Installing the http feature in Karaf leverages Pax Web to embed a Jetty webcontainer.
By default, Karaf create a Jetty connector on the 8181 http port (and 8443 for https). You can change this port number by providing etc/org.ops4j.pax.web.cfg file.
But, you can also create new connector in the embedded Jetty.
You may see several advantages for multiple connectors:
- you can isolate a set of applications, CXF services, Camel routes on a dedicated port number
- you can setup a different configuration for each connector. For instance, you can create two SSL connectors, each with a different keystore, truststore, …
You can find etc/jetty.xml configuration file where you can create custom Jetty configuration.
NB: if you want to have both etc/org.ops4j.pax.web.cfg and etc/jetty.xmll, don’t forget to reference jetty.xml in org.ops4j.pax.web.cfg using the org.ops4j.pax.web.config.file property pointing to the jetty.xml, for instance:
# in etc/org.ops4j.pax.web.cfg
To configure a new connector, you can add a addConnector call in this configuration. For instance, we can create a new connector on 9191 http port number (and 9443 https port number):
Now, Karaf will listen on 8181 and 9191 (for http), 8443 and 9443 (for https).
You can also define a connector dedicated to https with dedicated configuration for this connection, especially keystore, truststore, and client authentication:
By default, the web application will be bind on all connectors. If you want that your web application use a specific connector, you have to define it in the MANIFEST using the following properties:
If you use CXF services or Camel routes, if you use a connetor hostname and port number in the endpoint, it will use the corresponding connector.
For instance, the following CXF endpoint of a Camel route will use myConnector:
<cxf:cxfEndpoint id="cxfEndpoint" address="http://localhost:9191/services/myservice" wsdlUrl="..."/>
Karaf allows you a fine grained Jetty configuration. Karaf becomes a real complete WebContainer, with custom configuration on several connectors. It’s especially interesting for SSL connector where each connector can have a dedicated keystore and truststore, and client authentication configuration.