HTTP/HTTPS Inbound Endpoint¶
Introduction¶
The HTTP inbound protocol is used to separate endpoint listeners for each HTTP inbound endpoint so that messages are handled separately. The HTTP inbound endpoint can bypass the inbound side axis2 layer and directly inject messages to a given sequence or API. For proxy services, messages will be routed through the axis2 transport layer in a manner similar to normal transports. You can start dynamic HTTP inbound endpoints without restarting the server.
Syntax¶
<inboundEndpoint name="HttpListenerEP" protocol="http" suspend="false" sequence="TestIn" onError="fault" >
<p:parameters xmlns:p="http://ws.apache.org/ns/synapse">
<p:parameter name="inbound.http.port">8081</p:parameter>
</p:parameters>
<inboundEndpoint>
<inboundEndpoint name="HttpListenerEP" protocol="https" suspend="false" sequence="TestIn" onError="fault" >
<p:parameters xmlns:p="http://ws.apache.org/ns/synapse">
<p:parameter name="inbound.http.port">8081</p:parameter>
<p:parameter name="keystore">
<KeyStore>
<Location>repository/resources/security/wso2carbon.jks</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>
</p:parameter>
<p:parameter name="truststore">
<TrustStore>
<Location>repository/resources/security/client-truststore.jks</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
</TrustStore>
</p:parameter>
<p:parameter name="SSLVerifyClient">require</p:parameter>
<p:parameter name="HttpsProtocols">TLSv1.2,TLSv1.3</p:parameter>
<p:parameter name="SSLProtocol">SSLV3</p:parameter>
<p:parameter name="CertificateRevocationVerifier">
<CertificateRevocationVerifier enable="true">
<CacheSize>10</CacheSize>
<CacheDelay>2</CacheDelay>
</CertificateRevocationVerifier>
</p:parameter>
</p:parameters>
</inboundEndpoint>
Properties¶
Listed below are the properties used for creating an HTTP/HTTPS inbound endpoint.
Required Properties¶
Listed below are the required properties when creating an HTTP/HTTPS inbound endpoint.
Property | Description |
---|---|
Property | Description |
inbound.http.port | The port on which the endpoint listener should be started. |
sequential | The behavior when executing the given sequence. When set as true , mediation will happen within the same thread. When set as false , the mediation engine will use the inbound thread pool. The default thread pool values can be found in the MI_HOME/conf/deployment.toml file, under the `[mediation]` section. The default setting is true .
|
Suspend |
If the inbound listener should pause when accepting incoming requests, set this to true . If the inbound listener should not pause when accepting incoming requests, set this to false .
|
Optional Properties¶
Listed below are the optional properties you can configure when creating an HTTP/HTTPS inbound endpoint.
Property Name |
Description |
---|---|
keystore | The KeyStore location where keys are stored. |
truststore | The TrustStore location where keys are stored. |
SSLVerifyClient |
Used when enabling mutual verification. |
HttpsProtocols | The supporting protocols. |
SSLProtocol | The supporting SSL protocol. |
CertificateRevocationVerifier |
When the enable attribute is set to true , this validates and verifies the revocation status of the host certificates using OCSP/CRL when making HTTPS connections.If the enable attribute of this parameter is set to true , you also need to specify the following:
|
Worker Pool Configuration Properties¶
By default inbound endpoints share the PassThrough transport worker pool to handle incoming requests. If you need a separate worker pool for the inbound endpoint, you need to configure the following properties when creating an HTTP/HTTPS inbound endpoint.
Property Name | Description |
---|---|
inbound.worker.pool.size.core | The initial number of threads in the worker thread pool. This value can be changed accordingly based on the number of messages to be processed. The maximum value that can be specified here is the value of the inbound.worker.pool.size.max parameter. The default value is 400. |
inbound.worker.pool.size.max | The maximum number of threads in the worker thread pool. Specify a maximum limit in order to avoid performance degradation that can occur due to context switching. The default value is 500. |
inbound.worker.thread.keep.alive.sec | The keep-alive time for extra threads in the worker pool. This value should be less than the socket timeout. When this time is elapsed for an extra thread, it will be destroyed. The purpose of this parameter is to optimize the usage of resources by avoiding wastage that results from having extra threads that are not utilized. The default value is 60. |
inbound.worker.pool.queue.length | The length of the queue that is used to hold runnable tasks that are to be executed by the worker pool. The thread pool starts queuing jobs when all existing threads are busy and the pool has reached the maximum number of threads. The value for this parameter should be -1 to use an unbounded queue. If a bound queue is used and the queue gets filled to its capacity, any further attempt to submit jobs will fail causing synapse to drop some messages. The default value is -1. |
inbound.thread.group.id | Unique Identifier of the thread group. The default value is the PassThrough inbound worker thread group. |
inbound.thread.id | Unique Identifier of the thread group. The default value is the PassThrough inbound worker thread. |
dispatch.filter.pattern |
The regular expression that defines the proxy services and API's to expose via the inbound endpoint. Provide the .* expression to expose all proxy services and API's or provide an expression similar to ^(/foo|/bar|/services/MyProxy)$ to define a set of services to expose via the inbound endpoint. If you do not provide an expression only the defined sequence of the inbound endpoint will be accessible.
|