Pax Web supports different configuration options as follows. Determining configuration values will first look for configuration admin, then for environment properties and last for default values. Note that this sequence is followed for each configuration property.
Pax Web supports the following configuration properties:
| Key |
Description |
Since |
| org.osgi.service.http.port |
This property specifies the port used for servlets and resources accessible via HTTP. Default value for this property is 8080. |
0.2.0 |
| org.osgi.service.http.port.secure |
This property specifies the port used for servlets and resources accessible via HTTPS. Default value for this property is 8443. |
0.2.0 |
| org.osgi.service.http.enabled |
This property specifies if the HTTP is enabled. Default value is "true". |
0.2.0 |
| org.osgi.service.http.secure.enabled |
This property specifies if the HTTPS is enabled. Default value is "false". |
0.2.0 |
| org.ops4j.pax.web.ssl.keystore |
Path to the keystore file. See SSL Configuration for details. |
0.2.1 |
| org.ops4j.pax.web.ssl.keystore.type |
This property specifies the keystore type. Defaults to JKS.
|
0.5.0 |
| org.ops4j.pax.web.ssl.password |
Password used for keystore integrity check. See SSL Configuration for details. |
0.2.1 |
| org.ops4j.pax.web.ssl.keypassword |
Password used for keystore. See SSL Configuration for details. |
0.2.1 |
| org.ops4j.pax.web.ssl.clientauthwanted |
This property specifies, if certificate-based client authentication at the server is "wanted". |
0.5.0 |
| org.ops4j.pax.web.ssl.clientauthneeded |
This property specifies, if certificate-based client authentication at the server is "required". |
0.5.0 |
| javax.servlet.context.tempdir |
A temporary directory that can be accessed via the servlet context attribute with the same name.
If not set a default temporary directory wil be used. |
0.2.2 |
| org.ops4j.pax.web.session.timeout |
The number of minutes after which an inactive session will timeout. |
0.2.2 |
| org.ops4j.pax.web.listening.addresses |
This property specifies the comma separated list of addresses used to provide servlets and resources via HTTP (e.g. localhost or localhost,10.0.0.1). Host names or IP addresses can be used. Default value is "0.0.0.0". |
0.5.0 |
Configuration via OSGi Configuration Admin Service
Pax Web can be configued via Configuration Admin Service (if available) and it supports all properties from above.
The PID used for configuration is "org.osgi.service.http.HttpService".
Configuration via OSGi environment properties
Pax Web can be configured via osgi environment properties and it supports all properties from above. Note that according to OSGi specs if a framework property is not set then the framework must fallback to using standard Java System properties (set via vm -D option).
SSL Configuration
Pax Web supports SSL (https) via Jetty built in SSL support. To get used with Jetty support you may read How to configure SSL in Jetty and skip step 4 from that page, as the configuration part must be done using Configuration via OSGi Configuration Admin Service or Configuration via OSGi Configuration Admin Service.
To enable SSL support you must set the following properties:
- org.osgi.service.http.secure.enabled to true
- org.ops4j.pax.web.ssl.keystore to the path to the keystore to be used. If not set the default path ${user.home}/.keystore is used.
- org.ops4j.pax.web.ssl.password to the password used for keystore integrity check. The value can be in plain text or obfuscated ( starting with OBF: ) as described in step 4 of jetty docummentation
- org.ops4j.pax.web.ssl.keypassword to the password used for keystore. The value can be in plain text or obfuscated ( starting with OBF: ) as described in step 4 of jetty docummentation
- org.ops4j.pax.web.ssl.clientauthwanted this property specifies, if certificate-based client authentication at the server is "wanted" (defaults to false).
- org.ops4j.pax.web.ssl.clientauthneeded this property specifies, if certificate-based client authentication at the server is "required" (defaults to false).
You may also set the following:
- org.osgi.service.http.port.secure to change the port. Default is 8443.
