The default OpenIDM stand-alone distribution includes an embedded Jetty web server. To control the embedded Jetty server, configure it in openidm/conf/jetty.xml Note that all connector configuration is delegated to the jetty.xml, using OSGi and/or PAX web specific settings for connector configuration will not take effect. This allows users to take advantage of all jetty capabilities as it is not configured through an abstraction (which would limit some of the options). To unify the settings used for OpenIDM and Jetty, the Jetty configuration can reference configuration properties from OpenIDM, for example, keystore details from OpenIDM's boot.properties.

OpenIDM exposes a "Param" class that can be used in Jetty.xml to include OpenIDM configuration. This class exposes bean properties for common Jetty settings and generic property access for arbitrary other settings.

To retrieve an explicit bean property, use the following syntax in jetty.xml: <Get class="org.forgerock.openidm.jetty.Param" name="<bean property name>"/> For example, to set a Jetty property for keystore password: <Set name="password"> <Get class="org.forgerock.openidm.jetty.Param" name="keystorePassword"/> </Set> Also see the bundled jetty.xml for further example usage. Available explicit bean Properties: keystoreType : maps to openidm.keystore.type keystoreProvider: maps to openidm.keystore.provider keystoreLocation: maps to openidm.keystore.location keystorePassword: maps to openidm.keystore.password keystoreKeyPassword: maps to openidm.keystore.key.password, or the keystore password if not set truststoreLocation: maps to openidm.truststore.location, or the keystore location if not set truststorePassword: maps to openidm.truststore.password, or the keystore password if not set

<Call class="org.forgerock.openidm.jetty.Param" name="getProperty"> <Arg>org.forgerock.openidm.some.sample.property</Arg> </Call>

Out of the box, OpenIDM comes with a jetty.xml that is configured with An http connector, listening on port 8080 An ssl connector, listening on port 8443 Shares the OpenIDM keystore/truststore settings Includes a trivial sample realm (security/realm.properties) to add users These default settings are intended for development purposes, and need to be adjusted to the production requirements.