Property | Value |
---|
proxyplugins | <List of classnames, separated by ; or ,> - Default empty.
List of classes which implement the dk.itp.security.proxy.IProxyPlugin interface, and preferably extend the class dk.itp.security.proxy.AbstractProxyPlugin.
The plugins can modify the request/response content if they wish, and can e.g. be used to transform the requests and do such things as add WS-Security signing to outgoing webservice calls, and/or verify/decrypt the responses.
The plugin dk.itp.portalprotect.wss.proxy.WSSPlugin does just that. |
httpProxyHost | <hostname> - Default blank.
If specified, the HTTP proxy will forward all requests to the defined httpProxyHost:httpProxyPort optionally using the httpProxyUser/httpProxyPassword as proxy-authentication.
This can be used if the HTTP Proxy Server is deployed internally and requests to the outside world have to pass through another proxy server. |
httpProxyPort | <TCPIP port number> - Default: 8080
Used together with httpProxyHost, specifies the port number. |
httpProxyUser | <userid> - Default blank
Userid for proxy authentication, if required by the proxy server spedified in httpProxyHost. |
httpProxyPassword | <password> - Default blank.
Password, can optionally be encrypted. |
noproxyfor | <List of hostnames> - Default blank.
If specified, this is a list (separated by comma or semicolon) of hostnames or IP addresses for which a forwarding proxy should not be used. |
httpTimeoutSecs | <Timeout in seconds> - Default 120
Timeout, maximum time waiting for reply from backend server. |
httpIdleTimeoutSecs | <Idle timeout in seconds> - Default 10
Maximum amount of seconds a http connection is kept alive without being used. This is also known as http keep-alive timeout – this timeout should be set to a lower value than the http server's idle timeout to avoid errors where the server closes the connection at the same time as the client sends the next request. Do not confuse this setting with httpTimeoutSecs which is the maximum waiting for a response for an active request. The cost of setting httpIdleTimeoutSecs to a low value, is that connections will be closed and reopened and e.g. SSL negotiations will again take place. But don't set this too high either or you risk getting exceptions if the server has closed the connection. |
forceConnectionClose | <true |