Cloud Application Integration (On-Premises) : Administering Integration Server : Server Configuration Parameters : watt.net.
watt.net.
watt.net.clientKeepaliveTimeout
Controls how long (in seconds) a client keep alive connection can remain idle before Integration Server closes it. The default is 180 seconds (3 minutes).
watt.net.defaultBufferSize
Specifies the maximum content length of an HTTP request that the WmTomcat package will process. If the content length of a request exceeds the size configured with watt.net.defaultBufferSize, the WmTomcat package does not process the request and issues an error message. Specify the maximum number of bytes that you want the WmTomcat package to accept. The default is 8096 bytes. Do not set this parameter to an excessively high value because for every HTTP request, the WmTomcat package creates an array of the watt.net.defaultBufferSize in memory.
watt.net.email.validateHost
Controls whether the Integration Server enforces IP access restrictions for e-mail listeners. When defining an e-mail port, you can define IP access restrictions that specify the hosts that are allowed or denied access via the e-mail port. Set this property to true if you want server to enforce the IP access restrictions for e-mail listeners or false if you do not. The default is true.
watt.net.encodeToUpperCase
Specifies whether Integration Server should use uppercase letters when encoding the characters in the request URL. When Integration Server processes a URL request, it converts the characters outside of the ASCII set in the URL to encoded characters by adding "%" followed by two hexadecimal digits. If this parameter is set to true, Integration Server uses uppercase letters in the hexadecimal digits. For example, the encoded value for "value1>4" will be "value1%3E4". When set to false, Integration Server does not convert the letters to uppercase. For example, the encoded value for "value1>4" will be "value1%3e4". Default is true.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ftp.ignoreErrors
Specifies, using a comma-separated list, any FTP command error codes that you want the FTP client to ignore. For example, setting the property to "501, 505" causes the FTP client to ignore error codes 501 and 505.
watt.net.ftp.noExtensionKey
Specifies the extension Integration Server should use to determine the MIME type of the input files when the files have no extension. When invoking an Integration Server service through FTP commands, Integration Server uses the specified extension. The default is ftp_no_extension, which means that Integration Server cannot determine the MIME type because there is no extension.
watt.net.ftpClientDataConnTimeout
Specifies the number of milliseconds that a built-in FTP service executing in active mode (as specified by the transfertype input parameter) waits for a remote FTP server to connect to it. If the connection is not established in the specified amount of time, an exception is thrown. The default value is 30000 milliseconds (30 seconds).
watt.net.ftpClientTimeout
Specifies the length of time, measured in seconds, an FTP session can be idle before it is removed from memory. The default is 600 seconds (10 minutes).
watt.net.ftpConnTimeout
Specifies the maximum number of milliseconds the FTP listener allows the connection with the client to remain inactive. The default is 15 minutes.
watt.net.ftpDataConn
Specifies whether an Integration Server functioning as an FTP server allows multiple concurrent connections and supports parallel downloads. When this parameter is set to true, Integration Server allows parallel downloads from multiple FTP sessions. When this parameter is set to false, Integration Server does not allow parallel downloads and will reuse the same FTP session. The default is false.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ftpDataConnTimeout
Specifies the maximum number of milliseconds the FTP listener waits between successive reads when performing a file upload. The default is 60000 milliseconds (60 seconds).
watt.net.ftpPassiveLocalAddr
Specifies the address to be sent by the PORT command. A host name or IP address can be specified.
Note:  
This parameter is not applicable when an FTP/FTPS port is bound to an IPv6 address. In that case, the passive mode listen address is the same as the port bind address.
When running in passive mode, the FTP or FTPS port sends a PORT command to the FTP or FTPS client. The PORT command specifies the address and port to which the client should connect to create a data connection. If the FTP or FTPS port is behind a NAT server, however, the address of the host on which the Integration Server runs is not visible to the FTP or FTPS client. Consequently the PORT command does not contain the information the client needs to connect to the server. To remedy this situation, you can specify a value for the watt.net.ftpPassiveLocalAddr property.
Alternatively, when you configure an FTP or FTPS port (see Adding an FTP Port or Adding an FTPS Port), you can use the Passive Mode Listen Address field to specify the passive mode address for an individual FTP or FTPS port. That way, you can specify a different passive mode address for each FTP port. If an address is specified in the Passive Mode Listen Address field and in the watt.net.ftpPassiveLocalAddr property, the PORT command uses the value specified in the watt.net.ftpPassiveLocalAddr property.
watt.net.ftpPassivePort.max
Specifies the maximum port number of a port range for FTP/FTPS listeners to use with a client data connection that uses passive transfer mode (PASV). Must be used with watt.ftpPassivePort.min. For usage information, see watt.ftpPassivePort.min.
watt.net.ftpPassivePort.min
Specifies the minimum port number of a port range for FTP/FTPS listeners to use with a client data connection that uses passive transfer mode (PASV). Must be used with watt.ftpPassivePort.max. When a port range is specified with these properties, only the ports within the specified minimum and maximum port range (inclusive) are used as the listening ports for incoming FTP/FTPS client data connections. This enables a firewall administrator to open only the specified ports.
Operational considerations:
*If both properties are not present or undefined, FTP/FTPS listeners continue the previous behavior of listening on any free port.
*If the value specified for watt.net.ftpPassivePort.min is less than 1, a default value of 1 is used. If the value specified for watt.net.ftpPassivePort.max is greater than 65534, a default value of 65534 is used. When both of these conditions exist simultaneously, FTP/FTPS listeners continue the previous behavior of listening on any free port.
*An error message is returned to the FTP/FTPS client on the command channel when the specified values do not fall within the expected range. For example, if one of the properties is not defined, if the watt.net.ftpPassivePort.min value is larger than the watt.net.ftpPassivePort.max value, or if one of the properties is not a valid number.
*An error message is also returned when all the ports in the specified port range are in use.
*Specific details of the error messages are available in the serverYYYYMMDD.log file.
Restarting the Integration Server is not required after defining these settings. You can modify the port range properties in the Integration Server Administrator at any time.
watt.net.ftpSweepInterval
Specifies the frequency, measured in seconds, at which an FTP sweeper executes. The FTP sweeper iterates through the FTP sessions in memory and removes the sessions that have exceeded their allotted idle timeout. By default, the FTP sweeper executes every 600 seconds (10 minutes).
watt.net.ftpUseCertMap
Specifies whether the Integration Server will honor certificate maps for requests received by FTPS ports.
When this property is set to false (the default), the Integration Server ignores the user specified on a client certificate and logs the user in with the information provided on the userid/password prompt instead.
When this property is set to true, if the client certificate has been previously mapped to an Integration Server user, the Integration Server will log the user in as the userid specified in the client certificate. The Integration Server ignores the userid provided on the userid/password prompt.
For example, suppose watt.net.ftpUseCertMap is set to false, and a certificate has been previously mapped to user Alice. When a user provides a certificate for user Alice and enters Alice's user name and password in response to the prompt, the Integration Server will log the user in as Alice. However, if the user provides the same certificate, but provides Bob's user name and password in response to the prompt, the Integration Server will log the user in as Bob. In other words, the Integration Server ignores the certificate map.
Note:  
The None, Request Certificate, and Require Certificate client authentication settings on the FTPS Listener Configuration screen control whether the Integration Server asks for a certificate and how the Integration Server behaves when it does not receive one. The watt.net.ftpUseCertMap property controls how the Integration Server behaves when it does receive a certificate from an FTP client. For more information about client authentication at FTPS and HTTPS ports, see Client Certificates. For more information about certificate mapping, see Importing a Certificate (Client or CA Signing Certificate) and Mapping It to a User.
watt.net.ftpUseDefaultContentHdlr
Specifies how the FTP listening port on Integration Server should handle an incoming request with an unrecognized file extension. When set to true, the FTP listening port processes the incoming request using the default content handler, which treats the content as text/html. When set to false, the FTP listening port returns an exception when an incoming request with an unrecognized file extension is received. The default is true.
watt.net.httpChunkSize
Sets the default chunk size when sending an HTTP request or response using Transfer-Encoding:Chunked. The default chunk size is 8192 bytes. The minimum chunk size is 500 bytes.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.httpPass
The default HTTP password that Integration Server must use when invoking a service as a client.
watt.net.httpUser
Specifies the default authenticated HTTP user name that Integration Server will use while acting as a client to invoke a service. For example, if Integration Server is invoking the pub.client:http service without specifying the auth/user parameter, then Integration Server uses the value of this property as the user name. There is no default value.
watt.net.http401.throwException
Specifies whether the pub.client:http service throws a NetException when receiving a 401 error response or, instead, places the HTTP response header and body in the pipeline. When watt.net.http401.throwException is set to true, when the pub.client:http service receives a 401 error, the service throws a NetException. When watt.net.http401.throwException is set to false, when the pub.client:http service receives a 401 error, the service suppresses the NetException and places the HTTP response header and body, if one exists, into the header and body fields in the service output. The default is false.
watt.net.http501-599.throwException
Specifies whether the pub.client:http service throws a ServiceException or returns response headers and response body when receiving a 501 to 599 level response from a remote HTTP server. When set to true, the pub.client:http service throws a ServiceException when it receives a 501 to 599 level response from a remote HTTP server. When set to false, the pub.client:http service does not throw a ServiceException when it receives a 501 to 599 level response from a remote HTTP server. Instead, when the pub.client:http service returns a status code in the 501 to 599 range, the service returns the status code, response headers, and response body in the service output. The default is true.
Note:  
When the remote HTTP server returns a response code of 500, the pub.client:http service returns the status code, response headers, and response body.
watt.net.jsse.client.enabledCipherSuiteList
Specifies, using a comma-separated list, the cipher suites used on JSSE sockets that are used while making outbound HTTPS requests. To include all the cipher suites supported by the JVM, set this parameter to default.
For example:

watt.net.jsse.client.enabledCipherSuiteList= TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_ CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256

watt.net.jsse.client.enabledCipherSuiteList=default
The default values is default.
Note:  
Any changes you make to watt.net.jsse.client.enabledCipherSuiteList affect new connections only.
watt.net.jsse.client.enabledProtocols
Specifies the SSL protocol versions that Integration Server supports when acting as a client making outbound requests. Specify a comma-separated list that includes one or more of the following:
*SSLv2Hello
*SSLv3
*TLSv1
*TLSv1.1
*TLSv1.2
The default value is: TLSv1,TLSv1.1,TLSv1.2
Note:  
The value of watt.net.jsse.client.enabledProtocols affects all HTTPS outbound connections that use JSSE for SSL. An outbound HTTPS connection uses JSSE when the useJSSE parameter for pub.client:http is set to yes.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.jsse.server.enabledCipherSuiteList
Specifies, using a comma-separated list, the cipher suites used on Integration Server ports that use JSSE and handle inbound requests.
To include all the cipher suites supported by the JVM, set this parameter to default.
For example:

watt.net.jsse.server.enabledCipherSuiteList= TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_ 256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256

watt.net.jsse.server.enabledCipherSuiteList=default
The default value is default.
Important:  
For changes to this property to take effect, you must start the port. If the port is already started, you can restart it by disabling the port and then enabling it.
watt.net.jsse.server.enabledProtocols
Specifies the SSL protocol versions that Integration Server supports when acting as a server handling inbound requests. Specify a comma-separated list that includes one or more of the following:
*SSLv2Hello
*SSLv3
*TLSv1
*TLSv1.1
*TLSv1.2
The default value is: SSLv2Hello,TLSv1,TLSv1.1,TLSv1.2
Note:  
These values are case-sensitive. Specify the values exactly as shown. The value of watt.net.jsse.server.enabledProtocols affects all HTTPS ports that use JSSE for SSL. An HTTPS port uses JSSE when the Use JSSE parameter for the port is set to Yes.
You can also configure the allowed protocols for use with a particular JSSE port by specifying the allowed protocols in the HTTPS port record of the listeners.cnf file. For more information, see Configuring the Allowed Protocols for JSSE per Port.
Note:  
The jsseEnabledProtocols value specified for the port record in the listeners.cnf file overrides the value set by watt.net.jsse.server.enabledProtocols.
watt.net.localhost
Sets the host name of the machine from which you are using the Integration Server. There is no default.
In some instances, such as when the Integration Server needs to identify itself to other Integration Servers, the IP address of the machine hosting Integration Server is required. In this case, Integration Server performs a reverse DNS lookup on the specified host name and supplies the IP address of the machine in place of the loopback address (127.0.0.1 in IPv4 or ::1 in IPv6), which is sometimes returned by java.net.InetAddress.getLocalHost() in place of the actual IP address. In many cases, the loopback address is not sufficient and Integration Server needs the actual address. This most commonly occurs when the IP address of the host is acquired dynamically from a DHCP server, or when the host has more than one network interface card.
In most cases, you can resolve the IP address by modifying the C:\Windows\system32\drivers\etc file (in Windows) or the etc/hosts or the etc/nsswitch.conf files (in Linux and Unix). When you cannot modify these files, or if modifying them does not correct the problem, set watt.net.localhost.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.maxClientKeepaliveConns
Sets the default number of client keep alive connections to retain for a given target endpoint. If not specified, five keep alive connections are retained.
watt.net.maxRedirects
Specifies the maximum number of HTTP redirects to allow before throwing an I/O exception. The default is 5.
watt.net.maxRetires
Specifies the maximum number of retry attempts Integration Server can make for a failed socket connection. The default is 1. A value of 0 indicates that Integration Server should not retry a failed socket connection.
watt.net.overrideSystemProxyselector
Specifies whether the proxy selector of Integration Server will override the default JVM system proxy selector when a Java service tries to connect to a remote server. When this property is set to true, all network connections will honor the proxy aliases configured using Integration Server Administrator. When this property is set to false, the default JVM system proxy selector will be used. The default is false.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.primaryListener
This is an internal property. Do not modify.
watt.net.proxySkipList
Specifies a comma-separated list of domain names for which the Integration Server should not use proxy servers. The default is localhost.
watt.net.proxy.fallbackToDirectConnection
Specifies whether Integration Server should route HTTP, HTTPS, FTP, SFTP, and SOCKS requests directly to the target server when connections through all of the specified proxy server aliases for the requested protocol fail. For example, if the request uses HTTP, Integration Server routes the request through an HTTP proxy server alias. If this property is set to false and the connection to the destination server through proxy aliases fails, Integration Server issues an exception. If this property is set to true, Integration Server attempts to make a direct connection with the destination server specified in the request. The default is true.
Note:  
If there are no proxy server aliases defined for Integration Server, the value of watt.net.proxy.fallbackToDirectConnection is ignored. For information about proxy server aliases, see Specifying a Default Proxy Server Alias.
watt.net.proxy.useNonDefaultProxies
Specifies whether Integration Server makes outbound connection requests using all enabled proxy server aliases if the outbound request does not specify a proxy server alias and if a default proxy server alias is not specified. When the watt.net.proxy.useNonDefaultProxies parameter is set to true, if the outbound request does not specify a proxy server alias and there is no default proxy server alias, Integration Server makes outbound requests using each enabled proxy server alias until the request is sent successfully or all proxy servers have been tried. If all proxy servers have been tried and the attempt to send the request fails or if there are no proxy aliases specified, Integration Server either makes a direct connection to the target server or throws an exception depending on the settings specified for the watt.net.proxy.fallbackToDirectConnection parameter. When the watt.net.proxy.useNonDefaultProxies parameter is set to false, if a default proxy server alias is not specified, Integration Server sends the request to the remote server using a direct connection. Integration Server does not attempt to make outbound requests using the enabled proxy server aliases. The default is true.
For more information about how Integration Server uses proxy servers, see How Integration Server Uses Proxy Servers.
watt.net.retries
Specifies the number of times to retry a server that times out. This can be overridden by the client. The default is 0.
watt.net.sftpSweepInterval
Specifies the frequency, measured in minutes, at which an SFTP sweeper executes. The SFTP sweeper iterates through the SFTP sessions in memory and removes the sessions that have exceeded their allotted idle timeout. By default, the SFTP sweeper executes every 10 minutes.
watt.net.socketpool.sweeperInterval
Specifies the frequency, in seconds, at which the socket pool sweeper executes. The socket pool sweeper sends a ping request to all webMethods Enterprise Gateway connections and HTTP client connections. During a sweep it removes any invalid HTTP client connections. By default, the sweeper executes every 60 seconds.
Note:  
The value of watt.net.socketpool.sweeperInterval should be less than the value of the watt.server.rg.internalregistration.timeout server configuration parameter.
Note:  
On your Enterprise Gateway, if watt.server.rg.gateway.pinginterval is set, Integration Server uses that setting and ignores the value of watt.net.socketpool.sweeperInterval.
watt.net.socketProvider
Identifies the Java class that implements the com.wm.net.SocketProviderIf interface for secure socket communication. The default is com.wm.ext.iaik.IaikSecureSocket.
watt.net.ssl.client.cipherSuiteList
Specifies a list of CipherSuites for outbound SSL connections. When the default value is set to default, Integration Server uses its default list of cipher suites. If you want to specify non-default cipher suites, enter a comma-separated list of CipherSuite names. If the property watt.net.ssl.client.strongcipheronly is set to true, and if there are any non-strong CipherSuites in the list specified, those will be ignored, and a warning message will be logged.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ssl.client.handshake.maxVersion
Specifies the maximum SSL protocol version that Integration Server supports when Integration Server acts as a client and makes an outbound request. For example, if set to tls (the default), the maximum version of SSL protocol supported by Integration Server is TLS 1.0. If set to sslv3, the maximum version of SSL protocol supported by Integration Server is SSL 3.0.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ssl.client.handshake.minVersion
Specifies the minimum version of SSL protocol Integration Server supports when Integration Server acts as a client and makes an outbound request. Set to:
*sslv2 (the default) to specify SSL 2.0
*tls to specify TLS 1.0
*sslv3 to specify SSL 3.0
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ssl.client.hostnameverification
When Integration Server is acting as an HTTPS client, this parameter specifies whether Integration Server should restrict outbound HTTPS connections only when a valid hostname is found in the server’s certificate.
*When set to true, Integration Server verifies if the hostname is present in the server’s certificate. If this verification fails, an error is logged and the connection is aborted.
*When set to false, Integration Server will bypass the hostname verification. This is the default.
*When set to log, Integration Server logs the debug message in the server log if the hostname verification fails, but allows the connection to go through. If the hostname verification succeeds, no log is generated.
watt.net.ssl.client.strongcipheronly
Specifies whether the Integration Server is to restrict outbound HTTPS connections to use strong cipher suites only (128 bit session keys or higher). If you specify false (the default), when Integration Server initiates a connection to another server, it will attempt to negotiate a strong cipher suite, and if unsuccessful will fall back to using a weak (64, 56, or 40 bit) cipher suite. If you specify true, when Integration Server initiates a connection to another server, it will attempt to negotiate a strong cipher suite, and if unsuccessful will disconnect rather than use a weak cipher suite.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ssl.client.useJSSE
Controls the use of JSSE for all of the outbound HTTPS connections from Integration Server. Set this parameter to true to use JSSE for all of the outbound HTTPS connections. Set this property to false to indicate that JSSE is not used for outbound HTTPS connections. The default is false.
Note:  
When executing the pub.client:http service, the value of the useJSSE input parameter override the value of the watt.net.ssl.client.useJSSE server configuration property.
watt.net.ssl.server.cipherSuiteList
Specifies a list of CipherSuites for inbound SSL connections. When the default value is set to default, Integration Server uses its default list of cipher suites. If you want to specify non-default cipher suites, enter a comma-separated list of CipherSuite names. If the property watt.net.ssl.server.strongcipheronly is set to true, and if there are any non-strong CipherSuites in the list, those will be ignored and a warning message will be logged.
Important:  
If you change the setting of this parameter, you must restart any impacted ports for the changes to take effect. To restart a port, you can disable and then enable the port. Reloading the package associated with the port or restarting Integration Server also restarts a port.
watt.net.ssl.randomAlgorithm
Identifies the random algorithm name used by Integration Server. The default value is FIPS186_2usingSHA1.
Note:  
This parameter is for use only when Integration Server is installed on HP-UX.
Important:  
If you change the setting of this parameter, you must restart Integration Server for the changes to take effect.
watt.net.ssl.server.clientHandshakeTimeout
Specifies the number of milliseconds the server waits for a response from the client during an SSL handshake before timing out. The default is 20000 milliseconds.
watt.net.ssl.server.strongcipheronly
Specifies whether the Integration Server is to restrict inbound HTTPS connections to use strong cipher suites only (128 bit session keys or higher). If you specify false (the default), when a client connects to the Integration Server, the server will attempt to negotiate a strong cipher suite, and if unsuccessful will fall back to using a weak (64, 56, or 40 bit) cipher suite. If you specify true, when a client connects to the Integration Server, the server will attempt to negotiate a strong cipher suite, and if unsuccessful will disconnect rather than use a weak cipher suite.
Important:  
If you change the setting of this parameter, you must restart any impacted ports for the changes to take effect. To restart a port, you can disable and then enable the port. Reloading the package associated with the port or restarting Integration Server also restarts a port.
watt.net.timeout
Specifies the number of seconds the server waits for an HTTP request to be fulfilled before the request times out. To set Integration Server to wait indefinitely for a response from the target server, set this parameter to 0. The default is 300 (5 minutes).
Important:  
If you set watt.net.timeout to 0 and the target server does not respond to the request, the Integration Server making the request cannot process new requests due to thread pool exhaustion.
watt.net.useCookies
Specifies whether Integration Server accepts or denies cookies when communicating with web server. Set to true to accept cookies; set to false (or null) to deny cookies. The default is true.
watt.net.userAgent
Specifies the value the server uses in the HTTP User Agent request header when it requests a web document from a web server. The default is Mozilla/4.0 [en] (WinNT; I).
watt.net.webapp.cookies.useRelevantPath
Specifies how WmTomcat can create fewer cookies to prevent the web application from logging out because of exceeding the browser cookie limit.
When this property is set to true, WmTomcat returns cookies that contain the URI prefix in the pathname, and more cookies are created. By default, WmTomcat returns cookies that contain a URI prefix in the pathname. As a result, WmTomcat creates a separate cookie for each unique path. For applications that include pages across many different paths, the result can be many cookies. If the application exceeds the cookie limit of the browser that invoked it, the application is forced to log out.
But when this property is set to false (the default), WmTomcat does not include the URI prefix in the cookie, and fewer cookies are created.
For example, when watt.net.webapp.cookies.useRelevantPath is set to false, and you visit the WmTomcat sites site/a.jsp -> site/bar/b.jsp -> site/bar/baz/c.jsp, WmTomcat creates just one cookie: cookie 1) name=ssnid, path=/.
But when this property is set to true, WmTomcat creates the following cookies:
cookie 1) name=ssnid, path=/site/
cookie 2) name=ssnid, path=/site/bar/
cookie 3) name=ssnid, path=/site/bar/baz
The default is false.
Copyright © 2015- 2016 Software AG, Darmstadt, Germany.

Product LogoContact Support   |   Community   |   Feedback