Caucho maker of Resin Server | Application Server (Java EE Certified) and Web Server


 

Resin Documentation

home company blog wiki docs 
app server web server 
health cloud java ee pro 
 Resin Server | Application Server (Java EE Certified) and Web Server
 

port: port tag configuration


The port tags configure <http> ports, addresses, cluster-ports and custom protocol TCP ports.

See Also

  • See the index for a list of all the tags.
  • See <cluster> tag configuration
  • See <server> tag configuration

<accept-listen-backlog>

child of http,connection-port,protocol

<accept-listen-backlog> configures operating system TCP listen queue size for the port.

<accept-thread-max>

child of http,connection-port,protocol

<accept-thread-min> configures the maximum number of threads listening for new connections on this port.

<accept-thread-min>

child of http,connection-port,protocol

<accept-thread-min> configures the minimum number of threads listening for new connections on this port.

<address>

child of server

The <address> defines the IP interface for a port. A value of '*' binds to all ports. Because the <address> is specific to a server, it should only be defined in a <server> tag, not a <server-default>.

default *
http address
<resin xmlns="http://caucho.com/ns/resin">
  <cluster id="web-tier">
    <server id="web-a" address="192.168.1.1" port="6800">
      <http address="10.0.1.1" port="80"/>
    </server>

    <server id="web-b" address="192.168.1.2" port="6800">
      <http address="10.0.1.2" port="80"/>
    </server>

    ...
  </cluster>
</resin>

<ca-certificate-file> (OpenSSL)

child of http,protocol,cluster-port

<ca-certificate-file> configures the path to a CA certificate file for intermediate CA support.

<ca-certificate-path> (OpenSSL)

child of http,protocol,cluster-port

<ca-certificate-path> configures the path to a CA certificate directory for intermediate CA support.

<ca-revocation-file> (OpenSSL)

child of http,protocol,cluster-port

<ca-revocation-file> configures the path to a list of revoked CA certificates.

<ca-revocation-path> (OpenSSL)

child of http,protocol,cluster-port

<ca-revocation-path> configures the path to a list of revoked CA certificates.

<certificate-file> (OpenSSL)

child of http,protocol,cluster-port

<certificate-file> configures the path to the server's SSL certificate.

<certificate-chain-file> (OpenSSL)

child of http,protocol,cluster-port

<certificate-chain-file> configures the path to the server's SSL certificate for OpenSSL.

<certificate-key-file> (OpenSSL)

child of http,protocol,cluster-port

<certificate-key-file> configures the path to the server's SSL private key certificate for OpenSSL.

<cipher-suite> (OpenSSL)

child of http,protocol,cluster-port

<cipher-suite> configures the path to the server's SSL cryptographic ciphers.

<cluster-port>

child of server

<cluster-port> configures the cluster and load balancing socket, for load balancing, distributed sessions, and distributed management.

When configuring Resin in a load-balanced cluster, each Resin instance will have its own <srun> configuration, which Resin uses for distributed session management and for the load balancing itself.

When configuring multiple JVMs, each <srun> will have a unique <server-id> which allows the -server command-line to select which ports the server should listen to.

addresshostname of the interface to listen to*
jsse-sslconfigures the port to use JSSE for SSLnone
opensslconfigures the port to use OpenSSLnone
portport to listen torequired
socket-timeouttimeout waiting to read/write to idle client65s
accept-listen-backlogThe socket factory's listen backlog for receiving sockets100
tcp-no-delaysets the NO_DELAY socket parametertrue

The class that corresponds to <srun> is

<connection-max>

child of server

<connection-max> configures the maximum number of concurrent connections on this port.

<http>

child of server

<http> configures a HTTP or HTTPS port listening for HTTP requests.

When configuring multiple JVMs, each <http> will have a unique <server-id> which allows the -server command-line to select which ports the server should listen to.

addressIP address of the interface to listen to*
portport to listen torequired
tcp-no-delaysets the NO_DELAY socket parametertrue
socket-timeouttimeout waiting to write to idle client65s
accept-listen-backlogThe socket factory's listen backlog for receiving sockets100
virtual-hostforces all requests to this <http> to use the named virtual hostnone
opensslconfigures the port to use OpenSSLnone
jsse-sslconfigures the port to use JSSE for SSLnone

The virtual-host attribute overrides the browser's Host directive, specifying the explicit host and port for request.getServerName() and getServerPort(). It is not used in most virtual host configurations. Only IP-based virtual hosts which wish to ignore the browser's Host will use @virtual-host.

<jsse-ssl>

child of http,protocol,cluster-port

<jsse-ssl> configures the port to use JSSE for SSL support.

The SSL section of the Security documentation provides a comprehensive overview of SSL.

aliasConfigures the key alias name in the key store file.optional
key-store-filePath to the certificate key store filerequired
passwordPrivate key passwordrequired
key-store-typeType of the keystorejks
key-manager-factorySpecial factory for creating keysrequired
ssl-contextSpecial configuration for the ssl context.optional
verify-clientSettings for client validationrequired

<keepalive-max>

child of http,connection-port,protocol

<keepalive-max> configures the maximum number of keepalives on this port.

<openssl>

child of http,protocol,cluster-port

<openssl> configures the port to use OpenSSL for SSL support (requires Resin Professional). OpenSSL is a fast C implementation of SSL security used by Apache. Resin's configuration is OpenSSL follows Apache's configuration, so any documentation on installing SSL certificates can use documentation for Apache.

The SSL section of the Security documentation provides a comprehensive overview of SSL.

ca-certificate-filePath to a CA certificate file for intermediate CA supportoptional
ca-certificate-pathPath to a directory of CA certificates for intermediate CA supportoptional
ca-revocation-filePath to a list of revoked CA certificatesoptional
ca-revocation-pathPath to a directory of revoked CA certificatesoptional
certificate-filePath to the server's SSL certificaterequired
certificate-chain-filePath to the certificate chains for client validation.optional
certificate-key-filePath to the server's SSL private key certificaterequired
cipher-suiteAdditions and restrictions to the allowed cryptography cipherssee openssl-tags
passwordPassword protecting the public keysee openssl-tags
protocolOptional restrictions on the SSL protocolsee openssl-tags
session-cacheBoolean enabling caching of SSL sessions for performancefalse
session-cache-timeoutTimeout for session cache values30s
unclean-shutdownFlag indicating that openssl sockets can be shutdown uncleanlyfalse
verify-clientOptions for client validationnone
verify-depthDepth of the client certificate chains to validateunlimited

<password> (OpenSSL)

child of openssl

<password> configures the SSL private key certificate password.

<port>

child of http,protocol,server

The <port> defines the TCP port the HTTP or protocol should bind to.

http port
<resin xmlns="http://caucho.com/ns/resin">
  <cluster id="web-tier">
    <server id="web-a" address="192.168.1.1" port="6800">
      <http address="10.0.1.1" port="80"/>
      <http address="192.168.1.1" port="8080"/>
    </server>

    ...
  </cluster>
</resin>

<protocol>

child of server

<protocol> configures custom socket protocols using Resin's thread and connection management.

The custom protocol will extend from com.caucho.server.port.Protocol.

<resin xmlns="http://caucho.com/ns/resin">
<cluster id="web-tier">

  <server id="a">
    <protocol address="localhost" port="8888">
      <type>example.Magic8BallProtocol</type>
    </port>
  </server>

</cluster>
</resin>

<protocol> (OpenSSL)

child of openssl

<protocol> configures the SSL allowed protocols.

<session-cache> (OpenSSL)

child of openssl

<session-cache> configures the SSL session cache.

<session-cache-timeout> (OpenSSL)

child of openssl

<session-cache> configures the SSL session cache timeout.

<socket-timeout>

child of http,cluster-port,protocol,server

<socket-timeout> overrides the socket timeout from the <server>.

<tcp-no-delay>

child of http,protocol,cluster-port

Sets the tcp-no-delay parameter.

<unclean-shutdown> (OpenSSL)

child of openssl

<unclean-shutdown> configures the OpenSSL unclean shutdown on connection close.

<verify-client> (OpenSSL)

child of openssl

<verify-client> sets the client certificate configuration. If the certificate is available, it will be put in the javax.servlet.request.X509Certificate request attribute.

nonedo not ask for a client certificate (default)
requiredrequire a client certificate
optionalask for a client certificate if availiable
optional-no-caask for a client certificate, but do not validate the Certificate Authority
Obtaining the client certificate
  X509Certificate []certs = (X509Certificate [])
       request.getAttribute("javax.servlet.request.X509Certificate");

<verify-depth> (OpenSSL)

child of openssl

<verify-depth> configures the OpenSSL client verification depth.


Copyright © 1998-2012 Caucho Technology, Inc. All rights reserved. Resin ® is a registered trademark. Quercustm, and Hessiantm are trademarks of Caucho Technology.

Cloud-optimized Resin Server is a Java EE certified Java Application Server, and Web Server, and Distributed Cache Server (Memcached).
Leading companies worldwide with demand for reliability and high performance web applications including SalesForce.com, CNET, DZone and many more are powered by Resin.

home company blog wiki docs 
app server web server 
health cloud java ee pro