Field | Description |
HTTP listener configuration. Provide the following details to configure the HTTP listener set up. | |
Port | Specify the number you want to use for the port. Select a number that is not already in use on this host machine. |
Alias | Specifies an alias for the port that is unique for this API Gateway. An alias must be between 1 and 255 characters in length and include one or more of the following: letters (a -z, A-Z), numbers (0-9), underscore (_), period (.), and hyphen (-). |
Description (optional) | Provide a description of the port. |
Bind address (optional) | Specifies the IP address to which to bind this port. Specify a bind address if your machine has multiple IP addresses and you want the port to use this specific address. If you do not specify a bind address, API Gateway picks one for you. |
Backlog | Specifies the number of requests that can remain in the queue for an enabled port before API Gateway begins rejecting requests. The default is 200. The maximum value is 65535. |
Keep alive timeout | Specifies when to close the connection if the server has not received a request from the client within this timeout value (in milliseconds) or when to close the connection if the client has explicitly placed a close request with the server. |
Private threadpool configuration. Specifies whether to create a private thread pool for this port or use the common thread pool. | |
Enable | Select to enable the private threadpool configuration for this port. |
Threadpool min | Specifies the minimum number of threads for this private threadpool. The default value is 1. |
Threadpool max | Specifies the maximum number of threads for this private thread pool. The default value is 5. |
Thread priority | Specifies the Java thread priority. The default value is 5. |
Security configuration . Provide the following details to configure security parameters. | |
Client authentication | Specifies the type of client authentication you want API Gateway to perform for requests that arrive on this HTTPS port. Select one of the following: Username/Password. API Gateway does not request client certificates. The server looks for user and password information in the header of requests coming from an external client. Digest. API Gateway uses password digest to authenticate all requests. If the client does not provide the authentication information, API Gateway returns an HTTP WWW-Authenticate header with digest scheme to the client requesting for authentication information. If the client provides the required authentication information, API Gateway verifies and validates the request. Request kerberos ticket. API Gateway looks for a Kerberos ticket in the HTTP Authorization header using the Negotiate authentication scheme. If it does not find the ticket, API Gateway uses username and password for basic authentication. If the client does not provide any authentication information, API Gateway returns an HTTP WWW-Authenticate header with negotiate scheme to the client requesting for authentication information. If the client provides the required authentication information, API Gateway verifies and validates the request. Require kerberos ticket. API Gateway looks for a Kerberos ticket in the HTTP Authorization header using the Negotiate authentication scheme. If it does not find the ticket, API Gateway fails the authentication. If the client does not provide any authentication information, API Gateway returns an HTTP WWW-Authenticate header with negotiate scheme to the client requesting for authentication information. If the client provides the required authentication information, API Gateway verifies and validates the request. You have to enable Kerberos by providing the following Kerberos properties with details that are used for handling service requests that come with a Kerberos ticket: JAAS context. Specify the custom JAAS context used for Kerberos authentication. Principal. Specify the name of the principal to use for Kerberos authentication. Principal password. Specify the password for the principal to use to authenticate the principal to the KDC. Retype principal password. Retype the principal password. Service principal name. Specify the name of the principal used with the service that the Kerberos client wants to access. Note: API Gateway supports the username format for Service Principal Names (SPNs). This format represents the principal name as a named user defined in LDAP used for authentication to the KDC. |