The headers that will not be forwarded through the transport. The value is a comma-separated list of header names. Extreme care should be taken when changing these values since most are generated internally and changes could result in conflicts or errors invoking services.

Default: content-type

Headers that will be generated based on the value of an exchange property. Valid property names are: incoming.scheme, incoming.hostname, incoming.port, incoming.path, incoming.uri, outgoing.scheme, outgoing.hostname, outgoing.port, outgoing.path, outgoing.uri, or the name of any available header (case-insensitive). If a property in a template cannot be found, then the header will not be set. Note that blocked header rules will be applied after these headers are set, which may result in removal.

The user agent header value that will be used if none specified in the request.

Default: Akana/8-HttpCore/4

The maximum number of connections that will be maintained to a given route.

Default: 200

The maximum number of connection in the client connection pool

Default: 600

Should Authentication be handled in the transport?

Default: true

Should redirects be handled in the transport?

Default: true

The maximum number of redirects allowed per request.

Default: 100

Should relative redirects be rejected?

Default: false

Should circular redirects be allowed?

Default: false

The time in milliseconds to wait for a connection from the connection pool.

Default: 10000

The I/O timeout in milliseconds. This translates to the default SO_TIMEOUT for a socket. Generally, this will be overridden by a value for the endpoint configured in Policy Manager.

Default: 120000

The timeout in milliseconds when establishing a connection. This value is passed directly to Socket.connect(address, timeout). A value of 0 means an indefinite wait.

Default: 10000

Activates 'Expect: 100-Continue' handshake for the entity enclosing methods. The purpose of the 'Expect: 100-Continue' handshake to allow a client that is sending a request message with a request body to determine if the origin server is willing to accept the request (based on the request headers) before the client sends the request body. The use of the 'Expect: 100-continue' handshake can result in noticable peformance improvement for entity enclosing requests (such as POST and PUT) that require the target server's authentication. However, the 'Expect: 100-continue' handshake should be used with caution, as it may cause problems with HTTP servers and proxies that do not support HTTP/1.1 protocol. For smaller requests it introduces an additional request/response overhead.

Default: false

Enable or disable stale connection checking for the HTTP client. Stale checking determines if a server has closed a connection while the connection is pooled on the client side. This introduces a test when connections are retrieved from the connection pool so it has performance implications.

Default: true

This flag controls chunking of all outgoing content while still using HTTP 1.1. This can be used in situations where a server may have bad chunking support but HTTP 1.1 features are still required, such as persistent connections etc. However, this will impact all outgoing HTTP connections and can lead to memory scaling problems. This will override any per-endpoint settings.

Default: false

The list of outbound headers that should always be treated as multi-part. Headers in this list will be broken up into a separate header for each value. This is to avoid problems certain servers that have trouble dealing with specific headers when they have multiple values concatenated together. The value is a comma-separated list.

Default: authorization

The time between idle connection checks in milliseconds.

Default: 100000

The maximum time a connection can remain idle before it is closed, in milliseconds.

Default: 300000

The maximum time in milliseconds that a connection will be kept open. A value of 0 means that there is no hard expiration. This works hand-in-hand with the Keep-Alive header. When a decision is made on the lifetime of a connection, the smaller of this or any Keep-Alive timeout value will be used.

Default: 0

The set of cipher suites used for SSL connections as a comma-separated list. A blank value will cause the built-in defaults to be used.

The set of protocols used for SSL connections as a comma-separated list. A blank value will cause the built-in defaults to be used.

Enable/disable the hostname verifier for outgoing SSL connections

Default: false

The cookie policy to use. The 'compatibility' setting mimics common browser behavior.

Default: ignoreCookies

Enable the client pool monitor servlet

Default: false

Enable/disable outbound address validation

Default: false

Types of addresses to denylist. This is a comma-separated string containing any of the options loopback, multicast, and anylocal.

Default: loopback