Configuration
Module configuration 101
Last updated
Module configuration 101
Last updated
These configuration properties are common to all modules:
| Name | Description |
|---|---|
These configuration properties applies to all HTTP modules.
All HTTP modules are bound to a specific context (http_context), in the form of a path, on a specific address specified as a host (http_host) and a port (http_port). All endpoints provided by a module is located below this path and their names are defined by the module.
The following rules apply to the context property:
MUST always start with /
MUST NOT end with /
MAY contain any number of levels, each separated by a /
MAY overlap with other modules context
If module should use SSL/TLS keystores must be configured containing keys and certificates to use and/or trust.
Two types of key-/truststores are supported:
Java Keystore format ("JKS")
PKCS#12 ("PKCS12")
Key-/truststores can be configured in two ways:
Using a ref to a keystore object (recommended)
Using a path (deprecated, used only for compatibility)
When using a ref the value can be the actual object (inline) or a path expression expanding to the actual object (externalized). Path expressions enables externalisation and reuse of keystore objects in multiple locations in the configuration.
*) Only used in combination key-/truststore path configuration
| Name | Description |
|---|---|
| Name | Description | Default |
|---|---|---|
name
Module name (Mandatory)
enabled
Flag to enable/disable deployment of a module (Default: true)
instances
Number of instances to start. All instances share the same configuration. (Default: 1)
group
Name of module deployment group (Default: "default")
config
Module specific configuration object. (Optional)
data
Base64 encoded keystore data (Mandatory unless path is used)
path
Keystore path if keystore data is to be read from file. (Mandatory unless data is used)
password
Keystore password
type
(Default: "PKCS12")
http_host
Hostname or ip adress of HTTP listener.
"0.0.0.0"
http_port
Port of HTTP listener.
8080
http_context
Module context path. All routes registered by a module are relative to this context.
"/"
http_allow_forward_headers
Enable support for reverse proxy forward headers. Supported values: "NONE", "FORWARD", "X_FORWARD", "ALL". Note: This property can also be set for all modules using a global.
"NONE"
http_use_ssl
Flag to enable SSL/TLS for this configuration. Requires a configured keystore.
false
http_use_alpn
Flag to enable support for ALPN (Application Layer Protocol Negotiation), required for using HTTP/2 over SSL/TLS.
true
http_keystore_ref
Ref to keystore object.
http_keystore_path
Path to keystore
http_keystore_password
Keystore password *
http_keystore_type
Keystore type *
"PKCS12"
http_key_alias
Keystore key alias
http_key_password
Key password
http_truststore_ref
Ref to truststore object
http_truststore_path
Path to truststore *
http_truststore_password
Truststore password *
http_client_auth
Flag to enable SSL client authentication
false
http_form_attr_limit
Max size of HTTP form attributes in bytes.
524288
http_request_body_limit
Max body size of HTTP requests in bytes.
2097152
http_webroot_dir
Directory from where static files are served. (Optional; if not configured static file serving is disabled)
http_overlay_dir
Web root overlay directory. (Optional; if not configured overlay is disabled)
http_index
Name of index page served if no file is specified in url.
"index.html"
http_session_cookie_name
Session cookie name
"__session"
http_session_timeout_ms
Session timeout.
1800000
http_session_cookie_httponly
Session cookie http only flag. Http-only cookies can not be read be scripts in the browser.
true
http_session_cookie_secure
Session cookie secure flag. Secure cookies are only sent over secure (HTTPS) connections.
true
http_session_cookie_same_site
Session cookie SameSite property. Controls how cookies are sent over domain boundaries ("STRICT", "LAX", NONE")
"NONE"
http_enable_file_upload
Enable support for file upload.
false
http_file_upload_dir
Path to dir where uploaded files will be stored.
"file-uploads"
http_auth_redirect_url
Login redirect location. User-Agent will be redirected to this location when authentication is required.
"login"
http_cors
CORS configuration object (optional)
http_cors.enabled
Flag to turn on/off CORS (default: false)
false
http_cors.origins
Array of allowed origins in format: <scheme>://<host>[:<port>].
"*"
http_cors.allowed_methods
Array of allowed methods (optional)
http_cors.allowed_headers
Array of allowed headers (optional)
http_cors.exposed_headers
Array of exposed headers (optional)
http_cors.allow_credentials
Set whether credentials are allowed. Note that user agents will block requests that use a wildcard as origin and include credentials. (optional)
http_cors.allow_private_network
Set whether access from public to private networks are allowed.
false
http_cors.max_age_secs
Set how long the browser should cache the information. (optional)