| abort | Interceptors are usually applied to requests and responses. In case of errors, interceptors can initiate the abort flow to safely shut down Membrane. By nesting interceptors into an Element you can limit their application to abort flows only. | 0..* |
| accessControl | Blocks requests whose origin TCP/IP address (hostname or IP address) is not allowed to access the requested resource. | 0..* |
| accessLog | Writes exchange metrics into a Log4j appender | 0..* |
| accountRegistration | Allows account registration (!Experimental!) | 0..* |
| acmeHttpChallenge | See the documentation of the <acme /> element for usage details. | 0..* |
| adminConsole | Displays up-to-date statistics, recent exchanges and, by default, allows live modification of Membrane's configuration. | 0..* |
| apiKey | Secures APIs by validating keys stored in either files or proxies.xml. Keys can be received from clients via HTTP headers or URL query parameters. Additional permission checks are possible through scope validation - scopes are loaded into an Exchange property and can be checked using the "hasScope()" SpEL function. | 0..* |
| balancer | Performs load-balancing between several nodes. Nodes sharing session state may be bundled into a cluster. | 0..* |
| basicAuthentication | Blocks requests which do not have the correct RFC 1945 basic authentication credentials (HTTP header "Authentication: Basic ...."). | 0..* |
| beautifier | Beautifies request and response bodies. Supported are the Formats: JSON, XML | 0..* |
| cache | Don't use, this does NOT implement valid HTTP caching. | 0..* |
| clamav | Delegates virus checks to an external Virus Scanner. | 0..* |
| clusterNotification | Receives control messages to dynamically modify the configuration of a {@link LoadBalancingInterceptor}. | 0..* |
| dispatching | This interceptor adds the destination specified in the target element to the list of destinations of the exchange object. It must be placed into the transport to make Service Proxies Work properly. It has to be placed after the ruleMatching interceptor. The ruleMatching interceptor looks up a service proxy for an incoming request and places it into the exchange object. The dispatching interceptor needs the service proxy to get information about the target. | 0..* |
| exchangeStore | Adds the current state of HTTP requests and responses to an "exchange store". | 0..* |
| formValidation | Using the formValidation interceptor you can validate the input of HTML forms. | 0..* |
| graphQLProtection | Check GraphQL-over-HTTP requests, enforcing several limits and/or restrictions. This effectively helps to reduce the attack surface. | 0..* |
| groovy | Executes a Groovy script. The script can access and manipulate data from the request and response. Use this or the Javascript plugin to extend the functions of Membrane by scripting. See: example/groovy for working samples | 0..* |
| groovyTemplate | Uses the groovy template markup engine to produce HTML-based responses. <groovyTemplate><![CDATA[ html { head { title('Resource') } body { p('Hello from Membrane!') } } ]]></groovyTemplate> | 0..* |
| headerFilter | Removes message headers matching a list of patterns. The first matching child element will be acted upon by the filter. | 0..* |
| httpClient | The httpClient sends the request of an exchange to a Web Server using the HTTP protocol. Usually it will be globally used inside the transport. However, it is also possible to use it inside a proxy to give the proxy an individual configuration for its outgoing HTTP connection that is different from the global configuration in the transport. | 0..* |
| if | The "if" interceptor supports conditional execution of a group of executors. | 0..* |
| index | The index feature lists available proxys at a simple Web page. To use this feature just add a serviceProxy containing the index element. Of course you can protect the service proxy by using SSL or Username and Password. | 0..* |
| javascript | Executes a Javascript. The script can access and manipulate data from the request and response. Use this or the Groovy plugin to extend the functions of Membrane by scripting. See the samples in examples/javascript. | 0..* |
| json2Xml | If enabled converts body content from json to xml. | 0..* |
| jsonPointerExtractor | Based on JSON pointer. The interceptor takes values from JSON request body and puts them into Exchange object as properties. If the pointer is not found, an exception will be thrown (resulting in {@link Outcome#ABORT}). | 0..* |
| kubernetesValidation | Kubernetes Integration is still experimental. | 0..* |
| limit | Limits the maximum length of a HTTP message body. | 0..* |
| log | The log feature logs request and response messages to the log4j framework. The messages will appear either on the console or in a log file depending on the configuration of the conf/log4j2.xml file. | 0..* |
| login | The login interceptor can be used to restrict and secure end user access to an arbitrary web application. | 0..* |
| oauth2Resource | Allows only authorized HTTP requests to pass through. Unauthorized requests get a redirect to the authorization server as response. | 0..* |
| oauth2Resource2 | Allows only authorized HTTP requests to pass through. Unauthorized requests get a redirect to the authorization server as response. | 0..* |
| rateLimiter | The rateLimiter plugin limits the number of requests of a client in a period of time. As a default the client requests are grouped by client-Ip address and then counted. There are lots of possibilities to group the requests using the keyExpression. The requests can even be counted from different clients together. | 0..* |
| regExReplacer | Runs a regular-expression-replacement on either the message body (default) or all header values. | 0..* |
| request | Interceptors are usually applied to requests and responses. By nesting interceptors into a Element you can limit their application to requests only. | 0..* |
| response | Interceptors are usually applied to requests and responses. By nesting interceptors into a Element you can limit their application to responses only. | 0..* |
| rest2Soap | Converts REST requests into SOAP messages. | 0..* |
| return | Terminates the exchange flow. The returned response is determined in the following order: | 0..* |
| reverseProxying | Rewrites the scheme, hostname and port in the "Location" header in HTTP responses, as well as in the "Destination" header in HTTP requests. The rewriting reflects the different schemes, hostnames and ports used to access Membrane vs. the target HTTP server. | 0..* |
| rewriter | Rewrites or redirects the path of incoming requests based on a mapping. | 0..* |
| shutdown | Shutdown interceptor. | 0..* |
| soap2Rest | Converts SOAP messages into REST requests. | 0..* |
| soapStackTraceFilter | The soapStackTraceFilter removes SOAP stack traces from message bodies. | 0..* |
| spdy | Allow HTTP protocol upgrades to the SPDY protocol. After the upgrade, the connection's data packets are simply forwarded and not inspected. | 0..* |
| ssl | Configures inbound or outbound SSL connections. | 0..1 |
| statisticsCSV | Writes statistics (time, status code, hostname, URI, etc.) about exchanges passing through into a CSV file (one line per exchange). | 0..* |
| statisticsJDBC | Writes statistics (time, status code, hostname, URI, etc.) about exchanges passing through into a database (one row per exchange). | 0..* |
| swaggerRewriter | Allow Swagger proxying | 0..* |
| switch | Changes an exchange's target based on a series of XPath expressions. | 0..* |
| tcp | Allow HTTP protocol upgrades to the TCP protocol. After the upgrade, the connection's data packets are simply forwarded and not inspected. | 0..* |
| template | Renders the body content of a message from a template. The template can produce plain text, Json or XML. Variables in the template are substituted with values from the body, header, query parameters, etc. If the extension of a referenced template file is .xml it will use XMLTemplateEngine otherwise StreamingTemplateEngine. Have a look at the samples in examples/template. | 0..* |
| throttle | The throttle feature can slow down traffic to thwart denial of service attacks. | 0..* |
| transform | The transform feature applies an XSLT transformation to the content in the body of a message. After the transformation the body content is replaced with the result of the transformation. | 0..* |
| urlNormalizer | Replaces "/./" in the request URI's path by "/". | 0..* |
| webServer | Serves static files based on the request's path. | 0..* |
| webSocket | Allow HTTP protocol upgrades to the WebSocket protocol. After the upgrade, the connection's data packets are simply forwarded and not inspected. | 0..* |
| wsdlPublisher | The wsdlPublisher can be used to serve WSDL files (and attached XML Schema Documents), if your backend service does not already do so. | 0..* |
| wsdlRewriter | The wsdlRewriter rewrites endpoint addresses of services and XML Schema locations in WSDL documents. | 0..* |
| xml2Json | If enabled converts body content from xml to json. | 0..* |
| xmlContentFilter | The xmlContentFilter removes certain XML elements from message bodies. The elements are described using an XPath expression. | 0..* |
| xmlProtection | Prohibits XML documents to be passed through that look like XML attacks on older parsers. Too many attributes, too long element names are such indications. DTD definitions will simply be removed. | 0..* |
| xpathExtractor | Based on xpath it takes values from xml in request and puts them in exchange as properties | 0..* |