标签:
1、需要启用模块
<extension module="org.wildfly.extension.undertow"/>
2、默认配置如下
<subsystem xmlns="urn:jboss:domain:undertow:1.0">
<buffer-caches>
<buffer-cache name="default" buffer-size="1024" buffers-per-region="1024" max-regions="10"/>
</buffer-caches>
<server name="default-server">
<http-listener name="default" socket-binding="http" />
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content" />
</host>
</server>
<servlet-container name="default" default-buffer-cache="default" stack-trace-on-error="local-only" >
<jsp-config/>
<persistent-sessions/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content" directory-listing="true"/>
</handlers>
</subsystem>
3、配置缓存,静态文件会被缓存,一般情况默认就可以,如需修改,例子如下
<buffer-caches> <buffer-cache name="default" buffer-size="1024" buffers-per-region="1024" max-regions="10"/> </buffer-caches>4、server,由多个子标记组成,如http-listener,host配置https和域名一个是配置http-listener,一个是配置host,详情请查看敝人写的其它jboss笔记
<server name="default-server"default-host="default-host"servlet-container="default">
5、http connector链接,就是上面的http-listener,对应的类型有HTTP, HTTPS and AJP,所有链接都有的属性,我就直接摘抄官方。
这里需要注意一下可以配置链接编码哦。老版jboss7的配置不是在这里,有兴趣看敝人写的其它一篇
| Attribute | Description |
|---|---|
| socket-binding | The socket binding to use. This determines the address and port the listener listens on. |
| worker | A reference to an XNIO worker, as defined in the IO subsystem. The worker that is in use controls the IO and blocking thread pool. |
| buffer-pool | A reference to a buffer pool as defined in the IO subsystem. These buffers are used internally to read and write requests. In general these should be at least 8k, unless you are in a memory constrained environment. |
| enabled | If the connector is enabled. |
| max-post-size | The maximum size of incoming post requests that is allowed. |
| buffer-pipelined-data | If responses to HTTP pipelined requests should be buffered, and send out in a single write. This can improve performance if HTTP pipe lining is in use and responses are small. |
| max-header-size | The maximum size of a HTTP header block that is allowed. Responses with to much data in their header block will have the request terminated and a bad request response send. |
| max-parameters | The maximum number of query or path parameters that are allowed. This limit exists to prevent hash collision based DOS attacks. |
| max-headers | The maximum number of headers that are allowed. This limit exists to prevent hash collision based DOS attacks. |
| max-cookies | The maximum number of cookies that are allowed. This limit exists to prevent hash collision based DOS attacks. |
| allow-encoded-slash | Set this to true if you want the server to decode percent encoded slash characters. This is probably a bad idea, as it can have security implications, due to different servers interpreting the slash differently. Only enable this if you have a legacy application that requires it. |
| decode-url | If the URL should be decoded. If this is not set to true then percent encoded characters in the URL will be left as is. |
| url-charset | The charset to decode the URL to. |
| always-set-keep-alive | If the ‘Connection: keep-alive‘ header should be added to all responses, even if not required by spec. |
<https-listener name="default" socket-binding="https" security-realm="ssl-realm" /> <ajp-listener name="default" socket-binding="ajp" /> <http-listener name="default" socket-binding="http" />https有些自己的属性
| Attribute | Description |
|---|---|
| security-realm | The security realm to use for the SSL configuration. See Security realm examples for how to configure it: Examples |
| verify-client | One of either NOT_REQUESTED, REQUESTED or REQUIRED. If client cert auth is in use this should be either REQUESTED or REQUIRED. |
| enabled-cipher-suites | A list of cypher suit names that are allowed. |
http的专有属性
| Attribute | Description |
|---|---|
| certificate-forwarding | If this is set to true then the HTTP listener will read a client certificate from the SSL_CLIENT_CERT header. This allows client cert authentication to be used, even if the server does not have a direct SSL connection to the end user. This should only be enabled for servers behind a proxy that has been configured to always set these headers. |
| redirect-socket | The socket binding to redirect requests that require security too. |
| proxy-address-forwarding | If this is enabled then the X-Forwarded-For and X-Forwarded-Proto headers will be used to determine the peer address. This allows applications that are behind a proxy to see the real address of the client, rather than the address of the proxy. |
AJP就没有自己的啥属性了
6、host主机配置,其实就是配置域名,name是名称,可以被其它文件引用,alias就是别名,也是可以被其它配置文件引用的,default-web-module就是默认被使用的war包名字,可参看鄙人jboos7域名配置
| Attribute | Description |
|---|---|
| name | The virtual host name |
| alias | A whitespace separated list of additional host names that should be matched |
| default-web-module | The name of a deployment that should be used to serve up requests that do not match anything. |
7、其它几个不做详述了
标签:
原文地址:http://my.oschina.net/fir01/blog/530384
