H
http-listener
Defines an HTTP listen socket.
Superelements
Subelements
The following table describes subelements for the http-listener element.
Table 1–45 http-listener Subelements|
Element |
Required |
Description |
|---|---|---|
|
zero or one |
Defines SSL parameters. |
|
|
zero or more |
Specifies a property or a variable. |
Attributes
The following table describes attributes for the http-listener element.
Table 1–46 http-listener Attributes|
Attribute |
Default |
Description |
|---|---|---|
|
none |
The unique listener name. An http-listener name cannot begin with a number. |
|
|
none |
IP address of the listener. Can be in dotted-pair or IPv6 notation. Can be any (for INADDR_ANY) to listen on all IP addresses. Can be a hostname. |
|
|
none |
Port number on which the listener listens. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listener to listen on port 443 is standard. |
|
|
1 |
(optional) Number of acceptor threads for the listener, typically the number of processors in the machine. Legal values are 1 - 1024 . |
|
|
false |
(optional) Determines whether the listener runs SSL. To turn SSL2 or SSL3 on or off and set ciphers, use an ssl subelement. |
|
|
none |
References the id attribute of the default virtual-server for this particular listener. |
|
|
none |
Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn’t affect the URLs for directories and files stored in the server. If your server uses an alias, the server-name should be the alias name. If a colon and port number are appended, that port is used in URLs the server sends to the client. |
|
|
none |
(optional) If the listener is supporting non-SSL requests and a request is received for which a matching <security-constraint> requires SSL transport, the request is automatically redirected to the port number specified here. |
|
|
true |
(optional) If true, X-Powered-By headers are used according to the Servlet 2.4 and JSP 2.0 specifications. |
|
|
enabled |
true |
(optional) Determines whether the listener is active. |
Properties
The following table describes properties for the http-listener element. Any of these properties can be defined as an http-service property, so that it applies to all http-listener elements.
Table 1–47 http-listener Properties|
Property |
Default |
Description |
|---|---|---|
|
false |
If true, indicates that this http-listener element receives traffic from an SSL-terminating proxy server. Overrides the authPassthroughEnabled property of the parent http-service element. |
|
|
com.sun.enterprise.web.ProxyHandlerImpl |
Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class that this http-listener uses. Only used if the authPassthroughEnabled property of this http-listener and the parent http-service element are both set to true. Overrides the proxyHandler property of the parent http-service element. |
http-service
Defines the HTTP service.
Superelements
Subelements
The following table describes subelements for the http-service element.
Table 1–48 http-service Subelements|
Element |
Required |
Description |
|---|---|---|
|
one or more |
Defines an HTTP listen socket. |
|
|
one or more |
Defines a virtual server. |
|
|
zero or more |
Specifies a property or a variable. |
Properties
The following table describes properties for the http-service element, which configure SSL for all http-listener subelements.
Table 1–49 http-service Properties|
Property |
Default |
Description |
|---|---|---|
|
true |
If true, enables the monitoring cache. |
|
|
5000 |
Specifies the interval between refreshes of the monitoring cache. |
|
|
10000 |
Specifies the number of SSL sessions to be cached. |
|
|
86400 |
Specifies the interval at which SSL3 sessions are cached. |
|
|
1048576 |
Specifies the maximum amount of data cached during the handshake phase. |
|
|
60 |
Specifies the timeout for the client certificate phase. |
|
|
100 |
Specifies the interval at which SSL2 sessions are cached. |
|
|
100 |
Specifies the keep-alive latency. |
|
|
100 |
Specifies the upper limit to the time slept after polling keep-alive connections for further requests. |
|
|
depends on operating system |
Specifies the maximum stack size of the native thread. |
|
|
false |
If true, indicates that the http-listener subelements receive traffic from an SSL-terminating proxy server, which is responsible for forwarding any information about the original client request (such as client IP address, SSL keysize, and authenticated client certificate chain) to the HTTP listeners using custom request headers. Each http-listener subelement can override this setting for itself. |
|
|
com.sun.enterprise.web.ProxyHandlerImpl |
Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class, which allows a back-end application server instance to retrieve information about the original client request that was intercepted by an SSL-terminating proxy server (for example, a load balancer). An implementation of this abstract class inspects a given request for the custom request headers through which the proxy server communicates the information about the original client request to the Application Server instance, and returns that information to its caller. The default implementation reads the client IP address from an HTTP request header named Proxy-ip, the SSL keysize from an HTTP request header named Proxy-keysize, and the SSL client certificate chain from an HTTP request header named Proxy-auth-cert. The Proxy-auth-cert value must contain the BASE-64 encoded client certificate chain without the BEGIN CERTIFICATE and END CERTIFICATE boundaries and with \n replaced with % d% a. Only used if authPassthroughEnabled is set to true. Each http-listener subelement can override the proxyHandler setting for itself. |
- © 2010, Oracle Corporation and/or its affiliates