Default: 2

To specify no retries, set ConnectRetrySecs equal to ConnectTimeoutSecs. However, the proxy plug-in attempts to connect at least twice.

You can customize the error response by using the ErrorPage parameter.

Default: 10

Maximum time in seconds that the proxy plug-in should attempt to connect to the Oracle WebLogic Server host. Make the value greater than ConnectRetrySecs. If ConnectTimeoutSecs expires without a successful connection, even after the appropriate retries (see ConnectRetrySecs), an HTTP 503/Service Unavailable response is sent to the client.

You can customize the error response by using the ErrorPage parameter.

Default: OFF

Enables the special query parameter "__WebLogicBridgeConfig". Use it to get details about configuration parameters from the proxy plug-in.

For example, if you enable "__WebLogicBridgeConfig" by setting DebugConfigInfo and then send a request that includes the query string ?__WebLogicBridgeConfig, then the proxy plug-in gathers the configuration information and run-time statistics and returns the information to the browser. The proxy plug-in does not connect to Oracle WebLogic Server in this case.

This parameter is strictly for debugging and the format of the output message can change with releases. For security purposes, keep this parameter turned OFF in production systems.

Default: none

If the URI is "/" then the proxy plug-in performs the following steps:

1. Trims the path specified with the PathTrim parameter.
2. Appends the value of DefaultFileName.
3. Prepends the value specified with PathPrepend.

This procedure prevents redirects from Oracle WebLogic Server.

Set the DefaultFileName to the default welcome page of the Web application in Oracle WebLogic Server to which requests are being proxied. For example, If the DefaultFileName is set to welcome.html, an HTTP request like "http://somehost/weblogic" becomes "http://somehost/weblogic/welcome.html". For this parameter to function, the same file must be specified as a welcome file in all the Web Applications to which requests are directed. See Configuring Welcome Files in Developing Web Applications, Servlets, and JSPs for Oracle WebLogic Server.

Note for Apache users: If you are using Stronghold or Raven versions, define this parameter inside of a Location block, and not in an IfModule block.

Default: ON

When set to OFF, the proxy plug-in ignores the dynamic cluster list used for load balancing requests proxied from the proxy plug-in and only uses the static list specified with the WebLogicCluster parameter. Normally this parameter should remain set to ON.

There are some implications for setting this parameter to OFF:

• If one or more servers in the static list fails, the proxy plug-in could waste time trying to connect to a terminated server, resulting in decreased performance.

• If you add a new server to the cluster, the proxy plug-in cannot proxy requests to the new server unless you redefine this parameter. Oracle WebLogic Server automatically adds new servers to the dynamic server list when they become part of the cluster.

Default: none

You can create your own error page that is displayed when your Web server cannot forward requests to Oracle WebLogic Server.

The proxy plug-in redirects to an error page when the back-end server returns an HTTP 503/Service Unavailable response and there are no servers for failover.

Default: ON

When set to ON, and the size of the POST data in a request is greater than 2048 bytes, the POST data is first read into a temporary file on disk and then forwarded to Oracle WebLogic Server in chunks of 8192 bytes. This preserves the POST data during failover, allowing all necessary data to be repeated to the secondary if the primary goes down.

When FileCaching is ON, any client that tracks the progress of the POST will see that the transfer has completed even though the data is still being transferred between the WebServer and WebLogic. So, if you want the progress bar displayed by a browser during the upload to reflect when the data is actually available on the Oracle WebLogic Server, you might not want to have FileCaching ON.

When set to OFF and the size of the POST data in a request is greater than 2048 bytes, the reading of the POST data is postponed until an Oracle WebLogic Server cluster member is identified to serve the request. Then the proxy plug-in reads and immediately sends the POST data to Oracle WebLogic Server in chunks of 8192 bytes.

Turning FileCaching OFF limits failover. If the Oracle WebLogic Server primary server goes down while processing the request, the POST data already sent to the primary cannot be repeated to the secondary.

Finally, regardless of how FileCaching is set, if the size of the POST data is 2048 bytes or less the proxy plug-in will read the data into memory and use it if needed during failover to repeat to the secondary.

Default: ON

Applies to: Oracle HTTP Server, Apache HTTP Server, Microsoft IIS

Prior to WebLogic Plug-in 14.1.2.0.0, when Idempotent parameter is set to ON and if the back-end server do not respond within WLIOTimeoutSecs, the proxy plug-ins failover if the method is Idempotent. However, from WebLogic Plug-in version 14.1.2 for Oracle HTTP Server and Apache HTTP Server, if the back-end server do not respond within WLIOTimeoutSecs, the failover is controlled by WLRetryOnTimeout parameter.

The proxy plug-ins also failover if Idempotent is set to ON and the servers respond with an error such as READ_ERROR_FROM_SERVER.

If Idempotent is set to OFF, the proxy plug-ins do not failover. If you are using the Apache HTTP Server, you can set this parameter differently for different URLs or MIME types.

Idempotent only takes effect if the request is successfully sent to Oracle WebLogic Server and the proxy plug-in is now waiting for a response from the back-end server.

POST requests are not retried even if marked as Idempotent.

Default: ON

This directive enables pooling of connections between the proxy plug-in and Oracle WebLogic Server. Valid values are ON and OFF.

While using Apache prefork mpm, Apache web server might fail. Set KeepAliveEnabled to OFF when using prefork mpm or use worker mpm in Apache.

Default: 20

The length of time after which an inactive connection between the proxy plug-in and Oracle WebLogic Server is closed. You must set KeepAliveEnabled to true (ON when using the Apache HTTP Server) for this parameter to be effective.

The value of this parameter must be less than or equal to the value of the Duration field set in the Remote Console on the Server > Protocols > HTTP page, or the value set on the server MBean with the KeepAliveSecs attribute.

Default: none

Use this parameter to modify the values of existing parameters or add a new parameter for a particular configuration.

The MatchExpression parameter supports only the * and ? regular expressions

• * which matches 0 or more characters

• ? which matches exactly one character

This parameter can be configured for two scenarios.

Proxying by MIME type:

You can use this parameter in the following format to set other parameters for a particular MIME type.

Syntax:

MatchExpression <file_extension> <param=value>|<param-value>|…

For example, the following configuration proxies *.jsp to myHost:8080:

<IfModule weblogic_module>
MatchExpression *.jsp WebLogicHost=myHost|WebLogicPort=8080
</IfModule>

Proxying by path:

You can also use this parameter in the following format to set other parameters for a particular path.

Syntax:

MatchExpression <path> <param=value>|<param-value>|…

For example, the following configuration proxies the URIs beginning with /weblogic to myHost:9090:

<IfModule weblogic_module>
MatchExpression /weblogic WebLogicHost=myHost|WebLogicPort=9090
</IfModule>

You can also use MatchExpression to override the parameter values, as shown above. It can also be used to define new parameters (this is, those that have not been used in the configuration).

For example, the configuration below proxies all the requests to myHost:8080. The URIs that match the type jpg will be proxied to myHost:8080/images and others will be proxied to myHost:8080.

<IfModule weblogic_module>
WLSRequest On
WebLogicHost myHost
WebLogicPort 8080
MatchExpression *.jpg PathPrepend=/images
</IfModule>

Default: 0

Maximum allowable size of POST data, in bytes. If the content-length exceeds MaxPostSize, the proxy plug-in returns an error message. If set to 0, the size of POST data is not checked. This is useful for preventing denial-of-service attacks that attempt to overload the server with POST data.

Default: 10

If Oracle WebLogic Server listed in either the WebLogicCluster parameter or a dynamic cluster list returned from Oracle WebLogic Server fails, the failed server is marked as "bad" and the proxy plug-in attempts to connect to the next server in the list.

MaxSkipTime sets the amount of time after which the proxy plug-in will retry the server marked as "bad." The proxy plug-in attempts to connect to a new server in the list each time a unique request is received (that is, a request without a cookie).

MaxSkipTime = (no of servers) * ConnectRetrySecs

Default: null

As per the RFC specification, generic syntax for URL is:

[PROTOCOL]://[HOSTNAME]:{PORT}/{PATH}/{FILENAME};{PATH_PARAMS}/{QUERY_STRING}...

PathPrepend specifies the path that the proxy plug-in prepends to the {PATH} portion of the original URL, after PathTrim is trimmed and before the request is forwarded to Oracle WebLogic Server.

If you must append a File Name, use DefaultFileName parameter instead of PathPrepend.

Default: null

As per the RFC specification, generic syntax for URL is:

[PROTOCOL]://[HOSTNAME]:{PORT}/{PATH}/{FILENAME};{PATH_PARAMS}/{QUERY_STRING}...

PathTrim specifies the string trimmed by the proxy plug-in from the {PATH}/{FILENAME} portion of the original URL, before the request is forwarded to Oracle WebLogic Server. For example, if the http://myWeb.server.com/weblogic/foo URL is passed to the proxy plug-in for parsing and if PathTrim has been set to strip off /weblogic, before handing the URL to Oracle WebLogic Server, the URL forwarded to Oracle WebLogic Server is http://myWeb.server.com:7001/foo.

If you are newly converting an existing third-party server to proxy requests to Oracle WebLogic Server using the proxy plug-in, you will need to change application paths to /foo to include weblogic/foo. You can use PathTrim and PathPrepend in combination to change this path.

Configure the PathTrim parameter inside the <Location> tag.

The following configuration is incorrect because the PathTrim parameter is not configured inside the <Location> tag:

<Location /weblogic>
WLSRequest On 
</Location> 

<IfModule mod_weblogic.c>
WebLogicHost localhost
WebLogicPort 7001
PathTrim /weblogic
</IfModule>

The following configuration is correct:

<Location /weblogic>
 WLSRequest On 
 PathTrim /weblogic
</Location>

The <Location> directive limits the scope of the enclosed directives by URL. See Apache Location Directive.

Default: OFF

When set to ON, specifies that the Apache HTTP Server use

(request_rec *)r->the_request

to pass the query string to Oracle WebLogic Server. (For more information, see the Apache documentation.) This behavior is desirable when a Netscape version 4.x browser makes requests that contain spaces in the query string

When set to OFF, the Apache HTTP Server uses (request_rec *)r->args to pass the query string to Oracle WebLogic Server.

Required when proxying to a cluster of Oracle WebLogic Servers, or to multiple non-clustered servers.

Default: none

The WebLogicCluster parameter is required to proxy a list of back-end servers that are clustered, or to perform load balancing among non-clustered managed server instances.

List of Oracle WebLogic Servers that can be used for load balancing. The server or cluster list is a list of host:port entries. If a mixed set of clusters and single servers is specified, the dynamic list returned for this parameter will return only the clustered servers.

For the syntax for specifying the value of this parameter for Oracle HTTP Server, see Configuring the Plug-In for Oracle HTTP Server.

If you are using SSL between the proxy plug-in and Oracle WebLogic Server, set the port number to the SSL listen port and set the SecureProxy parameter to ON.

The proxy plug-in does a simple round-robin between all available servers. The server list specified in this property is a starting point for the dynamic server list that the server and proxy plug-in maintain. Oracle WebLogic Server and the proxy plug-in work together to update the server list automatically with new, failed, and recovered cluster members.

You can disable the use of the dynamic cluster list by setting the DynamicServerList parameter to OFF.

The proxy plug-in directs HTTP requests containing a cookie, URL-encoded session, or a session stored in the POST data to the server in the cluster that created the cookie.

Required when proxying to a single Oracle WebLogic Server.

Default: none

Oracle WebLogic Server host (or virtual host name as defined in Oracle WebLogic Server) to which HTTP requests should be forwarded. If you are using a Oracle WebLogic cluster, use the WebLogicCluster parameter instead of WebLogicHost.

Required when proxying to a single Oracle WebLogic Server.

Default: none

The port at which Oracle WebLogic Server host is listening for connection requests from the proxy plug-in (or from other servers). (If you are using SSL between the proxy plug-in and Oracle WebLogic Server, set this parameter to the SSL listen port and set the SecureProxy parameter to ON).

If you are using a Oracle WebLogic Cluster, use the WebLogicCluster parameter instead of WebLogicPort.

Default: JSESSIONID

If you change the name of the Oracle WebLogic Server session cookie in the Oracle WebLogic Server Web application, then you must change the WLCookieName parameter in the proxy plug-in to the same value. The name of the Oracle WebLogic session cookie is set in the WebLogic-specific deployment descriptor, in the <session-descriptor> element in weblogic.xml.

Default: 0 (Lookup once, during startup)

If defined in the proxy configuration, specifies number of seconds interval at which Oracle WebLogic Server refreshes DNS name to IP mapping for a server. This can be used if an Oracle WebLogic Server instance is migrated to a different IP address, but the DNS name for that server's IP remains the same. In this case, at the specified refresh interval the DNS<->IP mapping will be updated.

Default: none

This parameter allows you to exclude certain requests from proxying.

This parameter can be defined locally at the Location tag level and globally. When the property is defined locally, it does not override the global property but defines a union of the two parameters.

Default: OFF

When set to ON, the Oracle WebLogic Server Proxy Plug-in will forward the original URI from the client to Oracle WebLogic Server. When set to OFF (default), the URI sent to Oracle WebLogic Server is subjected to modification by mod_rewrite or other Web Server Plug-in modules.

New name for HungServerRecoverSecs.

Default: 120

Defines the amount of time the proxy plug-in waits for a response to a request from Oracle WebLogic Server. The proxy plug-in waits for WLIOTimeoutSecs for the server to respond, and then declares that the server is dead, and fails over to the next server. You must set the value to a large value. If the value is less than the time the servlets take to process, you might see unexpected results.

Minimum value: 10

Maximum value: 2147483647

Default: none

Defines the IP address (on the proxy plug-in's system) to bind to when the proxy plug-in connects to an Oracle WebLogic Server instance running on a multihomed machine.

If WLLocalIP is not set, the TCP/IP stack will choose the source IP address.

Default: Windows: Half of ThreadsPerChild, Non-Windows: Half of MaxRequestWorkers

Limits the number of active WebSocket connections at any instant of time.

Default: OFF

If you have a chained proxy setup, where a proxy plug-in is running behind some other proxy or load balancer, you must explicitly enable the WLProxyPassThrough parameter. This parameter allows the header to be passed through the chain of proxies.

Default: OFF

Set this parameter to ON to maintain SSL communication between the proxy plug-in and Oracle WebLogic Server when the following conditions exist:

• An HTTP client request specifies the HTTPS protocol.
• The request is passed through one or more proxy servers (including the Oracle WebLogic Server Proxy Plug-in).
• The connection between the proxy plug-in and Oracle WebLogic Server uses the HTTP protocol.

When WLProxySSL is set to ON, the location header returned to the client from Oracle WebLogic Server specifies the HTTPS protocol.

Default: OFF

If a load balancer or other software deployed in front of the web server and proxy plug-in is the SSL termination point, and that product sets the WL-Proxy-SSL request header to true or false based on whether the client connected to it over SSL, set WLProxySSLPassThrough to ON so that the use of SSL is passed on to the Oracle WebLogic Server.

If the SSL termination point is in the web server where the proxy plug-in operates, or the load balancer does not set WL-Proxy-SSL, set WLProxySSLPassThrough to OFF (default).

Default: IDEMPOTENT

Applies to: Oracle HTTP Server, Apache HTTP Server

Tells the WebLogic Plug-in whether to retry requests (including POST requests) when a timeout occurs before the WebLogic server sends the status line. Valid arguments are:

• ALL: All requests are retried.
• IDEMPOTENT: Only requests that use idempotent methods are retried.
• NONE: No requests are retried.
• ALL_NOREAD: All requests are retried, where after sending the request nothing has been received.
• IDEMPOTENT_NOREAD: Only requests that use idempotent methods are retried, where after sending the request nothing has been received.

Prior to Oracle HTTP Server 14.1.2.0.0, the parameter Idempotent played a role where IDEMPOTENT ON caused a retry in case of response timeout. However, from Oracle HTTP Server 14.1.2.0.0 the retry due to response timeout is controlled only by the parameter WLRetryOnTimeout.

Default: ALL

Tells the Oracle WebLogic Server Proxy Plug-ins which requests to retry when a connection is lost before Oracle WebLogic Server sends the status line. Valid arguments are:

• ALL: All requests will be retried.
• IDEMPOTENT: Only requests using idempotent methods will be retried.
• NONE: No requests will be retried.

Default: ON

This controls whether a 503 error response from Oracle WebLogic Server triggers a failover to another server. Normally, the proxy plug-in will attempt to failover to another server when a 503 error response is received. When WLServerInitiatedFailover is set to OFF, the 503 error response will be returned to the client immediately.

Default: 2 (must be greater than 0)

Set the timeout for the socket while connecting, in seconds. See ConnectTimeoutSecs and ConnectRetrySecs for additional details.

Default: OFF

This is an alternative to the WLSRequest On mechanism of identifying requests to be forwarded to Oracle WebLogic Server. For example,

<Location /weblogic>
 WLSRequest ON
 PathTrim /weblogic
</Location>

The use of WLSRequest ON instead of SetHandler weblogic-handler has the following advantages:

• Lower web server processing overhead in general

• Resolves substantial performance degradation when the web server DocumentRoot is on a slow filesystem

• Resolves 403 errors for URIs which cannot be mapped to the filesystem due to the filesystem length restrictions

Default: /tmp

For Apache HTTP Server, this directive specifies the location of the _wl_proxy directory for the POST data files.

Default: OFF

Set this parameter to ON to enable the use of the SSL protocol for all communication between the proxy plug-in and Oracle WebLogic Server. Remember to configure a port on the corresponding Oracle WebLogic Server for the SSL protocol before defining this parameter.

This parameter may be set at two levels: in the configuration for the main server and—if you have defined any virtual hosts—in the configuration for the virtual host. The configuration for the virtual host inherits the SSL configuration from the configuration of the main server if the setting is not overridden in the configuration for the virtual host.

Default: TLSv1.2, TLSv1.3

Specifies the SSL protocol version to use for communication between the proxy plug-in and the Oracle WebLogic Server. This setting need not match that of the web server's ssl.conf file. The proxy plug-in can have its own SSL version to communicate with Oracle WebLogic Server.

The following values are accepted:

• TLSv1_2 or TLSv1.2: Uses TLS v1.2
• TLSv1_3 or TLSv1.3: Uses TLS v1.3

For example:

WebLogicSSLVersion TLSv1_2 TLSv1_3

You can define multiple protocols by using a space-separated list. The SSL protocol version chosen is used for all the connections from the proxy plug-in to Oracle WebLogic Server. Hence, define this parameter at the global scope.

If not configured, the proxy plug-in uses the best protocol supported by both the proxy plug-in and Oracle WebLogic Server.

Default: none

Scope: Server context, Virtual Host context

The WLSSLWallet performs one-way or two-way SSL based on how SSL is configured for Oracle WebLogic Server. The export_wallet program exports the wallet into PEM formatted files on the file system. For each user-supplied wallet, three files may be created in the same file system path where only auto_login_only wallet is supported.

• key.pem: A pass-phrase protected file containing the private key in PEM format, if a private key is present in the wallet.
• user.crt: User certificate in PEM format, if a user certificate is present in the wallet.
• trusted_certs.crt: Chain of trusted certificates in PEM format.

Set the path of an Oracle Wallet (containing an SSO wallet file) as an argument. For example:

WLSSLWallet "${ORACLE_INSTANCE}/config/fmwconfig/components/${COMPONENT_TYPE}/instances/${COMPONENT_NAME}/keystores/default"

The WLSSLWallet directive is allowed in the Global Server context and <VirtualHost> context but not allowed in <Location> context. For example,

<IfModule weblogic_module>
 WLSSLWallet [Directory_Path_Of_Wallet]
...
</IfModule>
...
<Location /console>
 WLSRequest ON
 WebLogicHost [HOSTNAME]
 WebLogicPort [PORT]
 SecureProxy On
</Location>