diff --git a/doc/server_configuration.md b/doc/server_configuration.md new file mode 100644 index 0000000..006575e --- /dev/null +++ b/doc/server_configuration.md @@ -0,0 +1,178 @@ + +### RBCS server configuration file elements and attributes + +#### Root Element: `server` +The root element that contains all server configuration. + +**Attributes:** +- `path` (optional): URI path prefix for cache requests. Example: if set to "cache", requests would be made to "http://www.example.com/cache/KEY" + +#### Child Elements + +#### `` +Configures server socket settings. + +**Attributes:** +- `host` (required): Server bind address +- `port` (required): Server port number +- `incoming-connections-backlog-size` (optional, default: 1024): Maximum queue length for incoming connection indications + +#### `` +Configures connection handling parameters. + +**Attributes:** +- `idle-timeout` (optional, default: PT30S): Connection timeout when no activity +- `read-idle-timeout` (optional, default: PT60S): Connection timeout when no reads +- `write-idle-timeout` (optional, default: PT60S): Connection timeout when no writes +- `max-request-size` (optional, default: 0x4000000): Maximum allowed request body size + +#### `` +Configures event execution settings. + +**Attributes:** +- `use-virtual-threads` (optional, default: true): Whether to use virtual threads for the server handler + +#### `` +Defines cache storage implementation. Two types are available: + +##### InMemory Cache + +A simple storage backend that uses an hash map to store data in memory + +**Attributes:** +- `max-age` (default: P1D): Cache entry lifetime +- `max-size` (default: 0x1000000): Maximum cache size in bytes +- `digest` (default: MD5): Key hashing algorithm +- `enable-compression` (default: true): Enable deflate compression +- `compression-level` (default: -1): Compression level (-1 to 9) +- `chunk-size` (default: 0x10000): Maximum socket write size + +##### FileSystem Cache + +A storage backend that stores data in a folder on the disk + +**Attributes:** +- `path`: Storage directory path +- `max-age` (default: P1D): Cache entry lifetime +- `digest` (default: MD5): Key hashing algorithm +- `enable-compression` (default: true): Enable deflate compression +- `compression-level` (default: -1): Compression level +- `chunk-size` (default: 0x10000): Maximum in-memory cache value size + +#### `` +Configures user and group-based access control. + +##### `` +List of registered users. +- Contains `` elements: + + **Attributes:** + - `name` (required): Username + - `password` (optional): For basic authentication +- Can contain an `anonymous` element to allow for unauthenticated access + +##### `` +List of user groups. +- Contains `` elements: + + **Attributes:** + - `name`: Group name + - Can contain: + - `users`: List of user references + - `roles`: List of roles (READER/WRITER) + - `user-quota`: Per-user quota + - `group-quota`: Group-wide quota + +#### `` +Configures authentication mechanism. Options: +- ``: HTTP basic authentication +- ``: TLS certificate authentication, it uses attributes of the subject's X.500 name + to extract the username and group of the client. + + Example: + ```xml + + + + + ``` +- ``: No authentication + +#### `` +Configures TLS encryption. + +**Child Elements:** +- ``: Server certificate configuration + + **Attributes:** + - `file` (required): Keystore file path + - `password`: Keystore password + - `key-alias` (required): Private key alias + - `key-password`: Private key password +- ``: Client certificate verification + + **Attributes:** + - `file` (required): Truststore file path + - `password`: Truststore password + - `check-certificate-status`: Enable CRL/OCSP checking + - `require-client-certificate` (default: false): Require client certificates + + +---------------------------- + +# Complete configuration example + +```xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` \ No newline at end of file