Jboss7-undertow Web sub-module configuration

Source: Internet
Author: User
Tags jboss ssl connection

1, need to enable the module

<extension module= "Org.wildfly.extension.undertow"/>

2, the default configuration is as follows

<subsystem xmlns= "urn:jboss:domain:undertow:1.0" > <buffer-caches> <buffer-cache name= "Default" buffer-size= "1024x768" buffers-per-region= "1024" max-regions= "Ten"/> </buffer-caches> <server name= "Default-server" > 


3, the configuration cache, the static file will be cached, the general situation by default, if necessary, such as the following example


<buffer-caches>  <buffer-cache name= "Default" buffer-size= "1024x768" buffers-per-region= "1024x768" max-regions = "Ten"/></buffer-caches>
4, server, composed of multiple sub-tags, such as http-listener,host configuration https and domain name one is configuration Http-listener, one is to configure the host, for details, see I am other JBoss notes written



<server name= "Default-server" default-host= "Default-host" servlet-container= "Default" >

5, HTTP Connector link, is the above http-listener, corresponding to the type of HTTP, HTTPS and AJP, all links have attributes, I directly excerpt the official.

Note here that you can configure the link encoding Oh. The old version of the JBOSS7 configuration is not here, interested in watching I am write another article

Attribute Description
Socket-binding The socket binding to use. This determines the address and port the listener listens on.
Worker A reference to an Xnio worker, as defined in the IO subsystem. The worker, the in use controls the IO and blocking thread pool.
Buffer-pool A reference to a buffer pool as defined in the IO subsystem. These buffers is used internally to read and write requests. In general these should is at least 8k and unless you is in a memory constrained environment.
Enabled If the connector is enabled.
Max-post-size The maximum size of incoming post requests is allowed.
Buffer-pipelined-data If Responses to HTTP pipelined requests should is buffered, and send out in a single write. This can improve performance if the HTTP pipe lining is with use and responses is small.
Max-header-size The maximum size of a HTTP header block is allowed. Responses with to much data in their header block would has the request terminated and a bad request response send.
Max-parameters The maximum number of query or path parameters that is allowed. This limit exists to prevent hash collision based DOS attacks.
Max-headers The maximum number of headers that is allowed. This limit exists to prevent hash collision based DOS attacks.
Max-cookies The maximum number of cookies is allowed. This limit exists to prevent hash collision based DOS attacks.
Allow-encoded-slash Set this to true if you want the server to decode percent encoded slash characters. This was probably a bad idea, as it can has security implications, due to different servers interpreting the slash differe ntly. Only enable the If you had a legacy application that requires it.
Decode-url If the URL should be decoded. If the is isn't set to true then percent encoded characters in the URL would be was left as is.
Url-charset The charset to decode the URL to.
Always-set-keep-alive If the ' connection:keep-alive ' header should is added to all responses, even if not required by spec.
HTTPS has some of its own properties

Attribute Description
Security-realm The security realm to use for the SSL configuration. See Security Realm examples Configure It:examples
Verify-client One of either not_requested, requested or REQUIRED. IF Client cert Auth is in use this should be either requested or REQUIRED.
Enabled-cipher-suites A List of cypher suit names that is allowed.

Proprietary properties of HTTP

Attribute Description
Certificate-forwarding If the is set to true then the HTTP listener would read a client certificate from the Ssl_client_cert header. This allows client Cert authentication to is used, even if the server does not has a direct SSL connection to the end use R. This should only is enabled for servers behind a proxies that have been configured to always set these headers.
Redirect-socket The socket binding to redirect requests that require security too.
Proxy-address-forwarding If This was enabled then the x-forwarded-for and X-forwarded-proto headers would be used to determine the peer address. This allows applications is behind a proxy to see the real address of the client, rather than the address of the pro Xy.

AJP has no property of his own.

6, host configuration, in fact, is the configuration of domain names, name is named, can be referenced by other files, alias is an alias, but also can be referenced by other configuration files, Default-web-module is the default is used by the war package name, See my JBOOS7 Domain Configuration

Attribute Description
Name The virtual host name
Alias A whitespace separated list of additional host names that should be matched
Default-web-module The name of a deployment that should is used to serve up requests that does not match anything.

7, the other few do not elaborate


Jboss7-undertow Web sub-module configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.