Specifies a set of host names or address masks that determine the clients that are allowed to establish connections to this Connection Handler. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.
Default Value
All clients with addresses that do not match an address on the deny list are allowed. If there is no deny list, then all clients are allowed.
Allowed Values
An IP address mask
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately and do not interfere with connections that may have already been established.
Advanced Property
No
Read-only
No
denied-client
Description
Specifies a set of host names or address masks that determine the clients that are not allowed to establish connections to this Connection Handler. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. If both allowed and denied client masks are defined and a client connection matches one or more masks in both lists, then the connection is denied. If only a denied list is specified, then any client not matching a mask in that list is allowed.
Default Value
If an allow list is specified, then only clients with addresses on the allow list are allowed. Otherwise, all clients are allowed.
Allowed Values
An IP address mask
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately and do not interfere with connections that may have already been established.
Advanced Property
No
Read-only
No
enabled
Description
Indicates whether the Connection Handler is enabled.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
http-server-max-thread-pool-size
Description
Specifies the maximum number of threads to be used for processing operations placed in the queue by the embedded HTTP server. The embedded HTTP server will start will a lower number and increase the pool size to the specified value while handling incoming requests.
Default Value
24
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
http-server-max-work-queue-capacity
Description
Specifies the maximum number of queued operations that can be in the work queue at any given time. This value will help define the embedded server a bounded queue to process the requets reliabily within the limit of its capacity.
Default Value
6000
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
http-server-min-thread-pool-size
Description
Specifies the minimum number of threads to be used for processing operations placed in the queue by the embedded HTTP server. The embedded HTTP server will start with a lower number and increase the pool size to the specified value while handling incoming requests.
Default Value
8
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
keep-stats
Description
Indicates whether the HTTP Connection Handler should keep statistics. If enabled, the HTTP Connection Handler maintains statistics about the number and types of operations requested over HTTP and the amount of data sent and received.
Default Value
true
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this setting take effect immediately.
Advanced Property
No
Read-only
No
key-manager-provider
Description
Specifies the name of the key manager that should be used with this HTTP Connection Handler .
Default Value
None
Allowed Values
The DN of any Key Manager Provider. The referenced key manager provider must be enabled when the HTTP Connection Handler is enabled and configured to use SSL.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property take effect immediately, but only for subsequent attempts to access the key manager provider for associated client connections.
Advanced Property
No
Read-only
No
listen-address
Description
Specifies the address or set of addresses on which this HTTP Connection Handler should listen for connections from HTTP clients. Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the HTTP Connection Handler listens on all interfaces.
Default Value
0.0.0.0
Allowed Values
An IP address
Multi-valued
Yes
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
listen-port
Description
Specifies the port number on which the HTTP Connection Handler will listen for connections from clients. Only a single port number may be provided.
Default Value
None
Allowed Values
An integer value. Lower value is 1. Upper value is 65535 .
Multi-valued
No
Required
Yes
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
log-level
Description
Indicates the severity of messages that should be logged. Based on the severity levels set through this config property log messages of respective severity will be logged.
Default Value
WARN
Allowed Values
all - Messages of ALL severity levels will be logged.
debug - Messages with severity level of DEBUG or higher will be logged.
info - Messages with severity level of INFO or higher will be logged.
off - Logging Messages will be turned OFF.
warn - Messages with severity level of WARNING or higher will be logged.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this setting take effect immediately.
Advanced Property
No
Read-only
No
ssl-cert-nickname
Description
Specifies the nickname (also called the alias) of the certificate that the HTTP Connection Handler should use when performing SSL communication. This is only applicable when the HTTP Connection Handler is configured to use SSL.
Default Value
Let the server decide.
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
ssl-cipher-suite
Description
Specifies the names of the SSL cipher suites that are allowed for use in SSL or StartTLS communication.
Default Value
Uses the default set of SSL cipher suites supported by the server.
Allowed Values
A String
Multi-valued
Yes
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
ssl-client-auth-policy
Description
Specifies the policy that the HTTP Connection Handler should use regarding client SSL certificates. This is only applicable if clients are allowed to use SSL.
Default Value
optional
Allowed Values
disabled - Clients are not required to provide their own certificates when performing SSL negotiation.
optional - Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
required - Clients are required to provide their own certificates when performing SSL negotiation and are refused access if the do not provide a certificate.
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
ssl-protocol
Description
Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
Default Value
Uses the default set of SSL protocols supported by the server.
Allowed Values
A String
Multi-valued
Yes
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
trust-manager-provider
Description
Specifies the name of the trust manager that should be used with the HTTP Connection Handler .
Default Value
None
Allowed Values
The DN of any Trust Manager Provider. The referenced trust manager provider must be enabled when the HTTP Connection Handler is enabled and configured to use SSL.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property take effect immediately, but only for subsequent attempts to access the trust manager provider for associated client connections.
Advanced Property
No
Read-only
No
use-ssl
Description
Indicates whether the HTTP Connection Handler should use SSL. If enabled, the HTTP Connection Handler will use SSL to encrypt communication with the clients.
Default Value
false
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
Advanced Properties
accept-backlog
Description
Specifies the maximum number of pending connection attempts that are allowed to queue up in the accept backlog before the server starts rejecting new connection attempts. This is primarily an issue for cases in which a large number of connections are established to the server in a very short period of time (for example, a benchmark utility that creates a large number of client threads that each have their own connection to the server) and the connection handler is unable to keep up with the rate at which the new connections are established.
Default Value
128
Allowed Values
An integer value. Lower value is 1.
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
allow-tcp-reuse-address
Description
Indicates whether the HTTP Connection Handler should reuse socket descriptors. If enabled, the SO_REUSEADDR socket option is used on the server listen socket to potentially allow the reuse of socket descriptors for clients in a TIME_WAIT state. This may help the server avoid temporarily running out of socket descriptors in cases in which a very large number of short-lived connections have been established from the same client system.
Default Value
true
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
dos-filter-max-request-duration
Description
Specifies the maximum duration in milliseconds a request is allowed to run. Duration to allow a request to execute, after which it will be stopped.
Default Value
30000
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
dos-filter-max-requests-per-sec
Description
Specifies the maximum number of requests from a connection per second. Requests in excess of this are first delayed, then throttled.
Default Value
25
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
dos-filter-throttled-requests
Description
Number of requests over the rate limit able to be considered at once. Number of requests over the rate limit able to be considered at once.
Default Value
5
Allowed Values
An integer value. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
header-cache-size
Description
Set the header field cache size.
Default Value
6 kilobytes
Allowed Values
A positive integer representing a size. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
idle-time-limit
Description
Set the maximum Idle time for a thread to be idle. Threads that are idle for longer than this period may be stopped.
A java class that implements or extends the class(es) :
org.opends.server.api.ConnectionHandler
Multi-valued
No
Required
Yes
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
jetty-statistics-enabled
Description
Indicates whether the HTTP Connection Handler should enable jetty statistics over JMX. If enabled, the HTTP Connection Handler maintains Jetty internal statistics over JMX.
Default Value
false
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this setting take effect immediately.
Advanced Property
Yes
Read-only
No
max-idle-time-limit
Description
Set the maximum Idle time for a connection, which roughly translates to the Socket.setSoTimeout(int) call. If an attempt to write data to a client takes longer than this length of time, then the client connection is terminated. The max idle time is applied: 1. When waiting for a new request to be received on a connection 2. When reading the headers and content of a request 3. When writing the headers and content of a response
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
num-http-acceptor-threads
Description
Acceptors accept new TCP/IP connections The HTTP Connection Handler uses one thread to accept new connections from clients, but uses one or more additional threads to read requests from existing client connections. This ensures that new requests are read efficiently and that the connection handler itself does not become a bottleneck when the server is under heavy load from many clients at the same time. Let the server use a default value, or define an optimal value. If 0, then the selector threads are used to accept connections.
Default Value
Let the server decide.
Allowed Values
An integer value. Lower value is 1.
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
num-http-selector-threads
Description
Selectors notice and schedule established connection that can make IO progress. Set an optimal value, let the server decide for a default value.
Default Value
Let the server decide.
Allowed Values
An integer value. Lower value is 0.
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
output-buffer-size
Description
Sets the size of the content buffer for sending responses. These buffers are used only for active connections that are sending responses with bodies that will not fit within the header buffer.
Default Value
32 kilobytes
Allowed Values
A positive integer representing a size. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
request-header-size
Description
Set the maximum size of a request header. Larger headers will allow for more and/or larger cookies plus larger form content encoded in a URL. However, larger headers consume more memory and can make a server more vulnerable to denial of service attacks.
Default Value
8 kilobytes
Allowed Values
A positive integer representing a size. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No
response-header-size
Description
Set the maximum size of a response header. Larger headers will allow for more and/or larger cookies and longer HTTP headers (eg for redirection). However, larger headers will also consume more memory.
Default Value
32 kilobytes
Allowed Values
A positive integer representing a size. Lower value is 1. Upper value is 2147483647 .
Multi-valued
No
Required
No
Admin Action Required
The HTTP Connection Handler must be disabled and re-enabled for changes to this setting to take effect