000038261 - How to modify the WildFly application server default maximum parameter setting of 1000 in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Dec 19, 2019Last modified by RSA Customer Support Employee on Dec 31, 2019
Version 2Show Document
  • Comment0
  • View in full screen mode

Article Content

Article Number000038261
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: 7.0.x, 7.1.x
Application Server : WildFly
IssueThe WildFly application server default maximum parameter setting is 1000. There may be times when you are advised to increase this setting by either an RSA Knowledge Base Article or by RSA Identity Governance & Lifecycle Support. The purpose of this RSA Knowledge Base Article is to outline the steps for increasing this parameter.

IMPORTANT: Do not modify this value unless you have been instructed to do so by either an RSA Knowledge Base Article or by RSA Identity Governance & Lifecycle Support.

TasksDecide on what value to set the WildFly application server maximum parameter. The value chosen will depend on why you need to increase this value. In the example below, the parameter is being increased to 3000.
ResolutionModify the WildFly configuration as follows:
  1. Login as the oracle user
  2. This procedure will modify $AVEKSA_HOME/wildfly/standalone/configuration/aveksa-standalone-full.xml. Backup this file before proceeding.


cp $AVEKSA_HOME/wildfly/standalone/configuration/aveksa-standalone-full.xml 
$AVEKSA_HOME/wildfly/standalone/configuration/aveksa-standalone-full.xml_backup_<MM-DD-YYYY>


  1. Run the following commands at the system prompt:


$AVEKSA_HOME/wildfly/bin/jboss-cli.sh --connect "/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=max-parameters, value=3000)"
$AVEKSA_HOME/wildfly/bin/jboss-cli.sh --connect "/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=max-parameters, value=3000)"
$AVEKSA_HOME/wildfly/bin/jboss-cli.sh --connect "/subsystem=undertow/server=default-server/https-listener=agent-ssl:write-attribute(name=max-parameters, value=3000)"


  1. The output after each of the above three commands should look similar to:


{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}


  1. This command modifies the $AVEKSA_HOME/wildfly/standalone/configuration/aveksa-standalone-full.xml file as shown below.

FROM:



<subsystem xmlns="urn:jboss:domain:undertow:3.1">
            <buffer-cache name="default"/>
            <server name="default-server">
                <http-listener name="default" socket-binding="http" max-post-size="2147483647" 
                   redirect-socket="https" enable-http2="true"/>
                <https-listener name="https" socket-binding="https" max-post-size="2147483647" 
                   security-realm="AveksaRealm" enabled-protocols="TLSv1,TLSv1.1,TLSv1.2"/>
                <https-listener name="agent-ssl" socket-binding="agent-ssl" max-post-size="2147483647" 
                   security-realm="AveksaAgentRealm" verify-client="REQUIRED" enabled-protocols="TLSv1.2"/>


TO:



<subsystem xmlns="urn:jboss:domain:undertow:3.1">
            <buffer-cache name="default"/>
            <server name="default-server">
                <http-listener name="default" socket-binding="http" max-post-size="2147483647" max-parameters="3000" 
                   redirect-socket="https" enable-http2="true"/>
                <https-listener name="https" socket-binding="https" max-post-size="2147483647" max-parameters="3000" 
                    security-realm="AveksaRealm" enabled-protocols="TLSv1,TLSv1.1,TLSv1.2"/>
                <https-listener name="agent-ssl" socket-binding="agent-ssl" max-post-size="2147483647" max-parameters="3000" 
                   security-realm="AveksaAgentRealm" verify-client="REQUIRED" enabled-protocols="TLSv1.2"/>


  1. These modifications require an application restart to take affect. 


acm restart


 

Attachments

    Outcomes