Use an HTTP Connector policy to configure message flows that include HTTP nodes that send messages across HTTP transport.
You use HTTP nodes in your message flow to interact with web services. HTTP nodes receive HTTP messages from an HTTP client for processing by a message flow, and return responses from the message flow to an HTTP client (see Processing web service messages). You can use an HTTP Connector policy to control, at run time, how the HTTP nodes communicate with the HTTP client. Alternatively, if you are sending secure messages to the HTTP client, you can use an HTTPS Connector policy (see HTTPS Connector policy (HTTPSConnector)).
To specify a default HTTP Connector policy for all message flows that are deployed to an integration server, set the httpConnector property in the server.conf.yaml file to the name of an HTTP Connector policy (see Configuring an integration server by using the server.conf.yaml file). If the default policy is in the default policy project, you do not need to specify the name of the policy project. If the default policy is in a non-default policy project, qualify the name of the policy with the name of the policy project ({policyProject}:PolicyName).
Property | Property name in .policyxml | Value |
---|---|---|
Port number | ListenerPort | This property specifies the port number that the integration server
uses to listen for HTTP messages. The default port number is 7800. Value type: Integer |
Listener address | ListenerAddress | If your integration server has more than one IP address, this property
specifies the IP address that the listener uses to listen on. The default address is
0.0.0.0. Value type: String |
Number of listener threads | ListenerThreads | This property specifies the number of threads that are available for the listener to run on.
If this property is set to -1 or 0, the number of available
threads is half the number of available CPU cores on the system. Value type: Integer |
Maximum number of keep-alive requests | MaxKeepAliveRequests | This property specifies the maximum number of keep-alive requests that can be sent in a
connection. By default, the HTTP connection is closed after each request is complete. Set this
property to ensure that the connection remains open for multiple requests. The default number of
requests that can be sent in a connection is 32768. Value type: Integer |
Time interval between successive checks for timed out messages (in milliseconds) | TimeoutSweepInterval | This property defines how often successive checks are made for messages that have timed out.
The default time interval is 200 milliseconds. Value type: Integer |
Capacity of in-memory queues forwarding requests from the HTTP listener to message flows | QueueCapacity | This property specifies the maximum number of requests that can be stored by an in-memory
queue that is forwarding requests from the HTTP listener to message flows. The default value is
1000. Value type: Integer |
Connection backlog | ConnBacklog | This property specifies the maximum number of unaccepted connections that the listener
maintains in its backlog. The default value for this property is 1024. Value type: Integer |
Enable processing of HTTP CORS requests | CORSEnabled | This property specifies whether the connector responds to valid HTTP CORS requests from a web
browser. By default, this property is set to false, which means that all CORS
processing is disabled. Value type: Boolean |
Allowed origins for inbound CORS | CORSAllowOrigins | This property configures the list of allowed origins for inbound cross-origin requests. An
origin is the scheme, host, and port of the URI from which the cross-origin request was initiated.
For example, if the cross-origin request was initiated from a web page that is hosted at
http://example.com:7800/api/customers, the origin of the cross-origin request
is http://example.com:7800. The cross-origin request that is made by the web
browser automatically includes the origin as the value of the origin header. Set this property to asterisk (*) (the default) to permit all cross-origin requests, or use a comma-separated list of specific permitted origins for cross-origin access. For example: http://www.example.com,https://www.example.com:7843,http://othersite.net:7800. Value type: String |
Allow credential passing for inbound CORS | CORSAllowCredentials | This property controls whether web browsers can pass credential information (HTTP cookies and
HTTP authentication) over inbound cross-origin requests. If you set this property to
true, an Access-Control-Allow-Credentials header is added to
the response with the value true. The default value is false,
which means that web browsers cannot pass credential information over inbound cross-origin
requests. Value type: Boolean |
Expose headers to web pages in response to CORS requests | CORSExposeHeaders | This property specifies whether web pages that are running in a web browser can see the value
of the specified headers that are returned in the response to a cross-origin request. The following
headers are always permitted, regardless of the setting for this value:
Cache-Control, Content-Language, Content-Type,
Expires, Last-Modified, and Pragma. To permit a web page that is running in a web browser to see other headers in the response, set the value to a comma-separated list of header names. For example, X-Header1,X-Header2,X-Header3. If this value is set to a non-empty list and the inbound cross-origin request is permitted, an Access-Control-Expose-Headers header is added to the response with the value of this property. If this value is set to an empty list, no Access-Control-Expose-Headers header is added to the response. By default, this property is set to Content-Type. Value type: String |
Maximum time (seconds) for web browsers to cache responses to CORS requests | CORSMaxAge | This property controls whether web browsers can cache the response to a preflight
cross-origin request. The value of this property specifies the maximum time in seconds that the web
browser can cache the response to a preflight cross-origin request. A value of 0
stops the web browser from caching the response to a preflight cross-origin request. If you set this value to 0 or a positive integer and the inbound cross-origin request is permitted, an Access-Control-Max-Age header is added to the response that has the value of this property. The default value of this property is -1. If you set this value to -1, an Access-Control-Max-Age header is not added to the response. If the header is not present, depending on the web browser, the web browser might cache the response to a preflight cross-origin request. Value type: Integer |
List of HTTP methods permitted when accessing HTTP services | CORSAllowMethods | This property provides a comma-separated list of HTTP methods that the web browser can use
when it accesses HTTP services that are hosted by this connector. This value is used only when a
preflight cross-origin request is received. A preflight cross-origin request includes the HTTP method of the actual request as the value of the Access-Control-Request-Method header. To permit a preflight cross-origin request, the value of that header must be a case-sensitive match for one of the values that are listed in this property. The default list of HTTP methods is GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS. Value type: String |
List of HTTP headers permitted to pass from a web browser to HTTP services | CORSAllowHeaders | This property provides a comma-separated list of HTTP headers that a web browser can pass to
HTTP services hat are hosted by this connector. This value is used only when a preflight
cross-origin request is received. A preflight cross-origin request can include a list of HTTP headers that are used in the actual request as the value of the Access-Control-Request-Headers header. To permit a preflight cross-origin request, all values in that header must be a case-insensitive match for one of the values that are listed in this property. The default list of HTTP headers is Accept,Accept-Language,Content-Language,Content-Type. Value type: String |