Caucho maker of Resin Server | Application Server (Java EE Certified) and Web Server


 

Resin Documentation

home company blog wiki docs 
app server 
 Resin Server | Application Server (Java EE Certified) and Web Server
 

port: port tag configuration


The port tags configure <http> ports, addresses, cluster-ports and custom protocol TCP ports.

See Also

  • See the index for a list of all the tags.
  • See <cluster> tag configuration
  • See <server> tag configuration

<accept-listen-backlog>

child of <http>,<connection-port>,<protocol>

<accept-listen-backlog> configures operating system TCP listen queue size for the port.

<accept-thread-max>

child of <http>,<connection-port>,<protocol>

<accept-thread-min> configures the maximum number of threads listening for new connections on this port.

<accept-thread-min>

child of <http>,<connection-port>,<protocol>

<accept-thread-min> configures the minimum number of threads listening for new connections on this port.

<address>

child of <server>

The <address> defines the IP interface for a port. A value of '*' binds to all ports. Because the <address> is specific to a server, it should only be defined in a <server> tag, not a <server-default>.

default *
http address
<resin xmlns="http://caucho.com/ns/resin">
  <cluster id="web-tier">
    <server id="web-a" address="192.168.1.1" port="6800">
      <http address="10.0.1.1" port="80"/>
    </server>

    <server id="web-b" address="192.168.1.2" port="6800">
      <http address="10.0.1.2" port="80"/>
    </server>

    ...
  </cluster>
</resin>

<ca-certificate-file> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<ca-certificate-file> configures the path to a CA certificate file for intermediate CA support.

<ca-certificate-path> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<ca-certificate-path> configures the path to a CA certificate directory for intermediate CA support.

<ca-revocation-file> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<ca-revocation-file> configures the path to a list of revoked CA certificates.

<ca-revocation-path> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<ca-revocation-path> configures the path to a list of revoked CA certificates.

<certificate-file> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<certificate-file> configures the path to the server's SSL certificate.

<certificate-chain-file> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<certificate-chain-file> configures the path to the server's SSL certificate for OpenSSL.

<certificate-key-file> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<certificate-key-file> configures the path to the server's SSL private key certificate for OpenSSL.

<cipher-suite> (OpenSSL)

child of <http>,<protocol>,<cluster-port>

<cipher-suite> configures the path to the server's SSL cryptographic ciphers.

<cluster-port>

child of <server>

<cluster-port> configures the cluster and load balancing socket, for load balancing, distributed sessions, and distributed management.

When configuring Resin in a load-balanced cluster, each Resin instance will have its own <srun> configuration, which Resin uses for distributed session management and for the load balancing itself.

When configuring multiple JVMs, each <srun> will have a unique <server-id> which allows the -server command-line to select which ports the server should listen to.

addresshostname of the interface to listen to*
jsse-sslconfigures the port to use JSSE for SSLnone
opensslconfigures the port to use OpenSSLnone
portport to listen torequired
socket-timeouttimeout waiting to read/write to idle client65s
accept-listen-backlogThe socket factory's listen backlog for receiving sockets100
tcp-no-delaysets the NO_DELAY socket parametertrue

The class that corresponds to <srun> is

<connection-max>

child of <server>

<connection-max> configures the maximum number of concurrent connections on this port.

<http>

child of <server>

<http> configures a HTTP or HTTPS port listening for HTTP requests.

When configuring multiple JVMs, each <http> will have a unique <server-id> which allows the -server command-line to select which ports the server should listen to.

addressIP address of the interface to listen to*
portport to listen torequired
tcp-no-delaysets the NO_DELAY socket parametertrue
socket-timeouttimeout waiting to write to idle client65s
accept-listen-backlogThe socket factory's listen backlog for receiving sockets100
virtual-hostforces all requests to this <http> to use the named virtual hostnone
opensslconfigures the port to use OpenSSLnone
jsse-sslconfigures the port to use JSSE for SSLnone

The virtual-host attribute overrides the browser's Host directive, specifying the explicit host and port for request.getServerName() and getServerPort(). It is not used in most virtual host configurations. Only IP-based virtual hosts which wish to ignore the browser's Host will use @virtual-host.

<jsse-ssl>

child of <http>,<protocol>,<cluster-port>

<jsse-ssl> configures the port to use JSSE for SSL support.

The SSL section of the Security documentation provides a comprehensive overview of SSL.

aliasConfigures the key alias name in the key store file.optional
key-store-filePath to the certificate key store filerequired
passwordPrivate key passwordrequired
key-store-typeType of the keystorejks
key-manager-factorySpecial factory for creating keysrequired
ssl-contextSpecial configuration for the ssl context.optional
verify-clientSettings for client validationrequired

<keepalive-max>

child of <http>,<connection-port>,<protocol>

<keepalive-max> configures the maximum number of keepalives on this port.

<openssl>

child of <http>,<protocol>,<cluster-port>

<openssl> configures the port to use OpenSSL for SSL support (requires Resin Professional). OpenSSL is a fast C implementation of SSL security used by Apache. Resin's configuration is OpenSSL follows Apache's configuration, so any documentation on installing SSL certificates can use documentation for Apache.

The SSL section of the Security documentation provides a comprehensive overview of SSL.

ca-certificate-filePath to a CA certificate file for intermediate CA supportoptional
ca-certificate-pathPath to a directory of CA certificates for intermediate CA supportoptional
ca-revocation-filePath to a list of revoked CA certificatesoptional
ca-revocation-pathPath to a directory of revoked CA certificatesoptional
certificate-filePath to the server's SSL certificaterequired
certificate-chain-filePath to the certificate chains for client validation.optional
certificate-key-filePath to the server's SSL private key certificaterequired
cipher-suiteAdditions and restrictions to the allowed cryptography cipherssee openssl-tags
passwordPassword protecting the public keysee openssl-tags
protocolOptional restrictions on the SSL protocolsee openssl-tags
session-cacheBoolean enabling caching of SSL sessions for performancefalse
session-cache-timeoutTimeout for session cache values30s
unclean-shutdownFlag indicating that openssl sockets can be shutdown uncleanlyfalse
verify-clientOptions for client validationnone
verify-depthDepth of the client certificate chains to validateunlimited

<password> (OpenSSL)

child of <openssl>

<password> configures the SSL private key certificate password.

<port>

child of <http>,<protocol>,<server>

The <port> defines the TCP port the HTTP or protocol should bind to.

http port
<resin xmlns="http://caucho.com/ns/resin">
  <cluster id="web-tier">
    <server id="web-a" address="192.168.1.1" port="6800">
      <http address="10.0.1.1" port="80"/>
      <http address="192.168.1.1" port="8080"/>
    </server>

    ...
  </cluster>
</resin>

<protocol>

child of <server>

<protocol> configures custom socket protocols using Resin's thread and connection management.

The custom protocol will extend from com.caucho.server.port.Protocol.

<resin xmlns="http://caucho.com/ns/resin">
<cluster id="web-tier">

  <server id="a">
    <protocol address="localhost" port="8888">
      <type>example.Magic8BallProtocol</type>
    </port>
  </server>

</cluster>
</resin>

<protocol> (OpenSSL)

child of <openssl>

<protocol> configures the SSL allowed protocols.

<session-cache> (OpenSSL)

child of <openssl>

<session-cache> configures the SSL session cache.

<session-cache-timeout> (OpenSSL)

child of <openssl>

<session-cache> configures the SSL session cache timeout.

<socket-timeout>

child of <http>,<cluster-port>,<protocol>,<server>

<socket-timeout> overrides the socket timeout from the <server>.

<tcp-no-delay>

child of <http>,<protocol>,<cluster-port>

Sets the tcp-no-delay parameter.

<unclean-shutdown> (OpenSSL)

child of <openssl>

<unclean-shutdown> configures the OpenSSL unclean shutdown on connection close.

<verify-client> (OpenSSL)

child of <openssl>

<verify-client> sets the client certificate configuration. If the certificate is available, it will be put in the javax.servlet.request.X509Certificate request attribute.

nonedo not ask for a client certificate (default)
requiredrequire a client certificate
optionalask for a client certificate if availiable
optional-no-caask for a client certificate, but do not validate the Certificate Authority
Obtaining the client certificate
  X509Certificate []certs = (X509Certificate [])
       request.getAttribute("javax.servlet.request.X509Certificate");

<verify-depth> (OpenSSL)

child of <openssl>

<verify-depth> configures the OpenSSL client verification depth.


Copyright © 1998-2012 Caucho Technology, Inc. All rights reserved. Resin ® is a registered trademark. Quercustm, and Hessiantm are trademarks of Caucho Technology.

Cloud-optimized Resin Server is a Java EE certified Java Application Server, and Web Server, and Distributed Cache Server (Memcached).
Leading companies worldwide with demand for reliability and high performance web applications including SalesForce.com, CNET, DZone and many more are powered by Resin.

home company blog wiki docs 
app server