Web container custom properties
You can configure name-value pairs of data, where the name is a property key and the value is a string value that you can use to set internal system configuration properties. Defining a new property enables you to configure a setting beyond that which is available in the administrative console. The following list contains some of the available web container custom properties.
Complete the following steps to specify web container custom properties:
- In the administrative console click .
- After Additional Properties select Custom Properties.
- On the Custom Properties page, click New.
- On the settings page, enter the name of the custom property that you want to configure in the Name field and the value that you want to set it to in the Value field.
- Click Apply or OK.
- Click Save on the console taskbar to save your configuration changes.
- Restart the server.
The following is a list of custom properties that are provided with the Application Server. The topics, JavaServer Pages specific web container custom properties and HTTP transport custom properties, are listed in a separate topic.
- BodyContentBuffSize
- com.ibm.ws.jsf.disablealternatefacesconfigsearch
- com.ibm.ws.jsp.doNotEscapeWhitespaceCharsInExpression
- com.ibm.ws.jsp.enableDefaultIsELIgnoredInTag
- com.ibm.ws.jsp.expressionreturnemptystring
- com.ibm.ws.jsp.getWriterOnEmptyBuffer
- com.ibm.ws.jsp.limitBuffer
- com.ibm.ws.jsp.throwExceptionForAddELResolver
- com.ibm.ws.jsp.allowExpressionFactoryPerApp
- com.ibm.ws.webcontainer.ADD_STS_HEADER_WEBAPP
- com.ibm.ws.webcontainer.allowDotsinName
- com.ibm.ws.webcontainer.allowPrivAccessGetResource
- com.ibm.ws.webcontainer.appendMetaInfResourcesInLooseLib
- com.ibm.ws.webcontainer.channelwritetype
- com.ibm.ws.webcontainer.checkEDRinGetRealPath
- com.ibm.ws.webcontainer.copyattributeskeyset
- com.ibm.ws.webcontainer.decodeParamViaReqEncoding
- com.ibm.ws.webcontainer.deferServingRequestsUntilEarStarted
- com.ibm.ws.webcontainer.deferServletRequestListenerDestroyOnError
- com.ibm.ws.webcontainer.denyDuplicateFilterinChain
- com.ibm.ws.webcontainer.disableSetCharacterEncodingAfterParametersRead
- com.ibm.ws.webcontainer.disableStaticMappingCache
- com.ibm.ws.webcontainer.disableSystemAppGlobalListenerLoading
- com.ibm.ws.webcontainer.disablexPoweredBy
- com.ibm.ws.webcontainer.disallowAllFileServing
- com.ibm.ws.webcontainer.disallowServeServletsByClassname
- com.ibm.ws.webcontainer.discernUnavailableServlet
- com.ibm.ws.webcontainer.dispatcherRethrowSER
- com.ibm.ws.webcontainer.dispatcherRethrowSError
- com.ibm.ws.webcontainer.displayTextWhenNoErrorPageDefined
- com.ibm.ws.webcontainer.donotservebyclassname
- com.ibm.ws.webcontainer.emptyServletMappings
- com.ibm.ws.webcontainer.enabledefaultservletrequestpathelements
- com.ibm.ws.webcontainer.enableErrorExceptionTypeFirst
- com.ibm.ws.webcontainer.enableExactMatchJSecurityCheck
- com.ibm.ws.webcontainer.enableJspMappingOverride
- com.ibm.ws.webcontainer.enableMultiReadOfPostData
- com.ibm.ws.webcontainer.enablePostOnlyJSecurityCheck
- com.ibm.ws.webcontainer.excludehandledtypesclasses
- com.ibm.ws.webcontainer.extractHostHeaderPort and trusthostheaderport
- com.ibm.ws.webcontainer.finishresponseonclose
- com.ibm.ws.webcontainer.ForceDifferentCookiePaths
- com.ibm.ws.webcontainer.handlingRequestWithOverridenPath
- com.ibm.ws.webcontainer.HTTPOnlyCookies
- com.ibm.ws.webcontainer.ignoreinjectionfailure
- com.ibm.ws.webcontainer.ignoreInvalidQueryString
- com.ibm.ws.webcontainer.ignorePostConstructOverriddenMethod
- com.ibm.ws.webcontainer.ignoreSemiColonOnRedirectToWelcomePage
- com.ibm.ws.webcontainer.IgnoreSessiononStaticFileRequest
- com.ibm.ws.webcontainer.initFilterBeforeInitServlet
- com.ibm.ws.webcontainer.invokeFilterAfterService
- com.ibm.ws.webcontainer.invokeFilterInitAtStartup
- com.ibm.ws.webcontainer.invokeflushafterserviceforstaticfileresponsewrapper
- com.ibm.ws.webcontainer.KeepUnreadPostDataAfterResponseSentToClient
- com.ibm.ws.webcontainer.logServletContainerInitializerClassloadingErrors
- com.ibm.ws.webcontainer.mapFiltersToAsterisk
- com.ibm.ws.webcontainer.maxfilecount
- com.ibm.ws.webcontainer.maxParamPerRequest
- com.ibm.ws.webcontainer.metainfresourcescachesize
- com.ibm.ws.webcontainer.modifiedFileNotFoundExceptionBehavior
- com.ibm.ws.webcontainer.normalizerequesturi
- com.ibm.ws.webcontainer.parseUTF8PostData
- com.ibm.ws.webcontainer.preserveRequestParameterValues
- com.ibm.ws.webcontainer.provideQStringToWelcomeFile
- com.ibm.ws.webcontainer.redirectcontextroot
- com.ibm.ws.webcontainer.RedirectWithPathInfo
- com.ibm.ws.webcontainer.removeAttributeForNullObject
- com.ibm.ws.webcontainer.returnDefaultContextPath
- com.ibm.ws.webcontainer.returnzeroendofinputstream
- com.ibm.ws.webcontainer.searchMetaInfResourcesDuringAppStart
- com.ibm.ws.webcontainer.SendResponseToClientAsPartOfSendRedirect
- com.ibm.ws.webcontainer.SendResponseToClientWhenResponseIsComplete
- com.ibm.ws.webcontainer.setcontenttypebysetheader
- com.ibm.ws.webcontainer.setAsyncDispatchRequestURI
- com.ibm.ws.webcontainer.ServeWelcomeFileFromExtendedDocumentRoot
- com.ibm.ws.webcontainer.ServletDestroyWaitTime
- com.ibm.ws.webcontainer.setUnencodedHTMLinsendError
- com.ibm.ws.webcontainer.skipInputStreamReadOnError
- com.ibm.ws.webcontainer.SkipMetaInfResourcesProcessing
- com.ibm.ws.webcontainer.suppressErrorPageODRHeader
- com.ibm.ws.webcontainer.suppressheadersinrequest
- com.ibm.ws.webcontainer.suppressHtmlRecursiveErrorOutput
- com.ibm.ws.webcontainer.suppressLastZeroBytePackage
- com.ibm.ws.webcontainer.suppressLoggingFileNotFoundExceptions
- com.ibm.ws.webcontainer.suppressLoggingWebGroupVhostNotFound
- com.ibm.ws.webcontainer.suppressLoggingServiceRuntimeExcep
- com.ibm.ws.webcontainer.suppressServletExceptionLogging
- com.ibm.ws.webcontainer.throwMissingJspException
- com.ibm.ws.webcontainer.throwpostconstructexception
- com.ibm.ws.webcontainer.TolerateSymbolicLinks
- com.ibm.ws.webcontainer.transfercontextinasyncservletrequest
- com.ibm.ws.webcontainer.useOriginalRequestState
- com.ibm.ws.webcontainer.useSemiColonAsDelimiterInURI
- com.ibm.ws.webcontainer.webgroupvhostnotfound
- com.ibm.ws.webcontainer.xPoweredBy
- com.ibm.websphere.management.application.sync.deleteSymbolicLinks
- com.ibm.wsspi.jsp.allowMultipleAttributeValues
- com.ibm.wsspi.jsp.convertAttrValueToString
- com.ibm.wsspi.jsp.disableElCache
- com.ibm.wsspi.jsp.disableResourceInjection
- com.ibm.wsspi.jsp.disableTldSearch
- com.ibm.wsspi.jsp.enabledoublequotesdecoding
- com.ibm.wsspi.jsp.removexmlnsfromoutput
- DebugSessionCrossover
- DecodeUrlAsUTF8
- DisableMultiThreadedServletConnectionMgmt
- enableInProcessConnections
- fileServingEnabled, directoryBrowsingEnabled, and serveServletsByClassnameEnabled
- ForceSessionIdLengthCheck
- ForceSessionInvalidationMultiple
- httpsIndicatorHeader
- listeners
- prependSlashToResource
- trusted
BodyContentBuffSize
The size of the body content buffer for a JavaServer Pages (JSP) file can affect the performance
of some applications. By default, the body content buffer size is 512 bytes. However, you can use
the BodyContentBuffSize
custom property to set a different buffer value.
Name | Default value |
---|---|
BodyContentBuffSize | 512 |
com.ibm.ws.jsf.disablealternatefacesconfigsearch
Disables MyFaces searching for META-INF/*.faces-config.xml for all web applications on a server.
Name | Default value |
---|---|
com.ibm.ws.jsf.disablealternatefacesconfigsearch | false |
com.ibm.ws.jsp.allowExpressionFactoryPerApp
If other JavaServer Faces (JSF) applications are already deployed in the server and use an expression language (EL) parser other than the default, the JSF application you deploy can have the following error:
java.lang.IllegalArgumentException:
argument type mismatch:.javax.el.ELException
..
at
org.apache.myfaces.view.facelets.el.TagValueExpression.setValue
(TagValueExpression.java:129)
at javax.faces.component.UIInput.updateModel(UIInput.java:420)
at
javax.faces.component.UIInput.processUpdates(UIInput.java:339)
...
Name | Default value |
---|---|
com.ibm.ws.jsp.allowExpressionFactoryPerApp | false |
com.ibm.ws.jsp.doNotEscapeWhitespaceCharsInExpression
Typically, Expression Language (EL) expressions in tag files get evaluated before a JavaServer Page (JSP) is compiled. However, to ensure that an EL expression that contains a carriage return (\r), new line (\n), or tab (\t) character within the syntax does not cause a javax.el.Exceptionable exception, set the com.ibm.ws.jsp.expressionistic custom property to true. The custom property applies across the web container.
Name | Default value |
---|---|
com.ibm.ws.jsp.doNotEscapeWhitespaceCharsInExpression | false |
To enable the behavior for a specific application, set the doNotEscapeWhitespaceCharsInExpression attribute to true in the ibm-web-ext.xml file of the application.
com.ibm.ws.jsp.enableDefaultIsELIgnoredInTag
Typically Expression Language (EL) expressions in tag files get evaluated before the tag files a JavaServer Page (JSP) is compiled. However, under certain conditions these EL expressions in a tag file do not get evaluated if the <el-ignored> attribute is set to true.
To ensure that EL expressions are always evaluated, set the
com.ibm.ws.jsp.enableDefaultIsELIgnoredInTag
custom property to
true. The default value for this property is false.
Name | Default value |
---|---|
com.ibm.ws.jsp.enableDefaultIsELIgnoredInTag | false |
com.ibm.ws.jsp.expressionreturnemptystring
This property enables you to indicate whether you want the JSP container to return an empty string or null for unset values in an expression.
testValue
is null in the testBean
:
<input type='text' name='test' value='<%=testBean.getTestValue()%>'maxlength=16
>
Some applications expect an empty string to be returned in these situations rather than the value of null. If the applications you are running expect an empty string to be returned, add this custom property to your web container settings and set the property to true.
Name | Default value |
---|---|
com.ibm.ws.jsp.expressionreturnemptystring | false |
com.ibm.ws.jsp.getWriterOnEmptyBuffer
The dynamic cache service uses flushes to determine when one cacheable web fragment, such as a
JSP include or a c:import
, ends and the next web fragment begins. If you set the
com.ibm.wsspi.jsp.usecdatatrim
custom property to true for
your JSP engine, all the blank space and extra lines in the generated Java code are stripped out. In this situation, there might not be any content
to write before the first flush. If the generated Java code
contains text or other code before the first flush, then normal dynamic cache service processing
occurs.
If you set the com.ibm.wsspi.jsp.usecdatatrim
custom property to
true, and are using the dynamic cache service, you must also set the
com.ibm.ws.jsp.getWriterOnEmptyBuffer
custom property to
true. This custom property requires the JSP Engine to call the flush function
when it reaches the end of the first cacheable web fragments even if there is not any data to flush.
The default value for this property is false.
Name | Default value |
---|---|
com.ibm.ws.jsp.getWriterOnEmptyBuffer | false |
com.ibm.ws.jsp.limitBuffer
The body content buffer size of the tag bodies for a JavaServer Pages (JSP) file are reused to
optimize performance. If the size of a tag body increases beyond the default body content buffer
size, the buffer is resized to accommodate the tag body. However, the buffer is not reset to the
default size after serving a request. As a result, the heap memory that is used by
org.apache.jasper.runtime.BodyContentImpl
implementation might increase over time.
You can configure the body content buffer size by setting an integer value for the
BodyContentBuffSize
custom property. For more information, see BodyContentBuffSize.
Use the com.ibm.ws.jsp.limitBuffer
custom property to deallocate large body
content buffer sizes and create a buffer with the default buffer size.
Name | Default value |
---|---|
com.ibm.ws.jsp.limitBuffer | false |
com.ibm.ws.jsp.throwExceptionForAddELResolver
Set the com.ibm.ws.jsp.throwExceptionForAddELResolver
property to
true if you do not want to allow an ELResolver to be registered from a
servlet or a filter after the application receives a request from the client. When this property is
set to true, an IllegalStateException is given as specified by the JSP (JavaServer Pages)
specification for addELResolver() method of the JspApplicationContext interface.
The default value for this property is false.
Name | Default value |
---|---|
com.ibm.ws.jsp.throwExceptionForAddELResolver | false |
com.ibm.ws.webcontainer.ADD_STS_HEADER_WEBAPP
Starting in Version 8.5.5.18, you can add the HSTS response header for a HTTPs request. To enable this option, set a web application context-parameter custom property. The param-value shown is an example:
<context-param> <param-name>com.ibm.ws.webcontainer.ADD_STS_HEADER_WEBAPP</param-name> <param-value>max-age=31536000; includeSubDomains; preload</param-value> </context-param>
Optionally, add the server-level custom property. The value shown is an example:
com.ibm.ws.webcontainer.addStrictTransportSecurityHeader="max-age=31536000; includeSubDomains"
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ADD_STS_HEADER_WEBAPP | false |
com.ibm.ws.webcontainer.allowDotsinName
If the requested static file has multiple consecutive dots in the name, the request is rejected by the server as a forbidden request.
When this property is set to true, the requested file is served.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.allowDotsinName | false |
com.ibm.ws.webcontainer.allowPrivAccessGetResource
The path to the file defined with the EDR (extended document root) option is not considered part
of the installed application artifacts. Therefore, accessing the file requires special permissions.
A Java.security.AccessControlException
: Access denied (java.io.FilePermission)
exception is issued if the required permissions are not provided for this file in the web
application.
When this property is set to true, the application is allowed access to the file whose path is defined in the EDR.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.allowPrivAccessGetResource | false |
com.ibm.ws.webcontainer.AllowQueryParamWithNoEqual
If the query parameter in a URL contains only the string name
instead of the
expected name=value
format, the server returns the value of
request.getParameter(name
) query as null.
When this property is set to true, if the query parameter in a URL
contains only the string name
, the server returns an empty string as the value for
the request.getParameter(name
) query.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.AllowQueryParamWithNoEqual | false |
com.ibm.ws.webcontainer.appendMetaInfResourcesInLooseLib
This property removes the additional path when an application is deployed in a loose configuration, and is mainly used in a development environment or server.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.appendMetaInfResourcesInLooseLib | false |
com.ibm.ws.webcontainer.asyncmaxsizetaskpool
This custom property specifies the maximum task queue size that is used to hold the dispatched asynchronous servlet.
Name | Default Value |
---|---|
com.ibm.ws.webcontainer.asyncmaxsizetaskpool | 5000 |
com.ibm.ws.webcontainer.asyncpurgeinterval
This custom property specifies the interval which the web container should purge the task queue to release the resource of the canceled tasks.
Name | Default Value |
---|---|
com.ibm.ws.webcontainer.asyncpurgeinterval | 30000 |
com.ibm.ws.webcontainer.channelwritetype
By default, the web container uses asynchronous writes to write response data in chunks up to the response buffer size. For larger responses that are greater than the response buffer size, the web container continues to buffer response data into memory while waiting for an asynchronous write of a response data chunk to complete. This process can result in part of a large response that is held in memory, which can lead to high memory usage and potentially an out of memory error. An application server hang might also occur when a server is simultaneously processing more requests than web container-defined threads.
If the com.ibm.ws.webcontainer.channelwritetype
property is set to
sync, synchronous writing is used, otherwise asynchronous writing is used by
default. With synchronous writing, response data is written synchronously in chunks of up to the
value of responsebuffersize and no response data are buffered into memory while waiting for a
synchronous write of a response data chunk to complete. As a result, the approximate maximum amount
of response data that is held in memory is equal to the responsebuffersize multiplied by the number
of web container threads. The maximum number of requests that can be processed simultaneously by the
web container is limited by the number of web container threads. Additional requests are queued,
waiting for a request that is in process to complete.
The responsebuffersize web container custom property defines the maximum amount of response data that is written by the web container in a single chunk, and is 32k by default. As a result, it is used to change the number of writes that are needed by the web container to send complete response data. However, if an application flushes response data, any response data that is held by the web container is immediately written irrespective of the responsebuffersize.
Use the following name-value pair to write chunks of data using synchronous writes.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.channelwritetype | async |
com.ibm.ws.webcontainer.checkEDRinGetRealPath
The ServletContext.getRealPath() Java Servlet API does not
return the correct path for a requested resource when the resource exists in an extendedDocumentRoot
path and does not exist in the installed application path. If you want the
ServletContext.getRealPath() Java Servlet API to look for the
requested resource in the extendedDocumentRoot path if the resource is not found in the installed
application path, set the com.ibm.ws.webcontainer.checkEDRinGetRealPath
custom
property to true.
When this property is set to true, and the requested resource is also not found in the extendedDocumentRoot path, a null value is returned.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.checkEDRinGetRealPath | false |
com.ibm.ws.webcontainer.copyattributeskeyset
This custom property addresses a situation where the request.getAttributeNames method returns a list of values. If a servlet modifies the list using the request.removeAttribute method, subsequent calls to the nextElement method cause a java.util.ConcurrentModificationException exception. To enable a servlet to modify the list, set the com.ibm.ws.webcontainer.copyattributeskeyset custom property to true. When you set this custom property to true, a copy of the list of attributes is returned, which enables the servlet to modify the list without resulting in a java.util.ConcurrentModificationException exception when the nextElement method is called.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.copyattributeskeyset | false |
com.ibm.ws.webcontainer.decodeParamViaReqEncoding
When the inbound request URI is not UTF-8 encoded, but the request encoding is set to UTF-8,
characters whose encoded values are different in ISO-8859 are displayed incorrectly in the response.
For example, a request might display the characters as n-tilde (Ñ) characters. To ensure that the
characters are encoded and decoded correctly, based on the request encoding set, add the
com.ibm.ws.webcontainer.decodeParamViaReqEncoding
Web container custom property to
your Web container settings and set it to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.decodeParamViaReqEncoding | false |
com.ibm.ws.webcontainer.deferServingRequestsUntilEarStarted
This custom property defers serving requests until the whole Enterprise Archive (EAR) is started.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.deferServingRequestsUntilEarStarted | false |
com.ibm.ws.webcontainer.deferServletRequestListenerDestroyOnError
If this custom property is set to true, the web container enables CDI to work properly on custom error pages.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.deferServletRequestListenerDestroyOnError | false |
com.ibm.ws.webcontainer.disableSetCharacterEncodingAfterParametersRead
The web container processes a setCharacterEncoding(String) method of the ServletRequest API even if it is called after the post data is parsed. According to the Java Servlet Specification, the web container should ignore a setCharacterEncoding(String) method if the method is called after the data is parsed.
If you want the web container to ignore a setCharacterEncoding(String) method if the method is
called after the data is parsed, add the
com.ibm.ws.webcontainer.disableSetCharacterEncodingAfterParametersRead
custom
property to your web container configuration settings and set this property to
true.
The default value for this property is false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.disableSetCharacterEncodingAfterParametersRead | false |
com.ibm.ws.webcontainer.disableStaticMappingCache
The com.ibm.ws.webcontainer.disableStaticMappingCache custom property allows the user to disable the static caching. It can be set in the administrative console or though the context parameter in the web.xml.
To disable static caching for all deployed applications, use an asterisk. If you want to disable static caching for specific applications, use a comma.
For example, com.ibm.ws.webcontainer.disableStaticMappingCache=* disables static caching for all deployed applications. com.ibm.ws.webcontainer.disableStaticMappingCache=SpecialApp,RareApp disables static caching for only those two applications.
You can also set a context parameter in the web.xml to disable static caching for the application. The parameter name is com.ibm.ws.webcontainer.DISABLE_STATIC_MAPPING_CACHE and set the parameter value to true.
There is no default value for this property.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.disableStaticMappingCache | none |
com.ibm.ws.webcontainer.disableSystemAppGlobalListenerLoading
If a system application is the first to start, and the application attempts to load a
global listener in a shared library that is associated with the server classloader, the application
does not load that listener and prevents the listener from being loaded or invoked by a later
non-system application. Set the
com.ibm.ws.webcontainer.disableSystemAppGlobalListenerLoading
custom property to
true to prevent system applications from loading global listeners. When this property is set to
true, the system application does not attempt to load the global listeners
and later non-system applications can load them from a shared library that is associated with a
server class loader.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.disableSystemAppGlobalListenerLoading | false |
com.ibm.ws.webcontainer.disablexPoweredBy
When you configure server security, you can turn off the X-Powered-By header if you do not want to reveal which server you are running. Use this custom property to disable the X-Powered-By header, which prevents the header from being sent on the HTTP response. The default value is false. However, set this property to true, if you want to disable this header.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.disablexPoweredBy | false |
com.ibm.ws.webcontainer.disallowAllFileServing
Use the com.ibm.ws.webcontainer.disallowAllFileServing
custom property
to disable file serving on all applications on a specific application server.
You can enable file serving on a global level across a given application server by using the fileServingEnabled custom property. However, the fileServingEnabled property is overridden by the specific deployment information of each application. Therefore, the current fileServingEnabled custom property applies only as a backup in case an application does not define the fileServingEnabled setting itself.
To globally override this setting on a specific application server to prevent the application
server from serving static files regardless of their individual deployment settings, set the
com.ibm.ws.webcontainer.disallowAllFileServing
web container custom property to
true using the following name-value pair.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.disallowAllFileServing | false |
com.ibm.ws.webcontainer.disallowServeServletsByClassname
When the ServeServletsByClassnameEnabled property is enabled, it is possible to access servlets directly, resulting in a possible security exposure. Define the following custom property to disallow the use of the serveServletsByClassnameEnabled property across the entire application server level.
Name | Default value | Valid value |
---|---|---|
com.ibm.ws.webcontainer.disallowserveservletsbyclassname |
true |
false |
true
for Version 8.5.5.6. Older
versions have the default value set as false
unless you install an interim fix for
PI31622.com.ibm.ws.webcontainer.discernUnavailableServlet
Typically, when the web container receives an UnavailableException, it cannot determine whether the exception was issued from a servlet or a dispatched resource. Therefore, the web container automatically marks the servlet unavailable even if it is the dispatched resource that is unavailable.
If you are running on Version 7.0.0.5 or later, and have set the
com.ibm.ws.webcontainer.discernUnavailableServlet
custom property to true, any
UnavailableException that is issued from a dispatched resource is placed in a wrapper. This wrapper
enables the web container to determine whether the exception was issued from the servlet or a
dispatched resource. If the exception is not issued by the servlet, the web container does not mark
the servlet unavailable.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.discernUnavailableServlet | false |
com.ibm.ws.webcontainer.dispatcherRethrowSER
The RequestDispatcher propagates the exceptions from the dispatched servlets back to the dispatching servlets. This is a change in behavior from that in previous releases. If you do not want the application to throw exceptions back to the servlet doing the dispatching, add the com.ibm.ws.webcontainer.dispatcherRethrowSER custom property to the settings for the web container and set the property to false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.dispatcherRethrowSER | true |
com.ibm.ws.webcontainer.dispatcherRethrowSError
custom
property supersedes the com.ibm.ws.webcontainer.dispatcherRethrowSER
custom
property. When you enable the com.ibm.ws.webcontainer.dispatcherRethrowSError
custom property by setting its value to true, the
com.ibm.ws.webcontainer.dispatcherRethrowSER custom property is also set to true.com.ibm.ws.webcontainer.dispatcherRethrowSError
When a JavaServer Page (JSP) file contains a compilation error, the runtime error is caught and
handled directly by the container. Exceptions are not propagated and addressed by the dispatched JSP
resource. With the com.ibm.ws.webcontainer.dispatcherRethrowSError
custom property,
exceptions are propagated back to the dispatched JSP resource.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.dispatcherRethrowSError | false |
com.ibm.ws.webcontainer.dispatcherRethrowSError
custom
property supersedes the com.ibm.ws.webcontainer.dispatcherRethrowSER custom property. When you
enable the com.ibm.ws.webcontainer.dispatcherRethrowSError
custom property by
setting its value to true, the
com.ibm.ws.webcontainer.dispatcherRethrowSER
custom property is also set to
true.com.ibm.ws.webcontainer.displayTextWhenNoErrorPageDefined
The web container allows the display of custom text when no error page is defined. This property affects all applications on the server.
com.ibm.ws.webcontainer.displayTextWhenNoErrorPageDefined="display text"
<webContainer displaytextwhennoerrorpagedefined="display text"/>
Name | Default value |
---|---|
com.ibm.ws.webcontainer.displayTextWhenNoErrorPageDefined | none |
com.ibm.ws.webcontainer.donotservebyclassname
The com.ibm.ws.webcontainer.donotservebyclassname
custom property
specifies a list of classes that cannot be served by the class name.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.donotservebyclassname | none |
com.ibm.ws.webcontainer.emptyServletMappings
If set to true, the
com.ibm.ws.webcontainer.emptyServletMappings
custom property returns an empty
collection when the servlet mappings are requested by the getMappings() method and no mappings have
yet been added.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.emptyServletMappings | false |
com.ibm.ws.webcontainer.enabledefaultservletrequestpathelements
Value | Servlet Path value | PathInfo value |
---|---|---|
true | Set to the contents of the URI after the Context Path | Set to a null value |
false (Default) | Set to an empty string | Set based on the contents of the URI after the Context Path |
com.ibm.ws.webcontainer.enableErrorExceptionTypeFirst
- Any matching error-code error page
- Any matching exception-type error page
The matched error-code page is always returned even if there is also a matching exception type
error page that is defined in the web.xml
file. To have the Web container search
and use the exception-type before the error-code, set this property to
true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.enableErrorExceptionTypeFirst | false |
com.ibm.ws.webcontainer.enableExactMatchJSecurityCheck
Specify this property if you want to allow the keyword j_security_check to be used as part of the name of a resource. Typically, if a URI contains the keyword j_security_check the login process is initiated.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.enableExactMatchJSecurityCheck | false |
com.ibm.ws.webcontainer.enableJspMappingOverride
When a url-pattern is defined in the jsp-property-group of the web.xml, file, it is typically
mapped to, and handled by the JavaServer Page (JSP) engine. If you have applications that must
override this mapping so that they can handle and serve the JSP content themselves, set the
com.ibm.ws.webcontainer.enableJspMappingOverride
property to
true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.enableJspMappingOverride | false |
com.ibm.ws.webcontainer.enableMultiReadOfPostData
Set the com.ibm.ws.webcontainer.enableMultiReadOfPostData
custom property to
true if you want to enable multiple reads of post data. When this property is
set to true, the post data can be read multiple times as either an InputStream or Reader, and as
parameters.
- Obtain the InputStream or Reader
- Read the data
- Close the InputStrean or Reader
If either the first or third action does not occur, the next read of the post data is not reset to the beginning of that data.
The web container automatically completes this sequence if an application rereads the post data as parameters.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.enableMultiReadOfPostData | false |
com.ibm.ws.webcontainer.enablePostOnlyJSecurityCheck
Set the com.ibm.ws.webcontainer.enablePostOnlyJSecurityCheck
custom property to
true to disable all login methods except the POST method. You can set this
custom property in the administrative console through web container custom properties. The server
returns a 404 response status when all login methods are disabled.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.enablePostOnlyJSecurityCheck | false |
com.ibm.ws.webcontainer.excludehandledtypesclasses
Use the com.ibm.ws.webcontainer.excludehandledtypesclasses
custom property to
exclude the handle type classes from being passed into the onStartup method of the
ServletContainerInitializer implementation class.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.excludehandledtypesclasses | false |
com.ibm.ws.webcontainer.extractHostHeaderPort and trusthostheaderport
- Port number from the request URL
- Port number from the request host header
http://ProxyServer:8888
. The web container was modified to return a
port number from the host header, if any, or the URL port that accepted the client connection. You
must set the trusthostheaderport and the
com.ibm.ws.webcontainer.extractHostHeaderPort
custom property to true to return the
port number from the request host header first. Using the administrative console,
you would set these properties as follows:
trusthostheaderport = true
com.ibm.ws.webcontainer.extractHostHeaderPort = true
web.xml
to have them take effect as intended.Name | Default value |
---|---|
com.ibm.ws.webcontainer.extractHostHeaderPort | false |
trusthostheaderport | false |
com.ibm.ws.webcontainer.finishresponseonclose
Use the com.ibm.ws.webcontainer.finishresponseonclose
custom property to
indicate that you want the web container to close a connection when a servlet calls close() on a
writer or output stream.
Typically, when a servlet calls close() on a writer or output stream, the web container sends the data that has been written to the writer or output stream to the client, and then waits for the servlet service() method to finish before it closes the connection. This delay might be interpreted as a response completion delay, especially if a servlet service() method does not complete until sometime after the writer or output stream is closed.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.finishresponseonclose | false |
com.ibm.ws.webcontainer.ForceDifferentCookiePaths
When you configure an application to use a cookie to track the session, the default path for the
cookie is set to the context root of the application. Therefore, the cookie is only sent to requests
that are made to this application. To change the default path to be /
(forward slash), such
that the cookie is sent to requests for any application in this domain, set the
ForceDifferentCookiePaths session manager custom property.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ForceDifferentCookiePaths | false |
com.ibm.ws.webcontainer.handlingRequestWithOverridenPath
When an application overrides the URI pathinfo, the server does not use the overridden path to
service the request, but instead uses the original request URI pathinfo. If you want the server to
use the overridden URI path, then set
com.ibm.ws.webcontainer.handlingRequestWithOverridenPath
to
true. Normally, when an application overrides the request URI path, that URI
path is used by application and not by server.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.handlingRequestWithOverridenPath | false |
com.ibm.ws.webcontainer.HTTPOnlyCookies
com.ibm.ws.webcontainer.HTTPOnlyCookies
custom property provides a level of
defense against a client-side script that accesses a protected cookie and acquiring its content. When
you use this custom property, you can prevent Java scripts
that run in a browser from accessing all cookies or a particular list of cookies of your choosing.
The HTTPOnly attribute is added to each cookie specified in this custom property and enables
protection from client-side script access.com.ibm.ws.webcontainer.HTTPOnlyCookies
with no operands means that the HTTPOnly
attribute is NOT added to any cookie, and any client-side Java
script running in a browser can access the content of any cookies.- * - An asterisk value means that all cookies are given the HTTPOnly attribute.
- A comma-delimited list of the specific cookies that are given the HTTPOnly attribute. Cookies might contain wildcard characters. The HTTPOnly attribute is only given to the matched cookies that are on this list.
com.ibm.ws.webcontainer.HTTPOnlyCookies=*
com.ibm.ws.webcontainer.HTTPOnlyCookies=cookieName1,Account3Cookie,JsessionID
com.ibm.ws.webcontainer.HTTPOnlyCookies
are case-insensitive.com.ibm.ws.security.addHttpOnlyAttributeToCookies
custom property default was
false. For WebSphere Application Server Version 8.5,
the default is true.com.ibm.ws.security.addHttpOnlyAttributeToCookies
custom property default was
false. The current default value is true.Because the HTTPOnly attribute is now set using the Set session cookies to HTTPOnly to help prevent cross-site scripting attacks field in the administrative console, if you need to disable this function, in the administrative console, click Server Types > Application servers > Session management > Cookies, and clear the Set session cookies to HTTPOnly to help prevent cross-site scripting attacks field.
For more information on the interaction of these two custom properties, see Cookie settings and Enablement and migration considerations of Security hardening features.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.HTTPOnlyCookies | none |
com.ibm.ws.webcontainer.ignoreinjectionfailure
If a resource or Enterprise JavaBeans (EJB) injection fails during the servlet initialization process, an error message is written to the server log files. However, the error message is not propagated to the client. In addition, the servlet is put into service and it is not reinitialized until its application is restarted. During this time, if a request is received that references the resource, which previously failed to inject, a NullPointerException exception results. Similarly, this problem can occur during the filter and listener initialization processes.
The com.ibm.ws.webcontainer.ignoreinjectionfailure
custom property enables you
to specify whether to propagate these error messages and whether to put a servlet into service. By
default, the custom property is set to false, which retains the previously
described behavior. To enable the propagation of these injection exceptions to the client and to not
put the servlet into service, you must leave this custom property set to
false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ignoreinjectionfailure | false |
com.ibm.ws.webcontainer.ignoreInvalidQueryString
When the web container encounters an encoding character in a query string pair that is not valid,
it throws an IllegalArgumentException exception and, by default, ignores the entire query string. In
applications where every field in the query string is an essential resource, it might not be
desirable to ignore the entire query string. If you set the
com.ibm.ws.webcontainer.ignoreInvalidQueryString
custom property to
true, the web container ignores query string pairs that are not valid and
continues to process valid query string pairs.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ignoreInvalidQueryString | false |
com.ibm.ws.webcontainer.ignorePostConstructOverriddenMethod
If a parent class has its annotated @PostConstruct method overridden by a subclass, when the target subclass annotated method is called, the web container invokes the target subclass twice. If you set the com.ibm.ws.webcontainer.ignorePostConstructOverriddenMethod custom property to true, the web container invokes only the target subclass method once, and any parent's overridden methods are ignored.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ignorePostConstructOverriddenMethod | false |
com.ibm.ws.webcontainer.ignoreSemiColonOnRedirectToWelcomePage
If this property is set to true, the web container ignores the semicolon and everything after it when redirecting to the welcome page.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ignoreSemiColonOnRedirectToWelcomePage | false |
com.ibm.ws.webcontainer.IgnoreSessiononStaticFileRequest
The web container accesses a session for the static file requests involving filters. This action
can result in a performance degradation, for example, when running with database session
persistence. If you set the
com.ibm.ws.webcontainer.IgnoreSessiononStaticFileRequest
custom property to
true, the web container cannot access a session for the static files requests
involving filters.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.IgnoreSessiononStaticFileRequest | false |
com.ibm.ws.webcontainer.initFilterBeforeInitServlet
Set the com.ibm.ws.webcontainer.initFilterBeforeInitServlet
custom property to
true to initialize filters before initializing load-on-startup servlets
during the startup process for an application.
com.ibm.ws.webcontainer.invokeFilterInitAtStartup
property and the com.ibm.ws.webcontainer.initFilterBeforeInitServlet
property must
be set to true for the filters to be initialized first on application
startupName | Default value |
---|---|
com.ibm.ws.webcontainer.initFilterBeforeInitServlet | false |
com.ibm.ws.webcontainer.invokeFilterAfterService
The com.ibm.ws.webcontainer.invokeFilterAfterService
custom property ensures
that the web container does not call the failing flush()
when the OutputStream is
closed.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.invokeFilterAfterService | true |
com.ibm.ws.webcontainer.invokeFilterInitAtStartup
The com.ibm.ws.webcontainer.invokeFilterInitAtStartup
custom property enables
the web container to invoke the init method and initialize a filter during the startup process for
an application.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.invokeFilterInitAtStartup | false |
com.ibm.ws.webcontainer.invokeflushafterserviceforstaticfileresponsewrapper
Set this custom property to false so that the web container does not flush the response after service for a request to a static file when the application uses a response wrapper.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.invokeflushafterserviceforstaticfileresponsewrapper | true |
com.ibm.ws.webcontainer.KeepUnreadPostDataAfterResponseSentToClient
This property indicates whether post data is available to read after the client response is
completed, following either the completion of a forward request completes, or a return from a
sendRedirect. If this property is set to true, post data is available to read
after the client response is completed either after a forward request completes, which is the
default behavior, or on a return from a sendRedirect, which occurs when the
com.ibm.ws.webcontainer.SendResponseToClientAsPartOfSendRedirect
custom property is
set to true. However, setting this property to true
requires unread post data to be held in memory until the target resource completes, and increases
memory usage.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.KeepUnreadPostDataAfterResponseSentToClient | false |
com.ibm.ws.webcontainer.logServletContainerInitializerClassloadingErrors
When examining the classes of an application to see whether they match any of the criteria that is specified by the HandlesTypes annotation of a ServletContainerInitializer, the container might run into class loading problems if one or more of the optional application JAR files are missing. Because the container does not decide whether these types of class loading failures prevent the application from working correctly, it ignores the failures and provides a configuration option that logs them.
Setting this property to true turns on logging.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.logServletContainerInitializerClassloadingErrors | false |
com.ibm.ws.webcontainer.mapFiltersToAsterisk
When processing a request, the web container recognizes servlet mappings to *
as
the same as servlet mappings to /*
. To provide the same behavior with filter mapping, set the
com.ibm.ws.webcontainer.mapFiltersToAsterisk
custom property to
true. Setting the
com.ibm.ws.webcontainer.mapFiltersToAsterisk
custom property to
true causes the web container to recognize filter mappings to *
as a
filter mapping to /*
. This custom property is not case-sensitive.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.mapFiltersToAsterisk | false |
com.ibm.ws.webcontainer.maxfilecount
You can use this property to change the maximum number of files allowed in a multipart upload request. An integer represents the maximum number of files allowed in a multipart upload request defaults to 5000.
You can set this property to -1 if you do not want to limit the number of files uploaded in a request.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.maxfilecount | 5000 |
com.ibm.ws.webcontainer.maxParamPerRequest
You can use this property to change the maximum number of parameters that are allowed in your inbound requests, based on your applications and environment. The maximum number of parameters allowed per inbound request (GET or POST) defaults to 10000.
You can set this property to -1 if you do not want to limit the number of parameters that can be included in a request.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.maxParamPerRequest | 10000 |
com.ibm.ws.webcontainer.metainfresourcescachesize
You can use this property to change the number of entries in the META-INF resource cache. The default for this property is 20.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.metainfresourcescachesize | 20 |
com.ibm.ws.webcontainer.modifiedFileNotFoundExceptionBehavior
When a file does not exist and is the target of an include or forward
operation for a request dispatcher, a FileNotFoundException occurs. You enable this file not found
exception behavior by setting this custom property to true
and allowing the
exception to be thrown when a file does not exist. If you set this property to
false
, the FileNotFoundException is suppressed as well as any logging of the
failure. Also, if such a request results in a 404 exception, FFDCs are no longer
created.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.modifiedFileNotfFoundExceptionBehavior | true |
com.ibm.ws.webcontainer.ModifiedSinceLaterThanFileTimeStamp
When this property is set to true, the web container returns a 304 response if the If-Modified-Since timestamp of the requested variant is newer than the timestamp of the target variant.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ModifiedSinceLaterThanFileTimeStamp | false |
com.ibm.ws.webcontainer.normalizerequesturi
Typically, request URI 404 errors do not occur if a request URI is submitted from a browser because most modern browsers automatically normalize a request URI before calling WebSphere Application Server. Therefore, by default, the web container does not normalize a request URI before trying to resolve that URI to an application and servlet mapping.
A request URI, that includes /./ or /../ as part of an application context, that has not been normalized, might fail with a 404 error. Similarly, a request URI, that includes /./" or /../ as part of a servlet path, that has not been normalized, fails to match a servlet mapping, which also results in a 404 error, even though the URI is normalized before resolving the URI to a JavaServer Pages (JSP) or static file.
You can set the com.ibm.ws.webcontainer.normalizerequesturi
custom property to
true and the web container normalizes these types of request URIs.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.normalizerequesturi | false |
com.ibm.ws.webcontainer.parseUTF8PostData
If the web container attempts to process a request that includes UTF-8 post data that is not URL encoded, the target resource accesses the post data as parameters. However, the UTF-8 data is not decoded correctly and the result data might be lost.
To resolve this issue, set the com.ibm.ws.webcontainer.parseUTF8PostData
custom
property to true. When the web container processes parameters, it detects UTF-8 post data that is
not URL encoded and includes the data in the parameter values.
To use this function, you must set the value to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.parseUTF8PostData | false |
com.ibm.ws.webcontainer.preserveRequestParameterValues
Use this custom property to preserve the original values of the parameter values used on the request.
The javax.servlet.ServletRequest.getParameterValues()
method returns an array
of String of the request parameter values. If this array of String is modified directly, the
original request parameter values can be lost. Any subsequent call to
javax.servlet.ServletRequest.getParameterValues()
method returns the modified
values.
To preserve the original request parameter values, you must set the value to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.preserveRequestParameterValues | false |
com.ibm.ws.webcontainer.provideQStringToWelcomeFile
Typically, when a request is initially sent to the context root of the application, the request is forwarded to a welcome file. If a query string is included in an initial request, it is unavailable to the welcome file if you included the request.getQueryString() attribute in the welcome file. However, the query string is available to the welcome file if you included the javax.servlet.forward.query_string attribute in the welcome file.
If you must use the request.getQueryString() attribute, instead of the
javax.servlet.forward.query_string attribute, to make the query string available to the welcome
file, add the com.ibm.ws.webcontainer.provideQStringToWelcomeFile
custom property
to your web container configuration and set the property to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.provideQStringToWelcomeFile | false |
com.ibm.ws.webcontainer.redirectcontextroot
If set to true, and a request is made to the context root of an application with a missing trailing slash, the WebContainer appends the trailing slash. The WebContainer redirects to the URL with the appended slash before it applies any servlet filters defined in the application.
For example, a request to http://host:port/contextRoot is redirected to http://host:port/contextRoot/ before any filters are applied.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.redirectcontextroot | false |
com.ibm.ws.webcontainer.RedirectWithPathInfo
When the redirect location provided is a relative URL and is without a leading '/' then during the conversion of the relative URI value to an absolute URL, the server removes the PathInfo from the existing URI.
Set com.ibm.ws.webcontainer.RedirectWithPathInfo to true to ensure that existing PathInfo is not removed. The extra path information until the last trailing slash will be appended to the URI and then redirected to the resource.
Name | Value |
---|---|
com.ibm.ws.webcontainer.RedirectWithPathInfo | false |
com.ibm.ws.webcontainer.removeAttributeForNullObject
By default, the getAttributeNames() method can return an attribute name whose value has been set to null if the value passed to the ServletRequest.setAttribute() or ServleContextt.setAttribute() method is null. This default behavior is not in accordance to the API.
If you want the web container to remove the attribute if the null object is passed to the
ServletRequest.setAttribute() or ServleContextt.setAttribute() method, add this
com.ibm.ws.webcontainer.removeAttributeForNullObject
custom property to your web
container configuration, and set the property to true.
Data type | Default |
---|---|
Boolean | false |
com.ibm.ws.webcontainer.returnDefaultContextPath
Use the com.ibm.ws.webcontainer.returnDefaultContextPath
custom property
to return the correct context path when an application is installed on the default context root. For
example, when the property is set to true, the context path is set to an empty string for any
application that is installed on the default context root.
Data type | Default |
---|---|
Boolean | False |
com.ibm.ws.webcontainer.returnzeroendofinputstream
By default, when a servlet calls the java.io.InputStream.available method, the method can
return a -1
value when the end of the data stream is reached. If your code
allocates a new buffer when the returned value is -1
, such as with the
byte[InputStream.available()]
code, a maximum integer buffer is created. This
maximum integer buffer can cause your system to run out of memory. To avoid the out of memory
condition, check the return value of the InputStream.available method and if it is less than the
value of 0
, do not allocate a new buffer. Alternatively, set this custom property
to the true
value so that the java.io.InputStream.available method returns a
0
value instead of a -1
value.
Data type | Default |
---|---|
Boolean | False |
com.ibm.ws.webcontainer.searchMetaInfResourcesDuringAppStart
Use the com.ibm.ws.webcontainer.searchMetaInfResourcesDuringAppStart
custom property to disable the enhanced feature when searching for the
/META-INF/resources.
Data type | Default |
---|---|
Boolean | True |
com.ibm.ws.webcontainer.SendResponseToClientAsPartOfSendRedirect
This property indicates whether a response is completed as part of a sendRedirect request. If this property is set to true, a response is completed as part of a sendRedirect request, and any post data associated with the request is not available for a read on return from sendRedirect.
The default value is false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.SendResponseToClientAsPartOfSendRedirect | false |
com.ibm.ws.webcontainer.SendResponseToClientWhenResponseIsComplete
This property indicates whether a response is completed on return from a forward request.
If this property is set to false, a response is not completed on return from a forward request. Instead, it is delayed until the target resource completes. Post data is available for a read after the forward completes.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.SendResponseToClientAsPartOfSendRedirect | true |
com.ibm.ws.webcontainer.setcontenttypebysetheader
When autoResponseEncoding is enabled or when the
com.ibm.ws.webcontainer.contentTypeCompatibility
property is set, the application
server sets the content type of the response using an internal method. To enable setting the
content-type using the ServletResponse.setContentType method instead, you need to set the
com.ibm.ws.webcontainer.setcontenttypebysetheader
custom property to
false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.setcontenttypebysetheader | true |
com.ibm.ws.webcontainer.setAsyncDispatchRequestURI
If this property is set to true, the web container sets the current request URI as the target of the async dispatch.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.setAsyncDispatchRequestURI | false |
com.ibm.ws.webcontainer.ServeWelcomeFileFromExtendedDocumentRoot
Typically, the first time the web container handles a request for a static welcome page that is not a JavaServer Pages (JSP) file, the web container does not search the ExtendedDocumentRoot for the welcome file unless the request for that welcome file is fully qualified. If the request is fully qualified, the web container serves the welcome file, and the context root of the application displays the welcome file. If the request for the static welcome file is not fully qualified, the web container returns a 404 error, which indicates that the web container did not find the welcome file.
After the web container successfully serves a welcome file, the web container creates a mapping for that welcome file. The web container then uses this mapping to handle future requests for the welcome file, eliminating the need for subsequent requests to be fully qualified.
If you want the web container to always search an application defined ExtendedDocumentRoot for a
welcome file, even if the request is not fully qualified, you can add the
com.ibm.ws.webcontainer.ServeWelcomeFileFromExtendedDocumentRoot
custom property to
your web container settings, and set this property to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ServeWelcomeFileFromExtendedDocumentRoot | false |
com.ibm.ws.webcontainer.ServletDestroyWaitTime
By default, when an application is stopped the web container waits up to 60 seconds for each
active request for a resource of that application to complete. You can now define the
com.ibm.ws.webcontainer.ServletDestroyWaitTime
web container custom property to
control the amount of time that the web container waits for an active request to complete when the
owning application is stopped.
Set the com.ibm.ws.webcontainer.ServletDestroyWaitTime
custom property to an
integer value, which specifies the number of seconds to wait for a request to complete. The default
value is 60 seconds.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.ServletDestroyWaitTime | 60 |
com.ibm.ws.webcontainer.setUnencodedHTMLinsendError
Typically, the web container encodes the specified error messages before formatting them, to prevent Cross-Site Scripting (XSS) attacks on the client if the application does not sanitize these messages. However, the Java Servlet Specification for the sendError(int, String) method, indicates that the server should create the response to look like an HTML-formatted server error page.
If you do not want the web container to encode the specified error messages before formatting
them, add the com.ibm.ws.webcontainer.setUnencodedHTMLinsendError
custom property
to your web container configuration settings, and set the property to
true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.setUnencodedHTMLinsendError | false |
com.ibm.ws.webcontainer.skipInputStreamReadOnError
If this property is set to true, the web container stops reading the remaining POST data if there has been an exception before or during the parsing of POST data.
The com.ibm.ws.webcontainer.skipInputStreamReadOnError
custom property must be
used in pair with the preventRequestBodyPurge
channel custom property set to
true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.skipInputStreamReadOnError | false |
com.ibm.ws.webcontainer.SkipMetaInfResourcesProcessing
The web container searches for static files and JavaServer Pages (JSP) files in different
locations, depending on application configuration. A web fragment comprises a JAR file in an
application WEB-INF/lib directory. The JAR file might include static resources
in a META-INF/resources directory that are defined within the JAR file. To
prevent the web container from searching the META-INF/resources directories,
set the com.ibm.ws.webcontainer.SkipMetaInfResourcesProcessing
web container custom
property to true.
The default value for the custom property is false.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.SkipMetaInfResourcesProcessing | false |
com.ibm.ws.webcontainer.suppressErrorPageODRHeader
The web container adds a $WSEP
HTTP header name for some error conditions (for
example, a 403 error code). Certain applications or stack products cannot handle a dollar sign
($
) as part of the header. If this property is set to true,
the web container does not include the $WSEP
header in the error page response,
unless it finds a $WSPC
header that is set to ErrorPage in
the request. If the property is set to false, which is the default behavior,
the web container will include the $WSEP
header in the error page response.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressErrorPageODRHeader | false |
com.ibm.ws.webcontainer.suppressheadersinrequest
The com.ibm.ws.webcontainer.suppressheadersinrequest
custom property can be used
to suppress the inclusion of request headers that start with special characters, such as $
or
_
. Some applications do not handle request headers that start with special characters.
The value that is specified for this custom property is a delimited list of the header prefixes that you want to be suppressed.
Example:
com.ibm.ws.webcontainer.suppressheadersinrequest=$WS,_WS
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressheadersinrequest | none |
com.ibm.ws.webcontainer.suppressHtmlRecursiveErrorOutput
During a recursive error that an application-specified error page cannot handle, the stack trace and error message are output as an HTML page. This information includes class names and program information that the application developer does not want expose to the user.
You can set the com.ibm.ws.webcontainer.suppressHtmlRecursiveErrorOutput
web
container custom property to suppress the HTML output of the error text, without changing the
internal logging of the message. Set the custom property com.ibm.ws.
webcontainer.suppressHtmlRecursiveErrorOutput
to true to disable the
HTML output of the error message to the user and present the user with blank page with a 500 error
code.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressHtmlRecursiveErrorOutput | false |
com.ibm.ws.webcontainer.suppressLastZeroBytePackage
Typically, the last zero-byte chunk is used to indicate to a client the end of the response data in a chunked encoded transmission. Some applications use this last zero to determine when the response data is received, and they can start processing it. If an error occurs in the application after the response headers are sent, the last chunk of data is still sent to the client. The client might not realize that an error occurred, and attempt to process incomplete data.
If you set the com.ibm.ws.webcontainer.suppressLastZeroBytePackage
custom
property to true, if an error occurs in the application after the response
headers are sent, the last chunk of data is not sent to the client.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressLastZeroBytePackage | false |
com.ibm.ws.webcontainer.suppressLoggingFileNotFoundExceptions
The web container generates a severe error message with a FileNotFoundException stack trace in the Java virtual machine (JVM) logs when a missing file is requested. This might not be a severe error if the wrong file was accidentally requested. Set this property to true to generate a warning message in the JVM logs instead of a severe error message when a file is not found.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressLoggingFileNotFoundExceptions | false |
com.ibm.ws.webcontainer.suppressLoggingWebGroupVhostNotFound
Set to a string value for a URI that you want message SRVE0255E suppressed. The specified request URI string is case insensitive. Only one request URI is supported and needs to match exactly before the error message is suppressed. No wild card usage is allowable in the string value specification.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressLoggingWebGroupVhostNotFound | empty |
com.ibm.ws.webcontainer.suppressLoggingServiceRuntimeExcep
You can use this property to suppress the logging of any RuntimeException that occurs during service of a servlet.
By default, the Web container logs the exception of type RuntimeException in the JVM logs, if the exception occurs during the service of a servlet. When this property is set to true, the web container does not log any type of RuntimeException that occurs during service of a servlet.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressLoggingServiceRuntimeExcep | false |
com.ibm.ws.webcontainer.suppressServletExceptionLogging
If a servlet creates an exception, it is logged to the system console. If you do not
want the web container to log servlet-created exceptions, add the
com.ibm.ws.webcontainer.suppressServletExceptionLogging
custom property to the web
container configuration settings, and set the property to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.suppressServletExceptionLogging | false |
com.ibm.ws.webcontainer.throwMissingJspException
Set the com.ibm.ws.webcontainer.throwMissingJspException custom property to true to create a FileNotFoundException when a resource that is included by a JSP file is missing. If this property is not set to true, an error page displays.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.throwMissingJspException | false |
com.ibm.ws.webcontainer.throwpostconstructexception
Set the com.ibm.ws.webcontainer.throwpostconstructexception
custom
property to true to propagate custom error messages to the error.xhtml
file.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.throwpostconstructexception | true |
com.ibm.ws.webcontainer.TolerateSymbolicLinks
Symbolic links that exist in the application installation directory are tolerated when you use this custom property.
This property must be set at the node agent level.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.TolerateSymbolicLinks | false |
com.ibm.ws.webcontainer.transfercontextinasyncservletrequest
Dispatch of an asynchronous servlet request might cause a
com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException error. To ensure that the web
container captures the security context of the thread which starts the asynchronous request and uses
this during AsyncContext.dispatch()
, AsyncContext.complete()
, and
AsyncContext.start()
method calls, set the
com.ibm.ws.webcontainer.transfercontextinasyncservletrequest
custom property to
true
. Its default value is false
.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.transfercontextinasyncservletrequest | false |
com.ibm.ws.webcontainer.useOriginalRequestState
If a request is overridden or the application implemented the ServletRequest interface, the application might fail to serve the request because either the overridden or implemented request object, instead of the request object, is being used to handling of the request. To ensure that the request object is used to handle the request, add the com.ibm.ws.webcontainer.useOriginalRequestState custom property to the web container configuration settings, and set it to true.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.useOriginalRequestState | false |
com.ibm.ws.webcontainer.useSemiColonAsDelimiterInURI
If set to true, the web container ignores the semi-colon; everything after it is also ignored when calling javax.servlet.http.HttpServletRequest.getPathInfo().
Name | Default value |
---|---|
com.ibm.ws.webcontainer.useSemiColonAsDelimiterInURI | false |
com.ibm.ws.webcontainer.webgroupvhostnotfound
Error message SRVE0017W states Web Group not found: {0}, and error message
SRVE0255 states A WebGroup/Virtual Host to handle {0} is not defined. These
messages might be returned when the application that is called to process the request that is
serviced by IBM®
WebSphere Application Server is not found. You can use the
com.ibm.ws.webcontainer.webgroupvhostnotfound
custom property to change the text of
these messages to text that is more suitable for your environment.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.webgroupvhostnotfound | none |
com.ibm.ws.webcontainer.xPoweredBy
This custom property enables you to configure the value of the X-Powered-By header, which supplies the implementation information of the server.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.xPoweredBy | Servlet/3.0 |
com.ibm.websphere.management.application.sync.deleteSymbolicLinks
Symbolic links that exist in the application installation directory are deleted when the
application is uninstalled or updated. To ensure that symbolic links are not deleted, add the
com.ibm.websphere.management.application.sync.deleteSymbolicLinks
custom property
to your JVM and set it to false.
Name | Default value |
---|---|
com.ibm.websphere.management.application.sync.deleteSymbolicLinks | true |
com.ibm.wsspi.jsp.allowMultipleAttributeValues
Set this property to true to allow the web container to store multiple values for a custom tag attribute.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.allowMultipleAttributeValues | false |
com.ibm.wsspi.jsp.convertAttrValueToString
Set the com.ibm.wsspi.jsp.convertAttrValueToString
web container custom
property to true to convert start and end attributes of the repeat tag to
strings before they are used.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.convertAttrValueToString | false |
com.ibm.wsspi.jsp.disableElCache
Set the com.ibm.wsspi.jsp.disableElCache web container custom property to true to disable the commons-el expression cache if you are experiencing out of memory conditions because the hash maps are held by the expression evaluator.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.disableElCache | false |
com.ibm.wsspi.jsp.disableResourceInjection
The resource injection feature accesses resources in applications differently than it did in earlier versions of the product, and causes the compiled method output to be larger than it was previously. If you have large JSP files that in earlier releases pushed the 65535-byte limit in the translated service method, they might now exceed this limit, causing the compile to fail.
If you encounter this situation, you can either break a large JSP file into smaller JSP files,
and use <jsp:include>
statements to combine them after they are compiled, or
you can add the com.ibm.wsspi.jsp.disableResourceInjection
custom property to your
web container settings to disable the resource injection function during the JSP translation
process. When the com.ibm.wsspi.jsp.disableResourceInjection
custom property is set
to true, the resource injection function is disabled for all
applications.
If you want only to disable the resource injection function for specific applications, you can add the disableResourceInjection JSP attribute to the ibm-web-ext.xmi files for those specific applications.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.disableResourceInjection | false |
com.ibm.wsspi.jsp.disableTldSearch
The com.ibm.wsspi.jsp.disableTldSearch custom property can be used to improve application startup time. By default, when an application starts, the JSP engine searches the application installation directories for the taglib descriptor (TLD) files. This search process might increase the startup time for large applications with many files and directories. To disable this search process, set this property to true.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.disableTldSearch | false |
com.ibm.wsspi.jsp.enabledoublequotesdecoding
Set the com.ibm.wsspi.jsp.enabledoublequotesdecoding
web container
custom property to decode an encoded double quotation mark character if it is embedded in a script
function within a JavaServer Pages (JSP) file.
The JSP Container does not decode an encoded double quotation mark character during the translation of a JSP file. Instead, there is a dependency on the browser to decode it. However, when an encoded double quotation mark character exists inside a script function of a tag, the browser cannot decode it. Thus, when this custom property is not set, the encoded double quotation mark character causes the script function to malfunction.
When you set this custom property, the value affects all of your deployed applications. If you
want to affect an individual application, set the enableDoubleQuotesDecoding
JSP
attribute to true within the ibm-web-ext.xmi file in
your application.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.enabledoublequotesdecoding | false |
com.ibm.wsspi.jsp.removexmlnsfromoutput
When the web container generates HTML code from a JSP document, the web container does not remove any xmlns attributes that are specified for tags in the JSP document. Therefore, when the JSP document is rendered on the browser, the xmlns attributes remain in the generated HTML code.
To ensure that the xmlns attributes are always removed from generated HTML code, add the com.ibm.wsspi.jsp.removexmlnsfromoutput custom property to your web container configuration settings and set this property to true.
When you set this custom property, the value affects all of your deployed applications. If you
want to affect an individual application, set the removeXmlnsFromOutput
JSP
attribute to true within the ibm-web-ext.xmi file in
your application.
Name | Default value |
---|---|
com.ibm.wsspi.jsp.removexmlnsfromoutput | false |
DebugSessionCrossover
The DebugSessionCrossover
custom property enables code to perform
additional checks to verify that only the session that is associated with the request is accessed or
referenced. Messages are logged if any discrepancies are detected.
DebugSessionCrossover
property as a web
container custom property is deprecated. You can now define it as a session management custom
property.To enable session data crossover detection, set this property to true
Name | Default value |
---|---|
DebugSessionCrossover | false |
Refer to the HTTP session problems article for additional information.
DecodeUrlAsUTF8
The UTF-8 encoded URL feature, which provides UTF-8 encoded Uniform Resource Locators (URLs) to support the double-byte characters in URLs is enabled by default. You can prevent the web container from explicitly decoding URLs in UTF-8 and have them use the ISO-8859 standard as per the current HTTP specification by setting this custom property to false.
Name | Default value |
---|---|
DecodeUrlAsUTF8 | true |
DisableMultiThreadedServletConnectionMgmt
- Click Application servers > server_name > Web container > Custom properties.
- Create the DisableMultiThreadedServletConnectionMgmt property and set its value to true.
When this property is enabled, if the connection handle is not closed and the servlet ends, the web container (as part of postinvoke), parks the connection and does not close the connection handle.
Name | Default value |
---|---|
DisableMultiThreadedServletConnectionMgmt | false |
com.ibm.ws.webcontainer.denyDuplicateFilterinChain
When an inbound request URI maps to multiple URL filter mappings the filter chain is updated with the same filter multiple times, causing the filter to be invoked multiple times for the same URI. If you add the com.ibm.ws.webcontainer.denyDuplicateFilterinChain custom property to your web container settings and set this property to true, a filter is not added to a filter chain if it is already present in that chain.
Name | Default value |
---|---|
com.ibm.ws.webcontainer.denyDuplicateFilterinChain | false |
enableInProcessConnections
Use the enableInProcessConnections
custom property to reduce response
times and to reduce the number of threads that are used to service a request, which reduces the
potential for a deadlock. The custom property applies for JAX-RPC and JAX-WS scenarios, but not for
JAX-RS scenarios.
There is an optimized communication path between a web services client application and a web container that are located in the same application server process. Requests from the web services client that are normally sent to the web container using a network connection are delivered directly to the web container using an optimized local path. The local path is available because the web services client application and the web container are running in the same process. This optimized communication path is disabled by default. Before enabling this property, make sure that wildcards are not specified for the web container ports. Use specific ports for the web container when the optimized communication path is enabled.
To enable the optimized communication path, set this property to true.
Name | Default value |
---|---|
enableInProcessConnections | false |
Refer to the Web services client to web container optimized communication topic for additional information.
jaxws.useSafeIPC
JVM property to
true.fileServingEnabled, directoryBrowsingEnabled, and serveServletsByClassnameEnabled
fileServingEnabled, directoryBrowsingEnabled, and similar properties are global settings for internal servlets. Web application archive (WAR) files that are packaged using third-party tools cannot specify behavior for the services that are exposed by the web container internal servlets.
- Setting the fileServingEnabled, property to false disables the fileServing function.
- Setting the directoryBrowsingEnabled, property to true enables the directoryBrowsing function.
- Setting the serveServletsByClassnameEnabled property to true enables the serveServletsByClassnameEnabled function.
Name | Default value |
---|---|
fileServingEnabled | true |
directoryBrowsingEnabled | false |
serveServletsByClassnameEnabled | false |
Settings that are defined in an assembly tool take precedence over the global settings that are set through the custom properties at the web container level.
Web application deployment extensions continue to hold configuration information for the services that are provided by the internal servlets, and take precedence over the global settings that are set through the custom properties at the web container level.
ForceSessionIdLengthCheck
Newly generated session IDs are, by default, 23 characters in length, unless you use the HttpSessionIdLength custom property to specify a different maximum length for your session IDs.
When an incoming request has a session ID that is longer than the expected session ID length, and whose prefix is identical to a pre-existing session ID, the longer ID is used to return a new session. If the length of the session ID on the incoming request is larger than the maximum length that is specified for your system, such that it exceeds the width of the ID column in the session table column that is used in database persistence, an SQL0302 error occurs.
To prevent the occurrence of these SQL0302 errors, you can add the ForceSessionIdLengthCheck custom property to your web container custom properties and set it to true. When this custom property is set to true, the length of a session ID cannot exceed 23 characters. If an incoming request has a session ID that is longer than 23 characters, the first 23 characters are used to return a new session.
Name | Default value |
---|---|
ForceSessionIdLengthCheck | false |
ForceSessionInvalidationMultiple
The ForceSessionInvalidationMultiple custom property indicates whether the session manager should wait indefinitely for a request to complete before attempting to invalidate the session, or attempt to invalidate a session after the specified time limit has elapsed.
- If you specify 0 (zero) for this custom property, the session manager waits indefinitely until a
request is complete before attempting to invalidate the session.
If your requests normally are not bound by a response time limit, specify 0 for this property.
- If you specify a positive integer, such as 1, 2, or 3 for this custom property, even if a
session is not known to have completed, the session manager attempts to invalidate the session if
the indicated time period since the last access occurred has elapsed. This time period is the result
of multiplying the value that is specified for this property and the value that is specified for the
Session Timeout property. For example, if you specify 2 minutes for the Session Timeout property and
2 for the ForceSessionInvalidationMultiple property, the session manager attempts to invalidate the
session after 4 minutes.
If you want to invalidate your sessions after a certain amount of time has elapsed, specify the appropriate positive integer for this property.
Name | Default value |
---|---|
ForceSessionInvalidationMultiple | 1 |
httpsIndicatorHeader
The custom property httpsIndicatorHeader manages HTTPS requests that are forwarded to an application server from an SSL offloader that is used in front of WebSphere Application Server. When an HTTPS request is received by an SSL offloader, it is redirected over HTTP to an application server using WebSphere Application Server. The SSL offloader must be configured to add a special header indicating that the original request was over HTTPS. The httpsIndicatorHeader property specifies the request header key name added by the SSL box. The application server checks this indicator to determine whether SSL is required. If it determines the request is SSL over HTTP, an HTTPS scheme is chosen.
Name | Default value |
---|---|
httpsIndicatorHeader | none |
listeners
The servlet specification supports applications registering listeners for servlet-related events on an individual application basis through the web.xml descriptor. However, using the listeners custom property, you can enable a server to listen to servlet events across web applications.
listeners=listener_class
Name | Default value |
---|---|
listeners | none |
The value for this property is a string, specifying a comma-separated list of listener classes. The listener that is supplied must implement standard listener classes from the Java Servlet API or IBM listener extension classes.
prependSlashToResource
WebSphere Application Server 5.x supports Uniform Resource Locators (URLs) without leading front slashes ( / ). To preserve compatibility, you can set this custom property to true. When this property is set to true, the web container ignores the specification and considers URLs without the leading front slash, use the following name-value pair.
Name | Default value |
---|---|
prependSlashToResource | false |
trusted
The trusted custom property enables the application server to use inbound private headers from the web server plug-in. These inbound private headers notify the application server about the connection to the web server. When you set the custom property to true, the application server uses the asserted information on the client certificates. These client certificates are used by the user to connect to the web server and establish the client information, which is treated as the certificate for the user. Then, the application server uses the certificate information for authentication purposes when client certificate authentication is used or when the application code accesses the javax.net.ssl.peer_certificates certificates. Because this information is asserted, it is insecure and potentially vulnerable to an attacker that is able to connect directly to the application server and bypass the web server.
The HTTP transport channel custom properties of trustedHeaderOrigin and trustedSensitiveHeaderOrigin control whether these inbound private headers are trusted. By default, the trustedSensitiveHeaderOrigin custom property is set to none so that no sensitive private headers are trusted. The trustedHeaderOrigin custom property is set to * so that all non-sensitive private headers are trusted from any host. These new properties accept a list of IP addresses, which, if configured, define the hosts from which private headers are trusted. However, if this trusted property is set to false, the configurations of the trustedHeaderOrigin custom property and the trustedSensitiveHeaderOrigin custom property are overridden, and no inbound private headers are processed.
Name | Default value |
---|---|
trusted | true |