...
- HTTP 1.0, 1.1 and 2 support - both for client and servers
- HTTP/HTTPS/AJP Listeners
- SSL/TLS SNI
- WebSocket support
- HTTP/2 PUSH
- HTTP/2 Upgrade and ALPN
- Proxy Protocol support (seeĀ http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)
- OpenTelemetry support
- RFC7239 Forwarded header support
- Response compression
- Location-based configuration
- Matching based upon host, path, cookie, query, post params, request method, scheme, headers, remote IP, attributes, GeoIP, userid, usergroup, pathparam, script
- Response Hooks
- URL Rewriting
- Proxy forwarding
- Full access log functionality with configurable content
- Destination / Target servers
- Authentication with servers
- Basic Auth
- Bearer Token
- SPNEGO/NTLM/Kerberos
- Forward SSL Client cert
- SAML Web SSO
- LTPA Tokens
- Stickiness
- Ping servers
- Customize request method URI
- Configure expected response codes
- Response body checking script
- Authentication with servers
- Request/response modification
...
- OpenID Connect Discovery
- JSON Web Key Set (JWKS) URI / Metadata
- Authorize / Token endpoints
- UserInfo endpoint
- Token Introspection (RFC7662)
- Token Revocation (RFC7009)
- Token Exchange (RFC8693)
Request Throttling
- Request Queuing / Throttling
- Limit concurrent requests
- Max requests per second
- Limits can be qualified, e.g. by IP address, client ID etc.
- Response Throttling
- Max bytes per second
...