libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-18466 Configure HTTP client timeouts for adapters

Browse source
This commit is contained in:
Martin Bartoš 2021-06-30 10:25:40 +02:00 committed by Hynek Mlnařík
parent 64cb224da0
commit 104c85d46b
2 changed files with 49 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
securing_apps/topics/oidc/java/java-adapter-config.adoc
View file

@ -27,6 +27,9 @@ This is what one might look like:
}, },
"connection-pool-size" : 20, "connection-pool-size" : 20,
"socket-timeout-millis": 5000,
"connection-timeout-millis": 6000,
"connection-ttl-millis": 500,
"disable-trust-manager": false, "disable-trust-manager": false,
"allow-any-hostname" : false, "allow-any-hostname" : false,
"truststore" : "path/to/truststore.jks", "truststore" : "path/to/truststore.jks",
@ -150,6 +153,27 @@ connection-pool-size::
This is _OPTIONAL_. This is _OPTIONAL_.
The default value is `20`. The default value is `20`.
socket-timeout-millis::
Timeout for socket waiting for data after establishing the connection in milliseconds.
Maximum time of inactivity between two data packets.
A timeout value of zero is interpreted as an infinite timeout.
A negative value is interpreted as undefined (system default if applicable).
The default value is `-1`.
This is _OPTIONAL_.
connection-timeout-millis::
Timeout for establishing the connection with the remote host in milliseconds.
A timeout value of zero is interpreted as an infinite timeout.
A negative value is interpreted as undefined (system default if applicable).
The default value is `-1`.
This is _OPTIONAL_.
connection-ttl-millis::
Connection time-to-live for client in milliseconds.
A value less than or equal to zero is interpreted as an infinite value.
The default value is `-1`.
This is _OPTIONAL_.
disable-trust-manager:: disable-trust-manager::
If the {project_name} server requires HTTPS and this config option is set to `true` you do not have to specify a truststore. If the {project_name} server requires HTTPS and this config option is set to `true` you do not have to specify a truststore.
This setting should only be used during development and *never* in production as it will disable verification of SSL certificates. This setting should only be used during development and *never* in production as it will disable verification of SSL certificates.

26
securing_apps/topics/saml/java/general-config/idp_httpclient_subelement.adoc
View file

@ -16,7 +16,10 @@ verification via SAML descriptor of the IDP when
clientKeystorePassword="pwd" clientKeystorePassword="pwd"
truststore="classpath:truststore.jks" truststore="classpath:truststore.jks"
truststorePassword="pwd" truststorePassword="pwd"
proxyUrl="http://proxy/" /> proxyUrl="http://proxy/"
socketTimeout="5000"
connectionTimeout="6000"
connectionTtl="500" />
---- ----
connectionPoolSize:: connectionPoolSize::
@ -65,3 +68,24 @@ clientKeystorePassword::
proxyUrl:: proxyUrl::
URL to HTTP proxy to use for HTTP connections. URL to HTTP proxy to use for HTTP connections.
This is _OPTIONAL_. This is _OPTIONAL_.
socketTimeout::
Timeout for socket waiting for data after establishing the connection in milliseconds.
Maximum time of inactivity between two data packets.
A timeout value of zero is interpreted as an infinite timeout.
A negative value is interpreted as undefined (system default if applicable).
The default value is `-1`.
This is _OPTIONAL_.
connectionTimeout::
Timeout for establishing the connection with the remote host in milliseconds.
A timeout value of zero is interpreted as an infinite timeout.
A negative value is interpreted as undefined (system default if applicable).
The default value is `-1`.
This is _OPTIONAL_.
connectionTtl::
Connection time-to-live for client in milliseconds.
A value less than or equal to zero is interpreted as an infinite value.
The default value is `-1`.
This is _OPTIONAL_.