Set custom properties for an HTTP transport
Several HTTP transport properties are not shown in the administrative console settings page for an HTTP transport. To specify values for these custom properties for a specific transport on the HTTP transport Custom Properties page, follow these steps:
- Start the administrative console.
- In the topology tree, expand Servers and click Application Servers
- Click the name of your application server.
- On the application server page, click Web Container.
- On the Web Container page, click HTTP Transports.
- Click the host whose properties you want to set.
- Under Additional Properties, click Custom Properties.
You can also set these properties on the Web Container Custom Properties page.
- On the Custom Properties page, click New.
- On the settings page for a new property, type the name of the transport property and the value that you want to set for that property. For example, if you want the transport to wait a maximum of 60 seconds when trying to read or write data during a request, type ConnectionIOTimeout for the name and 60 for the value.
- After you specify each property, click OK.
- Save the configuration.
- Restart the server.
- Regenerate the Web server plug-in configuration.
You can add any of these custom properties to manage HTTP transports:
ConnectionIOTimeout
This property specifies the maximum number of seconds to wait when trying to read or process data during a request.This value determines how long the application server waits while receiving two subsequent data packets for the same HTTP request. For example, with the default ConnectionIOTimeout setting of five seconds, if an HTTP client sends two data packets spaced six seconds apart, the process times out, and the server throws a java.io.InterruptedIOException error. The server terminates the HTTP request, and the HTTP client must resubmit the request. The default value is 5 seconds.
When a client attempts to send a large amount of request data, such as a file upload, there is a greater possibility of an InterruptedIOException at the application server. To avoid this problem, you might want to increase the ConnectionIOTimeout value for the Web container.
ConnectionKeepAliveTimeout
This property specifies the maximum number of seconds to wait for the next request on a keep-alive connection. The default value is 5 seconds.ConnectionResponseTimeout
This property specifies the maximum number of seconds to wait when trying to read data during a response. For WebSphere Application Server and WebSphere Application Server for Network Deployment, this property also applies to writing. The default value is 300.KeepAliveEnabled
This property specifies whether to keep connections alive or not. The default value is true.You can set these properties on either the Web Container or HTTP Transport Custom Properties pages. When set on the Web container Custom Properties page, all transports inherit the properties. Setting the same properties on a transport overrides like settings defined for a Web container.
MaxKeepAliveConnections
This property specifies the maximum number of concurrent keep-alive (persistent) connections across all HTTP transports. To make a particular transport close connections after a request, you can set MaxKeepAliveConnections to 0 (zero) or you can set KeepAliveEnabled to false on that transport.The Web server plug-in keeps connections open to the application server as long as it can. However, if the value of this property is too small, performance is negatively impacted because the plug-in has to open a new connection for each request instead of sending multiple requests through one connection. The application server might not accept a new connection under a heavy load if there are too many sockets in TIME_WAIT state. If all client requests are going through the Web server plug-in and there are many TIME_WAIT state sockets for port 9080, the application server is closing connections prematurely, which decreases performance. The application server closes the connection from the plug-in, or from any client, for any of the following reasons:
- The client request was an HTTP 1.0 request when the Web server plug-in always sends HTTP 1.1 requests.
- The maximum number of concurrent keep-alives was reached. A keep-alive must be obtained only once for the life of a connection, that is, after the first request is completed, but before the second request can be read.
- The maximum number of requests for a connection was reached, preventing denial of service attacks in which a client tries to hold on to a keep-alive connection forever.
- A time out occurred while waiting to read the next request or to read the remainder of the current request.
The default value is 90% of the maximum number of threads in the Web container thread pool. This prevents all of the threads from being held by keep alive connections so that there are threads available to handle new incoming connect requests.
MaxConnectBacklog
This property specifies the maximum number of outstanding connect requests that the operating system buffers while it waits for the application server to accept the connections. If a client attempts to connect when this operating system buffer is full, the connect request is rejected. The default value is 511.Set this value to the number of concurrent connections that you would like to allow. Keep in mind that a single client browser might need to open multiple concurrent connections (perhaps 4 or 5); however, also keep in mind that increasing this value consumes more kernel resources. The value of this property is specific to each transport.
MaxKeepAliveRequests
This property specifies the maximum number of requests which can be processed on a single keep alive connection. This parameter can help prevent denial-of-service attacks when a client tries to hold on to a keep-alive connection. The Web server plug-in keeps connections open to the application server as long as it can, providing optimum performance. The default value is 100.MutualAuthCBindCheck
This property specifies whether or not a client certificate should be resolved to a SAF principal. The default value is false. If you set this property to true, all SSL connections from a client must have a client certificate, and the user ID associated with the client certificate must have RACF CONTROL authority for CB.BIND.servername. If the client request does not meet these conditions, the connection is closed. To grant the certificate's user ID RACF CONTROL authority, run this command:PERMIT CB.BIND.servername CLASS(CBIND) ID(userID) ACCESS(CONTROL)where servername is the name of your application server and userID is the user ID that is associated with the client certificate.
TrustedProxy
This property specifies whether or not the transport trusts Private Headers from a WebSphere Application Server plug-in for a Web server.ServerHeader
Use the ServerHeader property to suppress the server HTTP header (Server:) in responses. The default value is true, which means that the server header is included in the HTTP response. To suppress the inclusion of server headers, set the value of this property to false.ResponseBufferSize
This property specifies the size, in bytes, of the initial buffer allocation for the response buffer. When the buffer fills up, a flush for this buffer space automatically occurs. The default value is 32000.AccessLogDisable and AccessLog
These properties specify access logging settings. For more information, see Configure access logging for internal Web server HTTP transports.ErrorLogDisable, ErrorLog, and LogLevel
These properties specify error logging settings. For more information, see Configure logging for internal Web server HTTP transports.