H

url

/

Specifies the URL to ping to determine the health state of a listener. This must be a relative URL. 

interval-in-seconds

30

Specifies the interval between health checks. A value of zero means that health checking is disabled. 

timeout-in-seconds

10

Specifies the maximum time in which a server must respond to a health check request to be considered healthy. If interval-in-seconds is greater than zero, timeout-in-seconds must be less than or equal to interval-in-seconds.

log-directory

${com.sun.aas.instanceRoot}/logs/access

(optional) Specifies the location of the access log file. 

iponly

true

(optional) If true, specifies that only the IP address of the user agent is listed. If false, performs a DNL lookup.

globally-enabled

true

(optional) If true, enables the file cache.

file-caching-enabled

on

(optional) If on, enables caching of the file content if the file size exceeds the medium-file-size-limit-in-bytes.

max-age-in-seconds

30

(optional) Specifies the maximum age of a file cache entry. 

medium-file-size-limit-in-bytes

537600

(optional) Specifies the maximum size of a file that can be cached as a memory mapped file. 

medium-file-space-in-bytes

10485760

(optional) Specifies the total size of all files that are cached as memory mapped files. 

small-file-size-limit-in-bytes

2048

(optional) Specifies the maximum size of a file that can be read into memory. 

small-file-space-in-bytes

1048576

(optional) Specifies the total size of all files that are read into memory. 

file-transmission-enabled

false

(optional) If true, enables the use of TransmitFileSystem calls. Meaningful only for Windows.

max-files-count

1024

(optional) Specifies the maximum number of files in the file cache. 

hash-init-size

0

(optional) Specifies the initial number of hash buckets. 

ssl

zero or one 

Defines SSL parameters. 

property

zero or more 

Specifies a property or a variable. 

id

none 

The unique listener name. An http-listener name cannot begin with a number.

address

none 

IP address of the listener. Can be in dotted-pair or IPv6 notation. Can be any (for INADDR_ANY) to listen on all IP addresses. Can be a hostname.

port

none 

Port number on which the listener listens. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listener to listen on port 443 is standard.

external-port

none 

(optional) Specifies the external port on which the connection is made. 

family

inet

(optional) Specifies whether the IP address is an inet or ncsa address.

blocking-enabled

false

(optional) If true, enables blocking on both the external and listener ports.

acceptor-threads

1

(optional) Number of acceptor threads for the listener, typically the number of processors in the machine. Legal values are 1 - 1024 .

security-enabled

false

(optional) Determines whether the listener runs SSL. To turn SSL2 or SSL3 on or off and set ciphers, use an ssl subelement.

default-virtual-server

none 

References the id attribute of the default virtual-server for this particular listener.

server-name

none 

Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn’t affect the URLs for directories and files stored in the server. If your server uses an alias, the server-name should be the alias name.

If a colon and port number are appended, that port is used in URLs the server sends to the client. 

If load balancing is enabled, use the server name of the load balancer. 

redirect-port

none 

(optional) If the listener is supporting non-SSL requests and a request is received for which a matching <security-constraint> requires SSL transport, the request is automatically redirected to the port number specified here.

If load balancing is enabled, use the redirect port of the load balancer. 

xpowered-by

true

(optional) If true, X-Powered-By headers are used according to the Servlet 2.4 and JSP 2.0 specifications.

enabled

true

(optional) Determines whether the listener is active. 

authPassthroughEnabled

false

If true, indicates that this http-listener element receives traffic from an SSL-terminating proxy server. Overrides the authPassthroughEnabled property of the parent http-service element.

proxyHandler

com.sun.enterprise.web.ProxyHandlerImpl

Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class that this http-listener uses.

Only used if the authPassthroughEnabled property of this http-listener and the parent http-service element are both set to true. Overrides the proxyHandler property of the parent http-service element.

version

HTTP/1.1

(optional) Specifies the version of the HTTP protocol used. 

dns-lookup-enabled

true

(optional) If true, looks up the DNS entry for the client.

forced-response-type

ISO-8859-1;en;ISO-8859-1

(optional) Specifies the response type used if no MIME mapping is available that matches the file extension. The format is a semicolon-delimited string consisting of the content-type, encoding, language, and charset. 

default-response-type

text/html;ISO-8859-1;en;ISO-8859-1

(optional) Specifies the default response type. The format is a semicolon-delimited string consisting of the content-type, encoding, language, and charset. 

ssl-enabled

true

(optional) If true, globally enables SSL for all http-listener subelements of the parent http-service element.

access-log

zero or one 

Defines access log settings for each http-access-log subelement of each virtual-server.

http-listener

one or more 

Defines an HTTP listen socket. 

virtual-server

one or more 

Defines a virtual server. 

request-processing

zero or one 

Configures request processing threads. 

keep-alive

zero or one 

Configures keep-alive threads. 

connection-pool

zero or one 

Defines a pool of client HTTP connections. 

http-protocol

zero or one 

Configures HTTP protocol settings. 

http-file-cache

zero or one 

Configures the HTTP file cache. 

property

zero or more 

Specifies a property or a variable. 

monitoring-cache-enabled

true

If true, enables the monitoring cache.

monitoring-cache-refresh-in-millis

5000

Specifies the interval between refreshes of the monitoring cache. 

ssl-cache-entries

10000

Specifies the number of SSL sessions to be cached. 

ssl3-session-timeout

86400

Specifies the interval at which SSL3 sessions are cached. 

ssl-client-auth-data-limit

1048576

Specifies the maximum amount of data cached during the handshake phase. 

ssl-client-auth-timeout

60

Specifies the timeout for the client certificate phase. 

ssl-session-timeout

100

Specifies the interval at which SSL2 sessions are cached. 

keep-alive-query-mean-time

100

Specifies the keep-alive latency. 

keep-alive-query-max-sleep-time

100

Specifies the upper limit to the time slept after polling keep-alive connections for further requests. 

stack-size

depends on operating system 

Specifies the maximum stack size of the native thread. 

authPassthroughEnabled

false

If true, indicates that the http-listener subelements receive traffic from an SSL-terminating proxy server, which is responsible for forwarding any information about the original client request (such as client IP address, SSL keysize, and authenticated client certificate chain) to the HTTP listeners using custom request headers.

Each http-listener subelement can override this setting for itself.

proxyHandler

com.sun.enterprise.web.ProxyHandlerImpl

Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class, which allows a back-end application server instance to retrieve information about the original client request that was intercepted by an SSL-terminating proxy server (for example, a load balancer). An implementation of this abstract class inspects a given request for the custom request headers through which the proxy server communicates the information about the original client request to the Application Server instance, and returns that information to its caller.

The default implementation reads the client IP address from an HTTP request header named Proxy-ip, the SSL keysize from an HTTP request header named Proxy-keysize, and the SSL client certificate chain from an HTTP request header named Proxy-auth-cert. The Proxy-auth-cert value must contain the BASE-64 encoded client certificate chain without the BEGIN CERTIFICATE and END CERTIFICATE boundaries and with \n replaced with % d% a.

Only used if authPassthroughEnabled is set to true. Each http-listener subelement can override the proxyHandler setting for itself.