Skip to content

HTTP Server

Jump to bottom Edit New page
Izek Greenfield edited this page Jun 5, 2016 · 24 revisions

API

The API currently provides easy to use wrap over an embedded [http://www.eclipse.org/jetty/ Jetty server](http://www.eclipse.org/jetty/ Jetty server "wikilink"). We currently support bseoth latest Jetty 9 and latest Jetty 8.

The idea behind this library is to support common configuration options for HTTP servers as well add support for a common set of filters as detailed below

Start Server

There are several APIs that start an HTTP server. You can find them in JettyHttpServerFactory class. All the methods are called "startHttpServer". Refer to the javadoc for more info.

Stop Server

If needed, you can stop the server using the API: JettyHttpServerFactory.stopHttpServer.

Filters

Foundation-runtime communication brings a set of filters with the HTTP server:

  • HTTP Method Filter: Rejects the request with "Method Not Allowed" (405) HTTP status, if the client is trying to access the server on a not allowed method.

  • Availability Filter: Rejects the request with "Server Busy" (503) HTTP status, if there is no available thread to handle it.

  • FlowContext Filter: Set the request's flow context to the value of the FLOW_CONTEXT HTTP header, if available, in order to trace request across CAB servers. If it is not supplied by the client, the filter will create a new FlowContext.

  • Ping Filter: If the request contains the 'NDS-Proxy-Ping' header (you can use another header name as needed - see configuration section), return 200 without actually processing the request. Good for heartbeats, etc. You can disable the PingFilter and in that case a PingServlet is registerd for the /probe uri which will response with 200 OK without any header set.

  • Monitoring Filter: A filter that wraps calls to standard Foundation monitoring "Services" interface.- Waiting for monitoring lib to be integrated in foundation libraries

  • Request Validity Filter: Validates the request and verifies its length doesn't exceeds a configurable limit.

  • Trace Filter: Logs request and response to the log file. currently only supported in the Jetty 8 version.

  • Cross Origin Filter: Support for [http://en.wikipedia.org/wiki/Cross-origin_resource_sharing CORS](http://en.wikipedia.org/wiki/Cross-origin_resource_sharing CORS "wikilink").

Configuration

Following are the configuration parameters and their defaults.

Usage example for HTTP Server:

<Parameter name="myHttpServer" base="http.base" description="my server description" type="STRUCTURE">
    <DefaultValue>
        <StructureValue>
        <StructureMemberValue name="http.port" value="12345" />
        </StructureValue>
    </DefaultValue>
</Parameter>

This will take the structure member definition that the http server supports from the "http.base" base and add it to your specific http server definition. Now you only need to override any values you want (usually at least override the port).

Key Description
<serviceName>.http.isBlockingChannelConnector Determins whether BlockingChannelConnector should be used. Useful for few busy connections on the server. See here for more info Default value is: false.
<serviceName>.http.host http server host - useful when binding with specific NIC or for VIP support. Default value is: local ip address.
<serviceName>.http.port http server port. Default value is: 8080.
<serviceName>.https.host https server host - useful when binding with specific NIC or for VIP support. Default value is: local ip address.
<serviceName>.https.port http server port. Default value is: 8090.
<serviceName>.https.useHttpsOnly when set to true and https data is set, server will only expose https interface. Default value is: false.
<serviceName>.http.minThreads minimal number of http server worker threads. Default value is: 100.
<serviceName>.http.maxThreads maximum number of http server worker threads. Default value is: 1000.
<serviceName>.http.connectionIdleTime idle time (in millis) after which the connection will be closed. Default value is: 300000.
<serviceName>.http.serviceDescription A description of the service used for monitoring purposes.
<serviceName>.http.requestHeaderSize The max header size allowed for incoming requests. Default value is: 6144 (6K).
<serviceName>.http.numberOfAcceptors description="the number of acceptors (listener threads) that handle the server. It is advised not to set more than twice the number of cores. Default value is: 1.
<serviceName>.http.acceptQueueSize The TCP layer Socket backlog. Used when writes are faster than reads. Default value is: 0.
<serviceName>.http.sessionManagerEnabled Determines whether the server should enable a session manager.Default value is: false.
<serviceName>.http.multiPartEnabled Set to true to add multi part config element to your servlets on this server.Default value is: false.
<serviceName>.http.serviceDirectory.isEnabled Set to true if you want the client to work with a Service Directory. If you have a server that meets the API published by the sd-api lib, you can enable it here. You can set host and port using Configuration, see service.sd.host and service.sd.port below. More info on sd-api.Default value is: false.
service.sd.host Set the host for a service directory server that implements the sd-api
service.sd.port Set the port for a service directory server that implements the sd-api
### Filter Configuration

Foundation communication provides a set of filters to the HTTP server. Following are the filter configurations:

<style> [id=FilterConfiguration] th:nth-of-type(2) { width:10%; } </style>
Filter Key Description
AvailabilityFilter <serviceName>.http.availabilityFilter.isEnabled Determines whether the 'Availability Filter' is enabled or not. Default value is: true.
FlowContextFilter <serviceName>.http.flowContextFilter.isEnabled Determines whether the 'FlowContext Filter' is enabled or not. Default value is: true.
PingFilter <serviceName>.http.pingFilter.isEnabled Determines whether the 'Ping Filter' is enabled or not. Default value is: true. When the filter is disabled a PingServlet is automatically registered for the '/probe' uri which will respond with 200 OK without any header set on request.
<serviceName>.http.pingFilter.enableLogging Determines whether the logging in 'Ping Filter' is enabled or not. Default value is: false.
MonitoringFilter <serviceName>.http.monitoringFilter.isEnabled Determines whether the 'Monitoring Filter' is enabled or not. Default value is: true.
<serviceName>.http.monitoringFilter.className Enables option to replace the monitoring filter. This class must extend MonitoringFilter created by infra and use the same constructor.
<serviceName>.http.monitoringFilter.uniqueUriMonitoringEnabled Enables option to instruct the basic MonitoringFilter to create a monitoring service for each unique URI. Should only be used for HTTP server that server a few static uri's. Default value is: false.
<serviceName>.http.monitoringFilter.baseUri A list of base Uri's. This list will be matched against the actual uri being served. If a match is found the base Uri will be used as the serviceName in monitoring of the services. It is recommended to not use any RegEx in this context and provide uri prefixes only - you should define the array like this: 
<serviceName>.http.httpMethodFilter.baseUri.1=/households
<serviceName>.http.httpMethodFilter.baseUri.2=/devices
<serviceName>.http.httpMethodFilter.baseUri.3=/whatever
.
.
.
HttpMethodFilter <serviceName>.http.httpMethodFilter.isEnabled Determines whether the 'Http Method Filter' is enabled or not. Default value is: true.
<serviceName>.http.httpMethodFilter.methods list of HTTP methods that are NOT allowed to be used when accessing the resources - you should define the array like this: 
<serviceName>.http.httpMethodFilter.methods.1=GET
<serviceName>.http.httpMethodFilter.methods.2=POST
<serviceName>.http.httpMethodFilter.methods.3=PUT
.
.
.
RequestValidityFilter <serviceName>.http.requestValidityFilter.isEnabled Determines whether the 'Request Validity Filter' is enabled or not. Default value is: true.
<serviceName>.http.requestValidityFilter.maxContentLength maximum content length allowed (enforced by RequestValidityFilter). Default value is: 100000.
TraceFilter <serviceName>.http.traceFilter.isEnabled Determines whether the 'Trace Filter' is enabled or not. Default value is: false.
<serviceName>.http.traceFilter.maxBodyLength maximum body length to be logged when using trace filter. Default value is: 1024.
<serviceName>.http.traceFilter.textContentTypes Text content types list - Specifies the content types of message bodies to be logged as ascii text when the Trace Filter is enabled and log4j is configured accordingly. If there is no match between the content types in the list and the actual content received in a request/response, the body will be logged according to the default HEX string format. When not using CCP - you should define the array like this: 
<serviceName>.http.traceFilter.textContentTypes.1=text/html
<serviceName>.http.traceFilter.textContentTypes.2=text/xml
<serviceName>.http.traceFilter.textContentTypes.3=application/json
.
.
.
<serviceName>.http.traceFilter.printInHex when set to true binary data will be turned into hex. Default value is: false.
CrossOriginFilter <serviceName>.http.crossOriginFilter.isEnabled Determines whether the 'Cross Origin Filter' is enabled or not. Default value is: false.
<serviceName>.http.crossOriginFilter.allowedOrigins list of origins that are allowed to access the resources. Default value is '\*', meaning all origins - you should define the array like this: 
<serviceName>.http.crossOriginFilter.allowedOrigins.1=
<serviceName>.http.crossOriginFilter.allowedOrigins.2=
<serviceName>.crossOriginFilter.allowedOrigins.3=
.
.
.
<serviceName>.http.crossOriginFilter.allowedMethods list of HTTP methods that are allowed to be used when accessing the resources - you should define the array like this: 
&#60;serviceName&#62;.http.crossOriginFilter.allowedMethods.1=
&#60;serviceName&#62;.http.crossOriginFilter.allowedMethods.2=
&#60;serviceName&#62;.crossOriginFilter.allowedMethods.3=
.
.
.
<serviceName>.http.crossOriginFilter.allowedHeaders list of HTTP headers that are allowed to be specified when accessing the resources - you should define the array like this: 
<serviceName>.http.crossOriginFilter.allowedHeaders.1=
<serviceName>.http.crossOriginFilter.allowedHeaders.2=
<serviceName>.crossOriginFilter.allowedHeaders.3=
.
.
.
<serviceName>.http.crossOriginFilter.preflightMaxAge the number of seconds that preflight requests can be cached by the client
<serviceName>.http.crossOriginFilter.allowCredentials indicating if the resource allows requests with credentials
<serviceName>.http.crossOriginFilter.exposedHeaders list of HTTP headers that are allowed to be exposed on the client - you should define the array like this: 
<serviceName>.http.crossOriginFilter.exposedHeaders.1=
<serviceName>.http.crossOriginFilter.exposedHeaders.2=
<serviceName>.crossOriginFilter.exposedHeaders.3=
.
.
.
<serviceName>.http.crossOriginFilter.chainPreflight if true preflight requests are chained to their target resource for normal handling (as an OPTION request). Otherwise the filter will response to the preflight

HTTPS Support

Use the overloads in the Factory API to pass in the keystore and truststore path and password.

Add a custom footer
Add a custom sidebar
Clone this wiki locally