Sun GlassFish Enterprise Server v3 Prelude Administration Reference

http-service

Defines the HTTP service.

Superelements

config

Subelements

The following table describes subelements for the http-service element.

Table 1–33 http-service Subelements

Element 

Required 

Description 

access-log

zero or one 

Defines access log settings for each http-access-log subelement of each virtual-server.

http-listener

one or more 

Defines an HTTP listen socket. 

virtual-server

one or more 

Defines a virtual server. 

request-processing

zero or one 

Configures request processing threads. 

keep-alive

zero or one 

Configures keep-alive threads. 

connection-pool

zero or one 

Defines a pool of client HTTP connections. 

http-protocol

zero or one 

Configures HTTP protocol settings. 

http-file-cache

zero or one 

Configures the HTTP file cache. 

property

zero or more 

Specifies a property or a variable. 

Properties

The following table describes properties for the http-service element. These properties apply to all http-listener subelements, except for accessLoggingEnabled, accessLogBufferSize, and accessLogWriterInterval, which apply to all virtual-server subelements.

Table 1–34 http-service Properties

Property 

Default 

Description 

monitoring-cache-enabled

true

If true, enables the monitoring cache.

monitoring-cache-refresh-in-millis

5000

Specifies the interval between refreshes of the monitoring cache. 

ssl-cache-entries

10000

Specifies the number of SSL sessions to be cached. 

ssl3-session-timeout

86400

Specifies the interval at which SSL3 sessions are cached. 

ssl-session-timeout

100

Specifies the interval at which SSL2 sessions are cached. 

recycle-objects

true

If true, recycles internal objects instead of using the VM garbage collector.

reader-threads

0

Specifies the number of reader threads, which read bytes from the non-blocking socket. 

acceptor-queue-length

4096

Specifies the length of the acceptor thread queue. Once full, connections are rejected. 

reader-queue-length

4096

Specifies the length of the reader thread queue. Once full, connections are rejected. 

use-nio-direct-bytebuffer

true

If true, specifies that the NIO direct ByteBuffer is used. In a limited resource environment, it might be faster to use non-direct Java's ByteBuffer by setting a value of false.

authPassthroughEnabled

false

If true, indicates that the http-listener subelements receive traffic from an SSL-terminating proxy server, which is responsible for forwarding any information about the original client request (such as client IP address, SSL keysize, and authenticated client certificate chain) to the HTTP listeners using custom request headers.

Each http-listener subelement can override this setting for itself.

proxyHandler

com.sun.enterprise.web.ProxyHandlerImpl

Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class, which allows a back-end application server instance to retrieve information about the original client request that was intercepted by an SSL-terminating proxy server (for example, a load balancer). An implementation of this abstract class inspects a given request for the custom request headers through which the proxy server communicates the information about the original client request to the Enterprise Server instance, and returns that information to its caller.

The default implementation reads the client IP address from an HTTP request header named Proxy-ip, the SSL keysize from an HTTP request header named Proxy-keysize, and the SSL client certificate chain from an HTTP request header named Proxy-auth-cert. The Proxy-auth-cert value must contain the BASE-64 encoded client certificate chain without the BEGIN CERTIFICATE and END CERTIFICATE boundaries and with \n replaced with % d% a.

Only used if authPassthroughEnabled is set to true. Each http-listener subelement can override the proxyHandler setting for itself.

proxiedProtocol

none 

Specifies a comma-separated list of protocols that can use the same port. Allowed values are ws/tcp (SOAP over TCP), http, https and tls.

For example, if you set this property to http,https and the port is 4567, you can access the port with either http://host:4567/ or https://host:4567/.

Specifying this property at the http-service level overrides settings at the http-listener level. If this property is not set at either level, this feature is disabled.

bufferSize

4096

Specifies the size, in bytes, of the buffer to be provided for input streams created by HTTP listeners. 

connectionTimeout

30

Specifies the number of seconds HTTP listeners wait, after accepting a connection, for the request URI line to be presented. 

maxKeepAliveRequests

250

Specifies the maximum number of HTTP requests that can be pipelined until the connection is closed by the server. Set this property to 1 to disable HTTP/1.0 keep-alive, as well as HTTP/1.1 keep-alive and pipelining.

traceEnabled

true

If true, enables the TRACE operation. Set this property to false to make the Enterprise Server less susceptible to cross-site scripting attacks.

accessLoggingEnabled

false

If true, enables access logging for all virtual-server subelements that do not specify this property. If false, disables access logging for all virtual-server subelements that do not specify this property.

accessLogBufferSize

32768

Specifies the size, in bytes, of the buffer where access log calls are stored. If the value is less than 5120, a warning message is issued, and the value is set to 5120.

accessLogWriterInterval

300

Specifies the number of seconds before the log is written to the disk. The access log is written when the buffer is full or when the interval expires. If the value is 0, the buffer is always written even if it is not full. This means that each time the server is accessed, the log message is stored directly to the file.

sso-enabled

false

If true, single sign-on is enabled by default for all web applications on all virtual servers on this server instance that are configured for the same realm. If false, single sign-on is disabled by default for all virtual servers, and users must authenticate separately to every application on each virtual server. The sso-enabled property setting of the virtual-server element overrides this setting for an individual virtual server.

At the http-service level, you cannot change the sso-max-inactive-seconds and sso-reap-interval-seconds values from their defaults. However, you can change these values at the virtual-server level.

disableUploadTimeout

true

if false, the connection for a servlet that reads bytes slowly is closed after the connectionUploadTimeout is reached.

connectionUploadTimeout

5

Specifies the timeout for uploads. Applicable only if disableUploadTimeout is set to false.

uriEncoding

UTF-8

Specifies the character set used to decode the request URIs received on http-listener subelements that do not define this property. Must be a valid IANA character set name.