HTTP Connector

HTTP Connector resource describes the characteristics of the connection used to receive incoming HTTP requests. This resource is used when the process requires an HTTP request on a specific port where the HTTP server is running. For example, the process starter HTTP Receiver and the signal-in Wait for HTTP Request activity receiving HTTP requests.

General

There can be only one process with an HTTP Receiver or Wait for HTTP Request activity that uses the same HTTP Connection resource. With this restriction the HTTP server listening for the incoming requests dispatches the request to the correct process.

The General section has the following fields.

Field Module Property Description
Package No The name of the package in which you want to create a shared resource.
Name No The name of the shared resource.
Description No A short description of the shared resource.

Basic Configuration

The Basic Configuration section has the following fields.

Field Module Property Description
Host Yes
Note: Do not change the value for this property. By default, it is set to the BW.HOST.NAME module property.
Specifies the name of the host that accepts the incoming requests. For machines that have only one network card, the default value localhost specifies the current machine. For machines that have more than one network card, this field specifies the host name of the card that is used to accept incoming HTTP requests.

If there is more than one network card on the machine, and you specify localhost in this field, all network cards on the machine listen for incoming HTTP requests on the specified port.

When using local host for the system property, use the full name of your machine as the host in the client.

Note: You can start more than one HTTP server on a single port by using Context and Path fields on HTTP Receiver and Wait for HTTP activities. Ensure that you use a different port, if different Context or Path are not specified.
Port Yes Specifies the port number on which to listen for incoming HTTP requests.
Note: Do not use port 7777. It is reserved for an internal use.
HTTP Version No The HTTP version to be used for communication. By default, it is HTTP 1.1. If required, you can select HTTP 2.0 as the version for the HTTP 2 communication. It is mandatory for the communicating client to support HTTP 2 as well if HTTP 2 is selected as the server protocol. If multiple clients are used, which may or may not support HTTP 2, it is recommended to select the Follow HTTP1 Compliance check box, subject to the condition that the clients have the ability to negotiate the HTTP version with the server. Currently, among the ActiveMatrix BusinessWorks HTTP clients, only the Jetty client supports HTTP 2 communication.
When HTTP 2.0 is selected as the HTTP version in the HTTP connector shared resource, enabling SSL through the Confidentiality or Default Confidentiality option is compulsory.
  • If Confidentiality is enabled at the HTTP connector and HTTP 2 is the version used, it is necessary to select Enable Mutual Authentication at the corresponding SSL server resource and configure the keystore provider.
Note: Both HTTP 2 and HTTP 1.1 are currently supported only for the HTTP palette. The SOAP and REST bindings continue to use only HTTP 1 for communication.
Follow HTTP1 Compliance Yes This option is enabled only when the HTTP 2.0 is selected as the HTTP version. This option, if selected enables negotiation between the server and client to decide the HTTP version to be used. HTTP 1.1 and HTTP 2.0 are the supported versions. If the client does not have the ability to negotiate the protocol, selecting this check box causes the server to fall back to the default HTTP 1 implementation. Hence this check box should be selected only if the HTTP 2 client can negotiate the protocol with the server. Currently, no client used in ActiveMatrix BusinessWorks 6.x can negotiate the protocol version. Hence it is recommended not to enable this option, if HTTP 2 communication is required. Currently, HTTP communication with this option works only when the Jetty HTTP Client is selected as the client library, for ActiveMatrix BusinessWorks applications.
Accept Queue Size Yes Specifies the number of connection requests to be queued before the operating system starts sending rejections. The default values are: -1 and 0.

These default values signify that the queue size is 50 or OS-specific.

Acceptor Threads Yes The value should be compulsorily set between 1 and (the number of processors in the runtime + 3)/4 . This shall ensure optimal performance during request processing using Non Blocking IO. The Jetty 9 library used for the HTTP Connector, uses Non-Blocking IO as the only means of IO.

The default value is 1.

Hide Server Implementation Yes Select the check box to hide additional details of a server implemented in the HTTP response, and log files in case of errors.

By default, the check box is clear.

Advanced Configuration

The Advanced Configuration section has the following fields.

Field Module Property Description
Header Buffer Size (B) Yes Specify to set the size of the buffer for request headers. An idle connection at most has one buffer of this size allocated. The default value is 4K.
Request Buffer Size (B) Yes Specify to set the size of the content buffer for receiving requests. These buffers are used only for active connections that have requests with bodies that do not fit within the header buffer. The default value is 8K.
Use Direct Buffers Yes Specify to determine whether direct byte buffers are used or not. The default value is True.
Response Buffer Size (B) Yes Specify to set the size of the content buffer for sending responses. These buffers are used only for active connections that are sending responses with bodies that do not fit within the header buffer. The default value is 24K.
URI Encoding Yes Specifies the character encoding used to decode the URI bytes.

If you do not set any value for uriEncoding, the default UTF-8 is used.

Max Idle Time (ms) Yes Specify to set the maximum idle time for a connection. The Max Idle Time is applied in the following cases:
  • When waiting for a new request to be received on a connection; when reading the headers and content of a request
  • When writing the headers and content of a response

Jetty interprets this value as the maximum time between the progress made on the connection. The timeout is reset if implemented by jetty if a single byte is read or written.

Enable DNS Lookups Yes Selecting this check box enables a domain name system (DNS) lookup for HTTP clients so that the IP address is resolved to a DNS name. This can adversely affect the throughput. This check box is not selected as default. Select this check box only when required.

The default value is False.

Low Resource Max Idle Time (ms) Yes Specifies to set the period in ms for the connection to be idle.

This results in the server rapidly closing idle connections to gracefully handle high load situations.

Compression Yes Specifies if the output of the HTTP Connection is compressed using the HTTP/1.1 GZIP compression.

The acceptable values for this field are: True or False

The default value is False.

Linger Time (ms) Yes Specifies to set the LINGER_TIME on the connection socket. This setting affects only the close connection socket.
Compressible Mime Types Yes Specifies the list of MIME types for which HTTP compression may be used. The default value for this comma separated list istext/html, text/xml, text/plain.
Session Timeout (s) Yes The timeout (in seconds) for the HTTP session to expire after inactivity.
Max Post Size Yes Specifies the maximum size in bytes of the POST that the container FORM URL parameter parsing can handle.

By default, the value of this field is set to 2MB or 2097152 bytes. Setting the value less than or equal to zero disables the limit for maxPostSize.

Reverse Proxy Host Yes Specifies the name of the reverse proxy host that accepts the incoming requests.
Max Save Post Size Yes Specifies the maximum size in bytes of the POST that the container can save/buffer during FORM or CLIENT-CERT authentication.
  • FORM authentication: the request message is saved while the user is redirected to the login page. It is retained until the user authentication succeeds or the session associated with the authentication request expires.
  • CLIENT-CERT authentication: the request message is buffered for the entire duration of the SSL handshake. After processing the request, the buffer is emptied.

However, in both the cases the buffering happens before the user authentication. By default, the value of this field is set to 4Kb or 4096 bytes. Setting the value to -1 disables the limit for this field.

Reverse Proxy Port Yes The reverse proxy port number on which to listen for the incoming HTTP requests.
Minimum QTP Threads Yes

The Queued Thread Pool (QTP) uses the default job queue configuration to The QTP threads accept the requests from the acceptor threads.

This field specifies the minimum number of QTP threads available for the incoming HTTP requests. The HTTP server creates the number of threads specified by this parameter when it starts up. The default value is 10.

Maximum QTP Threads Yes

This field specifies the maximum number of threads available for the incoming HTTP requests. The HTTP server does not create more than the number of threads specified by this parameter. The default value is 75.

Enable Access Logs Yes Select the Enable Access Logs check box to print the HTTP access logs.
Disable HTTP Methods Yes Disable specific HTTP methods by adding the required methods to the field list.

To add a method to the list, click the Add icon . To remove a method from the list, select the required method and click the delete icon .

Note: The first time you click the Add icon , by default the TRACE method is selected and added to the list of methods to be disabled.
Share Across Applications Yes
Select the Share Across Applications check box to share the same HTTP Connector shared resource across several application modules.
Note: This check box is applicable if the HTTP Connector shared resource is present in the shared module, and the check box is not be applicable if the HTTP Connector shared resource is present in the application module.

Security

Security can include any combination of the following characteristics:
Field Description
Confidentiality To be included when encrypting or decrypting the messages.

Selecting this check box displays the SSL Server Configuration field.

Older security protocols TLS v1.0, v1.1 and SSL v3 are not supported, in order to prevent security vulnerabilities.

JWT Authentication Enable this to use JSON Web Token (JWT) authentication when exposing a BusinessWorks REST Service.

JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm).

Selecting this check box enables the following fields:
  • JWT Algorithm: Use the drop-down list to specify an HMAC algorithm (HS256, HS384 or HS512.)
  • Secret Key: When HMAC is used, a shared secret (password) is required to encrypt the JWT token. Enter the password in the Secret Key field.
Note: Imported projects display the Authentication check box under the Security section if the check box was selected in a previous version ActiveMatrix BusinessWorks™ 6.x. Authentication remains enabled on the HTTP Connector resource if you do not clear the check box. If you clear the Authentication check box, a warning message is displayed prompting you to confirm your action. To remove authentication from the resource, click OK.

Once you have removed authentication from the resource, you can reapply it using the Basic Authentication policy.

For more information, see Enforcing Basic Authentication in the TIBCO ActiveMatrix BusinessWorks™Application Development guide.

Note: When Jetty debug logs are enabled, intermittent ClosedChannelException error messages occur in the logs. These messages are to be ignored, since this is an expected behavior due to internal implementation of the Jetty server. These messages are not an indication of any errors.