*Back to [[Book|Administrator's Configuration File Reference#cfr]] [[Topic|Administrator's Configuration File Reference#chap2]]*
h2. Understanding {{server.xml}}
To edit {{server.xml}} for your environment, you must know which elements contain the relevant settings. The following sections contain brief descriptions of the elements that configure the functional areas:
* [#Access Control]
* [#Clustering]
* [#HTTP Protocol]
* [#Java]
* [#Logging and Monitoring]
* [#Performance Tuning]
* [#Search]
* [#SSL, TLS, and PKCS #11]
* [#Variables]
* [#Virtual Servers]
* [#WebDAV]
In addition, [Elements in server.xml|Administrator's Configuration File Reference#chap3] contains an alphabetical list of all the {{server.xml}} elements and their subelements.
h3. Access Control
The {{acl-file}} element references an ACL file. ACL files define the authorization rules. The {{auth-realm}} and {{default-auth-realm-name}} elements configure authentication realms for Java Servlet container authentication. For more information, see [{{acl-file}}|A#a5], [{{auth-realm}}|A#a9], and [{{default-auth-realm-name}}|D#d4].
The {{auth-db}} and {{default-auth-db-name}} elements configure the authentication databases for server authentication. Authentication databases are used with ACL files. For more information, see [{{auth-db}}|A#a8], and [{{default-auth-db-name}}|D#d3].
For more information on ACL files, see [ACL Files|Administrator's Configuration File Reference#chap9].
h3. Clustering
The {{cluster}} element defines a cluster of servers to which an individual server instance belongs. The {{instance}} element defines an individual member of a cluster. The {{session-replication}} element configures how Java Servlet sessions are shared between instances in a cluster. For more information, see [{{cluster}}|C#c2], [{{instance}}|I & J#i3], and [{{session-replication}}|S#s5].
h3. HTTP Protocol
The {{http}} element configures the general HTTP protocol options. The {{keep-alive}} element configures HTTP keep-alive connection management. The {{http–listener}} element configures the ports and IP addresses on which the server listens for new HTTP connections. The {{virtual-server}} element configures how the server processes the HTTP requests. For more information, see [{{http}}|F & H#h1], [{{keep-alive}}|K & L#k1], [{{http-listener}}|F & H#h2], and [{{virtual-server}}|V & W#v2].
h3. Java
The following elements configure the Java Servlet container:
* The {{servlet-container}} element configures miscellaneous Servlet container options. For more information, see [{{servlet-container}}|S#s4].
* The {{auth-realm}} element defines an authentication realm for Java Servlet container authentication. For more information, see [{{auth-realm}}|A#a9].
* The {{default-auth-realm-name}} element specifies the default authentication realm for Java Servlet container authentication. For more information, see [{{default-auth-realm-name}}|D#d4].
* The {{single-sign-on}} element determines how the authentication information is shared across multiple Java web applications. For more information, see [{{single-sign-on}}|S#s6].
* The {{web-app}} element defines the location of a Java web application. For more information, see [{{web-app}}|V & W#w1].
The following elements configure the Java Naming and Directory Interface (JNDI ^TM^) resources:
* The {{custom-resource}} element defines a resource implemented by a custom Java class. For more information, see [{{custom-resource}}|C#c6].
* The {{external-jndi-resource}} element identifies the resource provided by an external JNDI repository. For more information, see [{{external-jndi-resource}}|E#e3].
* The {{jdbc-resource}} element configures a Java Database Connectivity (JDBC ^TM^) data source. For more information, see [{{jdbc-resource}}|I & J#j1].
* The {{mail-resource}} element configures a mail store resource. For more information, see [{{mail-resource}}|M#m1].
The {{lifecycle-module}} element loads the custom Java plug-ins that are triggered by one or more events in the server's lifecycle. For more information [{{lifecycle-module}}|K & L#l1].
The {{soap-auth-provider}} element configures message-level authentication for Java web services. For more information, see [{{soap-auth-provider}}|S#s8].
The {{jvm}} element configures the Java Virtual Machine (JVM). For more information, see [{{jvm}}|I & J#j2].
h3. Logging and Monitoring
The {{access-log}} element configures the file name and formats of access logs. The {{access-log-buffer}} element configures the frequency of access log updates and ordering of the access log entries. For more information, see [{{access-log}}|A#a1] and [{{access-log-buffer}}|A#a2].
The {{log}} element configures the file name and contents of the server log. The {{event}} element configures the access log and server log rotation. For more information, see [{{log}}|K & L#l4] and [{{event}}|E#e2].
The {{snmp}} element configures SNMP, and the {{stats}} element configures statistics collection. For more information, see [{{snmp}}|S#s7] and [{{stats}}|S#s13].
h3. Performance Tuning
The {{thread-pool}} element configures the number of threads used to process requests and the maximum number of HTTP connections that the server queues. For more information, see [{{thread-pool}}|T#t1].
The {{keep-alive}} element configures the HTTP keep-alive connection management. For more information, see [{{keep-alive}}|K & L#k1].
WebDAV ACL, lock, and property caching are controlled by the {{acl-db}}, {{lock-db}}, and {{property-db}} elements, respectively. For more information, see [{{acl-db}}|A#a4], [{{lock-db}}|K & L#l3], and [{{property-db}}|P#p4].
The {{file-cache}} element configures file caching. The {{dns-cache}} element configures the DNS caching. The {{acl-cache}} element configures the authentication credential caching. For more information, see [{{file-cache}}|F & H#f1], [{{dns-cache}}|D#d8], and [{{acl-cache}}|A#a3].
h3. Search
The {{search-collection}} element defines the set of documents that the server should index. The {{search-app}} element configures the server's built-in search web application. For more information, see [{{search-collection}}|S#s2] and [{{search-app}}|S#s1].
h3. SSL, TLS, and PKCS #11
The {{ssl}} element configures SSL and TLS. SSL and TLS can be configured separately for each HTTP listener. For more information, see [{{ssl}}|S#s9] and [{{http-listener}}|F & H#h2].
The {{pkcs11}} element configures the PKCS#11 subsystem, including Certificate Revocation Lists (CRLs) and third-party cryptographic modules. For more information, see [{{pkcs11}}|P#p1].
h3. Variables
The {{variable}} element defines a variable for use in expressions, log formats, and {{obj.conf}} parameters. For more information on the {{variable}} element, see [{{variable}}|V & W#v1]. For more information on variable and expression use, see [Appendix A: Using Variables, Expressions, and String Interpolation|Administrator's Configuration File Reference#appA]. For more information on the log file format, see [Appendix C: Using the Custom Log File Format|Administrator's Configuration File Reference#appC].
h3. Virtual Servers
The {{virtual-server}} element configures the virtual servers. Each virtual server accepts HTTP connections from one or more HTTP listeners. The {{http-listener}} element configures the HTTP listeners. For more information, see [{{virtual-server}}|V & W#v2], and [{{http-listener}}|F & H#h2].
You can define variables within a virtual server using the {{variable}} element, as described in the previous section, [Variables].
h3. WebDAV
The {{dav}} element configures WebDAV. The {{dav-collection}} element defines the set of files that are accessible through WebDAV. For more information, see [{{dav}}|D#d1] and [{{dav-collection}}|D#d2].
h2. Understanding {{server.xml}}
To edit {{server.xml}} for your environment, you must know which elements contain the relevant settings. The following sections contain brief descriptions of the elements that configure the functional areas:
* [#Access Control]
* [#Clustering]
* [#HTTP Protocol]
* [#Java]
* [#Logging and Monitoring]
* [#Performance Tuning]
* [#Search]
* [#SSL, TLS, and PKCS #11]
* [#Variables]
* [#Virtual Servers]
* [#WebDAV]
In addition, [Elements in server.xml|Administrator's Configuration File Reference#chap3] contains an alphabetical list of all the {{server.xml}} elements and their subelements.
h3. Access Control
The {{acl-file}} element references an ACL file. ACL files define the authorization rules. The {{auth-realm}} and {{default-auth-realm-name}} elements configure authentication realms for Java Servlet container authentication. For more information, see [{{acl-file}}|A#a5], [{{auth-realm}}|A#a9], and [{{default-auth-realm-name}}|D#d4].
The {{auth-db}} and {{default-auth-db-name}} elements configure the authentication databases for server authentication. Authentication databases are used with ACL files. For more information, see [{{auth-db}}|A#a8], and [{{default-auth-db-name}}|D#d3].
For more information on ACL files, see [ACL Files|Administrator's Configuration File Reference#chap9].
h3. Clustering
The {{cluster}} element defines a cluster of servers to which an individual server instance belongs. The {{instance}} element defines an individual member of a cluster. The {{session-replication}} element configures how Java Servlet sessions are shared between instances in a cluster. For more information, see [{{cluster}}|C#c2], [{{instance}}|I & J#i3], and [{{session-replication}}|S#s5].
h3. HTTP Protocol
The {{http}} element configures the general HTTP protocol options. The {{keep-alive}} element configures HTTP keep-alive connection management. The {{http–listener}} element configures the ports and IP addresses on which the server listens for new HTTP connections. The {{virtual-server}} element configures how the server processes the HTTP requests. For more information, see [{{http}}|F & H#h1], [{{keep-alive}}|K & L#k1], [{{http-listener}}|F & H#h2], and [{{virtual-server}}|V & W#v2].
h3. Java
The following elements configure the Java Servlet container:
* The {{servlet-container}} element configures miscellaneous Servlet container options. For more information, see [{{servlet-container}}|S#s4].
* The {{auth-realm}} element defines an authentication realm for Java Servlet container authentication. For more information, see [{{auth-realm}}|A#a9].
* The {{default-auth-realm-name}} element specifies the default authentication realm for Java Servlet container authentication. For more information, see [{{default-auth-realm-name}}|D#d4].
* The {{single-sign-on}} element determines how the authentication information is shared across multiple Java web applications. For more information, see [{{single-sign-on}}|S#s6].
* The {{web-app}} element defines the location of a Java web application. For more information, see [{{web-app}}|V & W#w1].
The following elements configure the Java Naming and Directory Interface (JNDI ^TM^) resources:
* The {{custom-resource}} element defines a resource implemented by a custom Java class. For more information, see [{{custom-resource}}|C#c6].
* The {{external-jndi-resource}} element identifies the resource provided by an external JNDI repository. For more information, see [{{external-jndi-resource}}|E#e3].
* The {{jdbc-resource}} element configures a Java Database Connectivity (JDBC ^TM^) data source. For more information, see [{{jdbc-resource}}|I & J#j1].
* The {{mail-resource}} element configures a mail store resource. For more information, see [{{mail-resource}}|M#m1].
The {{lifecycle-module}} element loads the custom Java plug-ins that are triggered by one or more events in the server's lifecycle. For more information [{{lifecycle-module}}|K & L#l1].
The {{soap-auth-provider}} element configures message-level authentication for Java web services. For more information, see [{{soap-auth-provider}}|S#s8].
The {{jvm}} element configures the Java Virtual Machine (JVM). For more information, see [{{jvm}}|I & J#j2].
h3. Logging and Monitoring
The {{access-log}} element configures the file name and formats of access logs. The {{access-log-buffer}} element configures the frequency of access log updates and ordering of the access log entries. For more information, see [{{access-log}}|A#a1] and [{{access-log-buffer}}|A#a2].
The {{log}} element configures the file name and contents of the server log. The {{event}} element configures the access log and server log rotation. For more information, see [{{log}}|K & L#l4] and [{{event}}|E#e2].
The {{snmp}} element configures SNMP, and the {{stats}} element configures statistics collection. For more information, see [{{snmp}}|S#s7] and [{{stats}}|S#s13].
h3. Performance Tuning
The {{thread-pool}} element configures the number of threads used to process requests and the maximum number of HTTP connections that the server queues. For more information, see [{{thread-pool}}|T#t1].
The {{keep-alive}} element configures the HTTP keep-alive connection management. For more information, see [{{keep-alive}}|K & L#k1].
WebDAV ACL, lock, and property caching are controlled by the {{acl-db}}, {{lock-db}}, and {{property-db}} elements, respectively. For more information, see [{{acl-db}}|A#a4], [{{lock-db}}|K & L#l3], and [{{property-db}}|P#p4].
The {{file-cache}} element configures file caching. The {{dns-cache}} element configures the DNS caching. The {{acl-cache}} element configures the authentication credential caching. For more information, see [{{file-cache}}|F & H#f1], [{{dns-cache}}|D#d8], and [{{acl-cache}}|A#a3].
h3. Search
The {{search-collection}} element defines the set of documents that the server should index. The {{search-app}} element configures the server's built-in search web application. For more information, see [{{search-collection}}|S#s2] and [{{search-app}}|S#s1].
h3. SSL, TLS, and PKCS #11
The {{ssl}} element configures SSL and TLS. SSL and TLS can be configured separately for each HTTP listener. For more information, see [{{ssl}}|S#s9] and [{{http-listener}}|F & H#h2].
The {{pkcs11}} element configures the PKCS#11 subsystem, including Certificate Revocation Lists (CRLs) and third-party cryptographic modules. For more information, see [{{pkcs11}}|P#p1].
h3. Variables
The {{variable}} element defines a variable for use in expressions, log formats, and {{obj.conf}} parameters. For more information on the {{variable}} element, see [{{variable}}|V & W#v1]. For more information on variable and expression use, see [Appendix A: Using Variables, Expressions, and String Interpolation|Administrator's Configuration File Reference#appA]. For more information on the log file format, see [Appendix C: Using the Custom Log File Format|Administrator's Configuration File Reference#appC].
h3. Virtual Servers
The {{virtual-server}} element configures the virtual servers. Each virtual server accepts HTTP connections from one or more HTTP listeners. The {{http-listener}} element configures the HTTP listeners. For more information, see [{{virtual-server}}|V & W#v2], and [{{http-listener}}|F & H#h2].
You can define variables within a virtual server using the {{variable}} element, as described in the previous section, [Variables].
h3. WebDAV
The {{dav}} element configures WebDAV. The {{dav-collection}} element defines the set of files that are accessible through WebDAV. For more information, see [{{dav}}|D#d1] and [{{dav-collection}}|D#d2].