Oracle iPlanet Web Server 7.0.9 Administrator's Configuration File Reference

Chapter 3 Elements in server.xml

This chapter describes the elements in the server.xml file.

List of Elements

This section describes the elements in the server.xml file in alphabetical order.

access-log

The access-log element configures an HTTP access log. This element may appear zero or more times within the server element and zero or more times within the virtual-server element. For more information, see server, and virtual-server.

Subelements

The access-log element can contain the following subelements:

Table 3–1 List of access-log Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server writes to this access log. The default value is true.

name

0 or 1 

The name that uniquely identifies the access log. If you specify a name, the server will not automatically log to this access log. Instead, you should explicitly configure this access log in an obj.conf AddLog directive.

file

The file name of the access log. If a relative path is used, it is relative to the server's config directory. For example, ../logs/access.

format

0 or 1 

The format of the access log entries. The default format is the CLF (common log file) format. For more information on the access log format, see Appendix C, Using the Custom Log File Format.

See Also

access-log-buffer

The access-log-buffer element configures the access log buffering subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The access-log-buffer element can contain the following subelements:

Table 3–2 List of access-log-buffer Subelements

Element 

Occurrences 

Description 

direct-io

0 or 1 

Indicates whether the file system should cache access log writes. The default value, false, indicates that the file system should cache access log writes. Setting the value to true indicates that the file system should not cache access log writes. The setting is purely advisory; either the server or the operating system may choose to ignore it. 

enabled

0 or 1 

Determines whether the server buffers the access log entries. The default value is true.

buffer-size

0 or 1 

The size (in bytes) of individual access log buffers. The value can be from 4096 to 1048576. 

max-buffers

The maximum number of access log buffers per server. The value can be from 1 to 65536. 

max-buffers-per-file

0 or 1 

The maximum number of access log buffers per access log file. The value can be from 1 to 128. 

max-age

0 or 1 

The maximum time (in seconds) to buffer a given access log entry. The value can be from 0.001 to 3600. 

See Also

acl-cache

The acl-cache element configures the Access Control List (ACL) cache. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The acl-cache element can contain the following subelements:

Table 3–3 List of acl-cache Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server caches ACLs and information about authenticated users. The default value is true.

max-users

0 or 1 

The maximum number of users for which the server will cache the authentication information. The value can be from 1 to 1048576. 

max-groups-per-user

0 or 1 

The maximum number of groups per user for which the server will cache the membership information. The value can be from 1 to 1024. 

max-age

0 or 1 

The maximum time (in seconds) required to cache the authentication information. The value can be from 0.001 to 3600. 

See Also

acl-db

The acl-db element configures the WebDAV Access Control Protocol ACL database. This element may appear zero or one time within the dav element and zero or one time within the dav-collection element. For more information, see dav and dav-collection.

Subelements

The acl-db element can contain the following subelements:

Table 3–4 List of acl-db Subelements

Element 

Occurrences 

Description 

max-entries

0 or 1 

The maximum number of Access Control Entries (ACE) that can be allowed on a single resource. The value can be from 0 to 2147483647, or -1 for no limit. 

max-size

0 or 1 

The maximum size (in bytes) of memory representation of the WebDAV ACL database for a collection. If the memory limit specified using this subelement is exceeded, the server will not cache the WebDAV ACLs. The value can be from 0 to 2147483647, or -1 for no limit. 

update-interval

0 or 1 

The interval (in seconds) at which the WebDAV ACL databases are synchronized to the disk. The value can be from 0.001 to 3600, or 0 to disable caching of WebDAV ACLs. 

See Also

acl-file

The acl–file element defines a file that controls access to the server. This element may appear zero or more times within the server element and zero or more times within the virtual-server element. For more information, see server, and virtual-server.

The value of this element is the file name of the ACL file. If a relative path is used, it is relative to the server's config directory. This element does not contain any subelements.

See Also

audit-accesses

The audit-accesses element determines whether authentication and authorization events are logged. This element may appear zero or one time within the server element. For more information, see server. The default value is false. This element does not contain any subelements.

See Also

auth

The auth element configures WebDAV Access Control Protocol authentication. This element may appear zero or one time within the dav element and zero or one time within the dav-collection element. For more information, see dav and dav-collection.

Subelements

The auth element can contain the following subelements:

Table 3–5 List of auth Subelements

Element 

Occurrences 

Description 

auth-db-name

0 or 1 

The ACL authentication database to use. The value is the name from an auth-db element. The default value is the value of the default-auth-db-name element. For more information, see auth-db.

method

0 or 1 

The authentication method to use. The value can be basic, digest, or ssl. The default value is basic.

prompt

0 or 1 

The prompt that is displayed to clients when they request authentication. The default prompt is iPlanet Web Server WebDAV.

See Also

auth-db

The auth-db element configures an ACL authentication database. This element may appear zero or more times within the server element and zero or more times within the virtual-server element. For more information, see server, and virtual-server.

Subelements

The auth-db element can contain the following subelements:

Table 3–6 List of auth-db Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the ACL authentication database is enabled at runtime. The default value is true.

name

The name that uniquely identifies the ACL authentication database for use in ACL files.  

url

The URL of the ACL authentication database. The type of ACL authentication database is specified in the URL scheme. For example, ldap://ds.example.com/dc=example,dc=com configures a LDAP directory server as an ACL authentication database.

auth-expiring-url

0 or 1 

The URL to which the server redirects the client if the supplied password is about to expire. 

property

0 or more 

Configures the ACL authentication database properties. For more details, see property.

description

0 or 1 

The description of the ACL authentication database. The value is in text format. 

See Also

auth-realm

The auth-realm element configures a Servlet container authentication realm, which is used to authenticate access to web applications. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The auth-realm element can contain the following subelements:

Table 3–7 List of auth-realm Subelements

Element 

Occurrences 

Description 

name

The name that uniquely identifies the Servlet container authentication realm. 

type

0 or 1 

The type of a built-in authentication realm. Only applicable when class is omitted. The value can be file, ldap, pam, certificate, or native.

class

0 or 1 

The class that implements a Servlet container authentication realm. Only applicable when type is omitted. The value is a class name.

property

0 or more 

The Servlet container authentication realm properties. For more details, see property.

See Also

cgi

The cgi element configures the CGI execution subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The cgi element can contain the following subelements:

Table 3–8 List of cgi Subelements

Element 

Occurrences 

Description 

timeout

0 or 1 

The timeout (in seconds) after which the server will terminate a CGI program. The value can be from 0.001 to 3600, or -1 for no timeout. 

idle-timeout

0 or 1 

The timeout (in seconds) after which the server will terminate a nonresponsive CGI program. The value can be from 0.001 to 3600. 

cgistub-path

0 or 1 

The path to the Cgistub binary. If a relative path is used, it is relative to the server's config directory.

cgistub-idle-timeout

0 or 1 

The timeout (in seconds) after which an unused Cgistub process will be terminated. The value can be from 0.001 to 3600.

min-cgistubs

0 or 1 

The minimum number of Cgistub processes the server keeps on hand, waiting to run the CGI programs. The value can be from 0 to 4096.

max-cgistubs

0 or 1 

The maximum number of Cgistub processes the server keeps on hand, waiting to run the CGI programs. The value can be from 1 to 4096.

env-variable

0 or more 

Configures the CGI program environment variables. For more details, see env-variable.

cluster

The cluster element defines the cluster to which the server belongs. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The cluster element can contain the following subelements:

Table 3–9 List of cluster Subelements

Element 

Occurrences 

Description 

local-host

Defines the network address of an instance. The value is the host value from an instance element. For more details, see instance.

instance

1 or more 

Defines a member of the server cluster. For more details, see instance.

session-replication

0 or 1 

Configures the Servlet session replication for the server cluster. For more details, see session-replication.

connection-creation-property

The connection-creation-property element configures the properties that are set when a JDBC connection (java.sql.Connection) is created. This element may appear zero or more times within the jdbc-resource element. For more information, see jdbc-resource.

Subelements

The connection-creation-property element can contain the following subelements:

Table 3–10 List of connection-creation-property Subelements

Element 

Occurrences 

Description 

name

The name of the property 

value

The value of the property 

description

0 or 1 

The description of the property 

See Also

connection-lease-property

The connection-lease-property element configures the properties that are set each time a JDBC connection (java.sql.Connection) is leased to an application. This element may appear zero or more times within the jdbc-resource element. For more information, see jdbc-resource.

Subelements

The connection-lease-property element can contain the following subelements:

Table 3–11 List of connection-lease-property Subelements

Element 

Occurrences 

Description 

name

The name of the property 

value

The value of the property 

description

0 or 1 

The description of the property 

See Also

convert

The convert element determines the type of documents that are converted prior to indexing. This element may appear zero or one time within the search-collection element. Documents with the pdf file extension are always converted to HTML prior to indexing. For more information, see search-collection.

Subelements

The convert element can contain the following subelements:

Table 3–12 List of convert Subelements

Element 

Occurrences 

Description 

extension

0 or more 

The file extension of a document type that should be converted to HTML. 

See Also

custom-resource

The custom-resource element configures a resource implemented by a custom Java class. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The custom-resource element can contain the following subelements:

Table 3–13 List of custom-resource Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the custom resource is enabled at runtime. The default value is true.

jndi-name

The JNDI name of the custom resource. 

res-type

The type of custom resource. The value is a class name. 

factory-class

The class that instantiates a naming context which is used to look up the external resource. The value is a name of a class that implements javax.naming.spi.ObjectFactory.

property

0 or more 

Configures the optional resource-specific properties. For more details, see property.

description

0 or 1 

The description of the custom resource. The value of this element is in text format. 

dav

The dav element configures WebDAV. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The dav element can contain the following subelements:

Table 3–14 List of dav Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether WebDAV is enabled at runtime. The default value is true.

default-owner

0 or 1 

Defines the name of the default owner of the resource. 

min-lock-timeout

0 or 1 

The minimum expiration time (in seconds) for WebDAV locks. The value can be from 0.001 to 3600, or 0 for no limit. 

max-xml-request-body-size

0 or 1 

The maximum size (in bytes) allowed for WebDAV XML request bodies. The value can be from 0 to 2147483647, or -1 for no limit. 

max-propfind-depth

0 or 1 

The maximum depth of PROPFIND requests sent to collections. The value can be 0, 1, or infinity.

max-expand-property-depth

0 or 1 

The maximum depth allowed for WebDAV expand-property REPORT responses. The value can be from 0 to 100.

max-report-response-elements

0 or 1 

The maximum number of response elements a REPORT response body can have. The value can be from 0 to 2147483647. The default value is 1000.

auth

0 or 1 

Configures the WebDAV Access Control Protocol authentication. For more details, see auth.

acl-db

0 or 1 

Configures the WebDAV Access Control Protocol ACL database. For more details, see acl-db.

lock-db

0 or 1 

Configures the WebDAV lock database. For more details, see lock-db.

property-db

0 or 1 

Configures the WebDAV property database. For more details, see property-db.

See Also

dav-collection

The dav-collection element configures a WebDAV collection. This element may appear zero or more times within the virtual-server element. For more information, see virtual-server.

Subelements

The dav-collection element can contain the following subelements:

Table 3–15 List of dav–collection Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether WebDAV is enabled at runtime. The default value is true.

default-owner

0 or 1 

The name of the default owner of the resource. 

uri

The existing root URI on which the WebDAV should be enabled. 

source-uri

0 or 1 

The URI which the WebDAV clients can use to access the source code of content. 

min-lock-timeout

0 or 1 

The minimum expiration time (in seconds) for WebDAV locks. The value can be from 0.001 to 3600, or –1 for no limit. 

max-xml-request-body-size

0 or 1 

The maximum size (in bytes) allowed for WebDAV XML request bodies. The value can be from 0 to 2147483647, or -1 for no limit. 

max-propfind-depth

0 or 1 

The maximum depth of PROPFIND requests sent to collections. The value can be 0, 1, or infinity.

max-expand-property-depth

0 or 1 

The maximum depth allowed for WebDAV expand-property REPORT responses. The value can be from 0 to 100.

max-report-response-elements

0 or 1 

The maximum number of response elements a REPORT response body can have. The value can be from 0 to 2147483647. The default value is 1000.

auth

0 or 1 

Configures the WebDAV Access Control Protocol authentication. For more details, see auth.

acl-db

0 or 1 

Configures the WebDAV Access Control Protocol ACL database. For more details, see acl-db.

lock-db

0 or 1 

Configures the WebDAV lock database. For more details, see lock-db.

property-db

0 or 1 

Configures the WebDAV property database. For more details, see property-db.

description

0 or 1 

The description of the WebDAV collection. 

See Also

default-auth-db-name

The default-auth-db-name element specifies the name of the default ACL authentication database. This element may appear zero or one time within the server element. For more information, see server. This element does not contain any subelements.

See Also

auth-db

default-auth-realm-name

The default-auth-realm-name element specifies the name of the default Servlet container authentication realm. This element may appear zero or one time within the server element. For more information, see server. This element does not contain any subelements.

See Also

auth-realm

default-soap-auth-provider-name

The default-soap-auth-provider-name element specifies the name of the default Simple Object Access Protocol (SOAP) message-level authentication provider. This element may appear zero or one time within the server element. For more information, see server. This element does not contain any subelements.

See Also

soap-auth-provider

display-name

The display-name element specifies a human-readable name for the collection to be used while displaying the collection to the end user. This element does not contain any subelements.

See Also

search-collection

dns

The dns element configures how the server uses the domain name system (DNS). This element may appear zero or one time within the server element. For more information, see server.

Subelements

The dns element can contain the following subelements:

Table 3–16 List of dns Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server does DNS lookups. The default value is false.

async

0 or 1 

Determines whether the server uses its own asynchronous DNS resolver instead of the operating system's synchronous resolver. The default value is true.

timeout

0 or 1 

The timeout (in seconds) for asynchronous DNS lookups. The value can be from 0.001 to 3600. 

See Also

dns-cache

dns-cache

The dns-cache element configures the DNS cache. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The dns-cache element can contain the following subelements:

Table 3–17 List of dns-cache Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server caches DNS lookup results. The default value is true.

max-age

0 or 1 

The maximum amount of time (in seconds) to cache a DNS lookup result. The value can be from 1 to 31536000. 

max-entries

0 or 1 

The maximum number of DNS lookup results to cache. The value can be from 32 to 32768. 

See Also

env-variable

The env-variable element defines an environment variable. This element may appear zero or one time within the cgi element. For more information, see cgi.

Subelements

The env-variable element can contain the following subelements:

Table 3–18 List of env-variable Subelements

Element 

Occurrences 

Description 

name

The name of the environment variable 

value

The value of the environment variable 

description

0 or 1 

The description of the environment variable 

See Also

variable

event

The event element configures a recurring event. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The event element can contain the following subelements:

Table 3–19 List of event Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the event is enabled at runtime. The default value is true.

time

0 or more 

Configures a specific time when the event occurs. For more details, see time.

interval

0 or 1 

The interval (in seconds) at which the event occurs. The value can be from 60 to 86400. 

rotate-log

0 or 1 

Rotates the log files. The default value is false.

rotate-access-log

0 or 1 

Rotates the access log files. The default value is false.

command

0 or more 

The command to execute when the event runs. 

reconfig

0 or 1 

Dynamically reconfigures the server. The default value is false.

restart

0 or 1 

Restarts the server. The default value is false.

description

0 or 1 

The description of the event. The value of this element is in text format. 

See Also

external-jndi-resource

The external-jndi-resource element configures a resource provided by an external JNDI repository. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The external-jndi-resource element can contain the following subelements:

Table 3–20 List of external-jndi-resource Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the event is enabled at runtime. The default value is true.

jndi-name

The JNDI name of the resource. 

jndi-lookup-name

The JNDI lookup name of the resource. 

res-type

The type of the external JNDI resource. The default value is a class name. 

factory-class

The class that instantiates resources of this type. The default value is a class name that implements javax.naming.spi.InitialContextFactory.

property

0 or more 

Configures the optional resource-specific properties. For more details, see property.

description

0 or 1 

The description of the resource. The value of this element should be in text format. 

file-cache

The file-cache element configures the file cache. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The file-cache element can contain the following subelements:

Table 3–21 List of file-cache Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server cache is enabled. The default value is true. Whether file content is cached in addition to meta information is controlled by the cache-content subelement.

max-age

0 or 1 

The maximum amount of time (in seconds) to cache file content and meta information. The value can be from –1 to 3600. The value -1 indicates that the file cache entries do not expire. 

max-entries

0 or 1 

The maximum number of paths to cache content and/or meta information. The value can be from 1 to 1048576. 

max-open-files

0 or 1 

The maximum number of file descriptors the file cache will keep open. The value can be from 1 to 1048576. 

sendfile

0 or 1 

Determines whether the server will attempt to use the operating system's sendfile, sendfilev, send_file, or TransmitFile system call. The default value is true on Windows and false on other platforms.

copy-files

0 or 1 

Determines whether the server copies cached files to a temporary directory. The default value is true on Windows and false on other platforms.

copy-path

0 or 1 

The temporary directory that is used when copy-files is true. If a relative path is used, it is relative to the server's config directory.

replacement

0 or 1 

The cache entry replacement algorithm. The value can be false, lru, or lfu.

cache-content

0 or 1 

Determines whether the server caches file content in addition to the meta information. The default value is true.

max-heap-file-size

0 or 1 

The maximum size (in bytes) of files to cache on the heap. The value can be from 0 to 2147483647. 

max-heap-space

0 or 1 

The maximum amount (in bytes) of heap to use for caching files. The value can be from 0 to 1099511627776 . 

max-mmap-file-size

0 or 1 

The maximum size (in bytes) of files to mmap. The value can be from 0 to 2147483647.

max-mmap-space

0 or 1 

The maximum amount (in bytes) of mmap address space to use for caching files. The value can be from 0 to 1099511627776 .

sendfile-size

Web Server uses sendfile-size only when the file size is greater than max-heap-file-size. When sendfile-size is set to non-zero value and file-cache and sendfile are enabled, it hints the file-cache subsystem to send the file in chunks. The chunk size can be at the most the size of sendfile-size. When sendfile-size is set to default value, that is, zero and sendfile is enabled, the entire file is attempted to be sent out. In either case, the left over file is sent in subsequent transfers.

See Also

http

The http element configures miscellaneous HTTP protocol options. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The http element can contain the following subelements:

Table 3–22 List of http Subelements

Element 

Occurrences 

Description 

version

0 or 1 

The highest HTTP protocol version the server supports. The default HTTP version string is HTTP/1.1.

server-header

0 or 1 

The server header information, such as the name of the server software and version. The default server header is Oracle-iPlanet-Web-Server/7.0.

request-header-buffer-size

0 or 1 

The size (in bytes) of the buffer used to read HTTP request headers. The value can be from 0 to 2147483647. 

strict-request-headers

0 or 1 

Determines whether the server rejects certain malformed HTTP request headers. The default value is false.

max-request-headers

0 or 1 

The maximum number of header fields to allow in an HTTP request header. The value can be from 1 to 512. 

output-buffer-size

0 or 1  

The size (in bytes) of buffer used to buffer HTTP responses. The value can be from 0 to 2147483647. 

max-unchunk-size

0 or 1 

The maximum size (in bytes) of a chunked HTTP request body that the server will unchunk. The value can be from 0 to 2147483647. 

unchunk-timeout

0 or 1 

The maximum time (in seconds) that the server waits for a chunked HTTP request body to arrive. The value can be from 0 to 3600, or -1 for no timeout. 

io-timeout

0 or 1 

The maximum time (in seconds) that the server waits for an individual packet. The value can be from 0 to 3600, or -1 for no timeout. 

request-header-timeout

0 or 1 

The maximum time (in seconds) that the server waits for a complete HTTP request header. The value can be from 0 to 604800, or -1 for no timeout. 

request-body-timeout

0 or 1 

The maximum time (in seconds) that the server waits for a complete HTTP request body. The value can be from 0 to 604800, or -1 for no timeout. 

favicon

0 or 1 

Determines whether the server replies to requests for favicon.ico with its own built-in icon file. The default value is true.

etag

0 or 1 

Controls whether the server includes an Etag header field in its responses. The default value is true.

See Also

http-listener

The http-listener element configures an HTTP listener. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The http-listener element can contain the following subelements:

Table 3–23 List of http-listener Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the HTTP listener is enabled at runtime. The default value is true.

name

The name that uniquely identifies the HTTP listener.  

ip

0 or 1 

The IP address on which to listen. The value of this element is a specific IP address, or * to listen on all IP addresses.

port

The port on which to listen. The value of this element is the port number. 

acceptor-threads

0 or 1 

The number of threads dedicated to accept connections received by this listener. The value can be from 1 to 128. 

server-name

The default server name. The value can include a scheme prefix (for example, http://) and port suffix (for example, :80).

blocking-io

0 or 1 

Determines whether the server uses blocking IO. The default value is false.

family

0 or 1 

The name of the protocol family. 

handle-protocol-mismatch

0 or 1 

Controls the server's response to SSL or non-SSL protocol mismatches in client requests. A mismatch occurs when a client uses SSL to send a request to a non-SSL listener, or when a client sends a request to an SSL listener without using SSL. The default is true, which means that the server attempts to detect SSL or non-SSL protocol mismatches and sends an HTTP redirect or SSL alert when a mismatch is detected.

listen-queue-size

0 or 1 

The maximum size (in bytes) of the operating system listen queue backlog. The value of this element can be from 1 to 1048576. 

receive-buffer-size

0 or 1 

The size (in bytes) of the operating system socket receive buffer. The value of this element can be from 1 to 1048576. 

send-buffer-size

0 or 1 

The size (in bytes) of the operating system socket send buffer. The value of this element can be from 1 to 1048576. 

default-virtual-server-name

The name of the virtual server that processes requests that do not match a host. The value of this element is the name value from a virtual-server element. For more details, see virtual-server.

ssl

0 or 1 

Configures SSL/TLS. For more details, see ssl.

description

0 or 1 

The description of the HTTP listener. The value of this element should be in a text format. 

See Also

include

The include element configures the document types that should be indexed. This element may appear zero or one time within the search-collection element. For more information, see search-collection.

If the include element is not present, only documents matching the *.html, *.htm, *.txt, *.pdf, patterns are indexed. Documents with the jar, sxc, sxg, sxi, sxm, sxw, war, and zip file extensions are never indexed.

Subelements

The include element can contain the following subelement:

Table 3–24 List of include Subelements

Element 

Occurrences 

Description 

pattern

0 or more 

Specifies the wildcard pattern of files to be indexed 

See Also

index

The index element configures the document fields that are indexed for searching. This element may appear zero or one time within the search-collection element. For more information, see search-collection.

Subelements

The index element can contain the following subelement:

Table 3–25 List of index subelement

Element 

Occurrences 

Description 

meta-tag

0 or more 

The name of the HTML meta tag that should be indexed 

See Also

instance

The instance element defines a member of a server cluster. This element may appear one or more times within the cluster element. For more information, see cluster.

Subelements

The instance element can contain the following subelements:

Table 3–26 List of instance Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the instance is enabled at runtime. The default value is true.

host

The network address of the instance. The value is the host name or the IP address. 

session-replication

0 or 1 

Configures the Servlet session replication for the instance. For more details, see session-replication.

See Also

jdbc-resource

The jdbc-resource element configures a Java Database Connectivity (JDBC) resource. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The jdbc-resource element can contain the following subelements:

Table 3–27 List of jdbc-resource Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the resource is enabled at runtime. The default value is true.

jndi-name

The JNDI name of the resource. 

datasource-class

The JDBC driver class. The value is a name of the class that implements java.sql.DataSource and java.sql.XADataSource.

min-connections

The minimum number of concurrent connections to maintain to the database server. The value can be from 1 to 4096. 

max-connections

The maximum number of concurrent connections to maintain to the database server. The value can be from 1 to 4096. 

idle-timeout

The timeout (in seconds) after which an idle connection to the database server will be closed. The value can be from 0 to 3600, or -1 for no timeout. 

wait-timeout

The timeout (in seconds) after which a caller waiting for an available connection to the database server will receive an error. The value can be from 0.001 to 3600, or -1 for no timeout. 

isolation-level

0 or 1 

Specifies the transaction isolation level. The value can be read-uncommitted, read-committed, repeatable-read, or serializable.

isolation-level-guaranteed

0 or 1 

Determines whether the server sets the isolation level each time a connection is leased to an application. The default value is false.

connection-validation

0 or 1 

Specifies how the server validates a connection before leasing it to an application. The value can be false, auto-commit, meta-data, or table.

connection-validation-table-name

0 or 1 

The name of the table used when connection-validation is table. The value is the database table name.

fail-all-connections

0 or 1 

Determines whether all connections are immediately closed and reestablished when there is an error validating an individual connection. The default value is false.

property

0 or more 

Configures the JDBC driver (java.sql.DataSource and java.sql.XADataSource) properties. For more details, see property.

connection-creation-property

0 or more 

Configures the JDBC connection (java.sql.Connection) properties, when a new connection is created. For more details, see connection-creation-property.

connection-lease-property

0 or more 

Configures the JDBC connection (java.sql.Connection) properties each time a connection is leased to an application. For more details, see connection-lease-property.

description

0 or 1 

The description of the resource. 

See Also

jvm

The jvm element configures the Java Virtual Machine (JVM). This element may appear zero or one time within the server element. For more information, see server.

Subelements

The jvm element can contain the following subelements:

Table 3–28 List of jvm Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server creates a JVM. The default value is true.

java-home

The location of the JDK. If relative path is used, it is relative to the server's config directory.

class-path-prefix

0 or 1 

The prefix for the system classpath. Because this classpath takes precedence over the server classpath, changing it can prevent the server from working properly. To add classes to the system classpath, use the class-path-suffix element instead.

server-class-path

0 or 1 

The classpath containing server classes. Changing this classpath can prevent the server from working properly. To add classes to the system class path, use the class-path-suffix element instead.

class-path-suffix

0 or 1 

The suffix for the system classpath. 

env-class-path-ignored

0 or 1 

Determines whether the server ignores the CLASSPATH environment variable. The default value is true.

native-library-path-prefix

0 or 1 

The prefix for the operating system native library path. 

sticky-attach

0 or 1 

Determines whether the server attaches each HTTP request processing thread to the JVM only once or attaches and detaches on each request. The default value is true.

debug

0 or 1 

Determines whether JVM is started in debug mode, ready for attachment with a Java Platform Debugger Architecture (JPDA) debugger. The default value is false.

debug-jvm-options

0 or more 

Defines the JPDA options. For more details, see http://java.sun.com/products/jpda/doc/conninv.html#Invocation

jvm-options

0 or more 

Defines the server-wide JVM options. For more details, see http://java.sun.com/docs/hotspot/VMOptions.html

bytecode-preprocessor-class

0 or more 

The name of the bytecode preprocessor class. The value is a name of a class that implements com.sun.appserv.BytecodePreprocessor.

profiler

0 or 1 

Configures a Java profiler. For more details, see profiler.


Note –

(On Windows only). Logging out of the machine where the web server is installed might abort the web server process. To avoid this problem, perform these steps:

  1. Add the following line to the server.xml file of the web server instance.

    <jvm-options>-Xrs</jvm-options>

  2. Restart the instance.


See Also

servlet-container

keep-alive

The keep-alive element configures the HTTP keep-alive subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The keep-alive element can contain the following subelements:

Table 3–29 List of keep-alive Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the keep-alive subsystem is enabled at runtime. The default value is true.

threads

0 or 1 

The number of keep-alive subsystem threads. The value can be from 1 to 128. The default value is 1. 

max-connections

0 or 1 

The maximum number of concurrent keep-alive connections that the server supports. The value can be from 1 to 1048576. The default value is 200. 

timeout

0 or 1 

The timeout (in seconds) after which an inactive keep-alive connection can be closed. The value can be from 0.001 to 3600. The default value is 30 seconds. 

poll-interval

0 or 1 

The interval (in seconds) between polls. The value can be from 0.001 to 1. The default value is .001. 

See Also

lifecycle-module

The lifecycle-module element configures a Java server lifecycle module, a user-defined class that implements com.sun.appserv.server.LifecycleListener. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The lifecycle-module element can contain the following subelements:

Table 3–30 List of lifecycle-modules Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the lifecycle module is enabled at runtime. The default value is true.

name

The name that uniquely identifies the lifecycle module. 

class

The class that implements the lifecycle module. The value is the name of a class that implements com.sun.appserv.server.LifecycleListener.

load-order

0 or 1 

The order in which the lifecycle module is loaded. It is recommended that you choose a load-order value that is greater than or equal to 100 to avoid conflicts with internal lifecycle modules. The value can be from 0 to 2147483647. Values from 0 to 99 are reserved for internal use. 

is-failure-fatal

0 or 1 

Determines whether the server should treat exceptions thrown during lifecycle module initialization as fatal. The default value is true.

class-path

0 or 1 

The classpath for the lifecycle module. 

property

0 or more 

Configures optional lifecycle-module-specific properties. For more details, see property.

description

0 or 1 

The description of the resource. 

localization

The localization element configures how the server chooses the language in which it presents information to the client. This element may appear zero or one time within the server element, and zero or one time within the virtual-server element. For more information, see server, and virtual-server.

Subelements

The localization element can contain the following subelements:

Table 3–31 List of localization Subelements

Element 

Occurrences 

Description 

default-language

0 or 1 

The default language in which the messages and content are displayed. The value is a language tag. 

negotiate-client-language

0 or 1 

Determines whether the server attempts to use the Accept-language HTTP header to negotiate the content language with clients. The default value is false.

lock-db

The lock-db element configures the WebDAV lock database. This element may appear zero or one time within the dav element, and zero or one time within the dav-collection element. For more information, see dav and dav-collection.

Subelements

The lock-db element can contain the following subelements:

Table 3–32 List of lock-db Subelements

Element 

Occurrences 

Description 

path

0 or 1 

The path of the WebDAV lock database. If a relative path is used, it is relative to the server's config directory.

update-interval

0 or 1 

The interval (in seconds) at which WebDAV lock databases are synchronized to disk. The value can be from 0.001 to 3600, or 0 to disable caching of WebDAV lock information. 

See Also

log

The log element configures the logging subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The log element can contain the following subelements:

Table 3–33 List of log Subelements

Element 

Occurrences 

Description 

log-stdout

0 or 1 

Determines whether the server logs data that applications write to stdout. The default value is true.

log-stderr

0 or 1 

Determines whether the server logs data that applications write to stderr. The default value is true.

log-virtual-server-name

0 or 1 

Determines whether the server includes the virtual server name in log messages. The default value is false.

create-console

0 or 1 

Determines whether the server creates a console window (Windows only). The default value is false.

log-to-console

0 or 1 

Determines whether the server writes log messages to the console. The default value is true.

log-to-syslog

0 or 1 

Determines whether the server writes log messages to syslog (UNIX only ) or Event Viewer (Windows only). The default value is false.

date-format

0 or 1 

The date format for log message timestamps. The default value is %d/%b/%Y:%H:%M:%S. For more information, see Appendix D, Using Time Formats.

archive-suffix

0 or 1 

The suffix appended to rotated log file names. The default value is %Y%m%d%H%M.

archive-command

0 or 1 

The command executed after the server rotates a log file. The program is passed the post-rotation file name of the log file as an argument. The value is a program command line. For example, 

<archive-command>gzip</archive-command>

or 

<archive-command>"c:\Program Files\Perl\perl.exe" archive.pl</archive-command>

log-level

0 or 1 

The log verbosity for the server. The value can be finest (most verbose), finer, fine, info, warning, failure, config, security, or catastrophe (least verbose).

log-file

0 or 1 

Defines the log file for the server. The value is the file name of the log file, for example, ../logs/errors. If a relative path is used, it is relative to the server's config directory.

See Also

mail-resource

The mail-resource element configures a mail store resource. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The mail-resource element can contain the following subelements:

Table 3–34 List of mail-resource Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the mail resource is enabled at runtime. The default value is true.

jndi-name

The JNDI name of the resource. 

description

0 or 1 

The description of the resource 

property 

0 or more 

Configures optional mail-resource-specific properties. The properties are the standard JavaMail properties For more details, see the JavaMail API Specification at http://java.sun.com/products/javamail/JavaMail-1.2.pdf, and property.

store-protocol

0 or 1 

The protocol used to retrieve messages. 

store-protocol-class

0 or 1 

The storage service provider implementation for store-protocol. The value is a name of a class that implements store-protocol. The default value is com.sun.mail.imap.IMAPStore.

transport-protocol

0 or 1 

The protocol used to send messages. 

transport-protocol-class

0 or 1 

The transport service provider implementation for transport-protocol. The value is a name of a class that implements transport-protocol. The default value is com.sun.mail.smtp.SMTPTransport.

host

The mail server host name. 

user

The mail server username. 

from

The email address from which the server sends email. 

description

0 or 1 

The description of the mail resource. 

mime-file

The mime-file element defines a file that configures the MIME type mappings for the server. This element may appear zero or more times within the server element and zero or more times within the virtual-server element. For more information, see server, and virtual-server.

The value of this element is the file name of a MIME types file. If a relative path is used, it is relative to the server's config directory. This element does not contain any subelements.

For more information, see Chapter 8, MIME Types.

pkcs11

The pkcs11 element configures the PKCS #11 subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The pkcs11 element can contain the following subelements:

Table 3–35 List of pkcs11 Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server initializes PKCS #11 tokens, prompting for Personal Identification Numbers (PINs) as necessary. The default value is true if SSL is enabled and false if SSL is not enabled.

crl-path

0 or 1 

The directory that contains dynamically updated CRL files. The value is the name of the directory. If a relative path is used, it is relative to the server's config directory.

token

0 or more 

Configures a PKCS #11 token. For more details, see token.

See Also

pkcs11 bypass

The pkcs11 bypass element instructs the NSS to bypass the PKCS#11 layer during SSL/TLS processing, thereby improving performance.

During startup, the server automatically verifies each token, holding a server key, to assess if they support PKCS#11 bypass. If the tokens support bypass in the current configuration the PKCS#11 layer will be bypassed, else the bypass will be disabled. Thus, the server automatically takes advantage of the performance benefits of pkcs11 bypass whenever possible.

In certain unique circumstances, you can disable PKCS#11 bypass manually by using the server.xml element <allow-bypass>.


<pkcs11>
 <enabled>1</enabled>
 <allow-bypass>0</allow-bypass>
</pkcs11>

See Also

profiler

The profiler element configures a JVM profiler. This element may appear zero or one time within the jvm element. For more information, see jvm.

Subelements

The profiler element can contain the following subelements:

Table 3–36 List of profiler Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the profiler is enabled at runtime. The default value is true.

class-path

0 or 1 

The classpath for the profiler.  

native-library-path

0 or 1  

The native library path for the profiler. The value is the operating system library path. 

jvm-options

0 or more 

The JVM options for the profiler. For more details, see .

property

The property element defines a name-value pair. The effect of defining a property name-value pair depends on the context in which the property element appears as described below:

Subelements

The property element can contain the following subelements:

Table 3–37 List of property Subelements

Element 

Occurrences 

Description 

name

The name of the property. 

value

The value of the property. 

encoded

0 or 1 

Determines whether the property value has been encoded using the uunencode algorithm. The default value is false.

description

0 or 1 

The description of the property. 

See Also

property-db

The property-db element configures the WebDAV property database. This element may appear zero or one time within the dav element and zero or one time within the dav-collection element. For more information, see dav, and dav-collection.

Subelements

The property-db element can contain the following subelements:

Table 3–38 List of property-db Subelements

Element 

Occurrences 

Description 

max-size

0 or 1 

The maximum size (in bytes) of WebDAV property database files. The value can be from 0 to 2147483647, or -1 for no limit. 

update-interval

0 or 1 

The interval (in seconds) at which the WebDAV property databases are synchronized to disk. The value can be from 0.001 to 3600, or 0 to disable caching of WebDAV properties. 

See Also

qos

The qos element configures the Quality of Service (QoS) statistics collection subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The qos element can contain the following subelements:

Table 3–39 List of qos Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the system tracks the QOS information. The default value is true if qos-limits are enabled, and false if qos-limits are not enabled. For details, see qos-limits.

interval

0 or 1 

The interval (in seconds) over which the QOS information is averaged. The value can be from 0.001 to 3600. 

See Also

qos-limits

qos-limits

The qos-limits element configures QOS (Quality of Service) limits. This element may appear zero or one time within the server element, and zero or one time within the virtual-server element. For more information, see server, and virtual-server.

Subelements

The qos-limits element can contain the following subelements:

Table 3–40 List of qos-limits Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the QOS limits are enforced at runtime. The default value is true.

max-bps

0 or 1 

The maximum transfer rate (bytes per second). The value can be from 1 to 2147483647. 

max-connections

0 or 1 

The maximum number of concurrent connections. The value can be from 1 to 1048576. 

See Also

qos

request-policy

The request-policy element configures the authentication policy requirements for web services requests. This element may appear zero or one time within the soap-auth-provider element. For more information, see soap-auth-provider.

Subelements

The request-policy element can contain the following subelements:

Table 3–41 List of request-policy Subelements

Element 

Occurrences 

Description 

auth-source

0 or 1 

Specifies a requirement for message layer sender authentication. For example, username and password, or content authentication such as a digital signature. 

auth-recipient

0 or 1 

Specifies a requirement for message layer authentication of the receiver of a message to its sender, for example, by XML encryption. The value can be before-content or after-content.

response-policy

The response-policy element configures the authentication policy requirements for web services responses. This element may appear zero or one time within the soap-auth-provider element. For more information, see soap-auth-provider.

Subelements

The response-policy element can contain the following subelements:

Table 3–42 List of response-policy Subelements

Element 

Occurrences 

Description 

auth-source

0 or 1 

Defines a requirement for message layer sender authentication. For example, username and password, or content authentication such as a digital signature. 

auth-recipient

0 or 1 

Defines a requirement for message layer authentication of the receiver of a message to its sender, for example, by XML encryption. The value can be before-content or after-content.

search-app

The search-app element configures the built-in search web application. This element may appear zero or one time within the virtual-server element. For more information, see virtual-server.

Subelements

The search-app element can contain the following subelements:

Table 3–43 List of search-app Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the search application is enabled at runtime. The default value is true.

max-hits

0 or 1 

The maximum number of search results to return in response to a single search query. The value can be from 0 to 10000. 

uri

The root URI for the search web application. 

See Also

search-collection

The search-collection element configures a collection of searchable documents. This element may appear zero or more times within the virtual-server element. For more information, see virtual-server.

Subelements

The search-collection element can contain the following subelements:

Table 3–44 List of search-collection Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the collection can be searched. The default value is true.

name

The name that uniquely identifies the search collection. 

display-name

0 or 1 

The description of the search collection displayed to end users. 

uri

The root URI for the searchable documents. 

document-root

The file system root for the searchable documents. If a relative path is used, it is relative to the server's config directory.

path

The file system path where search collection meta data is stored. If a relative path is used, it is relative to the server's config directory.

index

0 or 1 

Configures the document fields to be indexed. For more details, see index.

convert

0 or 1 

Configures the document type to be converted. For more details, see convert.

include

0 or 1 

Configures document types that should be included. For more details, see include.

description

0 or 1 

The description of the search collection. 

See Also

server

The server element defines a server. This is the root element, and there can be only one server element in the server.xml file.

Subelements

The server element has the following subelements:

Table 3–45 List of server Subelements

Element 

Occurrences 

Description 

cluster

0 or 1 

The server cluster to which the server belongs. For more details, see cluster.

log

0 or 1 

Configures the logging subsystem. For more details, see log.

user

0 or 1 

The account the server runs as (UNIX only). The value is the user account. If the server is started as root, any UNIX account can be specified. If the server is started by a non-root account, only that non-root account should be specified.

platform

0 or 1 

Determines whether the server runs as a 32-bit or 64-bit process. The value can be 32 or 64. 

temp-path

0 or 1 

The directory where the server stores its temporary files. If a relative path is used, it is relative to the server's config directory. The directory must be owned by the account that the server runs as.

variable

0 or more 

Defines a variable for use in expressions, log formats, and obj.conf parameters. For more details, see variable.

localization

0 or 1 

Configures localization. For more details, see localization.

http

0 or 1 

Configures the HTTP protocol options. For more details, see http.

keep-alive

0 or 1 

Configures the HTTP keep-alive subsystem. For more details, see keep-alive.

thread-pool

0 or 1 

Configures the HTTP request processing threads. For more details, see thread-pool.

pkcs11

0 or 1 

Configures the PKCS #11 subsystem. For more details, see pkcs11.

stats

0 or 1 

Configures the statistics collection subsystem. For more details, see stats.

cgi

0 or 1  

Configures the CGI subsystem. For more details, see cgi.

qos

0 or 1 

Configures the QOS subsystem. For more details, see qos.

dns

0 or 1 

Configures the server's use of DNS. For more details, see dns.

dns-cache

0 or 1 

Configures the DNS cache. For more details, see dns-cache.

file-cache

0 or 1 

Configures the file cache. For more details, see file-cache.

acl-cache

0 or 1 

Configures the ACL cache. For more details, see acl-cache.

ssl-session-cache

0 or 1 

Configures the SSL/TLS session cache. For more details, see ssl-session-cache.

access-log-buffer

0 or 1 

Configures the access log buffering subsystem. For more details, see access-log-buffer.

dav

0 or 1 

Configures WebDAV. For more details, see dav.

snmp

0 or 1 

Configures SNMP. For more details, see snmp.

qos-limits

0 or 1 

Configures the QOS limits for the server. For more details, see qos-limits.

audit-accesses

0 or 1 

Specifies whether authentication and authorization events are logged. The default value is false.

jvm

0 or 1 

Configures JVM. For more details, see jvm.

servlet-container

0 or 1 

Configures the Servlet container. For more details, see servlet-container.

lifecycle-module

0 or more 

Configures a Java server lifecycle module. For more details, see lifecycle-module.

custom-resource

0 or more 

Configures a resource implemented by a custom class. For more details, see custom-resource.

external-jndi-resource

0 or more 

Configures a resource provided by an external JNDI repository. For more details, see external-jndi-resource.

jdbc-resource

0 or more  

Configures a JDBC resource. For more details, see jdbc-resource.

mail-resource

0 or more  

Configures a mail store. For more details, see mail-resource.

default-soap-auth-provider-name

0 or 1 

The name of the default SOAP message-level authentication provider. The value is the name value from a soap-auth-provider element. For more details, see default-soap-auth-provider-name

soap-auth-provider

0 or more 

Configures a SOAP message-level authentication provider. For more details, see soap-auth-provider.

default-auth-realm-name

0 or 1 

The name of the default Servlet container authentication realm. The value is the name value from an auth-realm element. For more details, see auth-realm.

auth-realm

0 or more 

Configures a Servlet container authentication realm. For more details, see auth-realm.

default-auth-db-name

0 or 1 

The name of the default ACL authentication database. The value is the name value from an auth-db element, and the default value is default. For more details, see auth-db.

auth-db

0 or more 

Configures an ACL authentication database for the server. For more details, see auth-db.

acl-file

0 or more 

The ACL file that controls access to the server. The value is the name of an ACL file. For more details, see acl-file.

mime-file

0 or more 

The mime.types file that configures MIME mappings for the server as a whole. The value is the name of a mime.types file. For more details, seemime-file.

access-log

0 or more 

Configures an HTTP access log for the server. For more details, see access-log.

http-listener

0 or more 

Configures an HTTP listener. For more details, see http-listener.

virtual-server

0 or more 

Configures a virtual server. For more details, see virtual-server.

event

0 or more 

Configures a recurring event. For more details, see event.

servlet-container

The servlet-container element configures the Servlet container. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The servlet-container element can contain the following subelements:

Table 3–46 List of servlet-container Subelements

Element 

Occurrences 

Description 

dynamic-reload-interval

0 or 1 

Specifies how often the server checks the deployed web applications for modifications. The value can be from 1 to 60, or 0 to disable dynamic reloading. 

log-level

0 or 1 

The log verbosity for the Servlet container. The value can be finest (most verbose), finer, fine, info, warning, failure, config, security, or catastrophe (least verbose).

anonymous-role

0 or 1 

The name of the default, or anonymous role assigned to all principals. The default role is ANYONE.

single-threaded-servlet-pool-size

0 or 1 

The number of Servlet instances to instantiate per SingleThreadedServlet. The value can be from 1 to 4096. The default value is 5.

cross-context-allowed

0 or 1 

Determines whether request dispatchers are allowed to dispatch to another context. The default is true.

reuse-session-id

0 or 1 

Determines whether any existing session ID number is reused when creating a new session for that client. The default value is false.

encode-cookies

0 or 1 

Determines whether the Servlet container encodes cookie values. The default value is true.

dispatcher-max-depth

0 or 1 

The maximum depth for the Servlet container allowing nested request dispatches. The value can be from 0 to 2147483647. The default value is 20.

secure-session-cookie

0 or 1 

Controls the conditions under which the JSESSIONID cookie is marked secure. The value can be as follows:

  • dynamic – Marks the cookie secure only when the request is received on a secure connection

  • true - Always marks the cookie secure

  • false – Never marks the cookie secure

The default value is dynamic.

See Also

session-replication

The session-replication element configures Servlet session replication within a server cluster. This element may appear zero or one time within the cluster element, and zero or one time within the instance element. For more information, see cluster, and instance.

Subelements

The session-replication element can contain the following subelements:

Table 3–47 List of session-replication Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the session replication is enabled at runtime. The default value is true.

port

0 or 1 

Specifies the port on which the server will listen. The default port number is 1099.

instance-id

0 or 1 

(Only applicable at the instance level.) The value that uniquely identifies the instance for use in cookies. 

key

0 or 1 

(Only applicable at the cluster level.) The shared secret which members of the cluster use to authenticate to each other. The value of this subelement should be in text format. 

encrypted

0 or 1 

(Only applicable at the cluster level.) Determines whether the session data is encrypted prior to replication. The default value is false.

protocol

0 or 1 

(Only applicable at the cluster level.) The protocol used for session replication. The value can be http or jrmp.

getAttribute-triggers-replication

0 or 1 

(Only applicable at the cluster level.) Determines whether a call to the HttpSession.getAttribute method should cause a session to be backed up. The default value is true.

replica-discovery-max-hops

0 or 1 

(Only applicable at the cluster level.) The maximum number of instances that should be contacted while attempting to find the backup of a session. The value can be from 1 to 2147483647, or -1 for no limit. 

startup-discovery-timeout

0 or 1 

(Only applicable at the cluster level.) The maximum time (in seconds) that an instance spends trying to contact its designated backup instance. The value can be from 0.001 to 3600. 

cookie-name

0 or 1 

(Only applicable at the cluster level.) The name of the cookie that tracks which instance owns a session. 

cipher

0 or 1 

(Only applicable at the cluster level.) The value of a JCE cipher. JCE ciphers are specified using the form algorithm/mode/padding. The value should be in text format. The default value is AES/CBC/PKCS5Padding.

single-sign-on

The single-sign-on element configures a single authentication mapping across multiple Java web applications sharing the same realm. This element may appear zero or one time within the virtual-server element. For more information, see virtual-server.

Subelements

The single-sign-on element can contain the following subelements:

Table 3–48 List of single-sign-on Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the single-sign-on feature is enabled at runtime. The default value is false.

idle-timeout

0 or 1 

The timeout (in seconds) after which a user's single sign-on records becomes eligible for purging if no activity is seen. The value can be from 0.001 to 3600, or -1 for no timeout. The default value is 300 seconds.

See Also

snmp

The snmp element configures the server's SNMP subagent. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The snmp element can contain the following subelements:

Table 3–49 List of snmp Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether SNMP is enabled at runtime. The default value is true.

master-host

0 or 1 

The network address of the SNMP master agent. The value is a host name or IP address. 

description

The description of the server. The value should be in text format. 

organization

The name of the organization responsible for the server. The value should be in text format. 

location

The location of the server. The value should be in text format. 

contact

The contact information of the person responsible for the server. The value should be in text format. 

See Also

stats

soap-auth-provider

The soap-auth-provider element configures a SOAP message-level authentication provider for web services. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The soap-auth-provider element can contain the following subelements:

Table 3–50 List of soap-auth-provider Subelements

Element 

Occurrences 

Description 

name

The name that uniquely identifies the SOAP message-level authentication provider for use in default-soap-auth-provider-name and sun-web.xml.

class

The class that implements the provider realm. The value is a name of a class that implements javax.security.auth.XXX.

request-policy

0 or 1 

Configures the authentication policy requirements for requests. For more details, see request-policy.

response-policy

0 or 1 

Configures the authentication policy requirements for responses. For more details, see response-policy.

property

0 or more 

Configures the optional provider-specific properties. For more details, see property.

ssl

The ssl element configures the SSL/TLS settings. This element may appear zero or one time within the http-listener element. For more information, see http-listener.

Subelements

The ssl element can contain the following subelements:

Table 3–51 List of ssl Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether SSL/TLS is enabled at runtime. The default value is true.

server-cert-nickname

0 or more 

The nickname of the certificate that server presents to the clients. You can specify zero or one RSA certificates, plus zero or one ECC certificates.  

ssl2

0 or 1 

Determines whether SSL2 connections are accepted. The default value is false.

ssl3

0 or 1 

Determines whether SSL3 connections are accepted. The default value is true.

tls

0 or 1 

Determines whether TLS connections are accepted. The default value is true.

tls-rollback-detection

0 or 1 

Determines whether the server detects and blocks TLS version rollback attacks. The default value is true.

ssl2-ciphers

0 or 1 

Configures the SSL2 cipher suites. For more details, see ssl2-ciphers.

ssl3-tls-ciphers

0 or 1 

Configures the SSL3 and TLS cipher suites. For more details, see ssl3-tls-ciphers.

client-auth

0 or 1 

The method of client certificate authentication. The value can be required, optional, or false.

client-auth-timeout

0 or 1 

The timeout (in seconds) after which client authentication handshake fails. The value can be from 0.001 to 3600. 

max-client-auth-data

0 or 1 

The maximum amount of application-level data to buffer during a client authentication handshake. The value can be from 0 to 2147483647. 

See Also

ssl2-ciphers

The ssl2-ciphers element configures SSL2 cipher suites. This element may appear zero or one time within the ssl element. For more information, see ssl.

Subelements

The ssl2-ciphers element can contain the following subelements:

Table 3–52 List of ssl2-ciphers Subelements

Element 

Occurrences 

Description 

SSL_RC4_128_WITH_MD5

0 or 1 

Determines whether the SSL_RC4_128_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RC4_128_EXPORT40_WITH_MD5

0 or 1 

Determines whether the SSL_RC4_128_EXPORT40_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RC2_128_CBC_WITH_MD5

0 to 1 

Determines whether the SSL_RC2_128_CBC_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RC2_128_CBC_EXPORT40_WITH_MD5

0 or 1 

Determines whether the SSL_RC2_128_CBC_EXPORT40_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_DES_64_CBC_WITH_MD5

0 to 1 

Determines whether the SSL_DES_64_CBC_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_DES_192_EDE3_CBC_WITH_MD5

0 to 1 

Determines whether the SSL_DES_192_EDE3_CBC_WITH_MD5 cipher suite is enabled at runtime. The default value is true.

See Also

ssl3-tls-ciphers

The ssl3-tls-ciphers element configures SSL3 and TLS cipher suites. This element may appear zero or one time within the ssl element. For more information, see ssl.

Subelements

The ssl3-tls-ciphers element can contain the following subelements:

Table 3–53 List of ssl3-tls-ciphers Subelements

Element 

Occurrences 

Description 

SSL_RSA_WITH_RC4_128_MD5

0 or 1 

Determines whether the SSL_RSA_WITH_RC4_128_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RSA_WITH_RC4_128_SHA

0 or 1 

Determines whether the SSL_RSA_WITH_RC4_128_SHA cipher suite is enabled at runtime. The default value is true.

SSL_RSA_WITH_3DES_EDE_CBC_SHA

0 or 1 

Determines whether the SSL_RSA_WITH_3DES_EDE_CBC_SHA cipher suite is enabled at runtime. The default value is true.

SSL_RSA_WITH_DES_CBC_SHA

0 or 1 

Determines whether the SSL_RSA_WITH_DES_CBC_SHA cipher suite is enabled at runtime. The default value is true.

SSL_RSA_EXPORT_WITH_RC4_40_MD5

0 or 1 

Determines whether the SSL_RSA_EXPORT_WITH_RC4_40_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5

0 or 1 

Determines whether the SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 cipher suite is enabled at runtime. The default value is true.

SSL_RSA_WITH_NULL_MD5

0 or 1 

Determines whether the SSL_RSA_WITH_NULL_MD5 cipher suite is enabled at runtime. The default value is false.

SSL_RSA_WITH_NULL_SHA

0 or 1 

Determines whether the SSL_RSA_WITH_NULL_SHA cipher suite is enabled at runtime. The default value is false.

SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA

0 or 1 

Determines whether the SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA cipher suite is enabled at runtime. The default value is true.

SSL_RSA_FIPS_WITH_DES_CBC_SHA

0 or 1 

Determines whether the SSL_RSA_FIPS_WITH_DES_CBC_SHA cipher suite is enabled at runtime. The default value is true.

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

0 or 1 

Determines whether the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher suite is enabled at runtime. The default value is true.

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

0 or 1 

Determines whether the TLS_ECDH_RSA_WITH_AES_128_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDH_RSA_WITH_RC4_128_SHA

0 or 1 

Determines whether the TLS_ECDH_RSA_WITH_RC4_128_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

0 or 1 

Determines whether the TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

0 or 1 

Determines whether the TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

0 or 1  

Determines whether the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA

0 or 1 

Determines whether the TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA cipher suite is enabled at runtime. The default value is true.

TLS_RSA_EXPORT1024_WITH_RC4_56_SHA

0 or 1 

Determines whether the TLS_RSA_EXPORT1024_WITH_RC4_56_SHA cipher suite is enabled at runtime. The default value is true.

TLS_RSA_WITH_AES_128_CBC_SHA

0 or 1 

Determines whether the TLS_RSA_WITH_AES_128_CBC_SHA cipher suite is enabled at runtime. The default value is true.

TLS_RSA_WITH_AES_256_CBC_SHA

0 or 1 

Determines whether the TLS_RSA_WITH_AES_256_CBC_SHA cipher suite is enabled at runtime. The default value is true.

TLS_ECDHE_ECDSA_WITH_NULL_SHA

0 or 1  

Determines whether the TLS_ECDHE_ECDSA_WITH_NULL_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

0 or 1  

Determines whether the TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

0 or 1 

Determines whether the TLS_ECDHE_ECDSA_WITH_RC4_128_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

0 or 1 

Determines whether the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_RSA_WITH_NULL_SHA

0 or 1 

Determines whether the TLS_ECDHE_RSA_WITH_NULL_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_RSA_WITH_RC4_128_SHA

0 or 1 

Determines whether the TLS_ECDHE_RSA_WITH_RC4_128_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

0 or 1 

Determines whether the TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA cipher suite is enabled at runtime. The default value is false.

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

0 or 1 

Determines whether the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher suite is enabled at runtime. The default value is false.

See Also

ssl-session-cache

The ssl-session-cache element configures the SSL/TLS session cache. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The ssl-session-cache element can contain the following subelements:

Table 3–54 List of ssl-session-cache Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server caches SSL/TLS sessions. The default value is true.

max-entries

0 or 1 

The maximum number of SSL/TLS sessions the server will cache. The value can be from 1 to 524288. 

max-ssl2-session-age

0 or 1 

The maximum amount of time to cache an SSL2 session. The value can be from 5 to 100. 

max-ssl3-tls-session-age

0 or 1 

The maximum amount of time to cache an SSL3/TLS session. The value can be from 5 to 86400. 

See Also

stats

The stats element configures the statistics collection subsystem. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The stats element can contain the following subelements:

Table 3–55 List of stats Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server collects statistics. The default value is true.

interval

0 or 1  

Interval (in seconds) at which statistics are updated. The value can be from 0.001 to 3600. 

profiling

0 or 1 

Determines whether the performance buckets, used to track NSAPI function execution time, are enabled at runtime. The default value is true.

See Also

snmp

thread-pool

The thread-pool element configures the threads used to process HTTP requests. This element may appear zero or one time within the server element. For more information, see server.

Subelements

The thread-pool element can contain the following subelements:

Table 3–56 List of thread-pool Subelements

Element 

Occurrences 

Description 

min-threads

0 or 1 

The minimum number of HTTP request processing threads. The value can be from 1 to 4096. 

max-threads

0 or 1 

The maximum number of HTTP request processing threads. The value can be from 1 to 4096. 

stack-size

0 or 1 

The stack size (in bytes) for HTTP request processing threads. The value can be from 8192 to 67108864. 

queue-size

0 or 1 

The maximum number of concurrent HTTP connections that can be queued waiting for processing. The value can be from 1 to 1048576. 

See Also

time

The time element configures the time when an event will occur. This element may appear zero or more times within the event element. For more information, see event.

Subelements

The time element can contain the following subelements:

Table 3–57 List of time Subelements

Element 

Occurrences 

Description 

time-of-day

The time when the event will occur. The value should be in the hh:mm format.

day-of-week

0 or 1 

The day of the week. The value can be Sun, Mon, Tue, Wed, Thu, Fri, or Sat.

day-of-month

0 or 1 

The day of month. The value can be from 1 to 31. 

month

0 or 1 

The name of the month. The value can be Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec.

token

The token element configures a PKCS #11 token. This element may appear zero or more times within the pks11 element. For more information, see pkcs11.

Subelements

The token element can contain the following subelements:

Table 3–58 List of token Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the server initializes this PKCS #11 token, prompting for a PIN if necessary. The default value is true.

name

The name of the token. The server's built-in token is named internal.

pin

0 or 1  

The PIN required to initialize the token. 

variable

The variable element defines a variable for use in expressions, log formats, and obj.conf parameters. This element may appear zero or more times within the server element, and zero or more times within the virtual-server element. For more information, see server, and virtual-server.

Subelements

The variable element can contain the following subelements:

Table 3–59 List of variable Subelements

Element 

Occurrences 

Description 

name

The name of the variable. The value should be in text format. 

value

The value of the variable. The value should be in text format. 

description

0 or 1 

The description of the variable. The value should be in text format. 

See Also

virtual-server

The virtual-server element configures an HTTP virtual server. Each server would typically have at least one virtual server. This element may appear zero or more times within the server element. For more information, see server.

Subelements

The virtual-server element can contain the following subelements:

Table 3–60 List of virtual-server Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the virtual server is enabled at runtime. The default value is true.

name

A name that uniquely identifies the virtual server. 

http-listener-name

0 or more 

The name of an HTTP listener associated with one or more of the virtual server's host names. The value is the name from an http-listener element. For more details, see http-listener.

host

0 or more 

The host name that the virtual server services. Host comparisons are not case sensitive. The value can be a host name or a wildcard pattern. For more information on wildcards, see Appendix B, Using Wildcard Patterns

canonical-server-name

0 or 1 

The canonical name of the virtual server. Requests using a different name will be redirected to the canonical name. The value is a host name or URL prefix. 

acl-file

0 or more 

The name of the ACL file that controls access to the virtual server. 

mime-file

0 or more 

The mime.types file that configures MIME mappings for the virtual server.

object-file

The obj.conf file that controls request processing for the virtual server.

default-object-name

0 or 1 

The name of the root obj.conf object. The default value is default.

document-root

The document root for the virtual server. 

localization

0 or 1 

Configures localization. For more details, see localization.

qos-limits

0 or 1 

Configures QOS limits for the virtual server. For more details, see qos-limits.

search-app

0 or 1 

Configures the built-in search web application for the virtual server. For more details, see search-app.

access-log

0 or more 

Configures an HTTP access log for the virtual server. For more details, see access-log.

auth-db

0 or more 

Configures an ACL authentication database for the virtual server. For more details, see auth-db.

search-collection

0 or more 

Configures a collection of searchable documents for the virtual server. For more details, see search-collection.

dav-collection

0 or more 

Configures a WebDAV collection for the virtual server. For more details, see dav-collection.

web-app

0 or more 

Configures the Java web application mappings for the virtual server. For more details, see web-app.

log-file

0 or 1 

The log file for the virtual server. The value is the log file name, for example, ../logs/errors.

variable

0 or more 

Defines an obj.conf variable for the virtual server. For more details, see variable.

description

0 or 1 

The description of the virtual server. 

single-sign-on

0 or 1 

Configures single sign-on for Java web applications within the virtual server. For more details, see single-sign-on.

See Also

web-app

The web-app element configures a Java web application mapping. This element may appear zero or more times within the virtual-server element. For more information, see virtual-server.

Subelements

The web-app element can contain the following subelements:

Table 3–61 List of web-app Subelements

Element 

Occurrences 

Description 

enabled

0 or 1 

Determines whether the web application is enabled at runtime. The default value is true.

uri

The root URI for the web application. 

path

The path where the web application is stored. If a relative path is used, it is relative to the server's config directory.

description

0 or 1 

The description of the web application. 

See Also