default server headers
emeuwese Nov 4, 2008 7:47 AMJBoss AS 5RC2 doesn't allow you to override default behaviour of the server and the xpoweredBy attributes of the connector.
With the default configuration a http response looks like:
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1 Server: Apache-Coyote/1.1 ...
If I change server to "test" and turn the x-powered-by off in the server.xml
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="8443" server="test" xpoweredBy="false"/>
The results is:
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1 Server: test ...
and is should be:
HTTP/1.1 200 OK Server: test ...
If I change server to "test" and turn the x-powered-by on in the server.xml
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="8443" server="test" xpoweredBy="true"/>
The results is:
HTTP/1.1 200 OK X-Powered-By: Servlet/2.5 X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1 Server: test ...
and is should be:
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1 Server: test ...
If I change server to "null" because we want to remove it and turn the x-powered-by off in the server.xml
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="8443" server="null" xpoweredBy="false"/>
The results is:
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1 Server: null
and is should be:
HTTP/1.1 200 OK ...
Server is null didn't work so let's try "" and turn the x-powered-by off in the server.xml
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="8443" server="" xpoweredBy="false"/>
The results is:
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1 Server: Apache-Coyote/1.1
and is should be:
HTTP/1.1 200 OK ...
May be I can change the connector settings in the jmx management console
server="null" results in
HTTP/1.1 200 OK Server: Apache-Coyote/1.1
and server="test" results in
HTTP/1.1 200 OK Server: null
xpoweredBy="false" results in
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1
xpoweredBy="true" results in
HTTP/1.1 200 OK X-Powered-By: Servlet 2.5;JBoss-5.0/JBossWeb-2.1 X-Powered-By: Servlet/2.5
Changing these two attributes doesn't work in most cases. Changing the server attribute to some other text works but it can't be turned off.
Turning the x-powered-by on or off doesn't work at all.
Is there an other way to turn these headers off or is it a bug?
http://www.jboss.org/file-access/default/members/jbossweb/freezone/dist/1.0.1.GA/jbossweb-usersguide.pdf
in section 5.1 the documentation "xpoweredBy -Set this attribute to true to cause JBoss Web to advertise support for the Servlet specification using the header recommended in the specification. The default value is false."