format

%client.name% %auth-user-name% %datetime% %request% %status% %response.length%

(optional) Specifies the format of the access log. For a complete list of token values you can use in the format, see the online help for the Access Log tab of the HTTP Service or Session Initiation Protocol (SIP) Service page in the Admin Console. 

rotation-policy

time

(optional) Specifies the condition that triggers log rotation. The only legal value is time, which rotates log files at the rotation-interval-in-minutes interval.

rotation-interval-in-minutes

15 (developer profile)

1440 (cluster profile)

(optional) Specifies the time interval between log rotations if rotation-policy is set to time.

rotation-suffix

yyyy-MM-dd (developer profile)

yyyyMMdd-HH'h'mm'm'ss's' (cluster profile)

(optional) Specifies the format of the timestamp appended to the access log name when log rotation occurs.  

For supported formats, see http://java.sun.com/javase/6/docs/api/java/text/SimpleDateFormat.html.

The following value is supported for backward compatibility. It results in the same format as the default. 

%YYYY;%MM;%DD;-%hh;h%mm;m%ss;s

rotation-enabled

true

(optional) If true, enables log rotation.

action-mbean-name

none 

Specifies the name of the mbean that performs the action of a management rule. This MBean must implement javax.management.NotificationListener.

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

jndi-name

none 

Specifies the JNDI name for the resource. 

res-type

none 

Specifies the fully qualified type of the resource. 

res-adapter

none 

Specifies the name of the inbound resource adapter, as specified in the name attribute of a connector-module element.

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether this resource is enabled at runtime. 

jmx-connector

zero or more 

Configures a JSR 160/255 compliant remote JMX connector. 

das-config

only one (developer profile) 

zero or one (cluster profile) 

Defines a domain administration server configuration. 

property

zero or more 

Specifies a property or a variable. 

type

das-and-server (developer profile)

server (cluster profile)

Specifies whether the server instance is a regular instance (server), a domain administration server (das), or a combination (das-and-server). modifying this value is not recommended.

system-jmx-connector-name

none 

Specifies the name of the internal jmx-connector.

alert-subscription

zero or more 

Configures a subscription to system status alerts. 

property

zero or more 

Specifies a property or a variable. 

listener-config

only one 

Configures the listener class that listens for alerts from notification emitters. 

filter-config

zero or one 

Configures the filter class that filters alerts from notification emitters. 

name

none 

Specifies the name of this alert subscription. 

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

name

none 

The name of the ACC module. 

location

none 

The location of the ACC module in the Communications Server file system. 

directory-deployed

false

(optional) Specifies whether the application has been deployed as a directory. 

java-web-start-enabled

true

(optional) Specifies whether Java Web Start access is permitted for this application client. 

enabled

true

(optional) Determines whether the application or module is enabled. 

virtual-servers

all virtual servers 

(optional) In a comma-separated list, references id attributes of the virtual-server elements to which the web-module or the web modules within this j2ee-application are deployed.

lb-enabled

false

(optional) If true, all load-balancers that reference this application consider it available to them.

disable-timeout-in-minutes

30

(optional) Specifies the time it takes this application to reach a quiescent state after having been disabled. 

ref

none 

References the name attribute of a lifecycle-module, j2ee-application, ejb-module, web-module, connector-module, appclient-module, or extension-module element.

lifecycle-module

zero or more 

Specifies a deployed lifecycle module. 

j2ee-application

zero or more 

Specifies a deployed Java EE application. 

ejb-module

zero or more 

Specifies a deployed EJB module. 

web-module

zero or more 

Specifies a deployed web module. 

connector-module

zero or more 

Specifies a deployed connector module. 

appclient-module

zero or more 

Specifies a deployed application client container (ACC) module. 

mbean

zero or more 

Specifies an MBean. 

extension-module

zero or more 

Specifies an extension module. 

property

zero or more 

Specifies a property or a variable. 

name

default

Specifies the name of this audit module. 

classname

com.sun.enterprise.security.Audit

Specifies the Java class that implements this audit module. 

property

zero or more 

Specifies a property or a variable. 

name

none 

Specifies the name of this realm. 

classname

none 

Specifies the Java class that implements this realm. 

jaas-context

file, ldap, jdbc, solaris

Specifies the JAAS (Java Authentication and Authorization Service) context. 

file

file

Specifies the file that stores user names, passwords, and group names. The default is domain-dir/config/keyfile.

assign-groups

certificate, file, jdbc, ldap, solaris

(optional) If this property is set, its value is taken to be a comma-separated list of group names. All clients who present valid certificates are assigned membership to these groups for the purposes of authorization decisions in the web and EJB containers.

directory

ldap

Specifies the LDAP URL to your server. 

base-dn

ldap

Specifies the LDAP base DN for the location of user data. This base DN can be at any level above the user data, since a tree scope search is performed. The smaller the search tree, the better the performance. 

search-filter

ldap

(optional) Specifies the search filter to use to find the user. The default is uid=%s (%s expands to the subject name).

group-base-dn

ldap

(optional) Specifies the base DN for the location of groups data. By default, it is same as the base-dn, but it can be tuned, if necessary.

group-search-filter

ldap

(optional) Specifies the search filter to find group memberships for the user. The default is uniquemember=%d (%d expands to the user element DN).

group-target

ldap

(optional) Specifies the LDAP attribute name that contains group name entries. The default is CN.

search-bind-dn

ldap

(optional) Specifies an optional DN used to authenticate to the directory for performing the search-filter lookup. Only required for directories that do not allow anonymous search.

search-bind-password

ldap

(optional) Specifies the LDAP password for the DN given in search-bind-dn .

datasource-jndi

jdbc

Specifies the jndi-name of the jdbc-resource for the database.

user-table

jdbc

Specifies the name of the user table in the database. 

user-name-column

jdbc

Specifies the name of the user name column in the database's user table. 

password-column

jdbc

Specifies the name of the password column in the database's user table. 

group-table

jdbc

Specifies the name of the group table in the database. 

group-name-column

jdbc

Specifies the name of the group name column in the database's group table. 

db-user

jdbc

(optional) Allows you to specify the database user name in the realm instead of the jdbc-connection-pool. This prevents other applications from looking up the database, getting a connection, and browsing the user table. By default, the jdbc-connection-pool configuration is used.

db-password

jdbc

(optional) Allows you to specify the database password in the realm instead of the jdbc-connection-pool. This prevents other applications from looking up the database, getting a connection, and browsing the user table. By default, the jdbc-connection-pool configuration is used.

digest-algorithm

jdbc

(optional) Specifies the digest algorithm. The default is MD5. You can use any algorithm supported in the JDK, or none.

encoding

jdbc

(optional) Specifies the encoding. Allowed values are Hex and Base64. If digest-algorithm is specified, the default is Hex. If digest-algorithm is not specified, by default no encoding is specified.

charset

jdbc

(optional) Specifies the charset for the digest algorithm. 

web-container-availability

zero or one 

Enables availability in the web container. 

ejb-container-availability

zero or one 

Enables availability in the EJB container. 

sip-container-availability

zero or one 

Enables availability in the SIP container. 

converged-load-balancer

zero or one 

Defines and configures a converged load balancer. 

property

zero or more 

Specifies a property or a variable. 

availability-enabled

true

(optional) If set to true, high-availability features apply to all applications deployed to the server instance that do not have availability disabled. All instances in a cluster should have the same availability value to ensure consistent behavior.

replication_measurement_enabled

false

If true, logs measurements of replication times.

One of these messages appears in the sending instance's log: 

messageSendSucceeded: id = session-id fastAckTime = 8  
   to partner: instance-name
messageSendFailed: id = session-id fastAckTime = 8  
   to partner: instance-name

This message appears in the receiving instance's log: 

messageReceiptSucceeded: bulkId = 1 receiptTime =  12 
   from partner: instance-name

replication_measurement_interval

1

Specifies the frequency of measurement of replication. It must be a positive integer: 1 means every replication, 2 means once every 2 replications, 3 means once every 3 replications, and so on. Applicable only if replication_measurement_enabled is set to true.

rolling-upgrade-backup-directory

instance-dir/rollingupgrade

Specifies where the asadmin backup-session-store command backs up active and replica sessions.

user-name

none 

Specifies the user name required by the EIS. 

password

none 

(optional) Specifies the password required by the EIS, if any. 

server-ref

zero or more 

References a server instance that belongs to the cluster. 

resource-ref

zero or more 

References a resource deployed to the cluster. 

application-ref

zero or more 

References an application or module deployed to the cluster. 

system-property

zero or more 

Specifies a system property. 

property

zero or more 

Specifies a property or a variable. 

name

none 

Specifies the name of the cluster. 

config-ref

default config element’s name attribute value, server-config

References the configuration used by the cluster. 

heartbeat-port

none; value automatically generated 

Specifies the communication port the Group Management Service uses to listen for group events. Must be a valid port number. 

heartbeat-address

none; value automatically generated 

Specifies the address the Group Management Service uses to listen for group events. Must be a multicast address. 

heartbeat-enabled

false (developer profile)

true (cluster profile)

(optional) If true, the Group Management Service is started as a lifecycle module in each server instance in the cluster and in the Domain Administration Server. The Domain Administration Server participates in each cluster that has this attribute set to true.

gms-bind-interface-address

none 

Specifies which address the group management service uses on a multi-home machine. If a machine has only one network interface, there is no need to set this property. 

If this property is not set or is set to an invalid value on a multi-home machine, Communications Server uses all available addresses. The primary address is nondeterministic, because the ordering of addresses is specific to the operating system, not the Java network API used to access the network interfaces. 

You can create system-property elements to set this value differently for each server instance in the cluster. For example:

<domain>
    ...
    <clusters>
        <cluster name="cluster1" ... >
            ...
            <property name="gms-bind-interface-address"
                value="${GMS_CLUSTER1_BIND_IF_ADDR}"/>
        </cluster>
        ...
    </clusters>
    ...
    <servers>
        <server name="server1" ... >
            ...
            <system-property name="GMS_CLUSTER1_BIND_IF_ADDR"
                value="123.456.78.910"/>
        </server>
        ...
    </servers>
    ...
</domain>

health-checker

zero or one 

Defines a health checker for the referenced cluster. 

ref

none 

References the name attribute of a cluster element.

lb-policy

round-robin

(optional) Specifies the load balancing policy. Allowed values are: 

• round-robin — The load balancer cycles through the cluster's server instances in a specified order.

• weighted-round-robin — The load balancer cycles through the server instances in a specified order, but routes more requests to instances with greater processing capacity. Processing capacity is represented by values of the lb-weight attribute of each server element referenced by the cluster.

• user-defined — The load balancing policy is defined in a custom module.

lb-policy-module

none 

(optional) Specifies the absolute path to the shared library that implements the user-defined policy. The shared library must exist and be readable on the machine where the load balancer is running. 

Required only if lb-policy is set to user-defined.

cluster

zero or more 

Defines a cluster. 

sip-service

zero or one 

Configures the SIP service. 

http-service

only one 

Configures the HTTP service. 

overload-protection-service

only one 

Configures the overload protection service for HTTP and SIP requests. 

iiop-service

only one 

Configures the IIOP service. 

admin-service

only one 

Determines whether the server to which the configuration applies is an administration server. 

connector-service

zero or one 

Configures the connector service. 

web-container

only one 

Configures the web container. 

ejb-container

only one 

Configures the Enterprise JavaBeans^TM (EJB^TM) container.

mdb-container

only one 

Configures the message-driven bean (MDB) container. 

sip-container

zero or one 

Configures the SIP container. 

jms-service

zero or one 

Configures the Java Message Service (JMS) provider. 

log-service

only one 

Configures the system logging service. 

security-service

only one 

Configures the Java EE security service. 

transaction-service

only one 

Configures the transaction service. 

monitoring-service

only one 

Configures the monitoring service. 

diagnostic-service

zero or one 

Configures the diagnostic service. 

java-config

only one 

Configures the Java Virtual Machine (JVM^TM).

availability-service

zero or one 

Configures the availability service. 

thread-pools

only one 

Configures thread pools. 

alert-service

zero or one 

Configures the alert service. 

group-management-service

zero or one 

Configures the group management service. 

management-rules

zero or one 

Configures self-management rules. 

system-property

zero or more 

Specifies a system property. 

property

zero or more 

Specifies a property or a variable. 

name

server-config (for default instance)

Specifies the name of the configuration. 

dynamic-reconfiguration-enabled

true

(optional) If true, any changes to the system (for example, applications deployed, resources created) are automatically applied to the affected servers without a restart being required. If false, such changes are only picked up by the affected servers when each server restarts.

config

only one (developer profile) 

one or more (cluster profile) 

Defines a configuration. 

queue-size-in-bytes

-1

(optional) Specifies the maximum number of messages that can be queued until threads are available to process them for http-listener or sip-listener elements. A value of -1 specifies no limit.

max-pending-count

4096

(optional) Specifies the maximum number of pending connections on an http-listener or sip-listener. Not implemented if the parent element is sip-service.

receive-buffer-size-in-bytes

4096 (http-service)

socket channel receive buffer size (sip-service)

(optional) Specifies the size of the receive buffer for all http-listener or sip-listener elements. A value of -1 specifies no limit.

send-buffer-size-in-bytes

8192

(optional) Specifies the size of the send buffer for all http-listener or sip-listener elements.

description

zero or one 

Contains a text description of this element. 

security-map

zero or more 

Maps the principal received during servlet or EJB authentication to the credentials accepted by the EIS. 

property

zero or more 

Specifies a property or a variable. 

name

none 

Specifies the name of the connection pool. A connector-resource element’s pool-name attribute refers to this name.

resource-adapter-name

none 

Specifies the name attribute of the deployed connector-module. If no name is specified during deployment, the name of the .rar file is used. If the resource adapter is embedded in an application, then it is app_name#rar_name.

connection-definition-name

none 

Specifies a unique name, identifying a resource adapter’s connection-definition element in the ra.xml file. This is usually the connectionfactory-interface of the connection-definition element.

steady-pool-size

8

(optional) Specifies the initial and minimum number of connections maintained in the pool. 

max-pool-size

32

(optional) Specifies the maximum number of connections that can be created to satisfy client requests. 

max-wait-time-in-millis

60000

(optional) Specifies the amount of time, in milliseconds, that the caller is willing to wait for a connection. If 0, the caller is blocked indefinitely until a resource is available or an error occurs.

pool-resize-quantity

2

(optional) Specifies the number of idle connections to be destroyed if the existing number of connections is above the steady-pool-size (subject to the max-pool-size limit).

This is enforced periodically at the idle-timeout-in-seconds interval. An idle connection is one that has not been used for a period of idle-timeout-in-seconds. When the pool size reaches steady-pool-size, connection removal stops.

idle-timeout-in-seconds

300

(optional) Specifies the maximum time that a connection can remain idle in the pool. After this amount of time, the pool can close this connection. 

fail-all-connections

false

(optional) If true, closes all connections in the pool if a single validation check fails.

transaction-support

none 

(optional) Specifies the transaction support for this connection pool. Overrides the transaction support defined in the resource adapter in a downward compatible way: supports a transaction level lower than or equal to the resource adapter’s, but not higher. Allowed values in descending order are: 

• XATransaction - Supports distributed transactions.

• LocalTransaction - Supports local transactions only.

• NoTransaction - No transaction support.

is-connection-validation-required

false

(optional) Specifies whether connections have to be validated before being given to the application. If a resource’s validation fails, it is destroyed, and a new resource is created and returned. 

connection-leak-timeout-in-seconds

0

Detects potential connection leaks by the application. A connection that is not returned back to the pool by the application within the specified period is assumed to be potentially leaking, and a stack trace of the caller is logged. A zero value disables leak detection. A nonzero value enables leak tracing. 

connection-leak-reclaim

false

If true, the pool will reclaim a connection after connection-leak-timeout-in-seconds occurs.

connection-creation-retry-attempts

0

Specifies the number of attempts to create a new connection. 

connection-creation-retry-interval-in-seconds

10

Specifies the time interval between attempts to create a connection when connection-creation-retry-attempts is greater than 0.

validate-atmost-once-period-in-seconds

60

Specifies the time interval within which a connection is validated at most once. Minimizes the number of validation calls. 

lazy-connection-enlistment

false

If true, a connection is not enlisted in a transaction until it is used. If false, any connection object available to a transaction is enlisted in the transaction.

lazy-connection-association

false

If true, a physical connection is not associated with a logical connection until it is used. If false, a physical connection is associated with a logical connection even before it is used.

associate-with-thread

false

If true, allows a connection to be saved as a ThreadLocal in the calling thread. This connection gets reclaimed only when the calling thread dies or when the calling thread is not in use and the pool has run out of connections.

match-connections

true

If true, enables connection matching. You can set to false if connections are homogeneous.

max-connection-usage-count

0

Specifies the number of times a connections is reused by the pool, after which it is closed. A zero value disables this feature. 

AddressList

none 

Specifies a list of host/port combinations of the Message Queue software. For JMS resources of the Type javax.jms.TopicConnectionFactory or javax.jms.QueueConnectionFactory.

ClientId

none 

Specifies the JMS Client Identifier to be associated with a Connection created using the createTopicConnection method of the TopicConnectionFactory class. For JMS resources of the Type javax.jms.TopicConnectionFactory .

Durable subscription names are unique and only valid within the scope of a client identifier. To create or reactivate a durable subscriber, the connection must have a valid client identifier. The JMS specification ensures that client identifiers are unique and that a given client identifier is allowed to be used by only one active connection at a time. 

UserName

guest

Specifies the user name for connecting to the Message Queue software. For JMS resources of the Type javax.jms.TopicConnectionFactory or javax.jms.QueueConnectionFactory.

Password

guest

Specifies the password for connecting to the Message Queue software. For JMS resources of the Type javax.jms.TopicConnectionFactory or javax.jms.QueueConnectionFactory.

ReconnectAttempts

6

Specifies the number of attempts to connect (or reconnect) for each address in the imqAddressList before the client runtime moves on to try the next address in the list. A value of -1 indicates that the number of reconnect attempts is unlimited (the client runtime attempts to connect to the first address until it succeeds).

ReconnectInterval

30000

Specifies the interval between reconnect attempts in milliseconds. This applies to attempts on each address in the imqAddressList and on successive addresses in the list. If too short, this time interval does not give a broker time to recover. If too long, the reconnect might represent an unacceptable delay.

ReconnectEnabled

false

If true, specifies that the client runtime attempts to reconnect to a message server (or the list of addresses in imqAddressList) when a connection is lost.

AddressListBehavior

priority

Specifies whether connection attempts are in the order of addresses in the imqAddressList attribute (priority) or in a random order (random). If many clients are attempting a connection using the same connection factory, use a random order to prevent them from all being connected to the same address.

AddressListIterations

-1

Specifies the number of times the client runtime iterates through the imqAddressList in an effort to establish (or reestablish) a connection. A value of -1 indicates that the number of attempts is unlimited.

LazyConnectionEnlistment

false

Deprecated. Use the equivalent attribute. 

LazyConnectionAssociation

false

Deprecated. Use the equivalent attribute. 

AssociateWithThread

false

Deprecated. Use the equivalent attribute. 

MatchConnections

true

Deprecated. Use the equivalent attribute. 

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

name

none 

The name of the connector module. 

location

none 

The location of the connector module in the Communications Server file system. 

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether the connector module is enabled. 

directory-deployed

false

(optional) Specifies whether the application has been deployed as a directory. 

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

jndi-name

none 

Specifies the JNDI name for the resource. 

pool-name

none 

Specifies the name of the associated connector connection pool, defined in a connector-connection-pool element.

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether this resource is enabled at runtime. 

shutdown-timeout-in-seconds

30 

(optional) Specifies the maximum time allowed during application server shutdown for the ResourceAdapter.stop() method of a connector module’s instance to complete. Resource adapters that take longer to shut down are ignored, and Communications Server shutdown continues.

ref

none 

References the name attribute of a cluster element.

self-loadbalance

true

(optional) If true, specifies that a configured cluster load balances incoming requests to itself. If true, the parent converged-lb-config element must have exactly one converged-lb-cluster-ref subelement. In this case, the load balancer is an intrinsic component of the participating server instances in the cluster.

For production environments, only the true setting is supported.

converged-lb-policy

only one 

Specifies the load balancing policy used by the converged load balancer. 

converged-lb-cluster-ref

one or more; only one if this subelement's selfloadbalance attribute is true; zero if a server-ref is defined

References a cluster. This element contains some attributes related to load balancing. 

server-ref

one or more; zero if a converged-lb-cluster-ref is defined

References a stand-alone server instance, which does not belong to a cluster. The referenced server element contains some attributes related to load balancing.

property

zero or more 

Specifies a property or a variable. 

name

none 

Specifies the name of the converged load balancer configuration. 

load-increase-factor

1

Specifies the factor by which a single recovered server instance is incrementally included in load distribution. Allowed values are decimal numbers between 0 and 1. 

The load factor starts at zero and increases by load-increase-factor every load-factor-increase-period-in-seconds until it reaches 1. For example, if load-increase-factor is set to 0.1 and load-factor-increase-period-in-seconds is set to 60, it takes ten minutes for a recovered instance to be fully included in load distribution.

The load-increase-factor and load-factor-increase-period-in-seconds properties are applicable to all SIP requests and to HTTP requests for converged applications only if data-centric rules are specified.

The load-increase-factor and load-factor-increase-period-in-seconds properties have no effect on the round-robin algorithm, which is applicable to HTTP requests for pure web applications.

load-factor-increase-period-in-seconds

0

Specifies the number of seconds between load factor increases for a recovered server instance. 

If load-factor-increase-period-in-seconds is set to zero, load-increase-factor has no effect. The load factor for the recovered instance becomes 1 immediately.

If load-factor-increase-period-in-seconds is set and load-increase-factor is not set, the recovered instance gets no load for load-factor-increase-period-in-seconds. After load-factor-increase-period-in-seconds lapses, the load factor for the recovered instance becomes 1.

sendUDPResponseFromBackend

false

If true, specifies that UDP responses are sent to the client from the back end instead of the front end, saving an extra network hop.

converged-lb-config

zero or more 

Defines a converged load balancer configuration. 

property

zero or more 

Specifies a property or a variable. 

http

round-robin

(optional) Specifies the load balancing policy for pure HTTP requests. This attribute applies to the HTTP part of converged HTTP/SIP requests if dcr-file is not specified. The only allowed value is round-robin, which means that the load balancer cycles through the cluster's server instances in a specified order.

sip

from-tag,call-id

(optional) Specifies the load balancing policy for SIP requests if dcr-file is not specified. Specifies the parameters on which a consistent hashing policy is applied to obtain the hash key. The default is the only allowed value.

dcr-file

none 

(optional) Specifies the data-centric-rules.xml file path name, which provides the rules for applying consistent hashing on SIP and converged HTTP/SIP requests. By default this file is not specified. If specified, this file takes precedence over the http and sip attributes. This can be an absolute or relative path. A relative path is relative to domain-dir/cluster/config.

If a request doesn't match any DCR file rules, a hash key is generated using from-tag,call-id. For an HTTP request, this is the remote host port and address.

proxy

only one 

Specifies the proxy configuration for the converged load balancer. 

name

none 

Specifies a unique name for the load balancer. 

config-file

domain-dir/cluster/config/converged-loadbalancer.xml

Specifies the load balancer's configuration file, converged-loadbalancer.xml. This can be an absolute or relative path. A relative path is relative to domain-dir/cluster/config.

auto-commit

false

(optional) If true, configuration file changes are propagated to load balancer instances immediately.

converged-lb-config-name

none 

Specifies the name of the converged-lb-config used by the load balancer.

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

jndi-name

none 

Specifies the JNDI name for the resource. 

res-type

none 

Specifies the fully qualified type of the resource. 

factory-class

none 

Specifies the fully qualified name of the user-written factory class, which implements javax.naming.spi.ObjectFactory.

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether this resource is enabled at runtime. 

property

zero or more 

Specifies a property or a variable. 

dynamic-reload-enabled

false

(optional) If true, checks the timestamp on a .reload file at every module and application directory level, to trigger dynamic reloading.

dynamic-reload-poll-interval-in-seconds

2

(optional) Controls the polling frequency of dynamic reloading. 

autodeploy-enabled

false

(optional) If true, enables autodeployment, which lets you quickly deploy applications and modules to a running Communications Server without performing an explicit server instance restart or a separate deployment operation.

autodeploy-polling-interval-in-seconds

2

(optional) Controls the polling frequency of autodeployment. 

autodeploy-dir

autodeploy

(optional) Specifies the source directory (absolute or relative to domain-dir) in which autodeployment looks for deployable components.

autodeploy-verifier-enabled

false

(optional) If true, the verifier is run before autodeployment. If verification fails, deployment is not performed.

autodeploy-jsp-precompilation-enabled

false

(optional) If true, JSP pages are precompiled during autodeployment.

deploy-xml-validation

full

(optional) Specifies the type of XML validation performed on standard and Communications Server deployment descriptors: 

• full - If XML validation fails, deployment fails.

• parsing - XML validation errors are reported but deployment occurs.

• none - No XML validation is performed.

admin-session-timeout-in-minutes

sun-web.xml timeoutSeconds property value or web.xml session-timeout attribute value

(optional) Specifies the Administration Console timeout. 

property

zero or more 

Specifies a property or a variable. 

compute-checksum

true

(optional) If true, computes a checksum of binaries.

verify-config

true

(optional) If true, captures the output of the asadmin verify-domain-xml command.

capture-install-log

true

(optional) If true, captures the log generated during Communications Server installation.

capture-system-info

true

(optional) If true, collects operating system level information.

capture-app-dd

true

(optional) If true, captures application deployment descriptors in plain text. If any deployment descriptors contain confidential information, you should set it to false.

min-log-level

INFO

(optional) Specifies the log level for the diagnostic report. See module-log-levels for a description of log levels. If set to OFF, log contents are not captured.

max-log-entries

500

(optional) Specifies the maximum number of log entries captured. 

applications

zero or one 

Contains deployed Java EE applications, Java EE modules, and lifecycle modules. 

resources

zero or one 

Contains configured resources. 

configs

only one 

Contains configurations. 

servers

only one 

Contains server instances. 

clusters

zero or one 

Contains clusters. 

node-agents

zero or one 

Contains node agents. 

lb-configs

zero or one 

Contains load balancing configurations. 

converged-lb-configs

zero or one 

Contains converged load balancing configurations. 

load-balancers

zero or one 

Contains load balancers. 

system-property

zero or more 

Specifies a system property. 

property

zero or more 

Specifies a property or a variable. 

application-root

domain-dir/applications

(optional) Specifies the absolute path where deployed applications reside for this domain.

log-root

domain-dir/logs

(optional) Specifies where the domain’s log files are kept. The directory in which the log is kept must be writable by whatever user account the server runs as. See the log-service description for details about logs.

locale

operating system default 

(optional) Specifies the domain’s language. 

ejb-timer-service

zero or one 

Configures the EJB timer service. 

property

zero or more 

Specifies a property or a variable. 

steady-pool-size

32

(optional) Specifies the initial and minimum number of beans maintained in the pool. Must be 0 or greater and less than max-pool-size .

Bean instances are removed from the pool and returned after use. The pool is replenished or cleaned up periodically to maintain this size. 

Applies to stateless session beans and entity beans. 

pool-resize-quantity

16

(optional) Specifies the number of beans to be removed when the pool-idle-timeout-in-seconds timer expires. A cleaner thread removes any unused instances.

Must be 0 or greater and less than max-pool-size . The pool is not resized below the steady-pool-size.

Applies to stateless session beans and entity beans. 

max-pool-size

64

(optional) Specifies the maximum number of beans that can be created to satisfy client requests. A value of 0 indicates an unbounded pool.

Applies to stateless session beans and entity beans. 

cache-resize-quantity

32

(optional) Specifies the number of beans to be: 

• created if a request arrives when the pool has no available beans (subject to the max-cache-size limit)

• passivated when the cache-idle-timeout-in-seconds timer expires and a cleaner thread removes any unused instances, or when the cache size exceeds max-cache-size.

  Must be greater than 1 and less than max-cache-size.

  Applies to stateful session beans and entity beans.

max-cache-size

512

(optional) Specifies the maximum number of beans in the cache. A value of 0 indicates an unbounded cache.

Applies to stateful session beans and entity beans. 

pool-idle-timeout-in-seconds

600

(optional) Specifies the maximum time that a bean can remain idle in the pool. After this amount of time, the pool can remove this bean. A value of 0 specifies that idle beans can remain in the pool indefinitely.

Applies to stateless session beans and entity beans. 

cache-idle-timeout-in-seconds

600

(optional) Specifies the maximum time that a bean can remain idle in the cache. After this amount of time, the container can passivate this bean. A value of 0 specifies that beans never become candidates for passivation.

Applies to stateful session beans and entity beans. 

removal-timeout-in-seconds

5400

(optional) Specifies the amount of time that a bean can remain passivated before it is removed from the session store. A value of 0 specifies that the container does not remove inactive beans automatically.

If removal-timeout-in-seconds is less than or equal to cache-idle-timeout-in-seconds, beans are removed immediately without being passivated.

The session-store attribute of the server element determines the location of the session store.

Applies to stateful session beans. 

victim-selection-policy

nru

(optional) Specifies how stateful session beans are selected for passivation. Allowed values are fifo, lru, and nru :

• fifo - Selects the oldest instance.

• lru - Selects the least recently accessed instance.

• nru - Selects a not recently used instance.

commit-option

B

(optional) Determines which commit option is used for entity beans. Legal values are B or C.

session-store

domain-dir/session-store

(optional) Specifies the directory where passivated stateful session beans and persisted HTTP sessions are stored in the file system. 

property

zero or more 

Specifies a property or a variable. 

availability-enabled

true

(optional) If set to true, and if availability is enabled for the server instance (see availability-service), high-availability features apply to all SFSBs deployed to the server instance that do not have availability disabled. All instances in a cluster should have the same availability value to ensure consistent behavior.

sfsb-ha-persistence-type

ha

(optional) Specifies the session persistence and passivation mechanism for SFSBs that have availability enabled. Allowed values are file (the file system) and replicated (other servers).

If set to file, the ejb-container element’s session-store attribute specifies the file system location where the passivated session bean state is stored. Checkpointing to the file system is useful for internal testing but is not supported for production environments.

sfsb-persistence-type

file

(optional) Specifies the passivation mechanism for SFSBs that do not have availability enabled. Allowed values are file and replicated.

description

zero or one 

Contains a text description of this element. 

web-service-endpoint

zero or more 

Configures a web service endpoint. 

property

zero or more 

Specifies a property or a variable. 

name

none 

The name of the EJB module. 

location

none 

The location of the EJB module in the Communications Server file system. 

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether the EJB module is enabled. 

libraries

none 

(optional) Specifies an absolute or relative path to libraries specific to this module or application. A relative path is relative to domain-dir/lib/applibs. If the path is absolute, the path must be accessible to the domain administration server (DAS), which means it must be under domain-dir. To include more than one path, use a system-specific separator, such as a colon for Solaris or a semicolon for Windows. The libraries are made available to the application in the order in which they are specified.

availability-enabled

false

(optional) Specifies whether availability is enabled in this EJB module for SFSB checkpointing (and potentially passivation). Availability must also be enabled for the application or stand-alone EJB module during deployment. For more information about availability, see availability-service.

directory-deployed

false

(optional) Specifies whether the application has been deployed as a directory. 

property

zero or more 

Specifies a property or a variable. 

minimum-delivery-interval-in-millis

7000

(optional) Specifies the minimum time before an expiration for a particular timer can occur. This guards against extremely small timer increments that can overload the server. 

max-redeliveries

1

(optional) Specifies the maximum number of times the EJB timer service attempts to redeliver a timer expiration due for exception or rollback. 

timer-datasource

jdbc/__TimerPool

(optional) Overrides, for the cluster or server instance, the cmp-resource value specified in sun-ejb-jar.xml for the timer service system application (__ejb_container_timer_app ).

redelivery-interval-internal-in-millis

5000

(optional) Specifies how long the EJB timer service waits after a failed ejbTimeout delivery before attempting a redelivery.

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

type

none 

Specifies the type of event that triggers the management rule's action. Allowed values are as follows. The cluster, lifecycle, log, monitor, timer, and trace types are predefined events provided by the Communications Server.

Some topics in the documentation pertain to features that are available only in domains that are configured to support clusters. Examples of domains that support clusters are domains that are created with the cluster profile. For information about profiles, see Usage Profiles in Sun GlassFish Communications Server 2.0 Administration Guide.

• cluster — A Group Management Service (GMS) event. For more information, see group-management-service.

• lifecycle — A lifecycle event. For more information about the server life cycle, see the Sun GlassFish Communications Server 2.0 Developer’s Guide.

• log — An event in the server log. For more information about the server log, see log-service.

• monitor — A monitoring event, which is a change in the attribute of a monitored mbean.

• notification — A JMX notification event. Any custom mbean that implements the JMX NotificationEmitter interface can be a notification event.

• timer — An event that occurs at a specified time.

• trace — A trace event.

For descriptions of required and optional properties corresponding to each of these types, see the following table. 

level

INFO

(optional) Specifies the level at which to log the event occurrence. For information about log levels, see module-log-levels. Applicable only if record-event is set to true.

record-event

true

(optional) Specifies whether the occurrence of the event is logged. If no action is specified for the parent management-rule, the event is logged regardless of this setting.

Setting the type to log is different from setting record-event to true. The former specifies what the event is. The latter specifies what happens after the event occurs.

cluster

name

start, stop, fail

Notifies when the GMS starts, stops, or reports failure of a server instance. 

cluster

serverName

A comma-separated list of server instance names, or * for all server instances

Specifies the server instances about which GMS notifications are given. 

lifecycle

name

ready, shutdown, termination

Specifies a server life cycle event. Values correspond to events defined in the com.sun.appserv.server.LifecycleEvent interface.

log

loggerNames

A comma-separated list of logger names, or * for all loggers, which is the default

(optional) Notifies when the specified loggers write messages to the server log. For a list of logger names, see module-log-levels.

log

level

A comma-separated list of log levels 

(optional) Notifies when messages of the specified level are written to the server log. For information about log levels, see module-log-levels.

monitor

observedMbean

A name attribute of a user-defined mbean, or a JMX ObjectName for a system mbean

Specifies the name of the monitored MBean. Either this property or observedObject must be specified.

monitor

observedObject

An object-name attribute of a user-defined mbean, or a JMX ObjectName for a system mbean

Specifies the name of the monitored MBean. Either this property or observedMbean must be specified.

monitor

observedAttribute

An mbean Attribute name

Specifies the monitored attribute of the monitored MBean. 

monitor

monitorType

CounterMonitor, GaugeMonitor, StringMonitor

The type of monitoring of the attribute. 

monitor

granularityPeriod

Time interval in seconds (long int)

(optional) Specifies the granularity at which the monitoring data should be collected. 

monitor

notifyMatch

true or false

Specifies that the attribute value must match the stringToCompare value. Either this property or notifyDiffer is required if the monitor type is StringMonitor.

monitor

notifyDiffer

true or false

Specifies that the attribute value must not match the stringToCompare value. Either this property or notifyMatch is required if the monitor type is StringMonitor.

monitor

stringToCompare

A String

Specifies the value to which the attribute value is compared. Required if the monitor type is StringMonitor.

monitor

numberType

byte, double, float, int, long, short

Specifies the type of the numeric value being monitored. Required if the monitor is of type CounterMonitor or GaugeMonitor.

monitor

differenceMode

true or false

Specifies the difference mode flag value common to all observed MBeans. Required if the monitor is of type CounterMonitor or GaugeMonitor.

monitor

initThreshold

A positive number of the type specified by numberType

Specifies a value above which notification occurs. Required if the monitor is of type CounterMonitor.

monitor

offset

A positive number of the type specified by numberType

(optional) Specifies that the event should be re-triggered when the initThreshold value plus this offset value is reached. Applicable if the monitor is of type CounterMonitor.

monitor

modulus

A positive number of the type specified by numberType

(optional) Specifies the modulus value common to all observed MBeans. Applicable if the monitor is of type CounterMonitor.

monitor

highThreshold

A positive number of the type specified by numberType

Specifies the upper limit of the range within which notification occurs. Required if the monitor is of type GaugeMonitor.

monitor

lowThreshold

A positive number of the type specified by numberType

Specifies the lower limit of the range within which notification occurs. Required if the monitor is of type GaugeMonitor.

notification

sourceMBean

name of mbean

Specifies a custom MBean that implements the JMX NotificationEmitter interface. Either this property or sourceObjectName must be specified.

notification

sourceObjectName

object-name of mbean

Specifies a custom MBean that implements the JMX NotificationEmitter interface. Either this property or sourceMBean must be specified.

notification

type

The notification type 

(optional) Specifies the notification type. If this property is specified, the action of the parent management-rule is performed only if the notification type emitted is same as this property's value.

timer

dateString

Input format determined by pattern property

Begins notification at the specified date and time. 

timer

pattern

SimpleDateFormat pattern

(optional) Specifies the date and time input format. The default is mm/dd/yyyy hh:mm:ss.

timer

period

Time interval in milliseconds (long int)

(optional) Notification repeats at the specified time interval. 

timer

numberOfOccurrences

A positive number (long int)

(optional) Specifies the number of times notification occurs. 

timer

message

A String

(optional) Specifies a message that is delivered as part of timer notification. 

trace

name

web_component_method_entry, web_component_method_exit, ejb_component_method_entry, ejb_component_method_exit, request_start, request_end

Notifies at the specified trace point. 

trace

ipAddress

An IP address 

Specifies the IP address for which trace notifications are sent. 

trace

callerPrincipal

A String

Specifies the caller principal for which trace notifications are sent. 

trace

componentName

A String

Specifies the component name for which trace notifications are sent. 

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

name

none 

The name of the extension module. 

location

none 

The location of the extension module in the Communications Server file system. 

module-type

none 

Specifies a String that identifies the extension module type, which the runtime uses to find the appropriate add-on container. When an extension module is registered with the Communications Server, the Communications Server specifies the module type automatically. For example, the module type for a Session Initiation Protocol (SIP) servlet is com.sun.enterprise.deployment.backend.extensions.sip.SipArchiveDeployer.

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether the extension module is enabled. 

libraries

none 

(optional) Specifies an absolute or relative path to libraries specific to this module or application. A relative path is relative to domain-dir/lib/applibs. If the path is absolute, the path must be accessible to the domain administration server (DAS), which means it must be under domain-dir. To include more than one path, use a system-specific separator, such as a colon for Solaris or a semicolon for Windows. The libraries are made available to the application in the order in which they are specified.

availability-enabled

false

(optional) Specifies whether availability is enabled in this extension module. Availability must also be enabled for the application or stand-alone extension module during deployment. For more information about availability, see availability-service.

directory-deployed

false

(optional) Specifies whether the application has been deployed as a directory. 

context-root

none 

The context root at which the SIP or converged web/SIP extension module is deployed. The context root can be the empty string or just /. The context root can start with the / character, but doesn’t have to.

For load balancing to work, SIP or converged web/SIP extension module context roots must be unique within a cluster. See the Sun GlassFish Communications Server 2.0 High Availability Administration Guide for more information about load balancing.

Some topics in the documentation pertain to features that are available only in domains that are configured to support clusters. Examples of domains that support clusters are domains that are created with the cluster profile. For information about profiles, see Usage Profiles in Sun GlassFish Communications Server 2.0 Administration Guide.

isConverged

false

If true, specifies that the SIP extension module contains both SIP and HTTP servlets and is converged. If false, specifies that the SIP extension module contains only SIP servlets.

description

zero or one 

Contains a text description of this element. 

property

zero or more 

Specifies a property or a variable. 

jndi-name

none 

Specifies the JNDI name for the resource. 

jndi-lookup-name

none 

Specifies the JNDI lookup name for the resource. 

res-type

none 

Specifies the fully qualified type of the resource. 

factory-class

none 

Specifies the fully qualified name of the factory class, which implements javax.naming.spi.InitialContextFactory.

For more information about JNDI, see the Sun GlassFish Communications Server 2.0 Developer’s Guide.

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether this resource is enabled at runtime. 

property

zero or more 

Specifies a property or a variable. 

filter-class-name

none 

Specifies the class name of the filter. 

property

zero or more 

Specifies a property or a variable. 

failure-detection-max-tries

3

(optional) Specifies the maximum number of monitoring attempts before the GMS confirms that a failure is suspected in the group. 

failure-detection-timeout-in-millis

2000

(optional) Specifies the time between monitoring attempts. 

discovery-timeout-in-millis

2000

(optional) Specifies the time that the GMS waits for discovery of other members in the group. 

verify-failure-timeout-in-millis

1500

(optional) Specifies the timeout after which a suspected failure is marked as verified. 

url

/

Specifies the URL to ping to determine the health state of a listener. This must be a relative URL. 

interval-in-seconds

30

Specifies the interval between health checks. A value of zero means that health checking is disabled. 

timeout-in-seconds

10

Specifies the maximum time in which a server must respond to a health check request to be considered healthy. If interval-in-seconds is greater than zero, timeout-in-seconds must be less than or equal to interval-in-seconds.

log-directory

${com.sun.aas.instanceRoot}/logs/access

(optional) Specifies the location of the access log file. 

iponly

true

(optional) If true, specifies that only the IP address of the user agent is listed. If false, performs a DNS lookup.

globally-enabled

false (developer profile)

true (cluster profile)

(optional) If true, enables the file cache.

file-caching-enabled

false (developer profile)

true (cluster profile)

(optional) If true, enables caching of the file content if the file size exceeds the small-file-size-limit-in-bytes.

max-age-in-seconds

30

(optional) Specifies the maximum age of a file cache entry. 

medium-file-size-limit-in-bytes

537600

(optional) Specifies the maximum size of a file that can be cached as a memory mapped file. 

medium-file-space-in-bytes

10485760

(optional) Specifies the total size of all files that are cached as memory mapped files. 

small-file-size-limit-in-bytes

2048

(optional) Specifies the maximum size of a file that can be read into memory. 

small-file-space-in-bytes

1048576

(optional) Specifies the total size of all files that are read into memory. 

file-transmission-enabled

false

(optional) If true, enables the use of TransmitFileSystem calls. Meaningful only for Windows.

max-files-count

1024

(optional) Specifies the maximum number of files in the file cache. 

hash-init-size

0

(optional) Specifies the initial number of hash buckets. 

ssl

zero or one 

Defines Secure Socket Layer (SSL) parameters. 

property

zero or more 

Specifies a property or a variable. 

id

none 

The unique listener name. An http-listener name cannot begin with a number.

address

none 

IP address of the listener. Can be in dotted-pair or IPv6 notation. Can be any (for INADDR_ANY) to listen on all IP addresses. Can be a hostname.

port

none 

Port number on which the listener listens. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listener to listen on port 443 is standard.

external-port

none 

(optional) Specifies the external port on which the connection is made. 

family

(optional) Deprecated. Do not use. 

blocking-enabled

false

(optional) If true, uses a blocking socket for servicing a request.

acceptor-threads

1

(optional) Specifies the number of processors in the machine.  

To set the number of request processing threads, use the thread-count attribute of the request-processing element.

security-enabled

false

(optional) Determines whether the listener runs SSL. To turn SSL2 or SSL3 on or off and set ciphers, use an ssl subelement.

default-virtual-server

none 

References the id attribute of the default virtual-server for this particular listener.

server-name

none 

Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn’t affect the URLs for directories and files stored in the server. If your server uses an alias, the server-name should be the alias name.

If a colon and port number are appended, that port is used in URLs the server sends to the client. 

If load balancing is enabled, use the server name of the load balancer. 

redirect-port

none 

(optional) If the listener is supporting non-SSL requests and a request is received for which a matching <security-constraint> requires SSL transport, the request is automatically redirected to the port number specified here.

If load balancing is enabled, use the redirect port of the load balancer. 

xpowered-by

true

(optional) If true, X-Powered-By headers are used according to the Servlet 2.4 and JSP 2.0 specifications.

enabled

true

(optional) Determines whether the listener is active. If set to false, any attempts to connect to the listener result in a socket exception (java.net.ConnectException).

In Communications Server versions prior to 9.1, a listener whose enabled attribute was set to false returned a 404 response code for any requests sent to it. To achieve this behavior in the current Communications Server version, set the listener's enabled attribute to true, and set every associated virtual server's state to off. A virtual-server lists its associated listeners in its http-listeners attribute.

type

default

Specifies the listener type for machines with multiple IP addresses that have separate internal and external communication. Allowed values are as follows: 

• internal — Used strictly for proxying by the load balancer.

• external — Used only by user agents and not by the load balancer.

• default — Can be used by user agents or the load balancer.

recycle-objects

true

If true, recycles internal objects instead of using the VM garbage collector.

reader-threads

0

Specifies the number of reader threads, which read bytes from the non-blocking socket. 

acceptor-queue-length

4096

Specifies the length of the acceptor thread queue. Once full, connections are rejected. 

reader-queue-length

4096

Specifies the length of the reader thread queue. Once full, connections are rejected. 

use-nio-direct-bytebuffer

true

If true, specifies that the NIO direct ByteBuffer is used. In a limited resource environment, it might be faster to use non-direct Java's ByteBuffer by setting a value of false.

authPassthroughEnabled

false

If true, indicates that this http-listener element receives traffic from an SSL-terminating proxy server. Overrides the authPassthroughEnabled property of the parent http-service element.

proxyHandler

com.sun.enterprise.web.ProxyHandlerImpl

Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class that this http-listener uses.

Only used if the authPassthroughEnabled property of this http-listener and the parent http-service element are both set to true. Overrides the proxyHandler property of the parent http-service element.

proxiedProtocol

none 

Specifies a comma-separated list of protocols that can use the same port. Allowed values are ws/tcp (SOAP over TCP), http, https and tls.

For example, if you set this property to http,https and set the port to 4567, you can access the port with either http://host:4567/ or https://host:4567/.

Specifying this property at the http-service level overrides settings at the http-listener level. If this property is not set at either level, this feature is disabled.

bufferSize

4096

Specifies the size, in bytes, of the buffer to be provided for input streams created by HTTP listeners. 

connectionTimeout

30

Specifies the number of seconds HTTP listeners wait, after accepting a connection, for the request URI line to be presented. 

maxKeepAliveRequests

250

Specifies the maximum number of HTTP requests that can be pipelined until the connection is closed by the server. Set this property to 1 to disable HTTP/1.0 keep-alive, as well as HTTP/1.1 keep-alive and pipelining.

traceEnabled

true

If true, enables the TRACE operation. Set this property to false to make the Communications Server less susceptible to cross-site scripting attacks.

cometSupport

false

If true, enables Comet support for this listener.

If your servlet or JSP page uses Comet technology, make sure it is initialized when the Communications Server starts up by adding the load-on-startup element to your web.xml file. For example:

<servlet>
   <servlet-name>CheckIn</servlet-name>
   <servlet-class>CheckInServlet</servlet-class>
   <load-on-startup>0</load-on-startup>
</servlet>

compression

off

Specifies use of HTTP/1.1 GZIP compression to save server bandwidth. Allowed values are: 

• off – Disables compression.

• on – Compresses data.

• force – Forces data compression in all cases.

• positive integer – Specifies the minimum amount of data required before the output is compressed.

If the content-length is not known, the output is compressed only if compression is set to on or force.

compressableMimeType

text/html,text/xml,text/plain

Specifies a comma-separated list of MIME types for which HTTP compression is used. 

noCompressionUserAgents

empty String (regexp matching disabled)

Specifies a comma-separated list of regular expressions matching user-agents of HTTP clients for which compression should not be used. 

minCompressionSize

none 

Specifies the minimum size of a file when compression is applied. 

crlFile

none 

Specifies the location of the Certificate Revocation List (CRL) file to consult during SSL client authentication. This can be an absolute or relative file path. If relative, it is resolved against domain-dir. If unspecified, CRL checking is disabled.

trustAlgorithm

none  

Specifies the name of the trust management algorithm (for example, PKIX) to use for certification path validation.

trustMaxCertLength

5

Specifies the maximum number of non-self-issued intermediate certificates that can exist in a certification path. This property is considered only if trustAlgorithm is set to PKIX. A value of zero implies that the path can only contain a single certificate. A value of -1 implies that the path length is unconstrained (there is no maximum). Setting a value less than -1 causes an exception to be thrown.

disableUploadTimeout

true

if false, the connection for a servlet that reads bytes slowly is closed after the connectionUploadTimeout is reached.

connectionUploadTimeout

5

Specifies the timeout for uploads. Applicable only if disableUploadTimeout is set to false.

uriEncoding

UTF-8

Specifies the character set used to decode the request URIs received on this HTTP listener. Must be a valid IANA character set name. Overrides the uriEncoding property of the parent http-service element.

version

HTTP/1.1

(optional) Specifies the version of the HTTP protocol used. 

dns-lookup-enabled

true

(optional) If true, looks up the DNS entry for the client.

forced-type

ISO-8859-1;en;ISO-8859-1

(optional) Specifies the request type used if no MIME mapping is available that matches the file extension. The format is a semicolon-delimited string consisting of the content-type, encoding, language, and charset. 

default-type

text/html;ISO-8859-1;en;ISO-8859-1

(optional) Specifies the default response type. The format is a semicolon-delimited string consisting of the content-type, encoding, language, and charset. 

forced-response-type

AttributeDeprecated

(optional) Deprecated. Do not use. 

default-response-type

AttributeDeprecated

(optional) Deprecated. Do not use. 

ssl-enabled

true

(optional) Not implemented. Use ssl subelements of http-listener elements.

access-log

zero or one 

Defines access log settings for each http-access-log subelement of each virtual-server.

http-listener

one or more 

Defines an HTTP listen socket. 

virtual-server

one or more 

Defines a virtual server. 

request-processing

zero or one 

Configures request processing threads. 

keep-alive

zero or one 

Configures keep-alive threads. 

connection-pool

zero or one 

Defines a pool of client HTTP connections. 

http-protocol

zero or one 

Configures HTTP protocol settings. 

property

zero or more 

Specifies a property or a variable. 

monitoring-cache-enabled

true

If true, enables the monitoring cache.

monitoring-cache-refresh-in-millis

5000

Specifies the interval between refreshes of the monitoring cache. 

ssl-cache-entries

10000

Specifies the number of SSL sessions to be cached. 

ssl3-session-timeout

86400

Specifies the interval at which SSL3 sessions are cached. 

ssl-session-timeout

100

Specifies the interval at which SSL2 sessions are cached. 

recycle-objects

true

If true, recycles internal objects instead of using the VM garbage collector.

reader-threads

0

Specifies the number of reader threads, which read bytes from the non-blocking socket. 

acceptor-queue-length

4096

Specifies the length of the acceptor thread queue. Once full, connections are rejected. 

reader-queue-length

4096

Specifies the length of the reader thread queue. Once full, connections are rejected. 

use-nio-direct-bytebuffer

true

If true, specifies that the NIO direct ByteBuffer is used. In a limited resource environment, it might be faster to use non-direct Java's ByteBuffer by setting a value of false.

authPassthroughEnabled

false

If true, indicates that the http-listener subelements receive traffic from an SSL-terminating proxy server, which is responsible for forwarding any information about the original client request (such as client IP address, SSL keysize, and authenticated client certificate chain) to the HTTP listeners using custom request headers.

Each http-listener subelement can override this setting for itself.

proxyHandler

com.sun.enterprise.web.ProxyHandlerImpl

Specifies the fully qualified class name of a custom implementation of the com.sun.appserv.ProxyHandler abstract class, which allows a back-end application server instance to retrieve information about the original client request that was intercepted by an SSL-terminating proxy server (for example, a load balancer). An implementation of this abstract class inspects a given request for the custom request headers through which the proxy server communicates the information about the original client request to the Communications Server instance, and returns that information to its caller.

The default implementation reads the client IP address from an HTTP request header named Proxy-ip, the SSL keysize from an HTTP request header named Proxy-keysize, and the SSL client certificate chain from an HTTP request header named Proxy-auth-cert. The Proxy-auth-cert value must contain the BASE-64 encoded client certificate chain without the BEGIN CERTIFICATE and END CERTIFICATE boundaries and with \n replaced with % d% a.

Only used if authPassthroughEnabled is set to true. Each http-listener subelement can override the proxyHandler setting for itself.

proxiedProtocol

none 

Specifies a comma-separated list of protocols that can use the same port. Allowed values are ws/tcp (SOAP over TCP), http, https and tls.

For example, if you set this property to http,https and the port is 4567, you can access the port with either http://host:4567/ or https://host:4567/.

Specifying this property at the http-service level overrides settings at the http-listener level. If this property is not set at either level, this feature is disabled.

bufferSize

4096

Specifies the size, in bytes, of the buffer to be provided for input streams created by HTTP listeners. 

connectionTimeout

30

Specifies the number of seconds HTTP listeners wait, after accepting a connection, for the request URI line to be presented. 

maxKeepAliveRequests

250

Specifies the maximum number of HTTP requests that can be pipelined until the connection is closed by the server. Set this property to 1 to disable HTTP/1.0 keep-alive, as well as HTTP/1.1 keep-alive and pipelining.

traceEnabled

true

If true, enables the TRACE operation. Set this property to false to make the Communications Server less susceptible to cross-site scripting attacks.

accessLoggingEnabled

false (developer and cluster profiles)

If true, enables access logging for all virtual-server subelements that do not specify this property. If false, disables access logging for all virtual-server subelements that do not specify this property.

accessLogBufferSize

32768

Specifies the size, in bytes, of the buffer where access log calls are stored. If the value is less than 5120, a warning message is issued, and the value is set to 5120.

accessLogWriterInterval

300

Specifies the number of seconds before the log is written to the disk. The access log is written when the buffer is full or when the interval expires. If the value is 0, the buffer is always written even if it is not full. This means that each time the server is accessed, the log message is stored directly to the file.

sso-enabled

false (developer and cluster profiles)

If true, single sign-on is enabled by default for all web applications on all virtual servers on this server instance that are configured for the same realm. If false, single sign-on is disabled by default for all virtual servers, and users must authenticate separately to every application on each virtual server. The sso-enabled property setting of the virtual-server element overrides this setting for an individual virtual server.

At the http-service level, you cannot change the sso-max-inactive-seconds and sso-reap-interval-seconds values from their defaults. However, you can change these values at the virtual-server level.

disableUploadTimeout

true

if false, the connection for a servlet that reads bytes slowly is closed after the connectionUploadTimeout is reached.

connectionUploadTimeout

5

Specifies the timeout for uploads. Applicable only if disableUploadTimeout is set to false.

uriEncoding

UTF-8

Specifies the character set used to decode the request URIs received on http-listener subelements that do not define this property. Must be a valid IANA character set name.

trusted-entity

zero or more if no trust-handler is defined

Specifies intermediate hosts and domains according to RFC 3325. 

trust-handler

zero or one if no trusted-entity is defined

Specifies a custom trust handler according to RFC 3325. 

id

none 

Specifies a unique identifier for the identity-assertion-trust element.

is-default

false

If true, specifies that this is the default identity-assertion-trust. There can be only one default identity-assertion-trust.

ssl

zero or one 

Defines SSL parameters. 

property

zero or more 

Specifies a property or a variable. 

id

none 

The listener name. An iiop-listener name cannot begin with a number.

address

none 

IP address of the listener. Can be in dotted-pair or IPv6 notation, or just a name. 

port

1072

(optional) Port number for the listener. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges.

security-enabled

false

(optional) Determines whether the listener runs SSL. To turn SSL2 or SSL3 on or off and set ciphers, use an ssl element.

enabled

true

(optional) Determines whether the listener is active. 

orb

only one 

Configures the ORB. 

ssl-client-config

zero or one 

Defines SSL parameters for the ORB. 

iiop-listener

zero or more 

Defines an IIOP listen socket. 

client-authentication-required

false

(optional) If true, the server rejects unauthenticated requests and inserts an authentication-required bit in IORs sent to clients.

description

zero or one 

Contains a text description of this element. 

web-service-endpoint

zero or more 

Configures a web service endpoint. 

property

zero or more 

Specifies a property or a variable. 

name

none 

The name of the application. 

location

none 

The location of the application in the Communications Server file system. 

object-type

user

(optional) Defines the type of the resource. Allowed values are: 

• system-all - A system resource for all server instances and the domain application server.

• system-admin - A system resource only for the domain application server.

• system-instance - A system resource for all server instances only.

• user - A user resource.

enabled

true

(optional) Determines whether the application is enabled. 

libraries

none 

(optional) Specifies an absolute or relative path to libraries specific to this module or application. A relative path is relative to domain-dir/lib/applibs. If the path is absolute, the path must be accessible to the domain administration server (DAS), which means it must be under domain-dir. To include more than one path, use a system-specific separator, such as a colon for Solaris or a semicolon for Windows. The libraries are made available to the application in the order in which they are specified.

availability-enabled

false

(optional) Specifies whether availability is enabled in this Java EE application for HTTP session persistence and SFSB checkpointing (and potentially passivation). Availability must also be enabled for the application during deployment. For more information about availability, see availability-service.

directory-deployed

false