The Metrics HTTP Servlet Extension provides configuration options for the Data Metrics Server HTTP/S interface.
↓Parent Component
↓Relations from This Component
↓Properties
↓dsconfig Usage
The Metrics HTTP Servlet Extension component inherits from the HTTP Servlet Extension
The following components have a direct aggregation relation from Metrics Servlet Extensions:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ description | ↓ omit-error-message-details |
| ↓ cross-origin-policy | ↓ api-authentication-timeout |
| ↓ response-header | |
| ↓ require-api-authentication | |
| ↓ identity-mapper |
| Description | A description for this HTTP Servlet Extension |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The cross-origin request policy to use for the HTTP Servlet Extension. A cross-origin policy is a group of attributes defining the level of cross-origin request supported by the HTTP Servlet Extension. |
| Default Value | No cross-origin policy is defined and no CORS headers are recognized or returned. |
| Allowed Values | The DN of any HTTP Servlet Cross Origin Policy. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies HTTP header fields and values added to response headers for all requests. Values specified here must specify both the header field name and the value in conformance with RFC 2616. Fields may only be specified once; multiple values for the same header should be comma-separated. See RFC 7231 for a standard set of field names. Any response headers configured for this HTTP Servlet Extension will be combined with response headers configured on the corresponding Connection Handler. In the case of duplicates, the headers configured on this HTTP Servlet Extension will be used instead of the headers configured on the Connection Handler. |
| Default Value | None |
| Allowed Values | Colon-separated header field name and value |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | HTTP Connection Handlers hosting this HTTP Servlet Extension must be disabled and then re-enabled, or the server restarted, in order for this change to take effect. |
| Description | Require authentication when accessing the REST API. The Data Metrics Server includes a REST API that provides access to metric definitions and samples. If the REST API is configured to require authentication, then the api-users backend can be populated with user entries to authenticate against. API authentication is not constrained to the api-users backend, so it is possible to authenticate as a root user as well. However, entries from the api-users backend have no other access to the Data Metrics Server, so it is more secure to use these entries rather than root users for API authentication. The api-users LDIF backend contains user entries that may be used to authenticate API calls. The user entries used for authentication are intentionally minimal, and can be created via the ldapmodify utility using an entry of the following form: dn: cn=app-user1,cn=api-users changeType: add objectClass: inetOrgPerson objectClass: person objectClass: top cn: app-user1 uid: a1 sn: User1 userpassword: api1 ds-pwp-password-policy-dn: cn=Default Password Policy,cn=Password Policies,cn=config |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the name of the identity mapper that is to be used for associating user entries with basic authentication user names. |
| Default Value | Requests must specify a fully qualified DN. No attempt will be made to map a user name to a DN. |
| Allowed Values | The DN of any Identity Mapper. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component. |
omit-error-message-details (Advanced Property)
| Description | Specifies that API error messages for invalid queries, unknown resources, service unavailable, and internal server errors are generic in nature. Detailed error messages can be helpful in diagnosing application errors, but in production they may reveal information that might be useful to a malicious attacker. Though enabling this property may make the data more secure, doing so may result in lessening the user experience of client applications that rely on presenting detailed error messages to users. You should enable this property only after careful consideration and only when there is no ongoing development on applications that leverage the API. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
api-authentication-timeout (Advanced Property)
| Description | Length of time before a REST API authentication session expires. The Data Metrics Server includes a REST API that provides access to metric definitions and samples. If the REST API is configured to require authentication, the authenticated session has a timeout so the acquired credentials cannot be used indefinitely. Changes to this property will apply to newly created authentication sessions; existing authenticated sessions will remain valid until their session timeout expires. |
| Default Value | 15 minutes |
| Allowed Values | A duration. Lower limit is 60000 milliseconds. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured HTTP Servlet Extensions:
dsconfig list-http-servlet-extensions
[--property {propertyName}] ...
To view the configuration for an existing HTTP Servlet Extension:
dsconfig get-http-servlet-extension-prop
--extension-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing HTTP Servlet Extension:
dsconfig set-http-servlet-extension-prop
--extension-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...