Restrict the HTTP Payload Size
Restricting the size of HTTP payloads can protect the server against large payload HTTP DDoS attacks. IDM includes a servlet filter that limits the size of an incoming HTTP request payload, and returns a 413 Request Entity Too Large
response when the maximum payload size is exceeded.
By default, the maximum payload size is 5MB. You can configure the maximum size in your project's conf/servletfilter-payload.json
file. That file has the following structure by default:
{ "classPathURLs" : [ ], "systemProperties" : { }, "requestAttributes" : { }, "scriptExtensions" : { }, "initParams" : { "maxRequestSizeInMegabytes" : 5 }, "urlPatterns" : [ "/*" ], "filterClass" : "org.forgerock.openidm.jetty.LargePayloadServletFilter" }
Change the value of the maxRequestSizeInMegabytes
property to set a different maximum HTTP payload size. The remaining properties in this file are described in "Register Additional Servlet Filters".