weblogic.management.configuration
Interface WebAppContainerMBean

All Superinterfaces:

ConfigurationMBean

public interface WebAppContainerMBean
extends ConfigurationMBean

This MBean is used to specify domain-wide defaults for the WebApp container. In general, these properties can be overridden at the cluster level (in ClusterMBean, if the same property is present there), the server level (in ServerMBean, if the same property is present there) or for a specific Web application (in weblogic.xml).

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.

Field Summary

Fields inherited from interface weblogic.management.configuration.ConfigurationMBean

DEFAULT_EMPTY_BYTE_ARRAY

Method Summary

int	getMaxPostSize() The maximum post size this server allows for reading HTTP POST data in a servlet request.
int	getMaxPostTimeSecs() Max Post Time (in seconds) for reading HTTP POST data in a servlet request.
String	getMimeMappingFile() Returns the name of the file containing mime-mappings for the domain.
String	getP3PHeaderValue() Returns the P3P Header value that will be sent with all responses for http requests (if non-null).
int	getPostTimeoutSecs() The amount of time this server waits between receiving chunks of data in an HTTP POST data before it times out.
int	getServletReloadCheckSecs()
String	getXPoweredByHeaderLevel() WebLogic Server uses the X-Powered-By HTTP header, as recommended by the Servlet 2.4 specification, to publish its implementation information.
boolean	isAllowAllRoles() In the security-constraints elements defined in a Web application's web.xml deployment descriptor, the auth-constraint element indicates the user roles that should be permitted access to this resource collection.
boolean	isAuthCookieEnabled() Whether authcookie feature is enabled or not.
boolean	isChangeSessionIDOnAuthentication() Global property to determine if we need to generate a new SessionID after authentication.
boolean	isClientCertProxyEnabled() Specifies whether or not to honor the WL-Proxy-Client-Cert header coming with the request.
boolean	isFilterDispatchedRequestsEnabled() Indicates whether or not to apply filters to dispatched requests.
boolean	isHttpTraceSupportEnabled() Returns the value of HttpTraceSupportEnabled.
boolean	isJSPCompilerBackwardsCompatible() Global property to determine the behavior of the JSP compiler.
boolean	isOptimisticSerialization() When OptimisticSerialization is turned on, WebLogic server does not serialize-deserialize context and request attributes upon getAttribute(name) when a request gets dispatched across servlet contexts.
boolean	isOverloadProtectionEnabled() This parameter is used to enable overload protection in the webapp container against low memory conditions.
boolean	isReloginEnabled() Beginning with the 9.0 release the FORM/BASIC authentication behavior has been modified to conform strictly to the J2EE Specification.
boolean	isRetainOriginalURL() retain-original-url is used in FORM based authentication scenarios.
boolean	isRtexprvalueJspParamName() Global property which determines the behavior of the JSP compiler when a jsp:param attribute "name" has a request time value.
boolean	isServletAuthenticationFormURL() ServletAuthenticationFormURL is used for backward compatibility with previous releases of Weblogic Server.If ServletAuthenticationFormURL is set to true (default), then ServletAuthentication.getTargetURLForFormAuthentication() and HttpSession.getAttribute(AuthFilter.TARGET_URL) will return the URL of the protected target resource.
boolean	isServletReloadCheckSecsSet()
boolean	isShowArchivedRealPathEnabled() Global property to determine the behavior of getRealPath() for archived web applications.
boolean	isWAPEnabled() Indicates whether the session ID should include JVM information.
boolean	isWeblogicPluginEnabled() Specifies whether or not the proprietary WL-Proxy-Client-IP header should be honored.
boolean	isWorkContextPropagationEnabled() Indicates whether or not WorkContextPropagation is enabled.
void	setAllowAllRoles(boolean allowAllRoles) Sets the value of the backward compatibility switch AllowAllRoles attribute.
void	setAuthCookieEnabled(boolean enable) Sets the value of the isAuthCookieEnabled attribute.
void	setChangeSessionIDOnAuthentication(boolean changeSessionIDOnAuthentication) Sets the value of the ChangeSessionIDOnAuthentication parameter.
void	setClientCertProxyEnabled(boolean ccp) A value of true causes proxy-server plugins to pass identity certificates from clients to all web applications that are deployed on all server instances in the domain.
void	setFilterDispatchedRequestsEnabled(boolean enabled) Sets the value of the backward-compatibility parameter "FilterDispatchedRequestsEnabled".
void	setHttpTraceSupportEnabled(boolean tse) Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data.
void	setJSPCompilerBackwardsCompatible(boolean compat) Sets the value of the JSPCompilerBackwardsCompatible parameter.
void	setMaxPostSize(int bytes) Sets the value of the maxPostSize attribute.
void	setMaxPostTimeSecs(int secs) Max Post Time (in seconds) for reading HTTP POST data in a servlet request.
void	setMimeMappingFile(String mimeMapping) Sets the mimeMapping file name for the domain.
void	setOptimisticSerialization(boolean b) Sets the OptimisticSerialization value.
void	setOverloadProtectionEnabled(boolean enabled) Sets the value of OverloadProtectionEnabled param
void	setP3PHeaderValue(String p3pHeader) If set to a non-null value a "P3P" header will always be sent with all responses for http requests.
void	setPostTimeoutSecs(int secs) Sets the value of the postTimeoutSecs attribute.
void	setReloginEnabled(boolean enabled) Enables re-login for FORM/BASIC authentication in webapps.
void	setRetainOriginalURL(boolean b) Sets the RetainOriginalURL value.
void	setRtexprvalueJspParamName(boolean rtexprvalue) Sets the value of RtexprvalueJspParamName
void	setServletAuthenticationFormURL(boolean b) Sets the ServletAuthenticationFormURL value.
void	setServletReloadCheckSecs(int servletReloadCheckSecs)
void	setShowArchivedRealPathEnabled(boolean showArchivedRealPathEnabled) Sets the value of the ShowArchivedRealPathEnabled parameter.
void	setWAPEnabled(boolean enable) Sets the value of the IsWAPEnabled attribute.
void	setWeblogicPluginEnabled(boolean wpe) WLS HttpRequest.getRemoteAddr() used to rely on X-Forwarded-For for its returned value.
void	setWorkContextPropagationEnabled(boolean workContextPropagationEnabled) Sets the value of WorkContextPropagationEnabled
void	setXPoweredByHeaderLevel(String xPoweredByHeaderLevel) Sets the level for XPoweredBy header information

Methods inherited from interface weblogic.management.configuration.ConfigurationMBean

freezeCurrentValue, getName, getNotes, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet

Method Detail

isReloginEnabled

boolean isReloginEnabled()

Beginning with the 9.0 release the FORM/BASIC authentication behavior has been modified to conform strictly to the J2EE Specification. If a user has logged-in but does not have privileges to access a resource, the 403 (FORBIDDEN) page will be returned. Turn this flag on to enable the old behavior, which was to return the user to the login form.

Returns:

The ReloginEnabled value

See Also:

WebAppContainerMBean.setReloginEnabled(boolean)

setReloginEnabled

void setReloginEnabled(boolean enabled)

Enables re-login for FORM/BASIC authentication in webapps. Corresponding weblogic.xml element: container-descriptor -> relogin-enabled takes precendence over this value (if set).

Parameters:

enabled - ReloginEnabled value

See Also:

WebAppContainerMBean.isReloginEnabled()

Default Value:

false

isAllowAllRoles

boolean isAllowAllRoles()

In the security-constraints elements defined in a Web application's web.xml deployment descriptor, the auth-constraint element indicates the user roles that should be permitted access to this resource collection. Here role-name = "*" is a compact syntax for indicating all roles in the Web application. In previous releases, role-name = "*" was treated as all users/roles defined in the realm. This parameter is a backward-compatibility switch to restore old behavior. Default behavior is one required by the spec, meaning all roles defined in the web application. If set, the value defined in weblogic.xml (container-descriptor -> allow-all-roles) takes precedence (if set) over this value.

Returns:

The allowAllRoles value

See Also:

WebAppContainerMBean.setAllowAllRoles(boolean)

setAllowAllRoles

void setAllowAllRoles(boolean allowAllRoles)
                      throws InvalidAttributeValueException

Sets the value of the backward compatibility switch AllowAllRoles attribute.

Parameters:

allowAllRoles -

Throws:

InvalidAttributeValueException

InvalidAttributeValueException

See Also:

WebAppContainerMBean.isAllowAllRoles()

Default Value:

false

isFilterDispatchedRequestsEnabled

boolean isFilterDispatchedRequestsEnabled()

Indicates whether or not to apply filters to dispatched requests. This is a backward compatibility flag. Until version 8.1, WebLogic Server applied ServletFilters (if configured for the Web application) on request dispatches (and includes/forwards). Servlet 2.4 has introduced the "Dispatcher" element to make this behavior explicit. The default value is Dispatcher=REQUEST. In order to be complaint with the J2EE specification, the default value for FilterDispatchedRequestsEnabled is false beginning with WebLogic Server 9.0. Note that if you are using old descriptors (meaning web.xml does not have version=2.4), then WebLogic Server automatically uses FilterDispatchedRequestsEnabled = true for the Web applications, unless filter-dispatched-requests-enabled is explicitly set to false in weblogic.xml. This means that old applications will work fine without any modification. Additionally, during migration of old domains to the 9.0 domain, the migration plugin automatically sets this flag to true.

Returns:

See Also:

WebAppContainerMBean.setFilterDispatchedRequestsEnabled(boolean)

Default Value:

false

setFilterDispatchedRequestsEnabled

void setFilterDispatchedRequestsEnabled(boolean enabled)
                                        throws InvalidAttributeValueException

Sets the value of the backward-compatibility parameter "FilterDispatchedRequestsEnabled".

Parameters:

enabled -

Throws:

InvalidAttributeValueException

See Also:

WebAppContainerMBean.isFilterDispatchedRequestsEnabled()

Default Value:

false

isOverloadProtectionEnabled

boolean isOverloadProtectionEnabled()

This parameter is used to enable overload protection in the webapp container against low memory conditions. When a low memory situation occurs, new session creation attempts will result in weblogic.servlet.SessionCreationException. The application code needs to catch this exception and take proper action. Alternatively appropriate error-pages can be configured in web.xml against weblogic.servlet.SessionCreationException. This check is performed only on memory and replicated sessions.

Returns:

OverloadProtectionEnabled value

See Also:

weblogic.servlet.SessionCreationException, WebAppContainerMBean.setOverloadProtectionEnabled(boolean)

setOverloadProtectionEnabled

void setOverloadProtectionEnabled(boolean enabled)

Sets the value of OverloadProtectionEnabled param

Parameters:

enabled -

See Also:

WebAppContainerMBean.isOverloadProtectionEnabled()

Default Value:

false

getXPoweredByHeaderLevel

String getXPoweredByHeaderLevel()

WebLogic Server uses the X-Powered-By HTTP header, as recommended by the Servlet 2.4 specification, to publish its implementation information.

Following are the options:

• "NONE": X-Powered-By header will not be sent
• "SHORT" (default): "Servlet/2.4 JSP/2.0"
• "MEDIUM": "Servlet/2.4 JSP/2.0 (WebLogic/9.1)"
• "FULL": "Servlet/2.4 JSP/1.2 (WebLogic/9.1 JDK/1.4.1_05)"

Returns:

the xPoweredByHeaderLevel value

See Also:

WebAppContainerMBean.setXPoweredByHeaderLevel(String)

Default Value:

"SHORT"

Valid Values:

"NONE","SHORT","MEDIUM","FULL"

setXPoweredByHeaderLevel

void setXPoweredByHeaderLevel(String xPoweredByHeaderLevel)

Sets the level for XPoweredBy header information

Parameters:

xPoweredByHeaderLevel -

See Also:

WebAppContainerMBean.getXPoweredByHeaderLevel()

Valid Values:

"NONE","SHORT","MEDIUM","FULL"

getMimeMappingFile

String getMimeMappingFile()

Returns the name of the file containing mime-mappings for the domain.

Format of the file should be: extension=mime-type

Example:
htm=text/html
gif=image/gif
jpg=image/jpeg

If this file does not exist, WebLogic Server uses an implicit mime-mapping set of mappings defined in weblogic.utils.http.HttpConstants (DEFAULT_MIME_MAPPINGS). To remove a mapping defined in implicit map just set it to blank.

Returns:

mimeMappingFile

See Also:

WebAppContainerMBean.setMimeMappingFile(String)

Default Value:

"./config/mimemappings.properties"

setMimeMappingFile

void setMimeMappingFile(String mimeMapping)

Sets the mimeMapping file name for the domain.

Parameters:

mimeMapping -

See Also:

WebAppContainerMBean.getMimeMappingFile()

isOptimisticSerialization

boolean isOptimisticSerialization()

When OptimisticSerialization is turned on, WebLogic server does not serialize-deserialize context and request attributes upon getAttribute(name) when a request gets dispatched across servlet contexts. This means you will need to make sure that the attributes common to Web applications are scoped to a common parent classloader (they are application-scoped) or placed in the system classpath if the two Web applications do not belong to the same application. When OptimisticSerialization is turned off (which is the default) WebLogic Server does serialize-deserialize context and request attributes upon getAttribute(name) to avoid the possibility of ClassCastExceptions. The value of OptimisticSerialization can also be overridden for specific Web applications by setting the optimistic-serialization value in weblogic.xml.

Returns:

optimisticSerialization value

See Also:

WebAppContainerMBean.isOptimisticSerialization()

Default Value:

false

setOptimisticSerialization

void setOptimisticSerialization(boolean b)

Sets the OptimisticSerialization value.

Parameters:

b -

See Also:

WebAppContainerMBean.isOptimisticSerialization()

isRetainOriginalURL

boolean isRetainOriginalURL()

retain-original-url is used in FORM based authentication scenarios. When this property is set to true, after a successful authentication, Weblogic Server will redirect back to the web resource (page/servlet) retaining the protocol (http/https) used to access the protected resource in the original request. If set to false (which is the default value), Weblogic Server will redirect back to the protected resource using the current protocol. retain-original-url value can also be specified at per webapp level in weblogic.xml. The value in weblogic.xml, if specified, overrides the domain level value.

Returns:

retainOriginalURL value

See Also:

WebAppContainerMBean.isRetainOriginalURL()

Default Value:

false

setRetainOriginalURL

void setRetainOriginalURL(boolean b)

Sets the RetainOriginalURL value.

Parameters:

b -

See Also:

WebAppContainerMBean.isRetainOriginalURL()

isServletAuthenticationFormURL

boolean isServletAuthenticationFormURL()

ServletAuthenticationFormURL is used for backward compatibility with previous releases of Weblogic Server.If ServletAuthenticationFormURL is set to true (default), then ServletAuthentication.getTargetURLForFormAuthentication() and HttpSession.getAttribute(AuthFilter.TARGET_URL) will return the URL of the protected target resource. If set to false, the above API's will return the URI of the protected target resource. By default the value is set to true.(new method added in 9.0.0.1)

Returns:

servletAuthenticationFormURL value

See Also:

weblogic.servlet.security.ServletAuthethentication.getTargetURLForFormAuthentication, weblogic.servlet.security.ServletAuthethentication.getTargetURIForFormAuthentication, WebAppContainerMBean.isServletAuthenticationFormURL()

Default Value:

true

setServletAuthenticationFormURL

void setServletAuthenticationFormURL(boolean b)

Sets the ServletAuthenticationFormURL value.

Parameters:

b -

See Also:

WebAppContainerMBean.isServletAuthenticationFormURL()

isRtexprvalueJspParamName

boolean isRtexprvalueJspParamName()

Global property which determines the behavior of the JSP compiler when a jsp:param attribute "name" has a request time value. Without this property set to "true", the JSP compiler throws an error for a JSP using a request time value for the "name" attribute as mandated by the JSP 2.0 spec. This property exists for backward compatibility.

Returns:

rtexprvalueJspParamName

See Also:

WebAppContainerMBean.setRtexprvalueJspParamName(boolean)

Default Value:

false

setRtexprvalueJspParamName

void setRtexprvalueJspParamName(boolean rtexprvalue)

Sets the value of RtexprvalueJspParamName

Parameters:

rtexprvalue -

See Also:

WebAppContainerMBean.isRtexprvalueJspParamName()

setClientCertProxyEnabled

void setClientCertProxyEnabled(boolean ccp)

A value of true causes proxy-server plugins to pass identity certificates from clients to all web applications that are deployed on all server instances in the domain.

A proxy-server plugin encodes each identify certification in the WL-Proxy-Client-Cert header and passes the header to WebLogic Server instances. Each WebLogic Server instance takes the certificate information from the header, trusting that it came from a secure source, and uses that information to authenticate the user.

If you specify true, use a weblogic.security.net.ConnectionFilter to ensure that each WebLogic Server instance accepts connections only from the machine on which the proxy-server plugin is running. Specifying true without using a connection filter creates a potential security vulnerability because the WL-Proxy-Client-Cert header can be spoofed.

A value of true overrides the value that each server instance within the domain specifies with ServerMBean.setClientCertProxyEnabled(boolean).

By default (or if you specify false):

• Each server instance can determine whether its applications trust certificates sent from the proxy server plugin.

• If a server instance does not set a value for its ClientCertProxyEnabled attribute (or if it specifies false), the weblogic.xml deployment descriptor for each Web application determines whether the Web application trusts certificates sent from the proxy server plugin.

• By default (or if the deployment descriptor specifies false), users cannot log in to the Web application from a proxy server plugin.

Parameters:

ccp - The new clientCertProxyEnabled value

See Also:

WebAppContainerMBean.isClientCertProxyEnabled(), ClusterMBean.setClientCertProxyEnabled(boolean), ServerMBean.setClientCertProxyEnabled(boolean)

Default Value:

false

isClientCertProxyEnabled

boolean isClientCertProxyEnabled()

Specifies whether or not to honor the WL-Proxy-Client-Cert header coming with the request.

Returns:

The clientCertProxyEnabled value

See Also:

WebAppContainerMBean.setClientCertProxyEnabled(boolean), ClusterMBean.isClientCertProxyEnabled(), ServerMBean.isClientCertProxyEnabled()

setHttpTraceSupportEnabled

void setHttpTraceSupportEnabled(boolean tse)

Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data. In the presence of other cross-domain vulnerabilities in Web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.

This attribute is for disabling HTTP TRACE support. It is present also in ClusterMBean and ServerMBean so the attribute HttpTraceSupportEnabled can be set differently for different clusters/servers

See Also:

WebAppContainerMBean.isHttpTraceSupportEnabled(), ClusterMBean.setHttpTraceSupportEnabled(boolean), ServerMBean.setHttpTraceSupportEnabled(boolean)

Default Value:

false

isHttpTraceSupportEnabled

boolean isHttpTraceSupportEnabled()

Returns the value of HttpTraceSupportEnabled.

Returns:

HttpTraceSupportEnabled value

See Also:

WebAppContainerMBean.setHttpTraceSupportEnabled(boolean), ClusterMBean.setHttpTraceSupportEnabled(boolean), ServerMBean.setHttpTraceSupportEnabled(boolean)

setWeblogicPluginEnabled

void setWeblogicPluginEnabled(boolean wpe)

WLS HttpRequest.getRemoteAddr() used to rely on X-Forwarded-For for its returned value. This is a security hole as the HTTP header can be easily mocked and we end up with returning a wrong value. This is improved by introducing a proprietary header WL-Proxy-Client-IP from our plugins and this header will only be used if WLS is configured to use our plugins. This is duplicated both in ClusterMBean and ServerMBean so the attribute WeblogicPluginEnabled can be used cluster-wide. ClusterMBean overrides ServerMBean

Parameters:

wpe - The new weblogicPluginEnabled value

See Also:

WebAppContainerMBean.isWeblogicPluginEnabled(), ClusterMBean.setWeblogicPluginEnabled(boolean), ServerMBean.setWeblogicPluginEnabled(boolean)

Default Value:

false

isWeblogicPluginEnabled

boolean isWeblogicPluginEnabled()

Specifies whether or not the proprietary WL-Proxy-Client-IP header should be honored. (This is needed only when WebLogic plugins are configured.)

Returns:

The weblogicPluginEnabled value

See Also:

WebAppContainerMBean.setWeblogicPluginEnabled(boolean), ClusterMBean.isWeblogicPluginEnabled(), ServerMBean.isWeblogicPluginEnabled()

setAuthCookieEnabled

void setAuthCookieEnabled(boolean enable)

Sets the value of the isAuthCookieEnabled attribute.

Enables use of additional secure AuthCookie to make access to https pages with security constraints more secure. The session cookie will not be sufficient to gain access. This property can be overridden at WebServerMBean level.

See Also:

WebAppContainerMBean.isAuthCookieEnabled(), WebServerMBean.setAuthCookieEnabled(boolean)

Default Value:

true

isAuthCookieEnabled

boolean isAuthCookieEnabled()

Whether authcookie feature is enabled or not.

Returns:

AuthCookieEnabled value

See Also:

WebAppContainerMBean.setAuthCookieEnabled(boolean), WebServerMBean.isAuthCookieEnabled()

setWAPEnabled

void setWAPEnabled(boolean enable)

Sets the value of the IsWAPEnabled attribute. This property can be overridden at WebServerMBean level.

Parameters:

enable - The new WAPEnabled value

See Also:

WebAppContainerMBean.isWAPEnabled(), WebServerMBean.setWAPEnabled(boolean)

Default Value:

false

isWAPEnabled

boolean isWAPEnabled()

Indicates whether the session ID should include JVM information. (Checking this box may be necessary when using URL rewriting with WAP devices that limit the size of the URL to 128 characters, and may also affect the use of replicated sessions in a cluster.) When this box is selected, the default size of the URL will be set at 52 characters, and it will not contain any special characters.

Returns:

The WAPEnabled value

See Also:

WebAppContainerMBean.setWAPEnabled(boolean), WebServerMBean.isWAPEnabled()

setPostTimeoutSecs

void setPostTimeoutSecs(int secs)
                        throws InvalidAttributeValueException

Sets the value of the postTimeoutSecs attribute.

Timeout (in seconds) for reading HTTP POST data in a servlet request. This parameter can be overridden at the WebServerMBean level.

Parameters:

secs - The new postTimeoutSecs value

Throws:

InvalidAttributeValueException

See Also:

WebAppContainerMBean.getMaxPostTimeSecs(), WebServerMBean.setPostTimeoutSecs(int)

Default Value:

30

Maximum Value:

120

Minimum Value:

0

getPostTimeoutSecs

int getPostTimeoutSecs()

The amount of time this server waits between receiving chunks of data in an HTTP POST data before it times out. (This is used to prevent denial-of-service attacks that attempt to overload the server with POST data.)

Returns:

The postTimeoutSecs value

See Also:

WebAppContainerMBean.setPostTimeoutSecs(int), WebServerMBean.getPostTimeoutSecs()

setMaxPostTimeSecs

void setMaxPostTimeSecs(int secs)
                        throws InvalidAttributeValueException

Max Post Time (in seconds) for reading HTTP POST data in a servlet request. MaxPostTime < 0 means unlimited. This param can be overridden at WebServerMBean level.

Parameters:

secs - The new maxPostTimeSecs value

Throws:

InvalidAttributeValueException

See Also:

WebAppContainerMBean.getMaxPostTimeSecs(), WebServerMBean.setMaxPostTimeSecs(int)

Default Value:

-1

getMaxPostTimeSecs

int getMaxPostTimeSecs()

Max Post Time (in seconds) for reading HTTP POST data in a servlet request. MaxPostTime < 0 means unlimited

Returns:

The maxPostTimeSecs value

See Also:

WebAppContainerMBean.setMaxPostTimeSecs(int), WebServerMBean.getMaxPostTimeSecs()

setMaxPostSize

void setMaxPostSize(int bytes)
                    throws InvalidAttributeValueException

Sets the value of the maxPostSize attribute. This parameter can be overridden at the WebServerMBean level.

Max Post Size (in bytes) for reading HTTP POST data in a servlet request. MaxPostSize < 0 means unlimited.

Parameters:

bytes - The new maxPostSize value

Throws:

InvalidAttributeValueException

See Also:

WebAppContainerMBean.getMaxPostSize(), WebServerMBean.setMaxPostSize(int)

Default Value:

-1

getMaxPostSize

int getMaxPostSize()

The maximum post size this server allows for reading HTTP POST data in a servlet request. A value less than 0 indicates an unlimited size.

Returns:

The maxPostSize value

See Also:

WebAppContainerMBean.setMaxPostSize(int), WebServerMBean.getMaxPostSize()

isWorkContextPropagationEnabled

boolean isWorkContextPropagationEnabled()

Indicates whether or not WorkContextPropagation is enabled. By default it is turned on. There is a little overhead involved in propagating WorkContexts. Therefore, if you don't care about WorkContext propagation, turn this value off in production environments.

Returns:

whether WorkContextPropagation is turned on or not

See Also:

WebAppContainerMBean.setWorkContextPropagationEnabled(boolean)

Default Value:

true

setWorkContextPropagationEnabled

void setWorkContextPropagationEnabled(boolean workContextPropagationEnabled)

Sets the value of WorkContextPropagationEnabled

Parameters:

workContextPropagationEnabled -

See Also:

WebAppContainerMBean.isWorkContextPropagationEnabled()

setP3PHeaderValue

void setP3PHeaderValue(String p3pHeader)

If set to a non-null value a "P3P" header will always be sent with all responses for http requests. The value of the P3P header will be the value assigned to this configuration parameter. The value should be equal to the location of the policy reference file for the Web site.

Alternatively, a servlet filter can be used to set the P3P header.

Parameters:

p3pHeader - P3P Header value (location of the policy reference file)

See Also:

WebAppContainerMBean.getP3PHeaderValue()

getP3PHeaderValue

String getP3PHeaderValue()

Returns the P3P Header value that will be sent with all responses for http requests (if non-null). The value of this header points to the location of the policy reference file for the Web site.

Alternatively, a servlet filter can be used to set the P3P header.

Returns:

P3P header value (location of the policy reference file)

See Also:

WebAppContainerMBean.setP3PHeaderValue(String)

isJSPCompilerBackwardsCompatible

boolean isJSPCompilerBackwardsCompatible()

Global property to determine the behavior of the JSP compiler. When this property set to "true", the JSP compiler throws a translation error for JSPs that do not conform to the JSP2.0 specification. This property exists for backward compatibility.

Returns:

isJspCompilerBackwardsCompatible

Default Value:

false

setJSPCompilerBackwardsCompatible

void setJSPCompilerBackwardsCompatible(boolean compat)

Sets the value of the JSPCompilerBackwardsCompatible parameter.

Parameters:

compat -

getServletReloadCheckSecs

int getServletReloadCheckSecs()

Default Value:

1

Default value in production mode:

-1

setServletReloadCheckSecs

void setServletReloadCheckSecs(int servletReloadCheckSecs)

isServletReloadCheckSecsSet

boolean isServletReloadCheckSecsSet()

isShowArchivedRealPathEnabled

boolean isShowArchivedRealPathEnabled()

Global property to determine the behavior of getRealPath() for archived web applications. When this property set to "true", getRealPath() will return the canonical path of the resource files.

Returns:

isShowArchivedRealPathEnabled

Default Value:

false

setShowArchivedRealPathEnabled

void setShowArchivedRealPathEnabled(boolean showArchivedRealPathEnabled)

Sets the value of the ShowArchivedRealPathEnabled parameter.

Parameters:

showArchivedRealPathEnabled -

isChangeSessionIDOnAuthentication

boolean isChangeSessionIDOnAuthentication()

Global property to determine if we need to generate a new SessionID after authentication. When this property set to "false", the previous sessionID will be retained even after authorization.

Returns:

isChangeSessionIDOnAuthentication();

Default Value:

true

setChangeSessionIDOnAuthentication

void setChangeSessionIDOnAuthentication(boolean changeSessionIDOnAuthentication)

Sets the value of the ChangeSessionIDOnAuthentication parameter.

Parameters:

changeSessionIDOnAuthentication -