You can configure name-value pairs of data, where the name is a property key and the value is a string value that you can use to set internal system configuration properties. Defining a new property enables you to configure a setting beyond that which is available in the administrative console. The following is a list of some of the available Web container custom properties.
To specify Web container custom properties:
Following is a list of custom properties provided with the Application Server.
If a client closes a connection and a request body is not completely sent to the application server, an IOException exception is generated. However, the Web container logs and suppresses the exception. As a result, an application might be unaware that the request was not completed successfully. When you set the com.ibm.ws.webcontainer.channel.rethrowsioexception value to true, the Web container re-throws the exception to enable the application to handle it.
Name | Default value |
com.ibm.ws.webcontainer.channel.rethrowsioexception | false |
Use the com.ibm.ws.jsp.zosFileLockRetrying property to specify, in seconds, the amount of time during which a thread continues to try to obtain a lock on a JSP.
A JSP file is locked prior to the start of the compile process, and unlocked after the compile process completes. If a thread fails to lock a JSP, the thread continues to try to obtain the file lock for that JSP for up to 240 seconds. If the thread cannot obtains the lock during this time interval, an error message is issued. The thread does not make any additional attempts to obtain a lock for the JSP.
Data type | Integer |
Default | 240 |
Use the com.ibm.ws.jsp.zosReCompile property to specify how many times a thread should attempt to lock a JSP.
After a thread obtains the lock for a JSP, the thread determines whether the JSP is already compiled. If the JSP is not compiled, the thread tries to compile the JSP.
If after the specified number of tries, the thread cannot compile the JSP, an error message is issued. The thread does not make any additional attempts to compile the JSP.
Data type | Integer |
Default | 5 |
Web application archive (WAR) files that are packaged using third-party tools cannot specify behavior for the services that are exposed by the Web container internal servlets. You can globally enable and disable internal servlets for all Web applications at the Web container level by creating name-value pairs such as:
Name | Value |
fileServingEnabled | true |
directoryBrowsingEnabled | true |
serveServletsByClassnameEnabled | true |
Settings that are defined in an assembly tool take precedence over the global settings that are set through the custom properties at the Web container level.
Web application deployment extensions continue to hold configuration information for the services that are provided by the internal servlets, and take precedence over the global settings that are set through the custom properties at the Web container level.
You must define unique values for the host and port on each application server. You cannot define the values of host and port as wild cards denoted by the asterisk symbol (*) when you enable the optimized communication between the Web services application and the Web container. Using wild cards indicate that the local Web container can handle Web services requests for all destinations.
When the serveServletsByClassnameEnabled property is enabled, it is possible to access servlets directly, resulting in a possible security exposure. Define the following custom property to disallow the use of the serveServletsByClassnameEnabled property across the entire application server level.
Name | Value |
com.ibm.ws.webcontainer.disallowserveservletsbyclassname | true |
The com.ibm.ws.webcontainer.donotservebyclassname custom property specifies a list of classes that cannot be served by the class name.
Name | Value |
com.ibm.ws.webcontainer.donotservebyclassname | A semi-colon delimited list of classes to be completely disallowed from being served by class name. |
The com.ibm.ws.webcontainer.suppressheadersinrequest custom property can be used to suppress the inclusion of request headers that start with special characters, such as "$" or "_" . Some applications do not handle request headers that start with special characters.
Name | Value |
com.ibm.ws.webcontainer.suppressheadersinrequest | Delimited list of header prefixes to be suppressed. Example: $WS,_WS |
Error message SRVE0017W states "Web Group not found: {0}", and error message SRVE0255 states "A WebGroup/Virtual Host to handle {0} has not been defined". These messages might be returned when the application that is called to process the request serviced by IBM WebSphere Application Server is not found. You can use the com.ibm.ws.webcontainer.webgroupvhostnotfound custom property to change the text of these message to text that is more suitable for your environment.
Name | Value |
com.ibm.ws.webcontainer.webgroupvhostnotfound | String Example: Application not found. |
The UTF-8 encoded URL feature, which provides UTF-8 encoded Uniform Resource Locators (URLs) to support the double-byte characters in URLs is enabled by default. You can prevent the Web container from explicitly decoding URLs in UTF-8 and have them use the ISO-8859 standard as per the current HTTP specification by using the following name-value pair:
Name | Value |
DecodeUrlAsUTF8 | false |
The servlet specification supports applications registering listeners for servlet-related events on an individual application basis through the web.xml descriptor. However, using the listeners custom property, a server can listen to servlet events across Web applications. To implement global listening, a listener is registered at the Web container level and is propagated to all of the installed and new Web applications. This global behavior of internal servlet listeners is controlled by the listeners custom property by using the following name-value pair format:
Name | Value |
listeners | listener_class |
The values for this property is a string specifying a comma separated list of listener classes. The listener supplied must implement standard listener classes from the Java™ Servlet API or IBM® listener extension classes.
The UseOracleBLOB custom property creates the HTTP session database table using the Binary Large Object (BLOB) data type for the medium column. This property increases performance of persistent sessions when Oracle databases are used. Due to an Oracle restriction, BLOB support requires use of the Oracle's oci database driver for more than 4000 bytes of data. You must also ensure that a new sessions table is created before the server is restarted by dropping your old sessions table or by changing the datasource definition to reference a database that does not contain a sessions table. To create a sessions table using the BLOB data type, use the following name-vaule pair:
Name | Value |
UseOracleBLOB | true |
The DebugSessionCrossover custom property enables code to perform additional checks to verify that only the session associated with the request is accessed or referenced. Messages are logged if any discrepancies are detected. To enable session data crossover detection, use the following name-value pair:
Name | Value |
DebugSessionCrossover | true |
See article, HTTP session problems, for additional information.
The com.ibm.wsspi.jsp.disableTldSearch custom property can be used to improve application startup time. By default, when an application starts, the JSP engine searches the application installation directories for the taglib descriptor (TLD) files. This search process might increase the startup time for large applications with a large number of files and directories. To disable this search process, use the following name-value pair:
Name | Value |
com.ibm.wsspi.jsp.disableTldSearch | true |
You might need use a custom servlet filter with Web applications to map files from a one URI to another URI that points to a particular resource. For example, you might map URIs that start with my_company to the my_company/external directory. Without enabling the com.ibm.ws.webcontainer.invokeFiltersCompatibility custom property, the Web container does not call any custom servlet filters.
With this custom property, the Web container calls custom servlet filters before looking for welcome files. Also, if the Web container cannot find a resource, it calls the custom servlet filters before creating a FileNotFoundException exception. This change enables the Web container to verify whether the custom servlet filters modify the path to a resource.
Name | Value |
com.ibm.ws.webcontainer.invokeFiltersCompatibility | true |
Value | Servlet Path value | PathInfo value |
---|---|---|
true | Set to the contents of the URI after the Context Path | Set to a null value |
false (Default) | Set to an empty string | Set based on the contents of the URI after the Context Path |
To improve performance, there is an optimized communication path between a Web services client application and a Web container that are located in the same application server process. That is, an optimized communication path is available for use between the web service client and the web service provider provided that the web service client and web service provider are in the same application server. In this case, requests from the Web services client that are normally sent to the Web container using a network connection are delivered directly to the Web container using an optimized local path. The local path is available because the Web services client application and the Web container are running in the same process.
The optimized communication path cannot be used if the Web services client and Web service provider are running on different servers.
The optimized communication path is applicable to Web services clients sending requests to Web services that are in running on the same JVM. The optimized communication path always routes the request to a service on the same JVM. In this case, the Web service's virtual host needs to have an alias for localhost and the specific port specified. For example, if you want a Web services client to send a request to a Web service available at an endpoint URL, such as http://localhost:9080/Hello/HelloWorldService and use the optimized communication between client and service, then in addition to enabling the property (setting enableInProcessConnections = true), you would have to create an alias for "localhost" and "9080" for the virtual host that the Web service is using.
The Web services client uses the defined virtual host information to determine whether the request can be served by the local Web container. You must define unique values for the host and port on each application server. You cannot define the values of host and port as wild cards denoted by the asterisk symbol (*) when you enable the optimized communication between the Web services application and the Web container. Using wild cards indicate that the local Web container can handle Web services requests for all destinations.
This optimized communication path is disabled by default. Before enabling this property, make sure that you are not using wild cards for host names in your Web container end points and make sure that wild cards are not specified for the Web container ports. Use specific ports for the web container when the optimized communication path is enabled. To enable the optimized communication path, use the following name-value pair:
Name | Value |
enableInProcessConnections | true |
You can enable the local communication path with the enableInProcessConnections custom property.
See article, Web services client to Web container optimized communication, for additional information. Set this property to true in the Web container to enable the optimized local communication path. When disabled, the Web services client and the Web container communicate using network transports.
WebSphere® Application Server 5.x accepts Uniform Resource Locators (URLs) without leading front slashes ( / ) and to preserve compatibility, You can set the custom property, prependSlashToResource to true. To ignore the specification and consider URLs without the leading front slash, use the following name-value pair:
Name | Value |
prependSlashToResource | true |
The custom property httpsIndicatorHeader manages HTTPS requests that are forwarded to an application server from an SSL offloader that is used in front of WebSphere Application Server. When an HTTPS request is received by a SSL offloader it is redirected over HTTP to an application server using WebSphere Application Server. The SSL offloader adds a header indicating the original request was over HTTP. The httpsIndicatorHeader property specifies the header name added by the SSL box. The application server checks this indicator to determine if SSL is required. If it determines the request is SSL over HTTP, an HTTPS scheme is chosen.
Name | Value |
httpsIndicatorHeader | Request header key name |
The custom property HttpSessionIdReuse determines whether the session manager can use the session ID sent from a browser to preserve session data across Web applications that are running in an environment that is not configured for session persistence. In a multi-JVM environment that is not configured for session persistence setting this property to true enables the session manager to use the same session information for all of a user's requests even if the Web applications that are handling these requests are governed by different JVMs. The default value for this property is false. To enable the session manager to use the session ID sent from a browser to preserve session data across Web applications that are running in an environment that is not configured for session persistence, use the following name-value pair:
Name | Value |
HttpSessionIdReuse | true |
ExtendedMessage: BBOO0220E: SessionContext:createSession - call to establishAffinity for id id_number failed with rc 4".
trusthostheaderport = true com.ibm.ws.webcontainer.extractHostHeaderPort = true
Or you can set these properties as Web container custom properties in the administrative console using the following two sets of name-value pairs:
Name | Value |
com.ibm.ws.webcontainer.extractHostHeaderPort | true |
trusthostheaderport | true |
The JSP translation code was modified to handle escape characters and quotations properly when determining whether to evaluate an expression or to treat it as a literal string. To apply this behavior globally across all Web applications, add the following name-value pair as a Web container custom property:
Name | Value |
com.ibm.wsspi.jsp.evalQuotedAndEscapedExpression | true |
<jspAttributes xmi:id="JSPAttribute_1" name="evalQuotedAndEscapedExpression" value="true"/>The attribute id value must be unique.
If a JSP file contains an action and that property has not been set, the JSP engine returns null. In Version 5.1 an empty string was returned. This custom property was added to provide backwards compatibility. When it is set to true, the value returned on a call to jsp:getProperty is an empty string instead of null.
Name | Value |
com.ibm.ws.jsp.getParameterReturnEmptyString | true |
When processing a request, the Web container recognizes servlet mappings to "*" as the same as servlet mappings to "/*". To provide the same behavior with filter mapping, set the com.ibm.ws.webcontainer.mapFiltersToAsterisk custom property to true. Setting the com.ibm.ws.webcontainer.mapFiltersToAsterisk custom property to true causes the Web container to recognize filter mappings to "*" as a filter mapping to "/*" . This custom property is not case sensitive.
Name | Value |
com.ibm.ws.webcontainer.mapFiltersToAsterisk | true |
You can enable file serving on a global level across a given application server by using the fileServingEnabled custom property. However, the fileServingEnabled property is overridden by the specific deployment information of each application. Therefore,, the current fileServingEnabled custom property only applies as a backup in case an application does not define the fileServingEnabled setting itself. To globally override this setting on a specific application server to prevent the application server from serving static files regardless of their individual deployment settings, set the Web container custom property com.ibm.ws.webcontainer.disallowAllFileServing to true to by using the following name-value pair:
Name | Value |
com.ibm.ws.webcontainer.disallowAllFileServing | true |
By default, the Web container uses asynchronous writes to write response data in chunks of up to the response buffer size. For larger responses that are greater than the response buffer size, the Web container continues to buffer response data into memory while waiting for an asynchronous write of a response data chunk to complete. This can result in part of a large response held in memory, which can lead to high memory usage and potentially an out of memory error. An application server hang may also occur when a server is simultaneously processing more requests than Web container defined threads.
If the com.ibm.ws.webcontainer.channelwritetype property is set to sync, synchronous writing is used, otherwise asynchronous writing is used by default. With synchronous writing, response data are written synchronously in chunks of up to the value of responsebuffersize and no response data are buffered into memory while waiting for a synchronous write of a response data chunk to complete. As a result, the approximate maximum amount of response data that is held in memory is equal to the responsebuffersize * number of Web container threads. The maximum number of requests that can be processed simultaneously by the Web container is limited by the number of Web container threads. Additional requests are queued, waiting for a request that is in process to complete.
The responsebuffersize Web container custom property defines the maximum amount of response data written by the Web container in a single chunk, and is 32k by default. As a result, it is used to change the number of writes needed by the Web container to send complete response data. However, if an application flushes response data, any response data held by the Web container is immediately written irrespective of the responsebuffersize.
Use the following name-value pair to write chunks of data using synchronous writes.
Name | Value |
com.ibm.ws.webcontainer.channelwritetype | sync |
If your requests normally are not bound by a response time limit, specify 0 for this property.
If you want to invalidate your sessions after a certain amount of time has elapsed, specify the appropriate positive integer for this property.
Name | Value |
ForceSessionInvalidationMultiple | 1 |
Typically, when a recursive error occurs in an application, the trace audit method sends the resulting exception message to the z/OS® system console. Because these messages are informational messages, and no response action is required, you might want this type of message sent to the error log file instead of to the z/OS system console.
You can set the com.ibm.ws.webcontainer.divertrecursiveexceptiontoerrorlog Web container custom property to true if you want to have error page exception messages sent to the error log file instead of to the z/OS system console.
Name | Value |
com.ibm.ws.webcontainer.divertrecursiveexceptiontoerrorlog | true |
Set the com.ibm.wsspi.jsp.convertAttrValueToString Web container custom property to true to convert start and end attributes of the repeat tag to strings before they are used.
Name | Value |
com.ibm.wsspi.jsp.convertAttrValueToString | true |
Set the com.ibm.wsspi.jsp.disableElCache Web container custom property to true to disable the commons-el expression cache if you are experiencing out of memory conditions because the hash maps are held by the expression evaluator.
Name | Value |
com.ibm.wsspi.jsp.disableElCache | true |
Set the com.ibm.ws.webcontainer.throwMissingJspException Web container custom property to true When set to true, a FileNotFoundException is created when a resource included by a JSP file is missing. If this property is not set to true, an error page is displayed.
Name | Value |
com.ibm.ws.webcontainer.throwMissingJspException | true |
The request.getLocalAddr method returns a host name and the request.getLocalName method returns a host address. The Web container has been modified to call the correct methods for the getLocalName and getLocalAddr methods. You can use the com.ibm.ws.webcontainer.swapgetlocalnameandaddr custom property to true to switch back to the old behavior of the request.getLocalName and request.getLocalAddr methods.
Set the following name-value pair revert back to the old behaviour and have the request.getLocalAddr method return a host name and the request.getLocalName method return a host address.
Name | Value |
com.ibm.ws.webcontainer.swapgetlocalnameandaddr | true |
When JavaServer Pages files (or user-defined JSP files) are complied in an environment that has multiple servants, the JSP container uses locking to prevent both servants from trying to concurrently compile the same JSP file. If two requests for a JSP need to be compiled at the same time, and are routed to separate servants, the JSP container locks the JSP file until the compilation for the first servant completes. If the second servant has to wait for more than 120 seconds for the lock to be released, the request for the JSP fails.
If you expect the compilation time for any of your JSP files to be more than 120 seconds, specify, in seconds, a value greater than 120 for the com.ibm.ws.jsp.zosFileLockRetrying custom property. The new setting should extend the wait time, such that the new wait time prevents a JSP request from failing in situations where two requests for the same JSP file need to be handled at approximately the same time, but the requests are routed to different servants.
Name | Default value |
com.ibm.ws.jsp.zosFileLockRetrying | 120 seconds |
If a servlet creates an exception, it is logged in the systemErr log file. For some applications, this is undesirable as it may fill up the log. In WebSphere Application Server Version 5, servlet exceptions are created but they are not logged in the systemErr log file. Beginning with WebSphere Application Server Version 6.0.2, all servlet exceptions are logged. You can use the following custom property to specify that the Web container does not log the servlet exceptions that are created in the systemErr file:
Name | Value |
com.ibm.ws.webcontainer.suppressServletExceptionLogging | true |
In WebSphere Application Server Version 5.1 processing of static files is performed by SimpleFileServlet which generates both SMF and PMI data. In Version 6.0.1, static files are handled by a file wrapper that does not generate SMF and PMI data for static files. Specify the following custom property to generate SMF and PMI data when serving the static files.
Name | Value |
com.ibm.ws.webcontainer.fileWrapperEvents | true |
By default, when an application is stopped the Web container waits up to 60 seconds for each active request for a resource of that application to complete. You can now define the com.ibm.ws.webcontainer.ServletDestroyWaitTime Web container custom property to control the amount of time that the Web container waits for an active request to complete when the owning application is stopped.
Set the com.ibm.ws.webcontainer.ServletDestroyWaitTime custom property to an integer value, which specifies the number of seconds to wait for a request to complete. The default value is 60 seconds.
Name | Value |
com.ibm.ws.webcontainer.ServletDestroyWaitTime | integer |
The trusted custom property enables the application server to use inbound private headers from the Web server plug-in. These inbound private headers notify the application server about the connection to the Web server. When you set the custom property to true, the application server uses the asserted information on the client certificates. These client certificates are used by the end user to connect to the Web server and establish the client information, which is treated as the certificate for the end user. Then, the application server uses the certificate information for authentication purposes when client certificate authentication is used or when the application code accesses the javax.net.ssl.peer_certificates certificates. Because this information is asserted, it is insecure and potentially vulnerable to an attacker that is able to connect directly to the application server and bypass the Web server.
The default value for this property is true.
Name | Value |
---|---|
trusted | true |
The dynamic cache service uses flushes to determine when one cacheable Web fragment, such as a JSP include or a c:import, ends and the next Web fragment begins. If you set the com.ibm.wsspi.jsp.usecdatatrim custom property to true for your JSP engine, all of the white space and extra lines in the generated Java code are stripped out. In this situation there might not be any content to write before the first flush. If the generated Java code contains text or other code before the first flush then normal dynamic cache service processing occurs.
If you set the com.ibm.wsspi.jsp.usecdatatrim custom property to true, and are using the dynamic cache service, you must also set the com.ibm.ws.jsp.getWriterOnEmptyBuffer custom property to true. This custom property requires the JSP Engine to call the flush function when it reaches the end of the first cachable Web fragments even if there is not any data to flush. The default value for this property is false.
Name | Value |
---|---|
com.ibm.ws.jsp.getWriterOnEmptyBuffer | true |
The size of the body content buffer for a JavaServer Pages (JSP) file can affect the performance of some applications. By default, the body content buffer size is 512 bytes. However, you can use the BodyContentBuffSize custom property to set a different buffer value.
Name | Value |
---|---|
BodyContentBuffSize | 512 |
You can use the CloneSeparator custom property to specify a different character as the clone separator in session cookies. The value specified for this custom property must be a single character.
The fact that any character can be specified as the value for this custom property does not imply that the character you specify will function correctly. This fact also does not imply that IBM is responsible for fixing any problem that might arise from using an alternative character.
bprac