-
Notifications
You must be signed in to change notification settings - Fork 3
/
jetty.xml
331 lines (330 loc) · 14.1 KB
/
jetty.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<!-- See http://www.eclipse.org/jetty/documentation/current/ -->
<!-- See http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax -->
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Configure the Server Thread Pool. -->
<!-- The server holds a common thread pool which is used by -->
<!-- default as the executor used by all connectors and servlet -->
<!-- dispatches. -->
<!-- -->
<!-- Configuring a fixed thread pool is vital to controlling the -->
<!-- maximal memory footprint of the server and is a key tuning -->
<!-- parameter for tuning. In an application that rarely blocks -->
<!-- then maximal threads may be close to the number of 5*CPUs. -->
<!-- In an application that frequently blocks, then maximal -->
<!-- threads should be set as high as possible given the memory -->
<!-- available. -->
<!-- -->
<!-- Consult the javadoc of o.e.j.util.thread.QueuedThreadPool -->
<!-- for all configuration that may be set here. -->
<!-- =========================================================== -->
<Arg name="threadpool">
<New id="threadpool" class="org.eclipse.jetty.util.thread.QueuedThreadPool"/>
</Arg>
<Get name="ThreadPool">
<Set name="minThreads" type="int">
<Property name="jetty.threads.min" default="10"/>
</Set>
<Set name="maxThreads" type="int">
<Property name="jetty.threads.max" default="64"/>
</Set>
<Set name="idleTimeout" type="int">
<Property name="jetty.threads.timeout" default="60000"/>
</Set>
<Set name="detailedDump">false</Set>
</Get>
<!-- =========================================================== -->
<!-- Get the platform mbean server -->
<!-- =========================================================== -->
<Call id="MBeanServer" class="java.lang.management.ManagementFactory" name="getPlatformMBeanServer"/>
<!-- =========================================================== -->
<!-- Initialize the Jetty MBean container -->
<!-- =========================================================== -->
<!-- Note: This breaks CI if it is enabled
<Call name="addBean">
<Arg>
<New id="MBeanContainer" class="org.eclipse.jetty.jmx.MBeanContainer">
<Arg>
<Ref refid="MBeanServer" />
</Arg>
</New>
</Arg>
</Call>-->
<!-- Add the static log to the MBean server.
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.util.log.Log" />
</Arg>
</Call>-->
<!-- For remote MBean access (optional)
<New id="ConnectorServer" class="org.eclipse.jetty.jmx.ConnectorServer">
<Arg>
<New class="javax.management.remote.JMXServiceURL">
<Arg type="java.lang.String">rmi</Arg>
<Arg type="java.lang.String" />
<Arg type="java.lang.Integer"><SystemProperty name="jetty.jmxrmiport" default="1090"/></Arg>
<Arg type="java.lang.String">/jndi/rmi://<SystemProperty name="jetty.jmxrmihost" default="localhost"/>:<SystemProperty name="jetty.jmxrmiport" default="1099"/>/jmxrmi</Arg>
</New>
</Arg>
<Arg>org.eclipse.jetty.jmx:name=rmiconnectorserver</Arg>
<Call name="start" />
</New>-->
<!-- =========================================================== -->
<!-- Http Configuration. -->
<!-- This is a common configuration instance used by all -->
<!-- connectors that can carry HTTP semantics (HTTP, HTTPS, SPDY)-->
<!-- It configures the non wire protocol aspects of the HTTP -->
<!-- semantic. -->
<!-- -->
<!-- Consult the javadoc of o.e.j.server.HttpConfiguration -->
<!-- for all configuration that may be set here. -->
<!-- =========================================================== -->
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme">https</Set>
<Set name="securePort">
<Property name="jetty.secure.port" default="8443"/>
</Set>
<Set name="outputBufferSize">
<Property name="jetty.output.buffer.size" default="32768"/>
</Set>
<Set name="requestHeaderSize">
<Property name="jetty.request.header.size" default="8192"/>
</Set>
<Set name="responseHeaderSize">
<Property name="jetty.response.header.size" default="8192"/>
</Set>
<Set name="sendServerVersion">
<Property name="jetty.send.server.version" default="true"/>
</Set>
<Set name="sendDateHeader">
<Property name="jetty.send.date.header" default="false"/>
</Set>
<Set name="headerCacheSize">512</Set>
<!-- Uncomment to enable handling of X-Forwarded- style headers
<Call name="addCustomizer">
<Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
</Call>
-->
</New>
<!-- Configure the HTTP endpoint. -->
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Server"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="httpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<SystemProperty name="jetty.host"/>
</Set>
<Set name="port">
<SystemProperty name="jetty.port" default="8080"/>
</Set>
<Set name="idleTimeout">
<SystemProperty name="http.timeout" default="30000"/>
</Set>
</New>
</Arg>
</Call>
<!-- HTTPS Configuration -->
<!-- See https://www.eclipse.org/jetty/documentation/9.4.x/configuring-ssl.html for information on generating certificates, etc. -->
<!-- Uncomment and configure to enable SSL support.
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="KeyStorePath"><Property name="jetty.home" default="."/>/etc/keystore</Set>
<Set name="KeyStorePassword">changeit</Set>
<Set name="KeyManagerPassword">changeit</Set>
<Set name="TrustStorePath"><Property name="jetty.home" default="."/>/etc/keystore</Set>
<Set name="TrustStorePassword">changeit</Set>
<Set name="IncludeCipherSuites">
<Array type="String">
<Item>TLS_DHE_RSA.*</Item>
<Item>TLS_ECDHE.*</Item>
</Array>
</Set>
<Call name="addExcludeCipherSuites">
<Arg>
<Array type="String">
<Item>.*NULL.*</Item>
<Item>.*RC4.*</Item>
<Item>.*MD5.*</Item>
<Item>.*DES.*</Item>
<Item>.*DSS.*</Item>
</Array>
</Arg>
</Call>
</New>
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg>
<Ref refid="httpConfig"/>
</Arg>
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer"/>
</Arg>
</Call>
</New>
<Call id="sslConnector" name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Server"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">http/1.1</Arg>
<Arg name="sslContextFactory">
<Ref refid="sslContextFactory"/>
</Arg>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="sslHttpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<Property name="jetty.host"/>
</Set>
<Set name="port">
<Property name="jetty.tls.port" default="8443"/>
</Set>
<Set name="idleTimeout">30000</Set>
</New>
</Arg>
</Call>
-->
<!-- =========================================================== -->
<!-- Set handler Collection Structure -->
<!-- =========================================================== -->
<Set name="handler">
<New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
<Set name="handlers">
<Array type="org.eclipse.jetty.server.Handler">
<Item>
<New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection">
<Call name="addHandler">
<Arg>
<New id="moved" class="org.eclipse.jetty.server.handler.MovedContextHandler">
<!-- This is the redirect from root to /blazegraph -->
<Set name="contextPath">/</Set>
<Set name="newContextURL">/blazegraph</Set>
<Set name="permanent">true</Set>
<Set name="discardPathInfo">false</Set>
<Set name="discardQuery">false</Set>
</New>
</Arg>
</Call>
<Call name="addHandler">
<Arg>
<New id="moved" class="org.eclipse.jetty.server.handler.MovedContextHandler">
<!-- This is the redirect from /bigdata to /blazegraph -->
<!-- Note that this does not work for POST data based the semantics of the 301 response -->
<Set name="contextPath">/bigdata</Set>
<Set name="newContextURL">/blazegraph</Set>
<Set name="permanent">true</Set>
<Set name="discardPathInfo">false</Set>
<Set name="discardQuery">false</Set>
</New>
</Arg>
</Call>
<Call name="addHandler">
<Arg>
<!-- This is the bigdata web application. -->
<New id="WebAppContext" class="org.eclipse.jetty.webapp.WebAppContext">
<Set name="war">
<SystemProperty name="jetty.home" default="."/>
</Set>
<Set name="contextPath">/blazegraph</Set>
<Set name="descriptor">WEB-INF/web.xml</Set>
<Set name="parentLoaderPriority">true</Set>
<Set name="extractWAR">false</Set>
<Set name="maxFormContentSize">10485760</Set>
<Set name="overrideDescriptor">
<SystemProperty name="jetty.overrideWebXml" default="./override-web.xml"/>
</Set>
<!-- Uncomment the section below to add
Digest authentication per http://www.eclipse.org/jetty/documentation/9.2.22.v20170531/configuring-security-authentication.html
You must update the path to the realm.properties file to be a location on your machine.
There is an example in blazegraph-jar/src/main/resources/realm.properties
<Get name="securityHandler">
<Set name="loginService">
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Blazegraph Authentication</Set>
<Set name="config">/path/to/your/realm.properties</Set>
<Set name="refreshInterval">0</Set>
</New>
</Set>
</Get>
-->
</New>
</Arg>
</Call>
</New>
</Item>
</Array>
</Set>
</New>
</Set>
<Get id="oldhandler" name="handler"/>
<Set name="handler">
<New id="Rewrite" class="org.eclipse.jetty.rewrite.handler.RewriteHandler">
<Set name="handler">
<Ref refid="oldhandler"/>
</Set>
<Set name="rewriteRequestURI">
<Property name="jetty.rewrite.rewriteRequestURI" deprecated="rewrite.rewriteRequestURI" default="true"/>
</Set>
<Set name="rewritePathInfo">
<Property name="jetty.rewrite.rewritePathInfo" deprecated="rewrite.rewritePathInfo" default="false"/>
</Set>
<Set name="originalPathAttribute">
<Property name="jetty.rewrite.originalPathAttribute" deprecated="rewrite.originalPathAttribute" default="requestedPath"/>
</Set>
<!-- Add rule to protect against IE ssl bug -->
<Call name="addRule">
<Arg>
<New class="org.eclipse.jetty.rewrite.handler.MsieSslRule"/>
</Arg>
</Call>
<!-- Add Header for X-Frame-Options. See https://jira.blazegraph.com/browse/BLZG-8865 -->
<Call name="addRule">
<Arg>
<New class="org.eclipse.jetty.rewrite.handler.HeaderPatternRule">
<Set name="pattern">/*</Set>
<Set name="name">X-Frame-Options</Set>
<Set name="value">SAMEORIGIN</Set>
</New>
</Arg>
</Call>
</New>
</Set>
<!-- =========================================================== -->
<!-- extra server options -->
<!-- =========================================================== -->
<Set name="stopAtShutdown">true</Set>
<Set name="stopTimeout">5000</Set>
<Set name="dumpAfterStart">
<Property name="jetty.dump.start" default="false"/>
</Set>
<Set name="dumpBeforeStop">
<Property name="jetty.dump.stop" default="false"/>
</Set>
</Configure>