1 Reply Latest reply on Jan 31, 2011 4:48 AM by Joe Littlejohn

    maxPostSize parameter on HTTP connector

    Taher Moosa Newbie

      Hi guys,

      Let me start off with some background information. I have developed some web services using the Documentum foundation services sdk and deployed them to a JBoss 4.2.2 application server.

      I expose these services on the standard HTTP port and all sorts of security and authentication is handled by the application and not the web server.

      I have a requirement to restrict incoming messages to 5 MB. I do not want to handle this functionality in my application but rather have it sorted out on the server side for obvious architectural reasons.

      I have been investigating how this can be done on JBoss 4.2.2 and I was lead to believe that adding the maxPostSize parameter on the HTTP connector would solve my problem but unfortunately it does not seem to work.

      I added this parameter to the relevant file, and then changed the attribute value but constantly used a 5MB as a test case.

      The server did not throw any exceptions and adding this parameter does not seem to work.
      Could you please assist me with getting this working???

      The JBoss documentation gives the following description for the maxPostSize parameter:

      The maximum size in bytes of the POST which will
      be handled by the container FORM URL parameter
      parsing. The limit can be disabled by setting this attribute
      to a value less than or equal to 0. If not specified,
      this attribute is set to 2097152 (2 megabytes).

      I have read this almost a thousand times and the only section that seems to be vague is :

      ...handled by the container FORM URL parameter

      Am I on the right track to finding a solution or is there some other way to restrict large input message.

        • 1. maxPostSize parameter on HTTP connector
          Joe Littlejohn Newbie

          Hi Taher,


          I've looked at the JBossWeb source code and I believe that what you are seeing may be down to content type. The vague section you quoted gives some indication of the problem.


          maxPostSize only appears to apply if the request method is POST and the request content type is "application/x-www-form-urlencoded". Even then, if maxPostSize is exceeded, you simply see a log message and the request is not rejected. When maxPostSize is exceeded in this way, it's only the automatic form parameter parsing that is skipped. Any code that later attempts to read the body of the request can do so (the whole thing) without a problem.


          I'm interested to know whether you found a solution back in April 2009. Having investigated the limitations of the JBossWeb config parameters, we're considering using Apache to apply these low-level HTTP limits.