includes environment variables for Service.
yr
LIMOC_CONFIG_PATH
op
LIMO Client configuration file will be specified here. This will be having
entry for OP Console Service.
C
CONNECTION_TIMEOUT
This is connection timeout value. Lisrvr will wait for client connections
e
RECV_TIMEOUT
na
Lisrvr will wait in Receive for this timeout value after a connection is
established.
VALID_CLIENT_IP
Fi
MAX_APPS
MAX_CLIENTS
APP_PRIMARY_HOST
ht
APP_ALTERNATE_HOST
ig
This is the Alternate IP Address of the Application Server.
APP_PORT
yr
This is the Port Number at which Application server is running on
Primary and Alternate IP Addresses.
MARIA_MAX_Q_LEN
op
C
This is the maximum Queue Length for MARIA.
MARIA_WARN_Q_LEN
e
MONITOR_LISTEN_PORT
VALID_MONITOR_IP
This is the Valid Client IP Address from where Monitor Messages will
be accepted.
RECV_FORMAT
CUSTOM_RECV_FUNC
ht
If RECV_FORMAT is CUSTOM, then Dll/SO name followed by
Custom Receive Function name should be provided.
ig
AUTH_FUNC
yr
Authentication function name should be provided.
OPC_APP_ID
op
This environment is set to identify this particular MARIA Server. All the
messages sent by this MARIA to Op Console will be logged with
C
Service Name as this name.
CONN_TMOUT
e
cl
This is the connect Timeout value in seconds. MARIA Server will try
connecting only for specified time . If MARIA could not connect to
na
SSL_CUSTOM_RECV_FUNC
Fi
SSL_AUTH_FUNC
SSL_CLEANUP_FUNC
SSL_CIPHER_LIST
This defines the Protocol and SSL cipher list the server would be
ht
supporting. The protocol and ciphers are separated by a ‘ ’ and the
ciphers themselves are separated with a ‘:’. When this option is not
defined then the default is DES-CBC3-SHA (triple Des with RSA and
ig
the protocol is TLSv1). Any lexical errors regarding the ciphers are
ignored and will not be reported. When the server does not find a
yr
matching cipher suit then the connection is closed immediately.
An example with the protocol would be –
SSL_CIPHER_LIST= SSLv3 AES128-SHA:RC4-MD5
Supported protocols are- SSLv2 , SSLv3 , TLSv1
op
C
Supported cipher suits under SSLv2- RC4-MD5, EXP-RC4-MD5,
RC2-MD5, EXP-RC2-MD5, IDEA-CBC-MD5, DES-CBC-MD5, DES-
CBC3-MD5.
e
SSL_ CLIENT_AUTH
Fi
This defines the Client authentication feature. This parameter can take
2 values viz. MANDATORY and OPTIONAL. By default the server
runs with the optional value where clients are not forced to produce a
client certificate. If the parameter is defined with “mandatory” then
clients have to produce a client certificate for authenticatication.
ht
ig
yr
op
C
e
cl
na
Fi
ig
This is section defines a service. It will be having following parameter
yr
values:
PORT_NUM
op
Port Number on which Service will be brought up. All the clients will
use this Port Number for connecting to the <Service Name> Service.
C
LISTEN_Q_SIZE
e
PATH
na
START_NUM_INST
Fi
MAX_NUM_INST
SSL_CERT_NAME
ht
certificate are:
C=IN, ST=Karnataka, L=Bangalore, O=Infosys Ltd.,
ig
OU= Banking Business Unit,
yr
CN=Finacle Component, emailAddress=banksinfo@infosys.com
CERT_PASSWORD_FILE
op
This parameter enables limo to read the encrypted password from the
specified file. If this parameter is not specified in the SRVC section of
C
service, the limo will prompt for the password. The password written in
this file should be encrypted with Triple DES algorithm. The
genpwdfile utility is provided which encrypts the password with 3DES
e
ig
Finacle is built using state-of-the-art technology providing the new
generation IT architecture for the e-age. This means that the
yr
employees of the bank using the Finacle Core Banking Solution do not
need to install any client software on their PCs and can access the
Finacle Core Banking Solution through a standard browser (Java
enabled).
op
Finacle is designed with Oracle RDBMS backend. It's open
C
architecture supports a wide range of UNIX servers. It is based on
Internet Technology. The front-end is web-enabled and works on the
bank’s Intranet. The solution employs messages based architecture,
e
ht
© EdgeVerve Systems Limited
ig
External
yr
Confidential
op
C
e
cl
na
Fi
ig
Message:
yr
Finacle Application Server Monitoring Tool has brought down all the
active Application services of a LIMO Server ( remotely).
Type:
Information
op
C
Description:
N.A.
e
cl
Corrective Action:
No Action required.
na
Fi
ig
Message:
yr
Finacle Application Server Monitoring Tool has stopped an active
Service (remotely).
Type:
Information
op
C
Description:
N.A.
e
cl
Corrective Action:
No Action required.
na
Fi
ig
Message:
yr
Finacle Application Server Monitoring Tool has started a service
(remotely)
Type:
Information
op
C
Description:
N.A.
e
cl
Corrective Action:
No Action required.
na
Fi
ig
Message:
yr
Finacle Application Server Monitoring Tool is exiting
Type:
Information
Description:
op
C
N.A.
e
Corrective Action:
cl
No Action required.
na
Fi
ig
Message:
yr
Finacle Application Server Monitoring Tool is started for
monitoring
Type:
Information
op
C
Description:
N.A.
e
cl
Corrective Action:
No Action required.
na
Fi
ig
yr
op
Version 11.0
C
Finacle Architecture and Directory
e
Structure
cl
na
Fi
ht
rights holders under this Finacle Architecture and
Directory Structure manual.
ig
yr
op
C
e
cl
na
Fi
ht
Universal Banking Solution
ig
Single Signon
Finacle Core Banking Architecture
yr
Finacle Core Frontend
Connect24
Finacle Integrator
op
C
Config Editor
Reporting Infrastructure
e
PEAS Workflow
Deployment Scenarios
Fi
24 X 7 X 365 Functionality
Typical Branch Deployment
Extensibility Tool Kit
Scripting Tool and Scripting Engine
ONS Customization
ht
ONS Custom Workbench
ig
Finacle Integrator Online Customization
yr
Signature Verification System
Limo Architecture
Section Objectives
Limo Architecture
op
C
Terminology Used
e
Flow Diagram
cl
Components
na
Process Flow
Features
Fi
Usage Scenarios
Rendered Limo Client and Rendered
Limo Server
Customer Limo Client and Rendered
Limo Server
Rendered Limo Client and Customer
ht
LISERVER_SECTION=LISERVER_CONF
ig
LISERVER_SECTION=STDENV
LISERVER_SECTION=SRVC_<SERVICE
yr
NAME>
LISERVER_SECTION=ENV_<SERVICE
NAME> op
Multiple Asynchronous Request Interface
C
Adapter (MARIA)
Flow Diagram
e
cl
(LIMOCLIENT.CFG)
LIMOC_SECTION=SERVICENAME_OPC
Fi
OP CONSOLE MESSAGES
STARTLIMO UTILITY
Alert Codes
Alert Codes Used by Maria
Alert Codes Used by LISRVR
ht
Interoperability
ig
Finacle Core Directory Structure
List of Abbreviations
yr
op
C
e
cl
na
Fi