8e47d6ce64ae5a3392b4d92867b2a83bd0dc9bbeEugen Kuksauser-friendly-name=HTTP Connection Handler

a847d9812b328c048773e705606b10875a929034Eugen Kuksauser-friendly-plural-name=HTTP Connection Handlers

a847d9812b328c048773e705606b10875a929034Eugen Kuksasynopsis=The HTTP Connection Handler is used to interact with clients using HTTP.

a847d9812b328c048773e705606b10875a929034Eugen Kuksadescription=It provides full support for Rest2LDAP.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaconstraint.1.synopsis=A Key Manager Provider must be specified when this HTTP Connection Handler is enabled and it is configured to use SSL.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaconstraint.2.synopsis=A Trust Manager Provider must be specified when this HTTP Connection Handler is enabled and it is configured to use SSL.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.accept-backlog.synopsis=Specifies the maximum number of pending connection attempts that are allowed to queue up in the accept backlog before the server starts rejecting new connection attempts.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.accept-backlog.description=This is primarily an issue for cases in which a large number of connections are established to the server in a very short period of time (for example, a benchmark utility that creates a large number of client threads that each have their own connection to the server) and the connection handler is unable to keep up with the rate at which the new connections are established.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.allowed-client.synopsis=Specifies a set of host names or address masks that determine the clients that are allowed to establish connections to this HTTP Connection Handler.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.allowed-client.description=Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.allowed-client.default-behavior.alias.synopsis=All clients with addresses that do not match an address on the deny list are allowed. If there is no deny list, then all clients are allowed.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.allowed-client.requires-admin-action.synopsis=Changes to this property take effect immediately and do not interfere with connections that may have already been established.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.allow-tcp-reuse-address.synopsis=Indicates whether the HTTP Connection Handler should reuse socket descriptors.

8e47d6ce64ae5a3392b4d92867b2a83bd0dc9bbeEugen Kuksaproperty.allow-tcp-reuse-address.description=If enabled, the SO_REUSEADDR socket option is used on the server listen socket to potentially allow the reuse of socket descriptors for clients in a TIME_WAIT state. This may help the server avoid temporarily running out of socket descriptors in cases in which a very large number of short-lived connections have been established from the same client system.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.authentication-required.synopsis=Specifies whether only authenticated requests can be processed by the HTTP Connection Handler.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.authentication-required.description=If true, only authenticated requests will be processed by the HTTP Connection Handler. If false, both authenticated requests and unauthenticated requests will be processed. All requests are subject to ACI limitations and unauthenticated requests are subject to server limits like maximum number of entries returned. Note that setting ds-cfg-reject-unauthenticated-requests to true will override the current setting.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.buffer-size.synopsis=Specifies the size in bytes of the HTTP response message write buffer.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.buffer-size.description=This property specifies write buffer size allocated by the server for each client connection and used to buffer HTTP response messages data when writing.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.config-file.synopsis=Specifies the name of the configuration file for the HTTP Connection Handler.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.config-file.syntax.string.pattern.synopsis=A path to an existing file that is readable by the server.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.denied-client.synopsis=Specifies a set of host names or address masks that determine the clients that are not allowed to establish connections to this HTTP Connection Handler.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.denied-client.description=Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. If both allowed and denied client masks are defined and a client connection matches one or more masks in both lists, then the connection is denied. If only a denied list is specified, then any client not matching a mask in that list is allowed.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.denied-client.default-behavior.alias.synopsis=If an allow list is specified, then only clients with addresses on the allow list are allowed. Otherwise, all clients are allowed.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.denied-client.requires-admin-action.synopsis=Changes to this property take effect immediately and do not interfere with connections that may have already been established.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.enabled.synopsis=Indicates whether the HTTP Connection Handler is enabled.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.java-class.synopsis=Specifies the fully-qualified name of the Java class that provides the HTTP Connection Handler implementation.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.keep-stats.synopsis=Indicates whether the HTTP Connection Handler should keep statistics.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.keep-stats.description=If enabled, the HTTP Connection Handler maintains statistics about the number and types of operations requested over HTTP and the amount of data sent and received.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.key-manager-provider.synopsis=Specifies the name of the key manager that should be used with this HTTP Connection Handler .

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.key-manager-provider.requires-admin-action.synopsis=Changes to this property take effect immediately, but only for subsequent attempts to access the key manager provider for associated client connections.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.key-manager-provider.syntax.aggregation.constraint-synopsis=The referenced key manager provider must be enabled when the HTTP Connection Handler is enabled and configured to use SSL.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.listen-address.synopsis=Specifies the address or set of addresses on which this HTTP Connection Handler should listen for connections from HTTP clients.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.listen-address.description=Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the HTTP Connection Handler listens on all interfaces.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.listen-port.synopsis=Specifies the port number on which the HTTP Connection Handler will listen for connections from clients.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.listen-port.description=Only a single port number may be provided.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.max-blocked-write-time-limit.synopsis=Specifies the maximum length of time that attempts to write data to HTTP clients should be allowed to block.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.max-blocked-write-time-limit.description=If an attempt to write data to a client takes longer than this length of time, then the client connection is terminated.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.max-concurrent-ops-per-connection.synopsis=Specifies the maximum number of internal operations that each HTTP client connection can execute concurrently.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.max-concurrent-ops-per-connection.description=This property allow to limit the impact that each HTTP request can have on the whole server by limiting the number of internal operations that each HTTP request can execute concurrently. A value of 0 means that no limit is enforced.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.max-concurrent-ops-per-connection.default-behavior.alias.synopsis=Let the server decide.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.max-request-size.synopsis=Specifies the size in bytes of the largest HTTP request message that will be allowed by the HTTP Connection Handler.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.max-request-size.description=This can help prevent denial-of-service attacks by clients that indicate they send extremely large requests to the server causing it to attempt to allocate large amounts of memory.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.num-request-handlers.synopsis=Specifies the number of request handlers that are used to read requests from clients.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.num-request-handlers.description=The HTTP Connection Handler uses one thread to accept new connections from clients, but uses one or more additional threads to read requests from existing client connections. This ensures that new requests are read efficiently and that the connection handler itself does not become a bottleneck when the server is under heavy load from many clients at the same time.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.num-request-handlers.default-behavior.alias.synopsis=Let the server decide.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cert-nickname.synopsis=Specifies the nickname (also called the alias) of the certificate that the HTTP Connection Handler should use when performing SSL communication.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cert-nickname.description=This is only applicable when the HTTP Connection Handler is configured to use SSL.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cert-nickname.default-behavior.alias.synopsis=Let the server decide.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cipher-suite.synopsis=Specifies the names of the SSL cipher suites that are allowed for use in SSL communication.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cipher-suite.default-behavior.alias.synopsis=Uses the default set of SSL cipher suites provided by the server's JVM.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-client-auth-policy.synopsis=Specifies the policy that the HTTP Connection Handler should use regarding client SSL certificates. Clients can use the SASL EXTERNAL mechanism only if the policy is set to "optional" or "required".

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.

0abeb43875687e94f2d551053ad09eebeff1f7c9Tim Reddehaseproperty.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.

8e47d6ce64ae5a3392b4d92867b2a83bd0dc9bbeEugen Kuksaproperty.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.

511ba3e3d7deb4a13a03ce522a99a0395acc61b7Tim Reddehaseproperty.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL communication.

419f986abb76f6fce54b71e17f52a1deaa06dbd6Tim Reddehaseproperty.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.

2794bc43ef90861870dcc134505d87b291dfe5c2Tim Reddehaseproperty.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.trust-manager-provider.synopsis=Specifies the name of the trust manager that should be used with the HTTP Connection Handler .

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.trust-manager-provider.requires-admin-action.synopsis=Changes to this property take effect immediately, but only for subsequent attempts to access the trust manager provider for associated client connections.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.trust-manager-provider.syntax.aggregation.constraint-synopsis=The referenced trust manager provider must be enabled when the HTTP Connection Handler is enabled and configured to use SSL.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-ssl.synopsis=Indicates whether the HTTP Connection Handler should use SSL.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-ssl.description=If enabled, the HTTP Connection Handler will use SSL to encrypt communication with the clients.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-tcp-keep-alive.synopsis=Indicates whether the HTTP Connection Handler should use TCP keep-alive.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-tcp-keep-alive.description=If enabled, the SO_KEEPALIVE socket option is used to indicate that TCP keepalive messages should periodically be sent to the client to verify that the associated connection is still valid. This may also help prevent cases in which intermediate network hardware could silently drop an otherwise idle client connection, provided that the keepalive interval configured in the underlying operating system is smaller than the timeout enforced by the network hardware.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-tcp-no-delay.synopsis=Indicates whether the HTTP Connection Handler should use TCP no-delay.

a847d9812b328c048773e705606b10875a929034Eugen Kuksaproperty.use-tcp-no-delay.description=If enabled, the TCP_NODELAY socket option is used to ensure that response messages to the client are sent immediately rather than potentially waiting to determine whether additional response messages can be sent in the same packet. In most cases, using the TCP_NODELAY socket option provides better performance and lower response times, but disabling it may help for some cases in which the server sends a large number of entries to a client in response to a search request.

a847d9812b328c048773e705606b10875a929034Eugen Kuksa