urn:infinispan:server:endpoint:9.3

subsystem

hotrod-connector

topology-state-transfer?

NameTypeDefaultDescription
cache-suffixstringDeprecated
lock-timeoutintConfigures the lock acquisition timeout for the topology cache. Defaults to 10 seconds
replication-timeoutintConfigures the replication timeout for the topology cache. Defaults to 10 seconds
update-timeoutintThis setting has been deprecated and will be ignored.
external-hoststringSets the external address of this node, i.e. the address which clients will connect to. Defaults to the server's socket-binding address
external-portintSets the external port of this node, i.e. the port which clients will connect to. Defaults to the server's socket-binding port
lazy-retrievalbooleanConfigures whether to enable state transfer for the topology cache. If disabled, a ClusterCacheLoader will be used to lazily retrieve topology information from the other nodes. Defaults to true.
await-initial-retrievalbooleanfalseConfigures whether to initial state retrieval should happen immediately at startup. Only applies when lazy-retrieval is false. Defaults to true.

authentication?

NameTypeDefaultDescription
security-realmstringThe name of the security realm to use for obtaining the SSL keystore

sasl?

The configuration of the SASL authentication layer for this server. The optional nested "include-mechanisms" element contains a whitelist of allowed SASL mechanism names. No mechanisms will be allowed which are not present in this list. The optional nested "qop" element contains a list of quality-of-protection values, in decreasing order of preference. The optional nested "strength" element contains a list of cipher strength values, in decreasing order of preference. The optional nested "policy" boolean element specifies a policy to use to narrow down the available set of mechanisms. The optional nested "property" elements specify additional properties required by the specified mechanisms
NameTypeDefaultDescription
server-context-namestringThe name of the login context to be used to retrieve a server subject for certain SASL mechs (i.e. GSSAPI)
server-namestringThe name the server which is exposed to clients
mechanisms
qop
strength

policy?

Policy criteria items to use in order to choose a SASL mechanism. The optional nested "forward-secrecy" element contains a boolean value which specifies whether mechanisms that implement forward secrecy between sessions are required. Forward secrecy means that breaking into one session will not automatically provide information for breaking into future sessions. The optional nested "no-active" element contains a boolean value which specifies whether mechanisms susceptible to active (non-dictionary) attacks are not permitted. "false" to permit, "true" to deny. The optional nested "no-anonymous" element contains a boolean value which specifies whether mechanisms that accept anonymous login are permitted. "false" to permit, "true" to deny. The optional nested "no-dictionary" element contains a boolean value which specifies whether mechanisms susceptible to passive dictionary attacks are permitted. "false" to permit, "true" to deny. The optional nested "no-plain-text" element contains a boolean value which specifies whether mechanisms susceptible to simple plain passive attacks (e.g., "PLAIN") are not permitted. "false" to permit, "true" to deny. The optional nested "pass-credentials" element contains a boolean value which specifies whether mechanisms that pass client credentials are required.

forward-secrecy?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

no-active?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

no-anonymous?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

no-dictionary?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

no-plain-text?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

pass-credentials?

An element specifying a boolean value.
NameTypeDefaultDescription
valueboolean

property*

encryption?

NameTypeDefaultDescription
require-ssl-client-authbooleanfalseWhether to require client certificate authentication. Defaults to false.
security-realmstringThe name of the security realm to use for obtaining the SSL keystore

sni*

An element specifying a TLS SNI mapping.
NameTypeDefaultDescription
host-namestringTLS SNI host name
security-realmstringA corresponding security realm. If none is specified, the default will be used.
NameTypeDefaultDescription
socket-bindingstringThe socket on which this connector will bind itself. If missing, the server will not listen to TCP connections
ignored-cachesThe list of ignored caches for this connector
cache-containerstringThe name of the cache container which will be exposed by this connector
namestringThe logical name to give to this connector. This attribute is required when there are more connectors of the same type defined.
worker-threadsintSets the number of worker threads. Defaults to 160
idle-timeoutintSpecifies the maximum time in seconds that connections from clients will be kept open without activity. Defaults to 0 (no timeout)
tcp-nodelaybooleanAffects TCP NODELAY on the TCP stack. Defaults to enabled
send-buffer-sizeintSets the size of the send buffer.
receive-buffer-sizeintSets the size of the receive buffer.

memcached-connector

NameTypeDefaultDescription
cachestringThe name of the cache to use for the Memcached connector. Defaults to memcachedCache
NameTypeDefaultDescription
socket-bindingstringThe socket on which this connector will bind itself. If missing, the server will not listen to TCP connections
ignored-cachesThe list of ignored caches for this connector
cache-containerstringThe name of the cache container which will be exposed by this connector
namestringThe logical name to give to this connector. This attribute is required when there are more connectors of the same type defined.
worker-threadsintSets the number of worker threads. Defaults to 160
idle-timeoutintSpecifies the maximum time in seconds that connections from clients will be kept open without activity. Defaults to 0 (no timeout)
tcp-nodelaybooleanAffects TCP NODELAY on the TCP stack. Defaults to enabled
send-buffer-sizeintSets the size of the send buffer.
receive-buffer-sizeintSets the size of the receive buffer.

rest-connector

NameTypeDefaultDescription
namestringThe logical name to give to this connector. This attribute is required when there are more connectors of the same type defined.
cache-containerstringThe name of the cache container which will be exposed by this connector
socket-bindingstringThe socket on which this connector will bind itself. If missing, the server will not listen to TCP connections
context-pathstringThe context path on which to register the REST connector. Defaults to '' (the root context)
extended-headers
NEVERNever return extended headers
ON_DEMANDReturn extended headers on demand (i.e. when the 'extendend' query parameter is present on the request)
ON_DEMANDWhether to enable extended headers. Can be NEVER or ON_DEMAND. Defaults to ON_DEMAND
ignored-cachesThe list of ignored caches for this connector
max-content-lengthintSets the maximum allowed content length.
compression-levelintSets the compression level when using compressed requests and responses.

authentication?

NameTypeDefaultDescription
security-realmstringThe security realm to use for authentication/authorization purposes. Defaults to none (no authentication)
auth-method
NONEClient authentication is disabled
BASICClient authentication will be performed using the Basic scheme
DIGESTClient authentication will be performed using the Digest scheme
CLIENT_CERTClient authentication will be use the peer's certificate
SPNEGOClient authentication will be use the SPNEGO scheme
NONEThe authentication method to require. Can be NONE, BASIC, DIGEST, CLIENT_CERT, SPNEGO. Defaults to NONE. Setting it to a different value requires enabling a security-realm.

cors-rules?

Configures CORS (Cross Origin Resource Sharing) for the REST Server. Contains one or more rules that specify the permissions for cross-domain requests based on the origin.

cors-rule+

A Cors rule for one or more origins
NameTypeDefaultDescription
namestringThe rule name
allow-credentialsbooleanfalseSets the CORS 'Access-Control-Allow-Credentials' response header to true. Enable CORS requests to use credentials
max-age-secondsint0Sets the CORS 'Access-Control-Max-Age' response header with the amount of time CORS preflight request headers can be cached

allowed-origins

A comma separated list used to set the CORS 'Access-Control-Allow-Origin' to indicate the response can be shared with a certain origin

allowed-methods

A comma separated list used to set the CORS 'Access-Control-Allow-Methods' in the preflight response to specify the methods allowed for the configured origin(s)

allowed-headers?

A comma separated list used to set the CORS 'Access-Control-Allow-Headers' in the preflight response to specify which headers can be used by the configured origin(s)

expose-headers?

A comma separated list used to set the CORS 'Access-Control-Expose-Headers' in the preflight response to specify which headers can be exposed to the configured origin(s)

encryption?

NameTypeDefaultDescription
require-ssl-client-authbooleanfalseWhether to require client certificate authentication. Defaults to false.
security-realmstringThe name of the security realm to use for obtaining the SSL keystore

sni*

An element specifying a TLS SNI mapping.
NameTypeDefaultDescription
host-namestringTLS SNI host name
security-realmstringA corresponding security realm. If none is specified, the default will be used.

websocket-connector

NameTypeDefaultDescription
socket-bindingstringThe socket on which this connector will bind itself. If missing, the server will not listen to TCP connections
ignored-cachesThe list of ignored caches for this connector
cache-containerstringThe name of the cache container which will be exposed by this connector
namestringThe logical name to give to this connector. This attribute is required when there are more connectors of the same type defined.
worker-threadsintSets the number of worker threads. Defaults to 160
idle-timeoutintSpecifies the maximum time in seconds that connections from clients will be kept open without activity. Defaults to 0 (no timeout)
tcp-nodelaybooleanAffects TCP NODELAY on the TCP stack. Defaults to enabled
send-buffer-sizeintSets the size of the send buffer.
receive-buffer-sizeintSets the size of the receive buffer.

router-connector

NameTypeDefaultDescription
hotrod-socket-bindingstringThe socket on which HotRod router will bind itself
rest-socket-bindingstringThe socket on which REST router will bind itself
single-port-socket-bindingstringThe socket on Single Port router will bind itself
namestringThe logical name to give to this connector. This attribute is required when there are more connectors of the same type defined.
tcp-nodelaybooleanAffects TCP NODELAY on the TCP stack. Defaults to enabled
keep-alivebooleanAffects TCP KEEP-ALIVE on the TCP stack. Defaults to disabled
send-buffer-sizeintSets the size of the send buffer.
receive-buffer-sizeintSets the size of the receive buffer.

multi-tenancy+

Multi-tenancy settings for the router

hotrod+

NameTypeDefaultDescription
namestringHotRod connector name

sni*

An element specifying a TLS SNI mapping.
NameTypeDefaultDescription
host-namestringTLS SNI host name
security-realmstringA corresponding security realm. If none is specified, the default will be used.

rest+

NameTypeDefaultDescription
namestringREST connector name

prefix*

An element specifying REST prefix.
NameTypeDefaultDescription
pathstringPath for REST prefix

single-port+

Single port settings for the router

NameTypeDefaultDescription
security-realmstringThe name of the security realm to use for TLS/ALPN negotiation

hotrod

NameTypeDefaultDescription
namestringHotRod connector name

rest

NameTypeDefaultDescription
namestringREST connector name
Expand/Collapse All