WebSEAL supports timeout settings for HTTP and HTTPS communication. Stanza entries for timeout settings are usually located in the [server] stanza of the WebSEAL configuration file.
After the initial connection handshake has occurred, this stanza entry specifies how long WebSEAL holds the connection open for the initial HTTP or HTTPS request. The default value is 120 seconds.
[server]
client-connect-timeout = 120
This stanza entry affects request and response data sent as two or more fragments. The stanza entry specifies the timeout (in seconds) between each request data fragment after the first data fragment is received by WebSEAL. The stanza entry also governs the timeout between response data fragments after the first data fragment is returned by WebSEAL. The default value is 60 seconds.
[server]
intra-connection-timeout = 60
If the value of this stanza entry is set to 0 (or not set), connection timeouts between data fragments are governed instead by the client-connect-timeout stanza entry. The exception to this rule occurs for responses returned over HTTP (TCP). In this case, there is no timeout between response fragments.
If a connection timeout occurs on a non-first data fragment due to the intra-connection-timeout setting, a TCP RST (reset) packet is sent.
After a completed HTTP request and server response exchange, this stanza entry controls the maximum number of seconds that WebSEAL holds an HTTP persistent connection open for a new client request before the connection is shut down. The default value is 5 seconds.
[server]
persistent-con-timeout = 5
If the value of this stanza entry is set to 0, the connection does not remain open for future requests. A value of zero causes WebSEAL to set the 'Connection: close' header and then close the connection on every response.
The following flow diagram shows where the timeout settings impact an example request and response exchange. The number of fragments indicated for the request and the response are only for example purposes.