Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

To open the HTTP/2 Client agent configuration dialog from a workflow configuration, you can do either one of the following:

  • double-click the agent icon
  • select the agent icon and click the  Edit button


The Agent Configuration consists of the following tabs:

Client Tab

HTTP/2 Client Agent Configuration - Client tab

The Client tab contains the following settings:

SettingDescription
Settings
Use SSL

Select this option to use the SSL.

Security Profile

If you have selected to use SSL, select which Security Profile the agent should use.

Min Connections Per DestinationSpecify the minimum number of connections towards an endpoint (identified by host:port) that the agent will try to maintain. A value of 0 indicates "no minimum". This is not a hard limit as there could be more connections created during the spike in traffic. For more details see Algorithm for Minimum Connections.
Min Connections Per Destination Check Interval (s)Specify how often you wish to check the established connections. A value of 0 indicates "no check will be performed". After each interval, the agent will try to create additional connections to achieve number set in the Min Connections Per Destination parameter. No connections will be shut down if the current number of connections is greater than the number set in Min Connections Per Destination. For more details, see Algorithm for Minimum Connections.
Default connection concurrent streams

The initial value of concurrent streams that the client would like to handle per connection. The default value is 1000.

Note!

This value may be overridden by any value sent by server.

Timeout
Request Timeout (sec)Enter the timeout period in seconds for the request to the HTTP/2 client to wait for a response before timing out.
Queue Settings
Max Requests Queued Per Destination

The size of the message queue in the Jetty server. Default is 20000.

Note!

Use this property to manage the memory usage. It is recommended that the EC or ECD running the workflow have xmx that is at the minimum (message size X queue size), otherwise there is a risk for out of memory errors.

Retry Interval For full Queues (ms)A millisecond value to indicate the time it will take for the request to try again when the queue is full.
Max Retries For Full QueueWhen the Route Error UDR option is checked, this field will be enabled. This field will indicate how many times the request will attempt to retry before routing it to Error UDR.
Route Error UDRif this option is selected, the request will attempt to be received by the agent until it reached the maximum amount of retries. Once the threshold is reached, the request will be stored in an Error UDR and sent as an output from the HTTP/2 client agent. If this option is not selected, the request will attempt the retries for an indefinite amount of time, until the workflow is terminated.
Server Monitor
Use HTTP2 Server MonitorSelect this option to monitor the connection status of all servers that the agent has sent requests to. The monitoring is done by sending regular ping messages to the servers. If the servers are not responding, or there are other communication errors, they will be indicated as Unavailable. A list of the Available and Unavailable servers are available in two MIM values: Available Servers and Unreachable Servers. See the MIM publishes below.
Ping Interval (s)Define the ping message interval for the Server Monitor. The time unit is seconds and 10 seconds is default.

Algorithm for Minimum Connections

In case there is a need to run more than one connection towards an endpoint (identified by host:port) irrespective of current traffic, there is an option to configure that using Min Connections Per Destination and Min Connections Per Destination Check Interval(s) parameters.
At the beginning, the agent will try to establish the number of connections set in Min Connections Per Destination and then later try to keep number of open connections for each endpoint. As some connections can be shut down due to any reason, the agent will try to check its status at regular intervals. These check intervals are configured in Min Connections Per Destination Check Interval(s) parameter.

Note!

The connections are used by the agent in Round Robin manner. The agent will never try to close a valid connection.

OpenAPI/5G Tab

HTTP/2 Client Agent Configuration - OpenAPI/5G tab

The OpenAPI/5G tab contains the following settings:

SettingDescription
Use OpenAPI ProfileSelect this option if you want the agent to use an OpenAPI profile.
OpenAPI ProfileBrowse and select the profile to be used. This field is enabled when the Use OpenAPI Profile option is selected.
Enable Validation

Select this option if you want to validate the OpenAPI profile.

Warning!

Turning this option ON will have a very significant performance impact on the overall performance of the flow. When validation is enabled, each payload will be validated against the Open API schema, an operation that can be very resource-intensive. We recommend to only enable this setting during development and testing and to disable it in a stable production environment.


Note!

Strict validation is applied against the OpenAPI specification due to the upgrade of third party libraries. For Example, if the response contains the body but the schema doesn't expect the response to contain body then it will causing validation failure. Refer to this link for further information https://bitbucket.org/atlassian/swagger-request-validator/issues/246/validator-does-not-check-a-response-body.

Authentication Tab

The Authentication tab contains settings for the following Authentication types:

If None is selected, the authentication is not enabled.

Basic Authentication Type

HTTP/2 Client Agent Configuration - Basic authentication type

SettingDescription
UsernameEnter a username for an account on the remote server. The username must not include colon (:) characters.
Password

Enter the password associated with the username.

OAuth 2.0 Authentication Type

HTTP/2 Client Agent Configuration - OAuth 2.0 authentication type

SettingDescription
Grant Type

Select the grant type:

  • Client Credentials
    The agent fetches the access token from the Access Token URI during initialization, using client id and client secret for basic authentication. The credentials are base64 encoded and sent in the header of the request.
    The response contains an access token, which is then used in subsequent requests.

  • Resource Owner Password Credentials

    The agent fetches the access token from the Access Token URI during initialization, using the following credentials for authentication:

    • Client ID
    • Client Secret
    • Username
    • Password

    The credentials are sent in the body of the request. The response contains an access token, which is then used in subsequent requests. 

Client ID

Enter the unique client identifier issued by the authorization server.

Client Secret

Enter the client secret.

UsernameEnter the resource owner username, this can be the end-user granting access to a protected resource. This field is required when you have selected Resource Owner Password Credentials from the drop-down list Grant Type.
PasswordEnter the password associated with the username. This field is required when you have selected Resource Owner Password Credentials from the drop-down list Grant Type.
Access Token URIEnter the URI where the access token can be obtained.
Token expiration override (sec)

Enter a time in seconds when you would like to refresh the access token prior to the expiration. This allows the application to obtain a new access token without the user's interaction. 

Additional Parameters

Some authentication servers may require additional parameters in the body of the token requests. To add a parameter, click the Add button and then enter the name of the parameter in the Key field and the value of the parameter in the Value field.

Do not use escape characters in the value field, these will be added automatically by the HTTP2 Client agent. For instance, "https://example.com/" will be sent as "https%3A%2F%2example.com%2F".

Nnrf Access Token Authentication Type

HTTP/2 Client Agent Configuration - NNRF Access Token authentication type

SettingDescription
Authorization Server (NRF)Enter the full URL path for the authorization server. If you enter an https URL, you must select the check box Use SSL.
Use SSLIf you want to use encryption, select this check box.
Security ProfileIf you have selected to use SSL, select which Security Profile you want the agent to use.
NF Instance IDEnter the NF instance ID of the server that you want to send requests from.
ScopeEnter a string for the service(s) that you want to use, separated by whitespaces.
Optional Parameters
NF TypeThe NF type available for selection is CHF (charging function). If you select this setting, you must also select Target NF Type. You cannot enter a Target NF Instance ID.
Target NF Instance IDEnter the NF instance ID of the server for which the access token is requested. If you enter a value, you cannot select NF Type or Target NF Type, and you cannot add Target S-NSSAI list or NSI list.
Target NF TypeThe NF type available for selection is CHF (charging function). If you select this setting, you must also select NF Type. You cannot enter a Target NF Instance ID.
PLMN ID
MCCEnter the mobile country code (MCC) for the PLMN (public land mobile network) ID or target PLMN ID. If you enter values for the PLMN ID, you must enter values for the target PLMN ID.
MNCEnter the mobile network code (MNC) for the PLMN (public land mobile network) ID or target PLMN ID. If you enter values for the PLMN ID, you must enter values for the target PLMN ID.
Customize Format

If you want to customize formats for the PLMN ID, Target PLMN ID, Target S-NSSAI list, or Target NSI list, you can enter your format in this field. The default formats are in accordance with RFC 29571-G11. If you enter customized formats, the configuration fields for the relevant section are disabled.


Select this option to enter customized formats for the PLMN ID. The default formats are in accordance with RFC 29571-G11. 

Note!

By selecting this option, the above MCC and MNC fields will be disabled.

Target S-NSSAI List
Target S-NSSAI listEnter target S-NSSAI(s) (Single Network Slice Selection Assistance Information) of the service producer. If you enter a Target NF Instance ID, you cannot use this list.
Customize Format

Select this option to enter customized formats for the Target S-NSSAI list. The default formats are in accordance with RFC 29571-G11. 

Note!

By selecting this option, the above Target S-NSSAI List field will be disabled.

Target NSI List
Target NSI listEnter target NSI(s) (Network Slice Instances). If you have entered a Target NF Instance ID, you cannot use this list.
Customize Format

Select this option to enter customized formats for the Target NSI list. The default formats are in accordance with RFC 29571-G11. 

Note!

By selecting this option, the above Target NSI field will be disabled.

HTTP2 Client Proxy

If HTTP traffic is required to be routed through a proxy please look at Configuring System Properties for Proxy Support in order to configure the proxy.

Proxy for authentication flow

If an agent is configured on the Authentication Tab to use OAuth 2.0 and the access token URI has to be accessed via a proxy, an additional step may be required if the token needs to be obtained via HTTPS protocol.

The HTTP2 Client internally uses the java.net HTTP Client to obtain a token. If a certificate is required to contact the authentication server, the proper certificate has to be put into the default certificates file for the respective JDK distribution used.

Example for OpenJDK 64-Bit Server VM Zulu17.40+19-CA

cd $JAVA_HOME/lib/security
keytool -import -alias mycert -keystore cacerts -file oauth2Host.cert



  • No labels