Advanced Configuration

The following properties are available for fine-tuning your server installation. Do not use these properties unless directed by Good Technical Support.

HTTP Request and Response Management

Connections to a Web Server

You can configure Good Intranet Server to time out if it cannot connect to a web server within a specified length of time. You can also turn logging on to record problems in connecting to web servers.

The time-out settings is useful for preventing excessive wait times when a handheld tries to access a site supported by an overloaded or downed web server. The logging setting is useful for troubleshooting web server connection problems.


Property Name	Default	Description
thread.min	50	The number of threads to allocate, prior to startup, for handling HTTP requests.
thread.max	200	The maximum number of concurrent threads to allow for handling HTTP requests.
thread.queuesize	1000	The maximum number of HTTP requests the server will handle. The total includes active threads and requests in queue, waiting for connection threads from the thread pool.
http.timeout	60000	The maximum length of time to wait for a connection to a web server, in milliseconds. The default is equivalent to one minute.
http.localhost	###.###.###.###	The IP address or host name to be used in sending packets to a web server. If you do not specify a localhost value, the server uses the default IP address of its host system.
http.keepalive.default. connection.reuse	15	The maximum number of times to reuse a persistent connection before closing it and creating a new connection.
http.keepalive.default. idle.timeout	60000	The maximum length if time to wait for a connection to be closed, in milliseconds.

Outgoing Proxy Support

You can configure Good Intranet Server to use proxy servers for the HTTP and HTTPS (secure HTTP) requests it receives. There can be multiple servers for each protocol. For example, you can define a proxy server for all HTTP requests sent to HTTP://www.oneurl.com and a separate proxy for all HTTP requests sent to HTTP://www.twourl.com. Similarly, you can define separate proxy servers for HTTPS requests sent to the same destinations.

For each proxy server you define, you need to assign the proxy a proxy name and configure the following properties:

For proxies that need to authenticate themselves in order to access an HTTP realm, you also need to set the following properties:

Thus, for two HTTP proxies, HTTP_Proxy1 and HTTP_Proxy2 and one HTTPS proxy, HTTPS_Proxy1, you potentially have the following sets of properties:

proxy.Http_Proxy1.host	proxy.Http_Proxy2.host	proxy.Https_Proxy1.host
proxy.Http_Proxy1.port	proxy.Http_Proxy2.port	proxy.Https_Proxy1.port
		proxy.Https_Proxy1.options
proxy.Http_Proxy1. realm.username	proxy.Http_Proxy2.realm.username	proxy.Https_Proxy1.realm.username
proxy.Http_Proxy1. realm.password	proxy.Http_Proxy2.realm.password	proxy.Https_Proxy1.realm.password

In addition, for each proxy there must be one or more proxy.rule_name.rule properties.


Property Name	Default	Description
proxy.enable	false	Enables Good Intranet Server to use a proxy server for making HTTP requests.
proxy.log.enable	false	Enables logging of proxy configuration information.
proxy.proxy_name. host	<hostname> \| <IP address>	The host name or IP address of the proxy server identified by proxy_name. The identifier you set for proxy_name is used in subsequent properties
proxy.proxy_name. port	<port>	The port on which the named proxy receives requests.
proxy.exceptions	none	Defines the URLs that are not routed through the proxy server. These URLs are defined using regular expressions.
proxy.proxy_name. options	tunnelssl \| nonsecure	If the proxy named in the property is used for HTTPS, one of the following options, or a combination of the two options: tunnelssl The server tunnels SSL through the proxy to the web server. Good Intranet Server opens an SSL connection to the web server by means of the proxy. HTTPS requests and responses then go through the proxy, but are only decrypted at the web server or Good Intranet Server not at the proxy. nonsecure Communication between Good Intranet Server and the proxy is carried out over a nonsecure connection, but communication between the proxy and the web server is carried out over SSL. You can combine the two options, by entering both of them, separated by a space. In this case, Good Intranet Server tries the first option and, if this fails, it tries the second option. For example, to have the server attempt to establish an SSL tunneling connection, but switch to a nonsecure connection if this fails, you would enter: tunnelssl nonsecure Note: To combine options, make sure you remove the "\|" separator between options that appears in the default properties file.
proxy.rule_name. rule	<protocol>://<regex> <proxy_name>	Names and defines a proxy rule. A proxy rule specifies a URL-matching pattern (a regular expression) and a proxy name. When the browser makes a request, the requested URL is matched against the patterns in all proxy rules and the rule with the most specific pattern is selected. The server accesses the URL via the proxy named in the selected rule. If the URL does not match any pattern or if the selected rule's proxy is the special keyword noproxy then no proxy is used and the server accesses the URL directly. The URL-matching pattern in a proxy rule must start with the protocol, either HTTP:// or HTTPS:/
	For example, the following three rules might be used in an enterprise intranet environment where internet traffic is proxied through the firewall and intranet traffic is allowed a direct connection. The proxy for internet traffic is publicproxy. proxy.http.rule http://* publicproxy proxy.https.rule https://* publicproxy proxy.intranet.rule http://corp.intranet noproxy The following rules proxy a specific host that can't be accessed directly: proxy.xyz_http.rule http://xyz.com proxyToXyz proxy.xyz_https.rule https://xyz.com proxyToXyz
proxy.proxy_name. realm.username	<username>	Specifies the user name that the named proxy needs to use for authentication when it accesses the HTTP realm entered for the realm component of the property name. For example, suppose Proxy server proxy_1 is used for HTTP requests sent to www.gaerver.com/pubs/docs, the realm gapubs contains www.gaerver.com/pubs/docs, and the user name required for accessing gapubs is pubsusr. In this case, you would set proxy.proxy_name.realm.username as follows:
proxy.proxy_name. realm.username	proxy.proxy_1.gapubs.username pubsusr
proxy.proxy_name. realm.password	<password>	Specifies the password that the named proxy needs to use for authentication when it accesses the HTTP realm entered for the realm component of the property name. Continuing the example above, if the password for gapubs were pubpass, you would set:
	proxy.proxy_1.gapubs.password pubpass

Proxy Log

The proxy log records the proxy name assigned to a proxy server (proxy.proxy_name.host)and port (proxy.proxy_name.port) and lists each proxy rule (proxy.rule_name.rule) assigned to the proxy.

[18/Jun/2006:13:43:18.136 PDT] [Info] Proxy Manager: Proxy rcproxy=
192.168.1.1:8080 added
[18/Jun/2006:13:43:18.186 PDT] [Info] Proxy Manager: Rule http://www.rcdocs.com/* : rcproxy added
[18/Jun/2006:13:43:18.186 PDT] [Info] Proxy Manager: Rule http://www.GoodIntranet.com/public/* : rcproxy added

In the first entry, the proxy named rcproxy has been assigned to the proxy server at IP address 192.168.1.1, using port 8080.

The second and third entries show the proxy rules for using rcproxy. The rule in the second entry assigns all HTTP requests sent to www.rcdocs.com to rcproxy. The rule in the third entry assigns all requests to rcproxy that contain the URL HTTP://www.Good Intranet.com/public.