Sun ONE Web Server 6.1 Administrator`s Configuration File Reference
Contents
1. 74 Sun ONE Web Server 6 1 Administrator s Configuration File Reference e August 2003 Sample server xml File lt RESOURCES gt lt RESOURCES gt lt JAVA gt lt LOG file home nb136819 space servers slws61 https admserv logs errors loglevel info gt lt SERVER gt Chapter 2 Server Configuration Elements in server xml 75 Sample server xml File 76 Sun ONE Web Server 6 1 Administrator s Configuration File Reference e August 2003 Chapter 3 Syntax and Use of magnus conf When the Sun ONE Web Server starts up it looks in a file called magnus conf in the server id config directory to establish a set of global variable settings that affect the server s behavior and configuration Sun ONE Web Server executes all the directives defined in magnus conf The order of the directives is not important NOTE the changes to take effect When you edit the magnus conf file you must restart the server for This chapter lists the global settings that can be specified in magnus conf in Sun ONE Web Server 6 1 The categories are Init Functions Server Information Language Issues DNS Lookup Threads Processes and Connections Native Thread Pools CGI Error Logging and Statistic Collection ACL Chapter 3 Syntax and Use of magnus conf 77 Init Functions Security Chunked Encoding Miscellaneous For an alphabetical list of directives see Appendix2. The default MIME types file is called mime types ning the MIME Type During the Ob ject Type step in the request handling process the server determines the MIME type attributes of the resource requested by the client Several different server application functions SAFs can be used to determine the MIME type but the most commonly used one is type by extension This function tells the server to look up the MIME type according to the requested resource s file extension in the MIME types table The directive in obj conf that tells the server to look up the MIME type according to the extension is ObjectType fn type by extension If the server uses a different SAF such as force type to determine the type then the MIME types table is not used for that particular request For more details of the ObjectType step see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide How the Type Affects the Response The server considers the value of the type attribute when deciding which service directive in obj conf to use to generate the response to the client By default if the type does not start with magnus internal the server just sends the requested file to the client The directive in obj conf that contains this instruction is Service method GET HEAD POST type magnus internal fn send file By convention all values of type that require the server to do something other than just send the requested res
3. e error j2ee handles errors that occur during execution of Java 2 Platform Enterprise Edition J2EE platform applications and modules deployed to the Sun ONE Web Server e send error sends an HTML file to the client in place of a specific HTTP response status e remove filter removes a filter from the filter stack e qos error returns an error page stating which quality of service limits caused the error and what the value of the QOS statistic was e query handler runs a CGI program instead of referencing the path requested error j2ee Applicable in Error class directives The error j2ee function handles errors that occur during execution of web applications deployed to the Sun ONE Web Server individually or as part of full J2EE applications file name Parameters The following table describes parameters for the error j2ee function Table 4 71 error j2ee Parameters Parameter Description bucket Optional Common to all obj conf functions 206 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Error See Also ntrans j2ee service 32 send error Applicable in Error class directives The send error function sends an HTML file to the client in place of a specific HTTP response status This allows the server to present a friendly message describing the problem The HTML page may contain images and links to the server s home page or other pages Parameters The following table d
4. 108 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Summary of Init Functions and Directives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description Default Language en English en Specifies the default language for fr French the server The default language is de German used for both the client responses ja Japanese and administration DNS on of f on Specifies whether the server performs DNS lookups on clients that access the server ErrorLog A path none Specifies the directory where the server logs its errors ErrorLogDateFormat See the a b Y H The date format for the error log manual page SM S for the C library function strftime ExtraPath A path none Appends the specified directory name to the PATH environment variable This is used for configuring Java on Windows NT There is no default value you must specify a value HeaderBufferSiz Any number 8192 8 KB The size in bytes of the buffer used of bytes by each of the request processing threads for reading the request data from the client The maximum number of request processing threads is controlled by the RgThrott le setting HTTPVersion m n mis the Leg The current HTTP version used by major version number and n the minor version number Chapter 3 the server Syntax and Use of magnus conf 109 Summary of Init Functions and Direc
5. 120 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 AuthTrans e The all requests bucket records perf statistics for all NSAPI SAFs including those in the default bucket You can define additional performance buckets in the magnus conf file see the perf init and define perf bucket functions You can measure the performance of any SAF in obj conf by adding a bucket bucket name parameter to the function for example bucket cache bucket To list the performance statistics use the service dump Service function As an alternative you can use the stats xml Service function to generate y 8 performance statistics use of buckets is optional For more information about performance buckets see the Sun ONE Web Server 6 1 Performance Tuning Sizing and Scaling Guide AuthTrans AuthTrans stands for Authorization Translation AuthTrans directives give the server instructions for checking authorization before allowing a client to access resources AuthTrans directives work in conjunction with PathCheck directives Generally an AuthTrans function checks if the user name and password associated with the request are acceptable but it does not allow or deny access to the request that is left to a PathCheck function The server handles the authorization of client users in two steps e AuthTrans validates authorization information sent by the client in the Authorization header e PathCheck checks that the
6. Which properties an AUTHREALM element uses depends on the value of the AUTHREALM element s name attribute The file realm uses file and jaas context properties Other realms use different properties Subelements The following table describes subelements for the AUTHREALM element 54 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Resource Elements AUTHREALM subelements Element Required Description PROPERTY zero or more Specifies a property or a variable Attributes The following table describes attributes for the AUTHREALM element AUTHREALM attributes Attribute Default Description name none Specifies the name of this realm classname none Specifies the Java class that implements this realm Properties The standard realms provided have both required and optional properties A custom realm may have different properties For details about the properties and configuration characteristics of the AUTHREALM realms refer to the chapter Securing Web Applications in the Sun ONE Web Server 6 1 Programmer s Guide to Web Applications Resource Elements Resource elements are as follows RESOURCES CUSTOMRESOURCE EXTERNALJNDIRESOURCE JDBCRESOURCE JDBCCONNECTIONPOOL CONNECTIONPROPERTY MAILRESOURCE Chapter 2 Server Configuration Elements in server xml 55 Resource Elements RESOURCES Contains configured resources such as database connectio
7. Element Required Description PROPERTY zero or more Specifies a property or a variable JVMOPTIONS zero or more Contains JVM command line options PROFILER zero or one Configures a profiler for use with the server SECURITY zero or one Defines parameters and configuration information needed by the security service RESOURCES zero or one Specifies configured resources Attributes The following table describes attributes for the JAVA element JAVA attributes Attribute Default javahome lt install root gt bin https j dk For SVR 4 package based installation for Solaris usr java Description The path to the directory where the JDK is installed Chapter 2 Server Configuration Elements in server xml 49 Java Configuration Elements JAVA attributes Attribute debug debugoptions classpathprefix serverclasspath classpathsuffix nativelibrarypathp refix nativelibrarypaths uffix Default false Xdebug Xrunjdwp tra nsport dt_soc ket server y SUSp end n none none none none none Description optional If t rue the server starts up in debug mode ready for attachment with a JPDA based Java Platform Debugger Architecture based debugger Legal values are on off yes no true false 1 0 optional Specifies JPDA options A list of debugging options that you can include is available at http java sun com products jp da doc conninv html Invocation o
8. Purpose Configures how a certificate designated by name is mapped to an LDAP entry designated by issuerDN Chapter 6 Other Server Configuration Files 217 certmap conf Location server_root bin https install misc server_root userdb Syntax certmap name issuerDN name property1 valuel name property2 value2 The default certificate is named default and the default issuerDN is also named default Therefore the first certmap defined in the file must be as follows certmap default default You can use at the beginning of a line to indicate a comment See Also Sun ONE Web Server 6 1 Administrator s Guide The following table describes properties in the certmap conf file The left column lists the property names The second column from the left lists allowed values The third column from the left lists default values The right column lists property descriptions certmap conf properties Attribute Allowed Default Description Values Value DNComps See Commente Used to form the base DN for performing Description d out an LDAP search while mapping the certificate to a user entry Values are as follows e Commented out takes the user s DN from the certificate as is e Empty searches the entire LDAP tree DN suffix e Comma separated attributes forms the DN 218 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 certmap conf properties dbswitch conf A
9. bindpw property 220 BlockingListenSockets directive 230 bong file parameter 142 155 bucket parameter 120 buffer size parameter 103 bufferSize property 233 built in SAFs 117 C CacheFileContent parameter 224 cache size parameter 102 certificates settings in magnus conf 93 CGI settings in magnus conf 89 CGIExpirationTimeout magnus conf directive 89 CGIExpirationTimeout directive 108 CGIStubIdleTimeout magnus conf directive 90 CGIStubIdleTimeout directive 108 cgistub path parameter 104 CGIWaitPid magnus conf directive 90 CGIWaitPid directive 108 230 charset parameter 158 159 160 check acl function 139 checkFileExistence parameter 144 ChildRestartCallback magnus conf directive 97 ChildRestartCallback directive 108 chroot parameter 186 chunked encoding 96 ChunkedRequestBufferSize magnus conf directive 96 obj conf Service parameter 167 ChunkedRequestBufferSize directive 108 ChunkedRequestTimeout 256 Sun ONE lt Product Name gt Administrator s Guide April 2001 magnus conf directive 97 obj conf Service parameter 167 ChunkedRequestTimeout directive 108 cindex init function 101 Ciphers directive 230 ClassCache directory 18 19 ClassCache file 20 classpath property 234 235 clientauth 34 ClientLanguage magnus conf directive 99 ClientLanguage directive 108 230 238 CmapLdapAttr property 219 code parameter 207 208 209 code property 235 common log function 202 conf_bk directory 18 19 conf_bk file 20 conf
10. e append trailer appends text to the end of an HTML file e imagemap handles server side image maps e index common generates a fancy list of the files and directories in a requested directory e index simple generates a simple list of files and directories in a requested directory e key toosmall indicates to the client that the provided certificate key size is too small to accept e list dir lists the contents of a directory e make dir creates a directory e query handler handles the HTML ISINDEX tag e remove dir deletes an empty directory e remove file deletes a file e remove filter removes a refilter from the filter stack e rename file renames a file 168 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service e send cgi sets up environment variables launches a CGI program and sends the response to the client e send error sends an HTML file to the client in place of a specific HTTP response status e send file sends a local file to the client e send range sends a range of bytes of a file to the client e send shellcgi sets up environment variables launches a shell CGI program and sends the response to the client e send wincgi sets up environment variables launches a WinCGI program and sends the response to the client e service dav services static content and restarts the request with the sourceuri for dynamic content e service dump creates a performance report based on col
11. magnus conf Init functions Summary of Init Functions and Directives in magnus conf Function Parameter Allowed Default Value Values Description init uhome pwfile load modules shlib funcs A comma separated list with no spaces NativeThread yes no yes pool nt console init stderr console Chapter Loads user home directory information optional specifies the full file system path to a file other than etc passwd Ifnot provided the default UNIX path etc passwd is used Loads shared libraries into the server Specifies either the full path to the shared library or dynamic link library or a file name relative to the server configuration directory A list of the names of the functions in the shared library or dynamic link library to be made available for use by other Init or Service directives The dash character may be used in place of the underscore _ character in function names optional specifies which threading model to use no causes the routines in the library to use user level threading yes enables kernel level threading The name of a custom thread pool as specified in thread pool init Enables the NT console which is the command line shell that displays standard output and error streams Directs error messages to the NT console 3 Syntax and Use of magnus conf 105 Summary of Init Functions and Directives in magnus conf magnus conf Init functions Func
12. query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example method MKDIR Service fn make dir 180 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service query handler Applicable in Service and Error class directives NOTE This function is provided for backward compatibility only and is used mainly to support the obsolete ISINDEX tag If possible use an HTML form instead The query handler function runs a CGI program instead of referencing the path requested Parameters The following table describes parameters for the query handler function Table 4 50 query handler parameters Parameter Description path Full path and file name of the CGI program to run type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class function
13. Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all ob j conf functions Examples Service type text html method GI file footers footerl html fn add footer E Service type text html method GET fn add footer file D Sun WebServer61 serverl footers footerl html NSIntAbsFilePath yes 170 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service See Also append trailer add header add header Applicable in service class directives This function prepends a header to an HTML file that is sent to the client The header is specified either as a file name or a URI thus the header can be dynamically generated Parameters The following table describes parameters for the add header function Table 4 41 add header parameters Parameter Description file Optional Path name to the file containing the header Specify either file or uri By default the path name is relative If the path name is absolute pass the NSIntAbsFilePath parameter as yes uri Optional URI pointing to the resource containing the header Specify either file or uri NSI
14. Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions S flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Examples lt Object name default gt NameTrans fn ntrans j2ee name j2ee lt Object gt lt Object name j2ee gt Service fn service j2ee lt Object gt See Also ntrans j2ee error 32 service trace Applicable in service class directives The service trace function services TRACE requests TRACE requests are typically used to diagnose problems with web proxy servers located between a web client and web server Chapter 4 Predefined SAFs in obj conf 197 Service 198 Parameters The following table describes parameters for the service_trace function Table 4 64 service trace parameters Parameter type method UseOutputStreamSiz e flushTimer ChunkedRequestBuff erSize ChunkedRequest Time out query bucket Example Description Optional Common to all Service class functions Optional Common to all Service class functions Optional Common to all Service class fun
15. StackSize magnus conf directive 86 StackSize directive 113 stackSize parameter 107 start file 21 startconsole file 20 startsvr bat 18 19 startup property 235 statistic collection settings in magnus conf 91 stats init function 106 stderr parameter 105 stdout parameter 106 stop file 21 stopsvr bat 18 19 StrictHttp Headers magnus conf directive 86 StrictHttpHeaders directive 113 strip params function 136 subdir parameter 137 Sun ONE LDAP Schema 68 sun web server_6_1 dtd 23 symbolic links finding 143 syntax 221 mime types file 213 T TempDir magnus conf directive 79 TempDir directive 114 TempDir parameter 225 tempDir property 233 TempDirSecurity magnus conf directive 79 TempDirSecurity directive 114 TERM signal 92 TerminateTimeout magnus conf directive 87 TerminateTimeout directive 114 thread pools settings in magnus conf 88 ThreadIncrement Index 263 magnus conf directive 87 ThreadIncrement directive 114 thread pool init function 106 threads settings in magnus conf 81 tildeok parameter 150 timefmt parameter 172 timeout parameter 104 timezone parameter 101 tls 33 tlsrollback 34 trailer parameter 172 TransmitFiles parameter 224 type 35 type parameter 157 160 166 212 type by exp function 160 type by extension 212 type by extension function 161 U Umask magnus conf directive 98 Umask directive 114 Unix user account specifying 79 unix home function 137 unix uri clean function 155 update in
16. jndilookupname none Specifies the JNDI lookup name for the resource restype none Specifies the fully qualified type of the resource factoryclass none Specifies the fully qualified name of the factory class which implements javax naming spi InitialContext Factory enabled true optional Determines whether this resource is enabled at runtime Legal values are on off yes no 1 0 true false JDBCRESOURCE Defines a JDBC javax sql DataSource resource Subelements The following table describes subelements for the JDBCRESOURCE element JDBCRESOURCE subelements Element DESCRIPTION PROPERTY zero or more Description Contains a text description of this element Specifies a property or a variable Attributes The following table describes attributes for the JDBCRESOURCE element 58 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 JDBCRESOURCE attributes Resource Elements Attribute Default Description jndiname none Specifies the JNDI name for the resource poolname none Specifies the name of the associated JDBC connection pool defined in a JDBCCONNECTIONPOOL element enabled true optional Determines whether this resource is enabled at runtime Legal values are on off yes no 1 0 true false JDBCCONNECTIONPOOL Defines the properties that are required for creating a JDB
17. ntcgicheck Applicable in PathCheck class directives Windows Only The nt cgicheck function specifies the file name extension to be added to any file name that does not have an extension or to be substituted for any file name that has the extension cgi Parameters The following table describes parameters for the ntcgicheck function Table 4 24 ntcgicheck parameters Parameter Description extension The replacement file extension bucket Optional Common to all ob j conf functions Example PathCheck fn ntcgicheck extension pl See Also send cgi send wincgi send shellcgi pcheck dav Applicable in pathcheck class directives The pcheck dav function inserts a DAV specific service function as the first service function if the Translate f header is present DAV is enabled for the request uri and a corresponding source uri for the request uri exists During the Service stage this inserted service function restarts the request if necessary otherwise REQ_NOACTION is returned Parameters The following table describes parameters for the pcheck dav function Chapter 4 Predefined SAFs in obj conf 151 PathCheck Table 4 25 pcheck dav parameters Parameter Description bucket Optional Common to all ob j conf functions See Also ntrans dav service dav require auth Applicable in pathcheck class directives The require auth function allows access to resources only if the user or group
18. restart is the script that restarts the Server Manager Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Dynamic Reconfiguration o start is the script that starts the Server Manager The Server Manager lets you configure all servers installed in the server root directory o stop is the script that stops the Server Manager Dynamic Reconfiguration Dynamic reconfiguration allows you to make configuration changes to a live web server without having to stop and restart the web server for the changes to take effect You can dynamically change all configuration settings and attributes in server xml and its associated files without restarting the server To access the dynamic reconfiguration screen and install a new configuration dynamically click the Apply link found in the upper right corner of the Server Manager Class Manager and Virtual Server Manager pages then click the Load Configuration Files button on the Apply Changes page If there are errors in installing the new configuration the previous configuration is restored Chapter 1 Basics of Server Operation 21 Dynamic Reconfiguration 22 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Chapter 2 Server Configuration Elements in server xml The server xml file contains most of the server configuration The encoding is UTF 8 to maintain compatibility with regular UNIX text editors The server xml file
19. see the Servlet 2 3 API specification at http java sun com products servlet index html Table A 4 lists the equivalent functions in the servlets properties and sun web xml files Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 servlets properties Table A 4 servlets properties to sun web xml correspondences for individual servlet serviets properties sun web xml Element or Comments Property Attribute code none Specified ina servlet class element in the web xml file context none Obsolete because servlets are hosted within a web application which is deployed at the URI specified as the value of the uri attribute of the WEBAPP elementin server xml classpath none The Servlet 2 3 specification specifies that servlet classes be packaged in the WEB INF classes directory or in jar archives in the WEB INF lib directory initArgs none Use the init param element of the lt servlet gt tag in web xml to specify servlet specific initialization parameters startup none Specified in a load on startup element in the web xml file Appendix A Configuration Changes Between Planet Web Server 4 1 and Sun ONE Web Server 6 1 235 servlets properties 236 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 magn 6 0 Function Appendix B Configuration Changes Between iPlanet Web Server 6 0 and Sun ONE Web Server 6 1 This chapter summarizes majo
20. servername plaza india sun com defaultvs useradmin gt lt MIME id mime1 file mime types gt lt ACLFILE id acl1 file home nb136819 space servers slws61 httpacl generated https a dmserv acl gt lt VSCLASS id vsclass admin objectfile obj con f gt lt VS id vs admin connections 1s1 mime mimel aclids acl1 urlhosts plaza india sun com gt lt PROPERTY name docroot value home nb136819 space servers siws61 docs gt lt USERDB id default gt lt WEBAPP uri admin app path home nb136819 space servers slws61 bin https webapps admin a pp gt lt VS gt lt VSCLASS gt lt VSCLASS id userclass objectfile userclass obj conf gt lt VS id useradmin connections 1s2 mime mimel aclids acll urlhosts plaza india sun com gt lt PROPERTY name docroot value home nb136819 space servers siws61 docs gt lt USERDB id default gt lt WEBAPP uri user app path home nb136819 space servers slws61 bin https webapps user ap p gt Chapter 2 Server Configuration Elements in server xml 73 Sample server xml File lt VS gt lt VSCLASS gt lt JAVA javahome home nb136819 space servers slws61 bin https jdk serverclasspath home nb136819 space servers slws61 bin https jar webserv rt jar java home lib tools jar home nb136819 space serv ers slws61 bin https jar webserv ext jar home nb136819 space serve rs slws61 bin https ja
21. 2003 Sun Microsystems Inc Tous droits r serv s Sun Sun Microsystems le logo Sun Java Solaris Sun ONE et iPlanet sont des marques de fabrique ou des marques d pos es de Sun Microsystems Inc aux Etats Unis et d autre pays UNIX est une marque enregistree aux Etats Unis et dans d autres pays et licenci e exclusivement par X Open Company Ltd Netscape est une marque de Netscape Communications Corporation aux Etats Unis et dans d autres pays Le produit d crit dans ce document est distribu selon des conditions de licence qui en restreignent l utilisation la copie la distribution et la d compilation Aucune partie de ce produit ni de ce document ne peut tre reproduite sous quelque forme ou par quelque moyen que ce soit sans l autorisation crite pr alable de Sun Microsystems Inc et le cas ch ant de ses bailleurs de licence CETTE DOCUMENTATION EST FOURNIE EN L TAT ET TOUTES CONDITIONS EXPRESSES OU IMPLICITES TOUTES REPRESENTATIONS ET TOUTES GARANTIES Y COMPRIS TOUTE GARANTIE IMPLICITE D APTITUDE A LA VENTE OU A UN BUT PARTICULIER OU DE NON CONTREFACON SONT EXCLUES EXCEPTE DANS LA MESURE OU DE TELLES EXCLUSIONS SERAIENT CONTRAIRES A LA LOL Contents About ThS Guilde ciccia ia e iii ina 9 Who Should Use This GUIAS A A n 9 Using the Decumentationi 2642 ov rea ri 10 How This Guide ls Organized 2 302cacec esa desc eee te ea 12 Documentation Conventions A a 13 Product SUpport re LOR AR Lie e 14 Chapte
22. D Alphabetical List of Server Configuration Elements For a list of magnus conf directives deprecated in Sun ONE Web Server 6 1 see Deprecated Directives NOTE Much of the functionality of the file cache is controlled by a configuration file called nsfc conf For information about nsfc conf see nsfc conf on page 223 Init Functions The Init functions load and initialize server modules and plugins and initialize log files For more information about these functions see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Server Information This sub section lists the directives in magnus conf that specify information about the server They are ExtraPath TempDir TempDirSecurity User ExtraPath Appends the specified directory name to the PATH environment variable This is used for configuring Java on Windows There is no default value you must specify a value 78 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Server Information Syntax ExtraPath path TempDir Specifies the directory on the local volume that the server uses for its temporary files On UNIX this directory must be owned by and writable by the user the server runs as See also the directives User and TempDirSecurity Syntax TempDir path Default tmp UNIX H EMP environment variable for Windows TempDirSecurity Determines whether the server checks if the TempDir d
23. Purpose Configures features specific to the Sun ONE Web Server for deployed web applications Location The META INF Or WEB INF directory of a module or application See Also The following table shows where to find more information about Sun ONE Web Server deployment descriptors The left column lists the deployment descriptors and the right column lists where to find more information about those descriptors Sun ONE Web Server deployment descriptors Deployment Descriptor Where to Find More Information sun web xml Sun ONE Web Server 6 1 Programmer s Guide to Web Applications generated instance acl Purpose Sets permissions for access to the server instance This is the default ACL file you can create and use others 222 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 login conf Location server_root config See Also Sun ONE Web Server 6 1 Administrator s Guide login conf Purpose The login module definition configuration file used by the Java Authentication and Authorization Service JA AS for client authentication Location server_root config nsfc conf Purpose Sets file cache parameters This file is present only if file cache parameters have been changed from their defaults Location server_root https admserv config Syntax parameter value See Also Sun ONE Web Server 6 1 Performance Tuning Sizing and Scaling Guide The following table describe
24. Server 6 1 NSAPI Programmer s Guide August 2003 Service The rename file function renames a file when the client sends a request with a New URL header whose method is MOVE It renames the file indicated by the URL to New URL within the same directory if the user is authorized and the server has the needed file system privileges When remote file manipulation is enabled in the server the obj conf file contains a Service class function that invokes rename file when the request method is MOVE Parameters The following table describes parameters for the rename file function Table 4 54 rename file parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service fn rename file method MOVE send cgi Applicable in Service class directives The send cgi function sets up the CGI environment variables runs a file as a CGI program in a new process and sends the results to the client Chapter 4 Predefined SAF
25. The following table describes parameters for the gos error function Table 4 73 qos error parameters Parameter Description code Optional Three digit number representing the HTTP response status code such as 401 or 407 The recommended value is 503 This can be any HTTP response status code or reason phrase according to the HTTP specification The following is a list of common HTTP response status codes and reason strings e 01 Unauthorized e 403 Forbidden e 404 Not Found e 500 Server Error bucket Optional Common to all ob j conf functions 208 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Error Example Error fn qos error code 503 See Also qos handler query handler Applicable in service and Error class directives NOTE This function is provided for backward compatibility only and is used mainly to support the obsolete ISINDEX tag If possible use an HTML form instead The query handler function runs a CGI program instead of referencing the path requested Parameters The following table describes parameters for the query handler function Table 4 74 query handler parameters Parameter Description path Full path and file name of the CGI program to run reason Optional Text of one of the reason strings such as Unauthorized or Forbidden The string is not case sensitive Chapter 4 Predefined SAFs in obj conf 209 Er
26. There is a log analyzer in the extras log_anly directory for Sun ONE Web Server The common log must have been initialized previously by the init c1f function For information about rotating logs see flex rotate init in the Sun ONE Web Server 6 1 NSAPI Programmer s Guide There are also a number of free statistics generators for the common log format Parameters The following table describes parameters for the common log function Table 4 68 common log parameters Parameter Description name Optional Gives the name of a log file which must have been given as a parameter to the init c1f function in magnus conf If no name is given the entry is recorded in the global log file iponly Optional Instructs the server to log the IP address of the remote client rather than looking up and logging the DNS name This will improve performance if DNS is off in the magnus conf file The value of iponly has no significance as long as it exists you may use iponly 1 bucket Optional Common to all obj conf functions Examples Log all accesses to the global log file AddLog fn common log Log accesses from outside our subnet 198 93 5 to nonlocallog lt Client ip 198 93 5 gt AddLog fn common log name nonlocallog lt Client gt See Also record useragent flex log Chapter 4 Predefined SAFs in obj conf 203 AddLog flex log Applicable in AddLog class directives The flex log func
27. USERDB subelements Element Description DESCRIPTION Contains a text description of this element Attributes The following table describes attributes for the USERDB element Chapter 2 Server Configuration Elements in server xml 41 WebDAV Elements USERDB attributes Attribute Default Description id database basedn certmaps none none none none WebDAV Elements The WebDAV elements are as follows DAV DAVCOLLECTION The user database name in the virtual server s ACL file A user database name cannot begin with a number The user database name in the dbswitch conf file optional Overrides the base DN lookup in the dbswitch conf file However the basedn value is still relative to the base DN value from the dbswitch conf entry optional Specifies which certificate mapped to LDAP entry mappings defined in certmap conf to use If not present all mappings are used All lookups based on mappings in certmap conf are relative to the final base DN of the VS Defines the WebDAV Web based Distributed Authoring and Versioning configuration for the vs element Subelements The following table describes subelements for the DAV element 42 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 WebDAV Elements DAV subelements Element Required Description PROPERTY zero or more Specifies a property or a variable
28. are OS level threads Using native pools on UNIX may introduce a small performance overhead as they ll require an additional context switch however they can be used to localize the jvm stickyAttach effect or for other purposes such as resource control and management or to emulate single threaded behavior for plug ins On Windows the default native pool is always being used and Sun ONE Web Server uses fibers user scheduled threads for initial request processing Using custom additional pools on Windows introduces no additional overhead The directives are e NativePoolStackSize e NativePoolMaxThreads e NativePoolMinThreads e NativePoolQueueSize NativePoolStackSize Determines the stack size of each thread in the native kernel thread pool Default 0 NativePoolMaxThreads Determines the maximum number of threads in the native kernel thread pool Default NativePoolMinThreads Determines the minimum number of threads in the native kernel thread pool 88 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 CGI CGI Default 1 NativePoolQueueSize Determines the number of threads that can wait in the queue for the thread pool If all threads in the pool are busy then the next request handling thread that needs to use a thread in the native pool must wait in the queue If the queue is full the next request handling thread that tries to get in the queue is rejected with the resu
29. connections to terminate before it shuts down The number of additional or new request processing threads created to handle an increase in the load on the server UNIX only Specifies the umask value used by the NSAPI functions System_fopenWA and System_fopenRW to open files in different modes Uses a platform specific poll interface when set to 1 on Uses the NSPR poll interface in the KeepAlive subsystem when set to 0 off Determines the default output stream buffer size for the net_read and netbuf_grab NSAPI functions 114 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Table 3 1 magnus conf directives Summary of Init Functions and Directives in magnus conf Default Value Description Directive Allowed Values User A login name 8 characters or less WincgiTimeout Any number of seconds none 60 Windows NT specifies the user account the server runs with allowing you to restrict or enable system features for the server UNIX if the server is started by the superuser or root user the server binds to the Port you specify and then switches its user ID to the user account specified with the User directive This directive is ignored if the server isn t started as root WinCGI processes that take longer than this value are terminated when this timeout expires Chapter 3 Syntax and Use of magnus conf 115 Summary of Init Functions and Directi
30. describes parameters for the index common function Table 4 45 index common parameters Parameter header Description Optional Path relative to the directory being indexed and name of a file HTML or plain text that is included at the beginning of the directory listing to introduce the contents of the directory The file is first tried with html added to the end If found itis incorporated near the top of the directory list as HTML If the file is not found it is tried without the html and incorporated as preformatted plain text bracketed by lt PRE gt and Chapter 4 Predefined SAFs in obj conf 175 Service Table 4 45 index common parameters Parameter Description readme Optional Path relative to the directory being indexed and name of a file HTML or plain text to append to the directory listing This file might give more information about the contents of the directory indicate copyrights authors or other information The file is first tried with html added to the end If found it is incorporated at the bottom of the directory list as HTML If the file is not found it is tried without the html and incorporated as preformatted plain text enclosed by lt PRE gt and lt PRE gt type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common t
31. details optional Applicable only when transactionisolationlevel is explicitly set If t rue every connection obtained from the pool is guaranteed to have the desired isolation level This may impact performance on some JDBC drivers You can set this attributeto false if you are certain that the hosted applications do not return connections with altered isolation levels optional Specifies whether connections must be validated before being given to the application If a resource s validation fails it is destroyed and a new resource is created and returned Legal values are on off yes no 1 0 true false optional Legal values are as follows e auto commit default which uses Connection setAutoCommit Con nection getAutoCommit e meta data which uses Connection getMetaData e table which performs a query ona table specified in the validation table name attribute Chapter 2 Server Configuration Elements in server xml 61 Resource Elements JDBCCONNECTIONPOOL attributes Attribute Default Description validationtablenam none optional Specifies the table name to be e used to perform a query to validate a connection This parameter is mandatory if and only if connectionvalidationtype is setto table failallconnections false optional If true closes all connections in the pool if a single validation check fails This parameter is mandatory if and only if isconnectionvalidationrequired is
32. file does not exist the server sends a simple default error page type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions S flushTimer Optional Common to all Service class functions Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Table 4 56 send error parameters Parameter Description ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions DUE bucket Optional Common to all obj conf functions Example Error fn send error code 401 path sun server61 docs errors 401 html send file Applicable in Service class directives The send file function sends the contents of the requested file to the client It provides the Content Type Content Length and Last Modified headers Most requests are handled by this function using the following directive which usually comes last in the list of Service class directives in the default object so that it acts as a default Service method GET HEAD POST type magnus internal fn send file This directive is invoked if the method of the request is GET HEAD or POST and the type does not start with magnus internal Note that the patte
33. files and magnus conf require you to stop and restart the server o restart is the script that restarts the server o rotate rotates server log files without affecting users who may be connected to the server o search contains the following directories admin and collections o SessionData contains session database data from MMapSessionManager o startsvr bat is the script that starts the Server Manager The Server Manager lets you configure all servers installed in the server root directory o stopsvr bat is the script that stops the Server Manager manual contains the online manuals for the product plugins contains directories for Java search and other plugins This directory has the following subdirectories o htaccess contains server plugin for htaccess access control and htconvert an nsconfig to htaccess converter o digest contains the Digest Authentication Plugin for Sun ONE Directory Server 5 0 as well as information about the plugin o samples contains samples and example components plugins and technologies supported by the Sun ONE Web Server servlet engine This includes binaries all code and a build enviroment o servlets contains information about and examples of web apps applications o include contains various include files Chapter 1 Basics of Server Operation 19 Directory Structure 20 O lib contains shared libraries nsac1 contains information for your server s access control lis
34. for the net_read and netbuf_grab NSAPI functions NOTE The UseOutputStreamSize parameter can be set to 0 in the obj conf file to disable output stream buffering For the magnus conf file setting UseOutputStreamSize to 0 has no effect Syntax UseOutputStreamSize size The size value is the number of bytes Default The default value is 8192 8 KB ChunkedRequestBufferSize The ChunkedRequestBufferSize directive determines the default buffer size for un chunking request data Syntax ChunkedRequestBufferSize size The size value is the number of bytes 96 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Miscellaneous Default The default value is 8192 ChunkedRequestTimeout The ChunkedRequestTimeout directive determines the default timeout for un chunking request data Syntax ChunkedRequestTimeout seconds The seconds value is the number of seconds Default The default value is 60 1 minute Miscellaneous This section lists miscellaneous other directives in magnus conf e ChildRestartCallback e HTTPVersion e MaxRqHeaders Umask UNIX only NOTE Directives noted with boolean values have the following equivalent values on yes true and off no false ChildRestartCallback This directive forces the callback of NSAPI functions that were registered using the daemon_atrestart function when the server is restarting or shutting down Values are
35. functions Example ObjectType fn type by exp exp test type application html See Also type by extension force type type by extension Applicable in object Type class directives The type by extension function instructs the server to look in a table of MIME type mappings to find the MIME type of the requested resource according to the extension of the requested resource The MIME type is added to the Content Type header sent back to the client The table of MIME type mappings is created by a MIME element in the server xml file which loads a MIME types file or list and creates the mappings For more information about server xml and MIME types files see the Sun ONE Web Server 6 1 Administrator s Configuration File Reference Guide For example the following two lines are part of a MIME types file type text html exts htm html type text plain exts txt If the extension of the requested resource is htm or html the type by extension file sets the type to text html If the extension is txt the function sets the type to text plain Parameters The following table describes parameters for the type by extension function Chapter 4 Predefined SAFs in obj conf 161 Input Input Table 4 35 type by extension parameters Parameter Description bucket Optional Common to all obj conf functions Example ObjectType fn type by extension See Also type by exp force type All I
36. in Greenwich Mean Time optional iPlanet Web Server 4 x only Determines the format of the last modified date display Chapter 3 Syntax and Use of magnus conf 101 Summary of Init Functions and Directives in magnus conf magnus conf Init functions Function Parameter Allowed Values Default Value Description ignore icon uri define perf bucket name description dns cache init cache size expire 102 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Wildcard pattern 32 to 32768 32K 1 to 31536000 seconds 1 year mc icons 1024 1200 seconds 20 minutes optional Specifies a wildcard pattern for file names the server should ignore while indexing File names starting with a period are always ignored optional Specifies the URI prefix the index common function uses when generating URLs for file icons gi f files If icon uri is different from the default the pfx2dir function in the NameTrans directive must be changed so that the server can find these icons Creates a performance bucket which you can use to measure the performance of SAFs in obj conf see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide This function works only if the perf init function is enabled A name for the bucket for example cgi bucket A description of what the bucket measures for example CGI Stats Configures DNS caching
37. in the server xml file and configured using the sun web xml file A few contexts properties functions are now in the server xml file Table A 3 lists the equivalent functions in the contexts properties and sun web xml files 232 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 contexts properties Table A 3 contexts properties to sun web xml correspondences contexts properties Property sun web xml Element or Attribute Comments sessionmgr persistence type attribute of the session manager element sessionmgr initArgs manager properties and store properties attributes of the session manager element initArgs none Specified using the context param element in web xml For more information please refer to the Servlet 2 3 specification To add context attributes implement the javax servlet ServletCont ext Listener interface For more information please refer to the Servlet 2 3 specification respondCookieVersion none Will be supported in a future release tempDir tempdir property reloadInterval dynamic reload interval attribute of class loader element bufferSize none Specified using the Use0utputStreamSize in obj conf See service j2ee for more information docRoot none Specified in the server xml file for each virtual server input StreamLengthCheck none Obsolete outputStreamFlushTimer none Obsolete uri uri attribute of WEBAPP element inserver xml authdb authdb attr
38. is not provided it is assumed to match bong file Optional Specifies a file to send rather than responding with the not found message It is a full file system path bucket Optional Common to all obj conf functions Examples PathCheck fn deny existence path usr sun server61 docs private PathCheck fn deny existence bong file svr msg go away html find index Applicable in PathCheck class directives The find index function investigates whether the requested path is a directory If it is the function searches for an index file in the directory and then changes the path to point to the index file If no index file is found the server generates a directory listing 142 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Note that if the file obj conf has a NameTrans directive that calls home page and the requested directory is the root directory then the home page rather than the index page is returned to the client The find index function does nothing if there is a query string if the HTTP method is not GET or if the path is that of a valid file Parameters The following table describes parameters for the find index function Table 4 18 find index parameters Parameter Description index names Comma separated list of index file names to look for Use spaces only if they are part of a file name Do not include spaces before or after the commas This l
39. machine Although you can use the nobody user it isn t recommended Syntax User name name is the 8 character or less login name for the user account Default If there is no User directive the server runs with the user account it was started with Examples User http User server User nobody Language Issues This section lists the directives in magnus conf related to language issues The following directive is supported e DefaultLanguage DefaultLanguage For an international version of the server this directive specifies the default language for the server The default language is used for both the client responses and administration Values are en English fr French de German or ja Japanese Default The default is en 80 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 DNS Lookup DNS Lookup This section lists the directives in magnus conf that affect DNS Domain Name System lookup The directives are e AsyncDNS e DNS AsyncDNS Specifies whether asynchronous DNS is allowed This directive is ignored Even if the value is set to on the server does not perform asynchronous DNS lookups DNS The DNs directive specifies whether the server performs DNS lookups on clients that access the server When a client connects to your server the server knows the client s IP address but not its host name for example it knows the client as 198 95 251 30 rather
40. name cannot begin with a number file none A space separated list of ACL files Each ACL file must have a unique name For information about the format of an ACL file see the Sun ONE Web Server 6 1 Administrators Guide The name of the default ACL file is generated https server_id acl and the file resides in the server_root server_id httpacl directory To use this file you must reference it in server xml VSCLASS Defines a virtual server class Subelements The following table describes subelements for the vscLass element 36 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Listener Elements VSCLASS subelements Element Required Description DESCRIPTION zero or one Contains a text description of the VSCLASS VARS zero or one Specifies a property of the VSCLASS PROPERTY zero or more Specifies a property of the VSCLASS VS zero or more Defines a virtual server QOSPARAMS zero or one Defines quality of service parameters Attributes The following table describes attributes for the vscLass element VSCLASS attributes Attribute Default Description id none Virtual server class ID This is a unique ID that allows lookup of a specific virtual server class A virtual server class ID cannot begin with a number objectfile obj conf The obj conf file for this class of virtual servers Cannot be overridden in a VS element rootobject default optional Tells t
41. of Server Operation 17 Directory Structure bin contains the binary files for the server such as the actual server the Administration Server forms and so on In addition this directory includes the https install folder that contains files needed for migrating server settings and default configuration files needed for backward compatibility docs is the server s default primary document directory where your server s content files are usually kept If you are migrating settings from an existing server this directory doesn t appear until you finish the migration process extras contains the log analyzer and log analysis tools o The flexanlg directory contains a command line log analyzer This log analyzer analyzes files in flexlog format o The log_anly directory contains the log analysis tool that runs through the Server Manager This log analyzer analyzes files in common log format only httpacl contains the files that store access control configuration information in the generated server id acl and genwork server id ac1 files The file generated server id acl contains changes you make using the Server Manager access control forms after saving your changes genwork server id ac1 contains your changes before you save your changes https admserv contains the directories for the Administration Server This directory has the following subdirectories and files o For UNIX Linux platforms this directory contains shell scripts to
42. optional Specifies how many entries are contained in the cache optional specifies how long in seconds it takes for a cache entry to expire magnus conf Init functions Summary of Init Functions and Directives in magnus conf Function Parameter Allowed Default Value Description Values flex init Initializes the flexible logging system logFileName A path or file The full path to the log file or a name file name relative to the server s logs directory In this example the log file name is access and the path is logdir access access logdir access format logFileName Specifies the format of each log entry in the log file See the Sun ONE Web Server 6 1 NSAPI Programmer s Guide for more information buffer size Number of 8192 Specifies the size of the global bytes log buffer num buffers 1000 Specifies the maximum number of logging buffers to use flex rotate init Enables rotation for logs rotate start A 4 digit Indicates the time to start string rotation For example 0900 indicating the indicates 9 am while 1800 time in indicates 9 pm 24 hour format rotate interval Number of Indicates the number of minutes minutes to elapse between each log rotation rotate access yes no yes optional determines whether common log flex log and record useragent logs are rotated For more information see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide rotate error yes no yes optional determines whether error logs
43. parameter 125 H hard links finding 143 258 Sun ONE lt Product Name gt Administrator s Guide April 2001 HashInitSize parameter 224 header parameter 175 HeaderBufferSize magnus conf directive 83 HeaderBufferSize directive 109 home page function 131 httpacl directory 18 http compression filter 140 https admserv directory 18 https server_id domain 19 HTTPVersion magnus conf directive 98 HTTPVersion directive 109 HUP signal PidLog and 92 icon uri parameter 102 ignore parameter 102 imagemap function 173 include directory 19 index common function 174 index names parameter 143 index simple function 176 inetOrgPerson in convergence tree 69 Init function descriptions 78 Init functions 100 232 237 initArgs property 233 235 init cgi function 104 init clf function 104 InitFn property 219 init uhome function 105 Input function descriptions 162 inputStreamLengthCheck property 233 insert filter SAF 163 165 IOTimeout directive 110 iponly function 203 204 isModifiedCheckAggressive property 234 J J2SE SecurityManager 226 JAVA 49 Java Configuration Elements 48 JDBCCONNECTIONPOOL 59 JDBCRESOURCE 58 JVMOPTIONS 51 K KeepAliveThreads directive 110 KeepAliveTimeout magnus conf directive 84 KeepAliveTimeout directive 110 KernelThreads magnus conf directive 84 KernelThreads directive 110 keyfile 221 key toosmall function 178 L lang parameter 157 159 160 212 language 35 language issues directiv
44. parameters Parameter Description name Named object in obj conf whose directives are applied to requests made to Java web applications bucket Optional Common to all obj conf functions 132 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 NameTrans Example NameTrans fn ntrans j2ee name 32 See Also service j2ee error j2ee pfx2dir Applicable in NameTrans class directives The pfx2dir function replaces a directory prefix in the requested URL with a real directory name It also optionally allows you to specify the name of an object that matches the current request See the discussion of assign name for details of using named objects Parameters The following table describes parameters for the pfx2dir function Table 4 11 pfx2dir parameters Parameter Description from URI prefix to convert It should not have a trailing slash dir Local file system directory path that the prefix is converted to It should not have a trailing slash name Optional Specifies an additional named object in obj conf whose directives will be applied to this request Chapter 4 Predefined SAFs in obj conf 133 NameTrans Table 4 11 pfx2dir parameters Parameter find pathinfo forw ard bucket Examples Description Optional Makes the server look for the PATHINFO forward in the path right after the ntrans base instead of backward from the end of path a
45. rsa_3des_sha rsa_des_sha rsa_rc4_40_md5 rsa_rc2_40_md5 rsa_null_md5 Allowed TLS values are rsa_des_56_sha rsa_rc4_56_sha optional Determines whether TLS is enabled Legal values are on off yes no 1 0 true and false Chapter 2 Server Configuration Elements in server xml 33 Listener Elements SSLPARAMS attributes Attribute Default Description tlsrollback true optional Determines whether TLS rollback is enabled Legal values are on off yes no 1 0 true and false TLS rollback should be enabled for Microsoft Internet Explorer 5 0 and 5 5 clientauth false optional Determines whether SSL3 client authentication is performed on every request independent of ACL based access control Legal values are on of f yes no 1 0 true and false MIME Defines MIME types The most common way that the server determines the MIME type of a requested resource is by invoking the type by extension directive in the Object Type section of the obj conf file The type by extension function does not work if no mime element has been defined in the SERVER element Subelements The following table describes subelements for the MIME element MIME subelements Element Required Description TYPE zero Or more Specifies the mime type of the requested resource Attributes The following table describes attributes for the MIME element 34 Sun ONE Web Server 6 1 Administrator s Config
46. server statistics They are e ErrorLogDateFormat e LogFlushInterval e PidLog ErrorLogDateFormat The ErrorLogDateFormat directive specifies the date format that the server logs use Syntax ErrorLogDateFormat format The format can be any format valid for the C library function strftime See Appendix C Time Formats Default 0 b SY H 3M S LogFlushInterval This directive determines the log flush interval in seconds of the log flush thread for the access log Default 30 Chapter 3 Syntax and Use of magnus conf 91 ACL ACL PidLog PidLog specifies a file in which to record the process ID pid of the base server process Some of the server support programs assume that this log is in the server root in logs pid To shut down your server kill the base server process listed in the pid log file by using a TERM signal To tell your server to reread its configuration files and reopen its log files use ki11 with the HUP signal If the PidLog file isn t writable by the user account that the server uses the server does not log its process ID anywhere The server won t start if it can t log the process ID Syntax PidLog file The file is the full path name and file name where the process ID is stored Default There is no default Examples PidLog var ns server logs pid PidLog tmp ns server pid This section lists the directives in magnus conf relevant to access control lists
47. start stop and restart the server and a script to rotate log files o ClassCache contains classes and Java files generated as result of the compilation of JavaServer pages o conf_bk contains backup copies of the administration server s configuration files o config contains the server s configuration files o logs contains any error or access log files o SessionData contains session database data from MMapSessionManager o startsvr bat is the script that starts the Server Manager on Windows machines The Server Manager lets you configure all servers installed in the server root directory o stopsvr bat is the script that stops the Server Manager on Windows machines 18 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Directory Structure https server_id are the directories for each server you have installed on the machine Each server directory has the following subdirectories and files o ClassCache contains classes and Java files generated as result of the compilation of JavaServer pages o conf_bk contains backup copies of the server s configuration files o config contains the server instance configuration files o logs contains the server instance log files o reconfig is the script used to reconfigure the server dynamically If you make non global changes to the server you can use this script to reconfigure the server without stopping and starting it Note that changes to ACL
48. strip params unix home Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Table 4 1 Available Server Application Functions SAFs Per Directive Directive PathCheck Object Type Input Output Server Application Functions check acl deny existence find index find links find pathinfo get client cert load config nt uri clean ntcgicheck require auth set virtual index ssl check ssl logout unix uri clean force type set default typ shtml hacktype type by exp type by extension insert filter remove filter insert filter remove filter Chapter 4 Predefined SAFs in obj conf 119 The bucket Parameter Table 4 1 Available Server Application Functions SAFs Per Directive Directive Service AddLog Error Server Application Functions add footer add header append trailer imagemap index common index simple key toosmall list dir make dir query handler remove dir remove file remove filter rename file send cgi send error send file send range send shellcgi send wincgi service dump service j2ee service trace shtml_send stats xml upload file common log flex log record useragent error j2ee send error qos error query handler remove filter The bucket Parameter The following performance buckets are predefined in Sun ONE Web Server e Thedefault bucket records statistics for the functions not associated with any user defined or built in bucket
49. system default action for the signal If a NSAPI plugin fork execs a child process it should call waitpid with its child process pid when CGIWaitPid is enabled to avoid leaving defunct processes when its child process terminates When CGIWaitPid is enabled the SHTML engine waits explicitly on its exec cmd child processes Note that this directive has no effect on CGI Default on MaxCGIStubs Controls the maximum number of CGIStub processes the server can spawn This is the maximum concurrent CGIStub processes in execution not the maximum number of pending requests The default value should be adequate for most systems Setting this too high may actually reduce throughput Default 10 MinCGIStubs Controls the number of processes that are started by default The first CGIStub process is not started until a CGI program has been accessed Note that if you have an init cgi directive in the magnus conf file the minimum number of CGIStub processes are spawned at startup The value must be less than the MaxCGIStubs value Default 2 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Error Logging and Statistic Collection WincgiTimeout WinCGI processes that take longer than this value are terminated when this timeout in seconds expires Default 60 Error Logging and Statistic Collection This section lists the directives in magnus conf that affect error logging and the collection of
50. than its host name www a com The server will resolve the client s IP address into a host name for operations like access control CGI error reporting and access logging If your server responds to many requests per day you might want or need to stop host name resolution doing so can reduce the load on the DNS or NIS Network Information System server Syntax DNS on off Default DNS host name resolution is on as a default Example DNS on Threads Processes and Connections In Sun ONE Web Server 6 1 acceptor threads on a listen socket accept connections and put them onto a connection queue Session threads then pick up connections from the queue and service the requests The session threads post more session threads if required at the end of the request The policy for adding new threads is based on the connection queue state Chapter 3 Syntax and Use of magnus conf 81 Threads Processes and Connections 82 Each time a new connection is returned the number of connections waiting in the queue the backlog of connections is compared to the number of session threads already created If it is greater than the number of threads more threads are scheduled to be added the next time a request completes The previous backlog is tracked so that if it is seen to be increasing over time and if the increase is greater than the ThreadIncrement value and the number of session threads minus the backlog is less than the Thread
51. the virtual server virtual server class and global server logs the statistics and enforces the QOS parameters by returning an error This must be the first AuthTrans function configured in the default object in order to work properly The code for this SAF is one of the examples provided in the Sun ONE Web Server 6 1 NSAPI Programmer s Guide For more information see the Sun ONE Web Server 6 1 Performance Tuning Sizing and Scaling Guide Parameters The following table describes parameters for the qos handler function Table 4 5 qos handler parameters Parameter Description bucket Optional Common to all obj conf functions Example AuthTrans fn gos handler See Also qos error 126 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 NameTrans NameTrans NameTrans stands for Name Translation NameTrans directives translate virtual URLs to physical directories on your server For example the URL http www test com some file html could be translated to the full file system path usr Sun WebServer61 serverl docs some file html NameTrans directives should appear in the default object If there is more than one NameTrans directive in an object the server executes each one in order until one succeeds The following NameTrans class functions are described in detail in this section assign name tells the server to process directives in a named object document root translates
52. type image ief exts ief type image jpeg type image tiff exts jpeg jpg jpe exts tiff tif type image x rgb exts rgb type image x xbitmap exts xbm type image x xpixmap exts xpm type image x xwindowdump exts xwd type text html exts htm html type text plain exts txt type text richtext exts rtx type text tab separated values exts tsv type text x setext exts etx type video mpeg type video quicktime type video x msvideo enc x gzip enc x compress enc x uuencode type magnus internal imagemap type magnus internal parsed html type magnus internal cgi type magnus internal jsp ext s mpeg mpg mpe exts qt mov exts avi ext s gz exts z exts uu uue ext s map exts shtml exts cgi exe bat exts jsp Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Sample MIME Types File Chapter 5 MIMETypes 215 Sample MIME Types File 216 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 certmap conf Chapter 6 Other Server Configuration Files This chapter summarizes the important configuration files not discussed in other chapters Configuration files that should never be modified are not listed in this module The following configuration files are described in alphabetical order certmap conf dbswitch conf Deployment Descriptors generated instance acl logi Cent He Ee CORE password conf server policy clfilter certmap conf
53. will appear higher than filters that were inserted earlier The following Output class functions are described in detail in this section e insert filter adds a filter to the filter stack to process outgoing data e remove filter removes a filter from the filter stack insert filter Applicable in output class directives The insert filter SAF is used to add a filter to the filter stack to process outgoing server to client data The order of Input fn insert filter and Output fn insert filter directives can be important Returns Returns REQ_PROCEED if the specified filter was inserted successfully or REQ_NOACT ION if the specified filter was not inserted because it was not required Any other return value indicates an error Parameters The following table describes parameters for the insert filter function Table 4 38 insert filter parameters Parameter Description filter Specifies the name of the filter to insert bucket Optional Common to all ob j conf functions Example Output fn insert filter filter http compression Chapter 4 Predefined SAFs in obj conf 165 Service remove filter Applicable in Input Output Service and Error class directives The remove filter SAF is used to remove a filter from the filter stack If the filter has been inserted multiple times only the topmost instance is removed In general it is not necessary to remove filters
54. with remove filter as they will be removed automatically at the end of the request Returns Returns REQ_PROCEED if the specified filter was removed successfully or REQ_NOACTION if the specified filter was not part of the filter stack Any other return value indicates an error Parameters The following table describes parameters for the remove filter function Table 4 39 remove filter parameters Parameter Description filter Specifies the name of the filter to remove bucket Optional Common to all obj conf functions Example Output fn remove filter filter http compression Service The Service class of functions sends the response data to the client Every Service directive has the following optional parameters to determine whether the function is executed All optional parameters must match the current request for the function to be executed type Optional Specifies a wildcard pattern of MIME types for which this function will be executed The magnus internal MIME types are used only to select a Service function to execute 166 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service e method Optional Specifies a wildcard pattern of HTTP methods for which this function will be executed Common HTTP methods are GET HEAD and POST e query Optional Specifies a wildcard pattern of query strings for which this function will be execute
55. 0 true false Configures the system logging service which includes the following log files The errors log file stores messages from the default virtual server Messages from other configured virtual servers also go here unless the logfile attribute is explicitly specified in the vscLass or vs element The default name is errors The access log file stores HTTP access messages from the default virtual server The default name is access log To configure the access log you use server application functions in the magnus conf and obj conf files A virtual server log file stores messages from a VSCLASS or vs element that has an explicitly specified log file attribute Subelements The following table describes subelements for the LOG element Chapter 2 Server Configuration Elements in server xml 65 LOG LOG subelements Element Required Description PROPERTY zero or more Specifies a property or a variable Attributes The following table describes attributes for the Loc element LOG attributes Attribute Default Description file loglevel logvsid logstdout logstderr logtoconsole errors info false true true true Specifies the file that stores messages from the default virtual server Messages from other configured virtual servers also go here unless the errorlog attribute is explicitly specified in the vs element Controls the default type of messages logged b
56. 136 strip params 72 type by exp 96 type by extension 97 unix home 73 unix uri clean 91 upload file 138 Appendix E Alphabetical List of Predefined SAFs 253 254 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 SYMBOLS clfilter files 226 A AccelFileCache directive 229 acceptlanguage 38 AcceptLanguage directive 229 AcceptTimeout magnus conf directive 83 access log 65 ACL magnus conf directives 92 acl parameter 139 ACLCacheLifetime magnus conf directive 92 ACLCacheLifetime directive 107 ACLFILE 36 ACLFile directive 230 ACLGroupCacheSize magnus conf directive 93 ACLGroupCacheSize directive 107 ACLUserCacheSize magnus conf directive 93 ACLUserCacheSize directive 107 addCgilnitVars parameter 199 add footer function 169 add header function 171 Index AddLog function descriptions 202 Address directive 230 Administration interface more information about 11 AdminLanguage magnus conf directive 99 AdminLanguage directive 107 230 238 alias directory 17 alphabetical reference SAFs 249 append trailer function 172 assign name function 127 AsyncDNS magnus conf directive 81 AsyncDNS directive 108 230 238 authdb property 233 auth group parameter 153 AUTHREALM 54 AuthTrans function descriptions 121 auth type parameter 122 124 152 auth user parameter 152 B basedir parameter 149 basic auth function 122 basic ncsa function 124 255 bin directory 18 binddn property 220
57. 226 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 clfilter Location server_root config Chapter 6 Other Server Configuration Files 227 clfilter 228 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Appendix A Configuration Changes Between iPlanet Web Server 4 1 and Sun ONE Web Server 6 1 This chapter summarizes major configuration file changes between the 4 1 and the 6 1 version of Sun ONE Web Server The following 4 1 files are described magnus conf obj conf contexts properties rules properties servlets properties magnus conf Table A 1 summarizes the changes in magnus conf Table A 1 magnus conf changes 4 x Directive AccelFileCache AcceptLanguage 6 1 Directive Comments none Obsolete because an NSAPI accelerator cache is no longer necessary none See the acceptlanguage attribute of the VSCLASS and VS elements in server xml 229 magnus conf Table A 1 magnus conf changes 4 x Directive 6 1 Directive Comments ACLFile none Maps to the ACLFILE element in server xml Address none Maps to the LS element in server xml AdminLanguage none Deprecated AsyncDNS AsyncDNS Ignored Even if the value is set to on the server does not perform asynchronous DNS lookup BlockingListenSockets none See the blocking attribute of the LS element in server xml CGIWaitPid none Deprecated Ciphers n
58. 3 rotate start parameter 103 RqThrottle magnus conf directive 86 RqThrottle directive 112 RqThrottleMin magnus conf directive 86 RqThrottleMinPerSocket directive 112 rules properties changes to 234 Index 261 S SAFs alphabetical reference 249 Init 78 predefined 117 samples directory 19 SEARCH 45 search directory 19 20 Search Elements 45 SEARCHCOLLECTION 46 secret keysize parameter 155 Secuity magnus conf directive 94 SECURITY 53 security settings in mangus conf 93 Security directive 112 send cgi function 185 send error function 188 206 send file function 189 send range function 191 send shellcgi function 192 send wincgi function 193 server handling of authorization of client users 121 HUP signal 92 killing process of 92 TERM signal 92 server information magnus conf directives 78 server policy 226 server xml 23 more information 161 variables defined in 187 server xml elements 262 ACLFILE 35 AUTHREALM 54 CONNECTIONPROPERTY 63 CUSTOMRESOURCE 56 DAV 42 DAVCOLLECTION 43 DESCRIPTION 29 DISPLAYNAME 47 EXTERNALJNDIRESOURCE 57 Sun ONE lt Product Name gt Administrator s Guide April 2001 JAVA 49 JDBCCONNECTIONPOOL 59 JDBCRESOURCE 58 JVMOPTIONS 51 LOG 65 ES 30 MAILRESOURCE 64 MIME 34 PROFILER 52 PROPERTY 28 QOSPARAMS 40 RESOURCES 56 SEARCH 45 SEARCHCOLLECTION 46 SECURITY 53 SERVER 26 SSLPARAMS 32 TYPE 35 USERDB 41 VARS 29 VS 38 VSCLASS
59. 36 WEBAPP 47 servercertnickname 33 ServerID magnus conf directive 99 ServerID directive 112 ServerName directive 231 serverName property 234 ServerRoot magnus conf directive 99 ServerRoot directive 113 231 Service function descriptions 166 service dav function 194 service dump function 195 servlets directory 19 servlets properties changes to 234 SessionData 18 SessionData directory 19 SessionData file 20 sessionmgr property 233 sessionmgr initArgs property 233 set default type function 158 setup directory 20 set virtual index function 153 shlib parameter 105 shtml_send function 198 232 shtml hacktype function 159 ShtmlMaxDepth parameter 199 singleClassLoader property 234 SmallFileSizeLimit parameter 224 SmallFileSpace parameter 224 SndBufSize magnus conf directive 86 SndBufSize directive 113 snmp directory 20 SSL settings in magnus conf 93 ssl2 33 SSL2 directive 231 ssl2ciphers 33 ssl3 33 SSL3 directive 231 SSL3Ciphers directive 231 SSL3SessionTimeout magnus conf directive 95 SSL3SessionTimeout directive 113 ssl3tlsciphers 33 SSLCacheEntries magnus conf directive 94 SSLCacheEntries directive 113 ssl check function 154 SSLClientAuth directive 231 SSLClientAuthDataLimit magnus conf directive 95 SSLClientAuthDataLimit directive 113 SSLClientAuthTimeout magnus conf directive 95 SSLClientAuthTimeout directive 113 ssl logout function 155 SSLSessionTimeout magnus conf directive 95 SSLSessionTimeout directive 113
60. 7 ObjectType Table 4 31 force type parameters Parameter Description charset Optional Character set for the magnus charset parameter in rq gt srvhdrs If the browser sent the Accept Charset header or its User Agent is Mozilla 1 1 or newer then append charset charset to content type where charset is the value of the magnus charset parameter in rq gt srvhdrs bucket Optional Common to all obj conf functions Example ObjectType fn force type type text plain ObjectType fn force type lang en_US See Also type by extension type by exp set default type Applicable in object Type class directives The set default type function allows you to define a default charset content encoding and content language for the response being sent back to the client If the charset content encoding and content language have not been set fora response then just before the headers are sent the defaults defined by set default type are used Note that by placing this function in different objects in obj conf you can define different defaults for different parts of the document tree Parameters The following table describes parameters for the set default type function 158 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 ObjectType Table 4 32 set default type parameters Parameter Description enc Optional Encoding assigned to a matching request the
61. ACLs They are e ACLCacheLifetime e ACLUserCacheSize e ACLGroupCacheSize ACLCacheLifetime ACLCacheLifet ime determines the number of seconds before cache entries expire Each time an entry in the cache is referenced its age is calculated and checked against ACLCacheLifetime The entry is not used if its age is greater than or equal to the ACLCacheLifetime If this value is set to 0 the cache is turned off 92 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Security If you use a large number for this value you may need to restart the Sun ONE Web Server when you make changes to the LDAP entries For example if this value is set to 120 seconds the Sun ONE Web Server might be out of sync with the LDAP server for as long as two minutes If your LDAP entries are not likely to change often use a large number Default 120 ACLUserCacheSize ACLUserCacheSize determines the number of users in the User Cache Default 200 ACLGroupCacheSize ACLGroupCacheSize determines how many group IDs can be cached for a single UID cache entry Default 4 Security This section lists the directives in magnus conf that affect server access and security issues for Sun ONE Web Server They are e Security e ServerString e SSLCacheEntries e SSLClientAuthDataLimit e SSLClientAuthTimeout e SSLSessionTimeout e SSL3SessionTimeout Chapter 3 Syntax and Use of magnus conf 93 Security Secu
62. Administrator s Configuration File Reference Sun ONE Web Server Version 6 1 817 1834 10 August 2003 Sun Microsystems Inc 4150 Network Circle Santa Clara CA 95054 U S A Copyright 2003 Sun Microsystems Inc All rights reserved Sun Sun Microsystems the Sun logo Java Solaris Sun ONE iPlanet and all Sun Java and Sun ONE based trademarks and logos are trademarks or registered trademarks of Sun Microsystems Inc in the United States and other countries UNIX is a registered trademark in the United States and other countries exclusively licensed through X Open Company Ltd Netscape is a trademark or registered trademark of Netscape Communications Corporation in the United States and other countries Federal Acquisitions Commercial Software Government Users Subject to Standard License Terms and Conditions The product described in this document is distributed under licenses restricting its use copying distribution and decompilation No part of the product or this document may be reproduced in any form by any means without prior written authorization of Sun Microsystems Inc and its licensors if any THIS DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NON INFRINGEMENT ARE DISCLAIMED EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID Copyright
63. August 2003 Attributes Listener Elements The following table describes attributes for the Ls element LS attributes Attribute Default Description id ip port security acceptorthreads none any none false optional The socket family type A socket family type cannot begin with a number When you create a secure listen socket in the server xml file security must be turned on in magnus conf When you create a secure listen socket in the Server Manager security is automatically turned on globally in magnus conf Specifies the IP address of the listen socket Can be in dotted pair or IPv6 notation Can also be any for INADDR_ANY Port number to create the listen socket on Legal values are 1 65535 On UNIX creating sockets that listen on ports 1 1024 requires superuser privileges Configuring an SSL listen socket to listen on port 443 is recommended Two different IP addresses can t use the same port optional Determines whether the listen socket runs SSL Legal values are on of f yes no 1 0 true false You can turn SSL2 or SSL3 on or off and set ciphers using an SSLPARAMS subelement for this listen socket The Security setting in the magnus conf file globally enables or disables SSL by making certificates available to the server instance Therefore Security inmagnus conf must be on or security in server xml does not work For more information see Chapter 3
64. C connection pool NOTE The restype attribute of the JDBCCONNECTIONPOOL element is reserved and ignored in Sun ONE Web Server 6 1 Any value set for this attribute is ignored by the server Subelements The following table describes subelements for the JDBCCONNECTIONPOOL element JDBCCONNECTIONPOOL subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element PROPERTY zero or more Specifies a property or a variable CONNECTIONPROPERTY zero or more Specifies the connection properties for the connection pool Attributes The following table describes attributes for the JDBCCONNECTIONPOOL element Chapter 2 Server Configuration Elements in server xml 59 Resource Elements JDBCCONNECTIONPOOL attributes Attribute Default Description name datasourceclassnam e steadypoolsize maxpoolsize maxwaittime poolresizequantity idletimeout none none 32 60000 300 Specifies the name of the connection pool A JDBCRESOURCE element s poolname attribute refers to this name Specifies the class name of the associated vendor supplied data source This class mustimplement java sql DataSource or java sql XADataSource or both optional Specifies the initial and minimum number of connections maintained in the pool optional Specifies the maximum number of connections that can be created to sa
65. Connect ionPoolDataSource if connection pooling is done description Specifies a text description url Specifies the URL for this connection pool Although this is not a standard property it is commonly used CONNECTIONPROPERTY Specifies the connection properties for a JDBC connection pool Subelements The following table describes subelements for the CONNECTIONPROPERTY element CONNECTIONPROPERTY subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element Attributes The following table describes attributes for the CONNECTIONPROPERTY element CONNECTIONPROPERTY attributes Attribute Default Description none Specifies a name for the connection property none Specifies a value for the connection property invocationfrequenc at creation optional Specifies the frequency with which the connection property is invoked Legal values are at creation and every lease Chapter 2 Server Configuration Elements in server xml 63 Resource Elements MAILRESOURCE Defines a JavaMail javax mail Session resource Subelements The following table describes subelements for the MAILRESOURCE element AAILRESOURCE subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element Attributes The following table describes attributes for the MAILRESOURCE MAILRESOU
66. Connections that time out on a listen socket whose backlog queue is full will fail Default The default value is platform specific 4096 AIX 200 128 all others MaxKeepAliveConnections Specifies the maximum number of Keep Alive and persistent connections that the server can have open simultaneously Values range from 0 to 32768 Default MaxProcs UNIX Only Specifies the maximum number of processes that the server can have running simultaneously If you don t include MaxProcs in your magnus conf file the server defaults to running a single process One process per processor is recommended if you are running in multi process mode In Sun ONE Web Server 6 1 there is always a primordial process in addition to the number of active processes specified by this setting Additional discussion of this and other server configuration and performance tuning issues can be found in the Performance Tuning Sizing and Scaling Guide for Sun ONE Web Server Default 1 PostThreadsEarly If this directive is set to 1 on the server checks the whether the minimum number of threads are available at a listen socket after accepting a connection but before sending the response to the request Use this directive when the server will be handling requests that take a long time to handle such as those that do long database connections Default 0 off Chapter 3 Syntax and Use of magnus conf 85 Threads Processes and Connections
67. Content Encoding header lang Optional Language assigned to a matching request the Content Language header charset Optional Character set for the magnus charset parameter in rq gt srvhdrs If the browser sent the Accept Charset header or its User agent is Mozilla 1 1 or newer then append charset charset to content type where charset is the value of the magnus charset parameter in rq gt srvhdrs bucket Optional Common to all obj conf functions Example ObjectType fn set default type charset iso_8859 1 shtml hacktype Applicable in object Type class directives The shtml hacktype function changes the Content Type of any htmor html file to magnus internal parsed html and returns REQ_PROCEED This provides backward compatibility with server side includes for files with htm or html extensions The function may also check the execute bit for the file on UNIX systems The use of this function is not recommended T Parameters The following table describes parameters for the shtml hacktype function Table 4 33 shtml hacktype parameters Parameter Description exec hack UNIX only optional Tells the function to change the content type only if the execute bit is enabled The value of the parameter is not important it need only be provided You may use exec hack true Chapter 4 Predefined SAFs in obj conf 159 ObjectType Table 4 33 shtml hacktype parameter
68. DAVCOLLECTION zero or more Collections for which DAV is enabled Attributes The following table describes attributes for the DAV element DAV attributes Attribute lockdb minlocktimeout maxxmlrequestbodys ize maxpropdepth enabled Default server instance lock d b vs none 8192 true DAVCOLLECTION Defines a DAV enabled collection of documents rooted at a URI the source of the documents are accessed via a separate URI space Description optional Specifies the directory where the locking database will be maintained optional Minimum lifetime of a lock in seconds 1 implies never expires A value of 0 sets minlocktimeout to infinity optional Maximum size of the XML request body Needed to prevent potential Denial of Service DOS attacks optional The depth of the PROPFIND request If the request is to a collection then the depth of the subdirectories included in the response is specified by this attribute Legal values are 0 1 and infinity optional Specifies if DAV functionality is enabled for a virtual server Legal values are yes no true false on of f 1 0 Chapter 2 Server Configuration Elements in server xml 43 WebDAV Elements The DAVCOLLECTION element defines WebDAV functionality for a URI space The attributes specified on a collection override any virtual server attribute values Subelements The following table describes subelements for the DAVCOLLECTI
69. Elements cidcid dI aa iia 48 VANA coi A ei 49 JVMOPTIONS a die sees dee ooo 51 PROPRILER ieri A aa er 52 SECURITY cocs iia 53 AUTERBALN ia e elia i Le aio 54 Resource Elements iiliiii ii RR REA a 55 RESOURCES uta aaa gia i rale 56 CUSTOMRESOURCE i RE e aa 56 EXTERNAL NDIRESQOURCE 2000 ile eri Lal bee ay cele ba 57 TDBERESOURCE 00 0 a ee eee 58 JOBCCONNECIIONPOOL ia A A ABs a 59 CONNECTIONPROPERTY Li a ida 63 MATL RESOURCE rice VOI ii Bass 64 LOG AA ra IA ARL ea 65 User Database Seleclioni 0 Rea era 67 The Sun ONE LDAP Schema 0 eee 68 The Convergence Ires i ete oa ae bat aria di 68 The Domain Component de Tee iii A ea 69 Wan Se an ceo ca sere as earlier ee da 70 Format of a Variable RA Peden does I tea eed Tae es 70 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Theid Variable iii slay ais ad aves bse I ened ba Fb dd dle aw baad Gaul ra 70 Other Important Variables 0 pr Le ka aoe ea eee 70 Variable Evaluation i 4 crec osec do I E eee ne oe SEE Ye poe a ede 71 Sample server xml File ii a ee cae eee ees Pea ela 72 Chapter 3 Syntax and Use of magnus conf eee eee eee eee 77 Mts a a di 78 Server Inforimationi 1 rt ee eee 78 Lanata rc lSsues osas piera ii e a aria 80 DNS Lookups sica pide te Hie Die hea ee ae ena ted none teat ni 81 Threads Processes and Connections 81 Native Thread Poals lira iii ai 88 Cl IRR 89 Error Logsins
70. Increment value then another ThreadIncrement number of threads are scheduled to be added The process of adding new session threads is strictly limited by the RqThrottle value To avoid creating too many threads when the backlog increases suddenly such as the startup of benchmark loads the decision whether more threads are needed is made only once every 16 or 32 times a connection is made based on how many session threads already exist This subsection lists the directives in magnus conf that affect the number and timeout of threads processes and connections They are AcceptTimeout ConnQueueSize HeaderBufferSize KeepAliveThreads KeepAliveTimeout KernelThreads ListenQ MaxKeepAliveConnections MaxProcs UNIX Only PostThreadsEarly RevBufSize RqThrottle RqThrottleMin SndBufSize StackSize StrictHttpHeaders Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Threads Processes and Connections e TerminateTimeout e ThreadIncrement e UseNativePoll UNIX only Also see the section Native Thread Pools on page 88 for directives for controlling the pool of native kernel threads AcceptTimeout Specifies the number of seconds the server waits for data to arrive from the client If data does not arrive before the timeout expires then the connection is closed By setting it to less than the default 30 seconds you can free up threads sooner However you may also disconnect users with s
71. ME SEARCH Search Elements Defines search related configuration parameters for a given vs Subelements The following table describes subelements for the SEARCH element SEARCH subelements Element Required Description WEBAPP zero or one The default search web application for this virtual server SEARCHCOLLECTION zero or more Specifies a searchable index of documents called a collection PROPERTY zero or more Specifies name value pairs to pass extra configuration information to the search engine Attributes The following table describes attributes for the SEARCH element SEARCH attributes Attribute Default Description maxhits none The maximum number of results that will be retrieved by the search engine ina single search Chapter 2 Server Configuration Elements in server xml 45 Search Elements name path uri SEARCHCOLLECTION Specifies a searchable index of documents called a search collection Subelements The following table describes subelements for the SEARCHCOLLECTION element SEARCHCOLLECTION subelements Element Required Description DISPLAYNAME zero or one Optional display name that can be used while displaying searchable collections to the end user DESCRIPTION zero or one Contains a text description of the collection PROPERTY zero or more Contains name value pairs to pass extra configuration information to the search engine Attr
72. NE Web Server 6 1 Administrator s Configuration File Reference August 2003 send file 0 LL 189 SONOTANGE iii aaa ia aa 191 sendeshell S cia e a aa 192 SENAAWINORI sii VERA ea da 193 SCIVICO CAvV s iii RIS a ee 194 Service dup ssi Re ei 195 a A lella barale ibi ei 196 SOUTO itunes bia 197 shim send IP DES E ea 198 SSL ad a A ada ne 199 EOE To mal oo cia e a ia dee da data fads 201 E A A TI ieri 202 COMMONS gt siii A a papi 202 n E E E E EE E ai aiar a 203 record us ragent orisi arer dt TGE iaia Loria iii 205 ETNO ci EA A A A lee ata 205 o EE E E E eee 206 SOC a A Aaa 206 GIS ni ja Ad ind ii 208 query handler ii EVER AE Ra E 209 FOMOVE HEF AN 210 Chapter 5 MIME Types iciii o ERE A a E 211 traduction cir iii iii di bbc o 211 Determining the MIME TIPS cosida ira dde ste ted ad dad 212 How ihe Type Affects the Response eri A os 212 What Does the Client Do with the MIME Type 2 2 5 cess chs cele a as 213 Syntax ol me MIME Types Fleitas 213 sample MIME Types File o e ea ire 214 Chapter 6 Other Server Configuration Files rei 217 CTI PACO sile pia ea ai elas ile 217 olla A ee e nahh ga areata 219 Deployment Descriptors s cisco dr ya ie ia a pia 222 generated instanceacl iii A alii ea 222 LOSE A RR ia e a ei 223 DOME oo sects CORO ORE CATONE R TI METTO MOR PeteOod oe 0 COTTI OT SO 223 PassWord a ea a 225 Server POley ARO N 226 EU ARR ER PERO EE 226 8 Appendix A Configuration Changes B
73. NE Web Server 6 1 NSAPI Programmer s Guide Init Functions The following table lists the Init functions available in the magnus conf file 100 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 magnus conf Init functions Summary of Init Functions and Directives in magnus conf Function Parameter cindex init opts widths timezone format Allowed Values Comma separated numbers of characters GMT or local Format for the UNIX function strftime Default Value None Minimums required to display column titles local Sd Sb SY SH SM Description Changes the default characteristics for fancy indexing optional is a string of letters specifying the options to activate Currently there is only one possible option e s tells the server to scan each HTML file in the directory being indexed for the contents of the HTML lt TITLE gt tag to display in the description field The lt TITLE gt tag must be within the first 255 characters of the file optional Specifies the width for each of the four columns in the indexing display name last modified date size and description respectively The final three values can each be set to 0 to turn the display for that column off The name column cannot be turned off optional iPlanet Web Server 4 x only Indicates whether the last modified time is shown in local time or
74. ON element DAVCOLLECTION subelements Element DESCRIPTION Attributes Required zero or one Description Contains a text description of this element The following table describes attributes for the DAVCOLLECTION element DAVCOLLECTION attributes Attribute uri sourceuri lockdb minlocktimeout maxxmlrequestbodys ize maxpropdepth enabled Default none none lockdb value specified in the DAV element minlocktimeout attribute value specified in the DAV element The value specified in the DAV element The value specified in the DAV element true Description required Specifies the URI by which the output content is accessed optional Specifies the URI by which the source content of the documents are accessed optional Specifies the directory where the locking database will be maintained optional Minimum lifetime of a lock in seconds 1 implies never expires 0 turns locking off optional Maximum size of the XML request body Needed to prevent potential Denial of Service DOS attacks optional The maximum depth permitted for a DAV PROPFIND request Allowed values are 0 1 and infinity optional Specifies if DAV functionality is enabled for this collection Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Search Elements Search elements are as follows e SEARCH e SEARCHCOLLECTION e DISPLAYNA
75. RCE attributes element Attribute jndiname storeprotocol storeprotocolclass transportprotocol Default none imap com sun mail imap IMAPStore smtp Description Specifies the INDI name for the resource optional Specifies the storage protocol service which connects to a mail server retrieves messages and saves messages in folder s Example values are imap and pop3 optional Specifies the service provider implementation class for storage You can find this class at e http java sun com products 3 avamail e http java sun com products j avabeans glasgow jaf html optional Specifies the transport protocol service which sends messages Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 LOG MAILRESOURCE attributes LOG Attribute Default transportprotocolc com sun mail smtp lass SMTPTransport host none user none from none enabled true Description optional Specifies the service provider implementation class for transport You can find this class at e http java sun com products 3 avamail e http java sun com products 4 avabeans glasgow jaf html The mail server host name The mail server user name The e mail address the mail server uses to indicate the message sender optional Determines whether this resource is enabled at runtime Legal values are on off yes no 1
76. RcvBufSize Specifies the size in bytes of the receive buffer used by sockets Allowed values are determined by the operating system Default The default value is determined by the operating system Typical defaults are 4096 4K 8192 8K RqThrottle Specifies the maximum number of request processing threads that the server can handle simultaneously Each request runs in its own thread Additional discussion of this and other server configuration and performance tuning issues can be found in the Performance Tuning Sizing and Scaling Guide for Sun ONE Web Server RqThrottleMin Specifies the number of request processing threads that are created when the server is started As the load on the server increases more request processing threads are created up to a maximum of RgThrottle threads SndBufSize Specifies the size in bytes of the send buffer used by sockets Default The default value is determined by the operating system Typical defaults are 4096 4K 8192 8K StackSize Determines the maximum stack size for each request handling thread Default The most favorable machine specific stack size StrictHttpHeaders Controls strict HTTP header checking If strict HTTP header checking is on the server rejects connections that include inappropriately duplicated headers 86 Sun ONE Web Server 6 1 Administrator s Configuration File Reference e August 2003 Threads Processes and Connections Syntax St
77. SAPI Programmer s Guide August 2003 PathCheck Table 4 28 ssl check parameters Parameter Description secret keysize Optional Minimum number of bits required in the secret key bong file Optional Name of a file not a URI to be served if the restriction is not met bucket Optional Common to all obj conf functions ssl logout Applicable in PathCheck class directives The ss1 1ogout function invalidates the current SSL session in the server s SSL session cache This does not affect the current request but the next time the client connects a new SSL session will be created If SSL is enabled this function returns REQ_PROCEED after invalidating the session cache entry If SSL is not enabled it returns REQ_NOACTION Parameters The following table describes parameters for the ss1 logout function Table 4 29 ssl logout parameters Parameter Description bucket Optional Common to all obj conf functions unix uri clean Applicable in PathCheck class directives UNIX Only The unix uri clean function denies access to any resource whose physical path contains or these are potential security problems Parameters The following table describes parameters for the unix uri clean function Chapter 4 Predefined SAFs in obj conf 155 ObjectType Table 4 30 unix uri clean parameters Parameter Description dotdirok If present sequences are allowed bucket Optional Co
78. See Also common log record useragent record useragent Applicable in AddLog class directives The record useragent function records the IP address of the client followed by its User Agent HTTP header This indicates what version of the client was used for this transaction Parameters The following table describes parameters for the record useragent function Table 4 70 record useragent parameters Parameter Description name Optional Gives the name of a log file which must have been given as a parameter to the init c1f function in magnus conf If no name is given the entry is recorded in the global log file bucket Optional Common to all obj conf functions Example Record the client ip address and user agent to browserlog AddLog fn record useragent name browserlog See Also common log flex log Chapter 4 Predefined SAFs in obj conf 205 Error Error If a Server Application Function results in an error it sets the HTTP response status code and returns the value REQ_ABORTED When this happens the server stops processing the request Instead it searches for an Error directive matching the HTTP response status code or its associated reason phrase and executes the directive s function If the server does not find a matching Error directive it returns the response status code to the client The following Error class functions are described in detail in this section
79. Specifies the number of seconds after which the client certificate handshake phase times out Default 60 SSLSessionTimeout The SSLSessionTimeout directive controls SSL2 session caching Syntax SSLSessionTimeout seconds The seconds value is the number of seconds until a cached SSL2 session becomes invalid If the ssLSessionTimeout directive is specified the value of seconds is silently constrained to be between 5 and 100 seconds Default The default value is 100 SSL3SessionTimeout The SSL3SessionTimeout directive controls SSL3 session caching Syntax SSL3SessionTimeout seconds The seconds value is the number of seconds until a cached SSL3 session becomes invalid The default value is 86400 24 hours If the ssL3SessionTimeout directive is specified the value of seconds is silently constrained to be between 5 and 86400 seconds Chapter 3 Syntax and Use of magnus conf 95 Chunked Encoding Chunked Encoding This section lists directives that control chunked encoding For more information see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide e UseOutputStreamSize e ChunkedRequestBufferSize e ChunkedRequestTimeout These directives have equivalent Service SAF parameters in obj conf The obj conf parameters override these directives For more information see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide UseOutputStreamSize The UseOutputStreamSize directive determines the default output stream buffer size
80. Syntax and Use of magnus conf optional Number of acceptor threads for the listener The recommended value is the number of processors in the machine Legal values are 1 1024 Chapter 2 Server Configuration Elements in server xml 31 Listener Elements LS attributes Attribute Default family none blocking false defaultvs none servername none Description optional The socket family type Legal values are inet inet6 and nca Use the value inet 6 for IPv6 listen sockets When using the value of inet6 IPv4 addresses will be prefixed with in the log file Specify nca to make use of the Solaris Network Cache and Accelerator optional Determines whether the listen socket and the accepted socket are put in to blocking mode Use of blocking mode may improve benchmark scores Legal values are on off yes no 1 0 true false The id attribute of the default virtual server for this particular listen socket Tells the server what to put in the host name section of any URLs it sends to the client This affects URLs the server automatically generates it doesn t affect the URLs for directories and files stored in the server This name should be the alias name if your server uses an alias If you append a colon and port number that port will be used in URLs the server sends to the client SSLPARAMS Defines SSL Secure Socket Layer parameters Subelements none Attributes The
81. a URL into a file system path by replacing the http server name part of the requested resource with the document root directory home page translates a request for the server s root home page to a specific file ntrans dav determines whether a request should be handled by the WebDAV subsystem and if so creates a dav objectset ntrans j2ee determines whether a request maps to a Java technology based web application context p x2dir translates any URL beginning with a given prefix to a file system directory and optionally enables directives in an additional named object redirect redirects the client to a different URL strip params removes embedded semicolon delimited parameters from the path unix home translates a URL to a specified directory within a user s home directory assign name Applicable in NameTrans class directives Chapter 4 Predefined SAFs in obj conf 127 NameTrans The assign name function specifies the name of an object in obj conf that matches the current request The server then processes the directives in the named object in preference to the ones in the default object For example consider the following directive in the default object NameTrans fn assign name name personnel from personnel Let s suppose the server receives a request for http server name personnel After processing this NameTrans directive the server looks for an object named personnel in obj conf and contin
82. a dc tree lookup of the VS element s hosts attribute that matches the client supplied Host header If no hosts attribute matches the servername attribute of the parent SERVER is used The dc tree lookup is based at the dcsuffix DN The result must contain an inetDomainBaseDN attribute that contains the base DN This base DN is taken as is and is not relative to any of the base DN values e If the basedn attribute of the USERDB element is not present and the database is not schema compliant the access requests are relative to the base DN in the dbswitch conf entry as in previous Sun ONE Web Server versions The Sun ONE LDAP Schema This section describes the Sun ONE LDAP Schema that defines a set of rules for directory data You can use the dcsuf fix attribute in the dbswitch conf file if your LDAP database meets the requirements outlined in this section For more information about the dbswitch conf file see dbswitch conf on page 219 The subtree rooted at an ISP entry for example o isp is called the convergence tree It contains all directory data related to organizations customers served by an ISP The subtree rooted at o internet is called the domain component tree or dc tree It contains a sparse DNS tree with entries for the customer domains served These entries are links to the appropriate location in the convergence tree where the data for that domain is located The directory tree may be single rooted
83. ails about the syntax and use of the obj conf file refer to the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Each SAF has its own arguments which are passed to it by a directive in obj conf Every SAF is also passed additional arguments that contain information about the request such as what resource was requested and what kind of client requested it and any other server variables created or modified by SAFs called by previously invoked directives Each SAF may examine modify or create server variables Each SAF returns a result code that tells the server whether it succeeded did nothing or failed 117 118 This chapter includes functions that are part of the core functionality of Sun ONE Web Server It does not include functions that are available only if additional components such as server parsed HTML are enabled This chapter covers the following stages e AuthTrans e NameTrans e PathCheck e ObjectType e Input e Output e Service e AddLog e Error For an alphabetical list of predefined SAFs see Appendix A Alphabetical List of Predefined SAFs The following table lists the SAFs that can be used with each directive Table 4 1 Available Server Application Functions SAFs Per Directive Directive AuthTrans NameTrans Server Application Functions basic auth basic ncsa get sslid qos handler assign name document root home page ntrans dav ntrans j2ee pix2dir redirect
84. an or ja Japanese Default The default is en NetsiteRoot Specifies the absolute pathname to the top level directory under which server instances can be found This directive is used by the Administration Server There is no default value you must specify a value Syntax NetsiteRoot path ServerID Specifies the server ID such as https boots mcom com ServerName Specifies the server name ServerRoot Specifies the server root This directive is set during installation and is commented out Unlike other directives the server expects this directive to start with Do not change this directive If you do the Server Manager may not function properly Syntax ServerRoot path Chapter 3 Syntax and Use of magnus conf 99 Summary of Init Functions and Directives in magnus conf Example ServerRoot d netscape server4 https boots mcom com Summary of Init Functions and Directives in magnus conf Purpose Contains global variable settings that affect server functioning This file is read only at server start up Location server_root https admserv config server_root https admserv conf_bk server_root https server_id config server_root https server_id conf_bk Syntax Init functions have the following syntax Init fn function paraml value1 paramN valueN In the following table functions are in bold to distinguish them from parameters Directives have the following syntax directive value See Also Sun O
85. and Error class directives Chapter 4 Predefined SAFs in obj conf 183 Service The remove filter SAF is used to remove a filter from the filter stack If the filter has been inserted multiple times only the topmost instance is removed In general it is not necessary to remove filters with remove filter as they will be removed automatically at the end of the request Returns Returns REQ_PROCEED if the specified filter was removed successfully or REQ_NOACTION if the specified filter was not part of the filter stack Any other return value indicates an error I Parameters The following table describes parameters for the remove filter function Table 4 53 remove filter parameters Parameter Description filter Specifies the name of the filter to remove type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions DUE bucket Optional Common to all obj conf functions Example Service fn remove filter filter http compression rename file Applicable in service class directives 184 Sun ONE Web
86. and Statiste Collections sc ale iaia 91 A E NASA RIOT RIONE RICO NINO 92 DEC asia 93 Chui d Encolado te 96 Miscellaneous A eed Peed ieee li od oes 97 Deprecated Directives i ele A ava sted haved ee teed aces 98 Summary of Init Functions and Directives in magnus conf LL 100 IMEEGRGHORS lr ERA AA E TEE n TE 100 Directives 3 6 cee ae BES bod eee eni 107 Chapter 4 Predefined SAFs in obj conf LL 117 The bucket Paraineter AAA A A RES REE ES 120 Auh dr anp EEEa E a aE RL ah i E 121 Dasic Aul ritorni A aida 122 ns E ENEA 124 geteld ps o eee 125 qus nandlet lt il eil ia aa 126 Namel PAINS say aria iaia pa eels ote A ride 127 ASO MAME BREE RE ISO 127 documen TOO lt 2 RO 129 homepage isa dii veda beable Nee eet beak es 131 DELAS A atea Ata hg le ko e dea 131 E PRETE 132 POCA iii ee 133 52190 ea ZIA ERE e 135 E 136 EOT n EEE ese Poa E eae Ui eae TARE ren 137 A israele oe tre deo 138 rel 91 6d lk a LI RR RE ee 139 6 lindaeampressed a O ela tom ira 140 aten los ala I nn paia rina 142 AR A ia die 142 MTA cioe A le SNE toate aoe ue ee aig DAME ori a 143 find pattinfoi ici Hola ieri POY ras tesa iii ian 144 PCE CHENECETE on scenes da ewe keane Cae ee wd Reade ee oda Ree A 145 WGad CONS 06 hat eaetitna iia a A Rea 147 Mt a eter ban Bae wale Aes ees eae awl bees 150 MC QIONEEK o i iaia ete es 151 peheckedav suministra 151 teguire alithi ivy ici aes Gala fedele sie etica desde ee 152 sekvinta
87. and the server xml file in Sun ONE Web Server 6 1 Table B 4 server xml to server xml correspondences legacyls Not supported Appendix B Configuration Changes Between Planet Web Server 6 0 and Sun ONE Web Server 6 1 239 server xml Table B 4 server xml to server xml correspondences CONNECT IONGROUP The CONNECTIONGROUP element is not supported The defaultvs and servername atributes from the CONNECTIONGROUP element are added to the LS element in Sun ONE Web Server 6 1 during migration SSLPARAMS The SSLPARAMS element in 6 0 parsed from the CONNECTIONGROUP element is a subelement of the LS element in Sun ONE Web Server 6 1 VARS The functionality of the VARS element is handled by the PROPERTY element in Sun ONE Web Server 6 1 However the VARS element is still retained for backward compatibility webapps_file Removed The WEBAPP element of the VS element in server xml handles web applications Web container specific configuration is handled by the sun web xml file webapps_enable The following table lists the correspondences between the start jvm file in iPlanet Web Server 6 0 to the server xml file in Sun ONE Web Server 6 1 Table B 5 start jvm and server xml correspondences NSES_JDK javahome NSES_CLASSPATH serverclasspath NSES_JRE_RUNTIME_LIBPATH nativelibrarypathprefix NSES_JRE_RUNTIME_CLASSPATH Use the Xbootclasspath JVM option The following table lis
88. arameter 131 139 142 152 181 188 207 209 PathCheck function descriptions 138 pcheck dav function 151 perf init function 106 pfx2dir function 133 PidLog magnus conf directive 92 PidLog directive 112 plugins directory 19 pool parameter 105 pool init function 106 Port directive 231 PostThreadsEarly magnus conf directive 85 PostThreadsEarly directive 112 predefined SAFs 117 processes settings in magnus conf 81 PROFILER 52 profiling parameter 106 pwfile parameter 105 137 Q qosactive 27 qos error function 208 qos handler function 126 qosmetricsinterval 27 QOSPARAMS 40 qosrecomputeinterval 27 query parameter 167 query handler function 181 209 queueSize parameter 107 R RevBufSize magnus conf directive 86 RcvBufSize directive 112 readme parameter 176 README txt 20 realm parameter 152 reason parameter 207 209 record useragent function 205 redirect function 135 register http method function 106 reloadInterval property 233 remove dir function 182 remove file function 183 remove filter SAF 163 166 rename file function 184 require parameter 146 require auth function 152 Resource Elements 55 RESOURCES 56 respondCookieVersion property 233 restart file 20 rlimit_as parameter 186 rlimit_core parameter 186 rlimit_nofile parameter 186 root parameter 130 rootobject 37 RootObject directive 231 rotate access parameter 103 rotate callback parameter 104 rotate error parameter 103 rotate interval parameter 10
89. arameter 146 dotdirok parameter 150 156 DTD Attributes 25 Data 25 Subelements 24 dynamic reconfiguration overview 21 dyngroups property 220 E Elements in the server xml File 26 enc parameter 157 159 160 212 encoding 35 chunked 96 Error directive function descriptions 205 error logging settings in magnus conf 91 ErrorLog directive 109 238 ErrorLogDateFormat magnus conf directive 91 ErrorLogDateFormat directive 109 errors sending customized messages 207 208 209 errors log 65 escape parameter 135 exec hack parameter 159 exp parameter 160 expire parameter 102 extension parameter 151 extensions 35 EXTERNALJNDIRESOURCE 57 ExtraPath magnus conf directive 78 ExtraPath directive 109 extras directory 18 Index 257 F file name extensions MIME types 211 file parameter 149 170 171 FileCacheEnable parameter 224 files mapping types of 211 filter parameter 163 164 165 166 FilterComps property 219 find index function 142 find links function 143 find pathinfo function 144 find pathinfo forward parameter 128 134 flexanlg directory 18 flex init function 103 flex log function 203 flex rotate init function 103 flushTimer parameter 167 force type function 157 format parameter 101 103 free size parameter 106 from parameter 128 133 135 154 funcs parameter 105 G get client cert function 145 get sslid function 125 group parameter 186 groupdb parameter 123 groupfile 221 groupfn parameter 123 grpfile
90. are not valid It should return REQ_PROCEED if the name and password are valid Thebasic auth function will then add auth type auth user user auth db userdb and auth password pw Windows only to the rq gt vars pblock groupdb Optional Specifies the full path and file name of the user database This parameter will be passed to the group function groupfn Optional Name of the group custom function that must have been previously loaded with load modules It has the same interface as all of the SAFs but it is called with the user name user password pw user database userdb and group database groupdb in the pb parameter It also has access to the auth type auth user user auth db userdb and auth password pw Windows only parameters in the rq gt vars pblock The group function should determine the user s group using the group database add it to rq gt vars as auth group and return REQ_PROCEED if found It should return REQ_NOACTION if the user s group is not found T bucket Optional Common to all obj conf functions Examples In magnus conf Init fn load modules shlib path to mycustomauth so funcs hardcoded_auth In obj conf Chapter 4 Predefined SAFs in obj conf 123 AuthTrans AuthTrans fn basic auth auth type basic userfn hardcoded_auth PathCheck fn require auth auth type basic realm Marketing Plans See Also requ
91. are rotated Chapter 3 Syntax and Use of magnus conf 103 Summary of Init Functions and Directives in magnus conf magnus conf Init functions Function Parameter Allowed Values Default Value Description rotate callback A path init cgi timeout Number of seconds cgistub path env variable init clf logFileName A path or file name 104 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 300 optional specifies the file name of a user supplied program to execute following log file rotation The program is passed the post rotation name of the rotated log file as its parameter Changes the default settings for CGI programs optional specifies how many seconds the server waits for CGI output before terminating the script optional specifies the path to the CGI stub binary If not specified iPlanet Web Server looks in the following directories in the following order relative to the server instance s config directory private Cgistub then bin https bin Cgi stub For information about installing an suid Cgistub see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide optional specifies the name and value for an environment variable that the server places into the environment for the CGI Initializes the Common Log subsystem Specifies either the full path to the log file or a file name relative to the server s logs directory
92. ation for example application octet stream for bin file extensions or application x maker for fm file extensions The client has its own set of user editable mappings that tells it which application to use to handle which types of data For example if the type is application x maker the client usually handles it by opening Adobe FrameMaker to display the file Syntax of the MIME Types File The first line in the MIME types file identifies the file format and must read Sun Microsystems MIME Information Chapter 5 MIMETypes 213 Sample MIME Types File Other non comment lines have the following format type type subtyp xts fil xtensions e type subtype is the type and subtype e exts are the file extensions associated with this type Sample MIME Types File Here is an example of a MIME types file Sun Microsystems MIME Information 214 Do not delete the above line type application octet stream It is used to identify the file type exts bin exe type application oda ext s oda type application pdf ext s pdf type application postscript exts ai eps ps type application rtf exts rtf type application x mif exts mif fm type application x gtar exts gtar type application x shar exts shar type application x tar exts tar type application mac binhex40 ext s hqx type audio basic type audio x aiff exts au snd exts aif aiff aifc type audio x wav exts wav type image gif exts gif
93. authorized user is allowed access to the requested resource The authorization process is split into two steps so that multiple authorization schemes can be easily incorporated and to provide the flexibility to have resources that record authorization information but do not require it AuthTrans functions get the user name and password from the headers associated with the request When a client initially makes a request the user name and password are unknown so the AuthTrans functions and PathCheck functions work together to reject the request since they can t validate the user name and Chapter 4 Predefined SAFs in obj conf 121 AuthTrans password When the client receives the rejection its usual response is to present a dialog box asking for the user name and password to enter the appropriate realm and then the client submits the request again this time including the user name and password in the headers If there is more than one AuthTrans directive in obj conf each function is executed in order until one succeeds in authorizing the user The following AuthTrans class functions are described in detail in this section e basic auth calls a custom function to verify user name and password Optionally determines the user s group e basic ncsa verifies user name and password against an NCSA style or system DBM database Optionally determines the user s group e get sslid retrieves a string that is unique to the current SSL
94. ber 60 Specifies the number of seconds of seconds after which the client certificate handshake phase times out SSLSessionTimeout 5 100 100 Specifies the number of seconds until a cached SSL2 session becomes invalid StackSize Number of The most Determines the maximum stack size Bytes favorable for each request handling thread machine specific stack size StrictHttpHeaders on of f off If on rejects connections that Chapter 3 include inappropriately duplicated headers Syntax and Use of magnus conf 113 Summary of Init Functions and Directives in magnus conf Table 3 1 Directive magnus conf directives Allowed Values Default Value Description TempDir TempDirSecurity TerminateTimeout ThreadIncrement Umask UseNativePoll UseOutputStreamSize A path on off Any number of seconds Any number of threads A standard UNIX umask value 1 on 0 off Any number of bytes tmp UNIX TEMP environment variable for Windows NT on 30 10 none 1 on 8192 8 KB Specifies the directory the server uses for its temporary files On UNIX this directory should be owned by and writable by the user the server runs as Determines whether the server checks if the TempDir directory is secure On UNIX specifying TempDirSecurity off allows the server to use tmp as a temporary directory Specifies the time in seconds that the server waits for all existing
95. bucket Optional Common to all ob j conf functions Examples AuthTrans fn basic ncsa auth type basic dbm sun server61 userdb rs PathCheck fn require auth auth type basic realm Marketing Plans AuthTrans fn basic ncsa auth type basic userfile sun server61 htpasswd grpfile sun server61 grpfile PathCheck fn require auth auth type basic realm Marketing Plans See Also require auth get sslid Applicable in AuthTrans class directives NOTE This function is provided for backward compatibility only The functionality of get sslid has been incorporated into the standard processing of an SSL connection The get sslid function retrieves a string that is unique to the current SSL session and stores it as the ss1 id variable in the Session gt client parameter block If the variable ss1 id is present when a CGI is invoked it is passed to the CGI as the HTTPS_SESSIONID environment variable The get sslid function has no parameters and always returns REQ_NOACTION It has no effect if SSL is not enabled Chapter 4 Predefined SAFs in obj conf 125 AuthTrans Parameters The following table describes parameters for the get sslid function Table 4 4 get sslid parameters Parameter Description bucket Optional Common to all obj conf functions qos handler Applicable in AuthTrans class directives The gos handler function examines the current quality of service statistics for
96. bucket Optional Common to all obj conf functions Example PathCheck fn require auth auth type basic realm Marketing Plans auth group mktg auth user jdoe johnd janed See Also basic auth basic ncsa set virtual index Applicable in pathcheck class directives The set virtual index function specifies a virtual index for a directory which determines the URL forwarding The index can refer to a LiveWire application a servlet in its own namespace a Sun ONE Application Server applogic and so on REQ_NOACTION is returned if none of the URIs listed in the from parameter match the current URI REQ_ABORTED is returned if the file specified by the virtual index parameter is missing or if the current URI cannot be found REQ_RESTART is returned if the current URI matches any one of the URIs mentioned in the from parameter or if there is no from parameter Parameters The following table describes parameters for the set virtual index function Table 4 27 set virtual index parameters Parameter Description virtual index URI of the content generator that acts as an index for the URI the user enters Chapter 4 Predefined SAFs in obj conf 153 PathCheck Table 4 27 set virtual index parameters Parameter Description from Optional Comma separated list of URIs for which this virtual index is applicable If from is not specified the virtual index always applies bucket Optional Comm
97. class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Examples In magnus conf 200 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Init fn stats init update interval 5 virtual servers 2000 profiling yes In obj conf lt Object name default gt NameTrans fn assign name from stats xml name stats xml lt Object gt lt Object name stats xml gt Service fn stats xml lt Object gt See Also service dump upload file Applicable in service class directives The upload file function uploads and saves a new file when the client sends a request whose method is PUT if the user is authorized and the server has the needed file system privileges When remote file manipulation is enabled in the server the obj conf file contains a Service class function that invokes upload file when the request method is PUT Parameters The following table describes parameters for the upload file function Table 4 67 upload file parameters Parame
98. ctions Optional Common to all Service class functions Optional Common to all Service class functions Optional Common to all Service class functions Optional Common to all Service class functions Optional Common to all obj conf functions lt Object name defaul Service method TRACI lt Object gt t gt E fn service trac shtml_send Applicable in Service class directives The shtml_send function parses an HTML document scanning for embedded commands These commands may provide information from the server include the contents of other files or execute a CGI program The shtml_send function is only available when the Shtml plugin 1ibShtm1 so on UNIX libshtml dll on Windows is loaded Refer to the Sun ONE Web Server 6 1 Programmer s Guide for server parsed HTML commands Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Parameters The following table describes parameters for the shtml_send function Table 4 65 shtml send parameters Parameter Description ShtmlMaxDepth Maximum depth of include nesting allowed The default value is 10 addCgiInitVars UNIX only If present and equal to yes the default is no adds the environment variables defined in the init cgi SAF to the environment of any command executed through the SHTML exec tag type Optional Common to all Service class functions method Optional Common to all Service clas
99. d e Use0utputStreamSize Optional Determines the default output stream buffer size in bytes for data sent to the client If this parameter is not specified the default is 8192 bytes NOTE The UseOutput StreamSize parameter can be set to zero 0 in the obj conf file to disable output stream buffering For the magnus conf file setting UseOutputStreamSize to zero 0 has no effect e flushTimer Optional Determines the maximum number of milliseconds between write operations in which buffering is enabled If the interval between subsequent write operations is greater than the flushTimer value for an application further buffering is disabled This is necessary for status monitoring CGI applications that run continuously and generate periodic status update reports If this parameter is not specified the default is 3000 milliseconds e ChunkedRequestBufferSiz Optional Determines the default buffer size in bytes for un chunking request data If this parameter is not specified the default is 8192 bytes e ChunkedRequestTimeout Optional Determines the default timeout in seconds for un chunking request data If this parameter is not specified the default is 60 seconds If there is more than one Service class function the first one matching the optional wildcard parameters type method and query is executed For more information about the UseOutput StreamSize flushTimer ChunkedRequestBufferSiz
100. duct Support o Italic type is used for code variables o Italic type is also used for book titles emphasis variables and placeholders and words used in the literal sense o Bold type is used as either a paragraph lead in or to indicate words used in the literal sense e Installation root directories are indicated by install_dir in this document By default the location of install_dir on UNIX based platforms is opt SUNWwbsvr On Windows it is C Sun WebServer6 1 Product Support If you have problems with your system contact customer support using one of the following mechanisms e The online support web site at http www sun com supportraining e The telephone dispatch number associated with your maintenance contract Please have the following information available prior to contacting support This helps to ensure that our support staff can best assist you in resolving problems e Description of the problem including the situation where the problem occurs and its impact on your operation e Machine type operating system version and product version including any patches and other software that might be affecting the problem e Detailed steps on the methods you have used to reproduce the problem e Any error logs or core dumps 14 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Configuration Files Chapter 1 Basics of Server Operation The configuration and behavior of Su
101. e and ChunkedRequestTimeout parameters see Buffered Streams in the Sun ONE Web Server 6 1 NSAPI Programmer s Guide The UseOutput StreamSize ChunkedRequestBufferSize and ChunkedRequestTimeout parameters also have equivalent magnus conf Chapter 4 Predefined SAFs in obj conf 167 Service directives For more information see Chunked Encoding in the chapter Syntax and Use of magnus conf in the Sun ONE Web Server 6 1 Administrator s Configuration File Reference The obj conf parameters override the magnus conf directives By default the server sends the requested file to the client by calling the send file function The directive that sets the default is Service method GET HEAD type magnus internal fn send file This directive usually comes last in the set of service class directives to give all other service directives a chance to be invoked This directive is invoked if the method of the request is GET HEAD or POST and the type does not start with magnus internal Note here that the pattern means does not match For a list of characters that can be used in patterns see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide The following Service class functions are described in detail in this section e add footer appends a footer specified by a file name or URL to an HTML file e add header prepends a header specified by a file name or URL to an HTML file
102. e unix home function translates user names typically of the form username into the user s home directory on the server s UNIX machine You specify a URL prefix that signals user directories Any request that begins with the prefix is translated to the user s home directory You specify the list of users with either the etc passwd file or a file with a similar structure Each line in the file should have this structure elements in the passwd file that are not needed are indicated with username groupid homedir If you want the server to scan the password file only once at startup use the Init class function init uhome in magnus conf Parameters The following table describes parameters for the unix home function Table 4 14 unix home parameters Parameter Description subdir Subdirectory within the user s home directory that contains their web documents pwfile Optional Full path and file name of the password file if it is different from etc passwd name Optional Specifies an additional named object whose directives will be applied to this request bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 137 PathCheck Examples NameTrans fn unix home from subdir public_html NameTrans fn unix home from pwfile mydir passwd subdir public_html See Also find links PathCheck PathCheck directives check the local file system path tha
103. eX enie fae ain ia Ri een 153 sskeheck a a EREE 154 sstlogotiti ii A das 155 po oes ged Gas be BG Rokk EEA Cee AE EEE E evden bee d eed an 155 al A Ag des Peas Shen coer pane SURE Ae et ee Melee 156 LOLA nv eevee tetas sets Pee eee ee es SG eee Peed beens ue eters 157 set detauletype vies des cage eaten rab a pa pra a bas deeds 158 shtmmlhackty pe ini a E a Saale 159 pE Dy OD siii i Le oe eae ee eR aE 160 type by Oxtension i nits cd eee das re rad tesa ie de eee hiee sere ara 161 IPUR ae te ane RR RAR E cer ae ee 162 imsert filter siii EEA EMed dees bes d bed Lana 163 ra 2 iii aoe gi eae a bo ee alk Mates Bees eae bah 163 Outpt ile este eee e oe Pe A teas tars 164 ls A ke Sutin alle aise Bad a sete teat eed cate tabale 165 remove dfilter IPR DI RA E Re Ewe ee eae dees 166 DBR NEG ye aloe ine atin ban uate Mee awa a ee wee ld atten tua tte ae Me ee ie ec anata nce 166 Eis 6 Ea 6 A a 169 add heade sii O EA 171 appendtrailet iaia iii aaa OS i be 172 MOCCIA Ea eee alla a i ipa 173 indexsimple O Un ia e weirs 176 k y toosmall coi pei pra il 178 listdit ii a ae i ieri 179 E Ana 180 query hand lets tsa pierre el ee iaia 181 POMO sai rr NA a ana 182 le oo es cee gee es ERE O RO An 183 VOMOVE M AS oe besa Ae ha ae nak Mabe ae a a eae Re 183 FEMAME HIE sc oe ge sg da eS op SSS EEE ESS Seda de we SEE Te Dye Fea Eee eee n 184 AA des nage ed dene o rata 185 HA esis rorta matairi Gone A Peed ees Gove eee a See eS ee Tees 188 Sun O
104. ear as decimal number 001 366 Hour in 24 hour format 0 23 without leading zeros Hour in 12 hour format 1 12 without leading zeros Month as decimal number 01 12 line feed A M P M indicator for 12 hour clock Time H M Time I M S p tab Week of year as decimal number with Sunday as first day of week 00 51 Weekday as decimal number 0 6 Sunday is 0 Week of year as decimal number with Monday as first day of week 00 51 Date Yom d Voy Year without century as decimal number 00 99 Percent sign Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Appendix D Alphabetical List of Server Configuration Elements A AUTHREALM 50 C CONNECTIONPROPERTY 60 CUSTOMRESOURCE 53 D DAVCOLLECTION 39 DESCRIPTION 25 DISPLAYNAME 43 E EXTERNALJNDIRESOURCE 54 J JAVA 45 245 JDBCCONNECTIONPOOL 56 JDBCRESOURCE 55 JVMOPTIONS 47 L LS 26 M MAILRESOURCE 61 MIME 30 P PROFILER 48 PROPERTY 24 Q QOSPARAMS 36 R RESOURCES 53 S SEARCH 41 SEARCHCOLLECTION 42 SECURITY 49 SERVER 22 246 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 SSLPARAMS 28 y TYPE 31 U USERDB 37 V VARS 25 VS 34 VSCLASS 32 W WEBAPP 43 Appendix D Alphabetical List of Server Configuration Elements 247 248 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 App
105. eb Server to optimize Performance Tuning Sizing and Scaling performance Guide How This Guide Is Organized This guide has the following chapters 12 Chapter 1 Basics of Server Operation This chapter introduces the major configuration files that control the Sun ONE Web Server and describes how to activate and edit them Chapter 2 Server Configuration Elements in server xml This chapter discusses the server xml file which controls most aspects of server operation Chapter 3 Syntax and Use of magnus conf This chapter discusses the directives you can set in the magnus conf file to configure the Sun ONE Web Server during initialization Chapter 4 Predefined SAFs in obj conf This chapter describes the predefined SAFs used in the obj conf file Chapter 5 MIME Types This chapter discusses the MIME types file which maps file extensions to file types Chapter 6 Other Server Configuration Files This chapter lists other important configuration files and provides a quick reference of their contents Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Documentation Conventions Appendix A Configuration Changes Between iPlanet Web Server 4 1 and Sun ONE Web Server 6 1 This appendix describes the changes in configuration files between the 4 x and 6 1 versions of Sun ONE Web Server Appendix B Configuration Changes Between iPlanet Web Ser
106. ect the current virtual server Each VS that is configured to the same listen socket must have a unique urlhosts value for that group optional The file name of the obj conf file for this virtual server optional Tells the server which object loaded from an obj conf file is the default Tells the server which object loaded from an obj conf file is the default The default object is expected to have all the name translation NameTrans directives for the virtual server any server behavior that is configured in the default object affects the entire server If you specify an object that doesn t exist the server doesn t report an error until a client tries to retrieve a document The id of the MIME element used by the virtual server Chapter 2 Server Configuration Elements in server xml 39 Listener Elements VS attributes Attribute aclids errorlog acceptlanguage state Default none none off on Description optional One or more id attributes of ACLFILE elements separated by commas Specifies the ACL file s used by the virtual server optional Specifies a log file for virtual server specific error messages See the LOG description for details about logs optional If true the server parses the Accept Language header and sends an appropriate language version based on which language the client can accept You should set this value to on only if the server supports mul
107. ed by the default object s service dav directive Therefore the OPTIONS method is not included in the service dav directive of the dav object In response to an OPTIONS request to a WebDAV enabled uri or sourceuri the service dav function in the default object adds the necessary DAV headers and returns control to the core server which then services the request For more information on access control for WebDAV resources see the Sun ONE Web Server 6 1 Administrators Guide Parameters The following table describes parameters for the service dav function Table 4 61 service dav parameters Parameter Description method Optional Common to all Service class functions bucket Optional Common to all obj conf functions 194 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Examples lt Object name default gt Service method OPTIONS PUT DELETE COPY MOVE PROPFIND PROPPATCH LOCK UN LOCK MKCOL fn service dav lt Object gt lt Object name dav gt PathCheck fn check acl acl dav src Service fn service dav method PUT DELETE COPY MOVE PROPFIND PROPPATCH LOCK UNLOCK MKC OL lt Object gt See Also stats xml service dump Applicable in service class directives The service dump function creates a performance report based on collected performance bucket data see The buc
108. elements for the SERVER element SERVER subelements Element Required Description VARS zero or one Defines variables that can be given values in server xml and referenced in obj conf PROPERTY zero or more Specifies a property of the server LS one or more Defines one or more HTTP listen sockets MIME zero or more Defines mime type ACLFILE zero or more References one or more ACL files VSCLASS one or more Defines a virtual server class QOSPARAMS zero or one Defines quality of service parameters JAVA zero or one Configures Java Virtual machine JVM parameters LOG zero or one Configures the system logging service Attributes The following table describes attributes for the SERVER element SERVER attributes Attribute Default Description qosactive no Enables quality of service features which let you set limits on server entities or view server statistics for bandwidth and connections Allowed values are yes no on off true false 1or0 qosmetricsinterval 30 optional The interval in seconds during which the traffic is measured qosrecomputeinterv 100 optional The period in milliseconds in al Chapter 2 which the bandwidth gets recomputed for all server entities Server Configuration Elements in server xml 27 Core Server Elements PROPERTY Specifies a property or a variable that is defined in server xml and referenced in obj conf For information about variables
109. emap index common Applicable in Service class directives The index common function generates a fancy or common list of files in the requested directory The list is sorted alphabetically Files beginning with a period are not displayed Each item appears as an HTML link This function displays more information than index simple including the size date last modified and an icon for each file It may also include a header and or readme file into the listing The Init class function cindex init in magnus conf specifies the format for the index list including where to look for the images 174 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service If obj conf contains a call to index common in the Service stage magnus conf must initialize fancy or common indexing by invoking cindex init during the Init stage Indexing occurs when the requested resource is a directory that does not contain an index file or a home page or no index file or home page has been specified by the functions find index or home page The icons displayed are gif files dependent on the content type of the file as listed in the following table Table 4 44 content type icons Content type text image audio video application octet stream directory all others Parameters Icon text gif image gif sound gif movie gif binary gif menu gif unknown gif The following table
110. end For a development environment this value should be set to false For a production environment this value should be set to true to prevent environment variable side effects Legal values are on off yes no 1 0 true false optional A comma separated list of class names each of which must implement the com sun appserv BytecodePreproc essor interface Each of the specified preprocessor classes is called in the order specified Specifies the interval in seconds after which a deployed application is reloaded optional Controls the type of messages logged by this element to the errors log For details see the description of the level attribute of the LOG element Defines configurable system wide Java VM properties for example lt JVMOPTIONS gt Xdebug Xmx128m lt JVMOPTIONS gt In addition web server looks for a system property Dcom sun webserv startupclasses whose value is a comma separated list of fully qualified Java classes that server loads into the Virtual Machine upon startup Example lt JVMOPTIONS gt Dcom sun webserv startupclasses com sample MyInitializer com jdo P rsistenceManagerFactory Chapter 2 Server Configuration Elements in server xml 51 Java Configuration Elements lt JVMOPTIONS gt For information about the available options see http java sun com docs hotspot VMOptions html Subelements none Attributes none PROFILER Configures a profil
111. endix E Alphabetical List of Predefined SAFs This appendix provides an alphabetical list for the easy lookup of predefined SAFs add footer 105 add header 107 append trailer 108 assign name 63 basic auth 58 basic ncsa 60 check acl 75 common log 139 249 250 deny existence 78 document root 65 error j2ee 143 find compressed 76 find index 78 find links 79 find pathinfo 80 flex log 140 force type 93 get client cert 81 get sslid 61 home page 67 imagemap 109 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 index simple 113 insert filter 101 insert filter 99 key toosmall 114 list dir 115 load config 83 make dir 116 ntcgicheck 87 ntrans dav 67 ntrans j2ee 68 nt uri clean 86 pcheck dav 87 pfx2dir 69 Appendix E Alphabetical List of Predefined SAFs 251 qos error 145 qos handler 62 query handler 117 query handler 146 record useragent 141 redirect 71 remove dir 118 remove file 119 remove filter 102 remove filter 120 remove filter 147 remove filter 99 rename file 121 require auth 88 send cgi 122 send error 125 send error 143 send file 126 send range 128 send shellcgi 129 send wincgi 130 252 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 service dav 131 service dump 132 service j2ee 133 service trace 134 set default type 94 set virtual index 89 shtml_send 135 shtml hacktype 95 ssl check 90 ssl logout 91 stats xml
112. entry This layer between the ACL file and the dbswitch conf file gives the server administrator full control over which databases virtual server administrators and users have access to The dbswitch conf file establishes the root of the search tree for LDAP databases as follows e The base DN in the LDAP URL in dbswitch conf defines a root object for all further DN specifications So for most new installations it can be empty because the final base DN is determined in other ways either through a dc tree lookup or an explicit basedn value in the USERDB tag e Anew dbswitch conf attribute for LDAP databases dcsuffix defines the root of the dc tree This root is relative to the base DN in the LDAP URL You can use dcsuffix if the database is schema compliant Requirements for schema compliance are listed in The Sun ONE LDAP Schema on page 68 A user database is selected for a virtual server as follows e Ifa VS has no USERDB subelement user or group based ACLs fail e When no database attribute is present in a virtual server s ACL definition the VS must have a USERDB subelement with an id attribute of default The database attribute of the USERDB then points to a database in dbswitch conf If no database attribute is present default is used Chapter 2 Server Configuration Elements in server xml 67 The Sun ONE LDAP Schema e Ifan LDAP database is schema compliant the base DN of the access is computed using
113. er for use with the server Subelements The following table describes subelements for the PROFILER element PROFILER subelements Element Required Description PROPERTY zero or more Specifies a property JVMOPTIONS zero or more Contains profiler specific JVM command line options Attributes The following table describes attributes for the PROFILER element PROFILER attributes Attribute Default Description classpath none optional Specifies the classpath for the profiler nativelibrarypath none optional Specifies the native library path for the profiler 52 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Java Configuration Elements PROFILER attributes Attribute Default Description enabled true optional Determines whether the profiler is enabled Legal values are on of f yes no 1 0 true false SECURITY Defines parameters and configuration information needed by the security service Subelements The following table describes subelements for the SECURITY element SECURITY subelements Element Required Description PROPERTY zero or more Specifies a property or a variable AUTHREALM one or more Defines a realm for authentication Attributes The following table describes attributes for the SECURITY element SECURITY attributes Attribute Default Description defaultrealm file optional Specifies the default authenticatio
114. ersion e The client supports compression Not all clients support compression The find compressed function allows you to use a single URL for both the compressed and noncompressed versions of a file The version of the file that is selected is based on the individual clients capabilities A compressed version of a file must have the same file name as the noncompressed version but with a gz suffix For example the compressed version of a file named httpd docs index html would be named httpd docs index html gz To compress files you can use the freely available gzip program Because compressed files are sent as is to the client you should not compress files such as SHTML pages CGI programs or pages created with JavaServer Pages M JSP technology that need to be interpreted by the server To compress the dynamic content generated by these types of files use the http compression filter The find compressed function does nothing if the HTTP method is not GET or HEAD Parameters The following table describes parameters for the find compressed function 140 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Table 4 16 find compressed parameters Parameter Description check age Specifies whether to check if the compressed version is older than the noncompressed version Possible values are yes and no e Ifsetto yes the compressed version will not be selected if it is older than the noncomp
115. erver 6 1 Administrators Configuration File Reference August 2003 Directory Structure The obj conf file is essential to the operation of the Sun ONE Web Server When you make changes to the server through the Administration interface the system automatically updates obj conf For information about how the server uses obj conf see Chapter 4 Predefined SAFs in obj conf mime types This file maps file extensions to MIME types to enable the server to determine the content type of a requested resource For example requests for resources with html extensions indicate that the client is requesting an HTML file while requests for resources with gif extensions indicate that the client is requesting an image file in GIF format For more information about how the server uses mime types see MIME Types Other Configuration Files For information about other important configuration files see Chapter 6 Other Server Configuration Files Directory Structure The following section describes the directory structure created when you first install Sun ONE Web Server 6 1 The information is organized in two parts e All Platforms e UNIX and Linux Platforms All Platforms For all platforms the following directories are created under the server root directory e alias contains the key and certificate files for all Sun ONE servers for example https admserv server_ id cert8 db and secmod db Chapter 1 Basics
116. es in magnus conf 80 LDAP iPlanet schema 68 lib directory 20 library property 219 LICENSE txt 20 links finding hard links 143 list dir function 179 Listener Elements 29 ListenQ magnus conf directive 85 ListenQ directive 110 loadbal directory 20 load config function 147 load modules function 105 LoadObjects directive 230 LOG 65 log analyzer 202 204 log file analyzer for 202 204 log_anly directory 18 LogFlushInterval directive 110 logging settings in magnus conf 91 login conf 223 logs directory 18 19 logs file 20 logstderr 66 logstdout 66 logtoconsole 66 LogVerbose directive 110 230 238 LogVsId directive 110 LS id 31 ip attribute 31 magnus conf changes to 229 237 miscellaneous directives 97 MAILRESOURCE 64 make dir function 180 manual directory 19 MaxAge parameter 224 MaxCGIStubs magnus conf directive 90 MaxCGIStubs directive 111 MaxFiles parameter 224 Index 259 MaxKeepAliveConnections magnus conf directive 85 MaxKeepAliveConnections directive 111 MaxProcs magnus conf directive 85 MaxProcs directive 111 MaxRgHeaders magnus conf directive 98 MaxRgHeaders directive 111 MaxThreads directive 230 maxthreads parameter 107 MediumFileSizeLimit parameter 224 MediumFileSpace parameter 224 method parameter 146 167 methods function 106 mime types file 212 sample of 214 syntax 213 MinCGIStubs magnus conf directive 90 MinCGIStubs directive 111 MinProcs directive 231 MinThreads directive 231 mint
117. es with the server type the following internal password If you are using a different PKCS 11 module for example for hardware encryption or hardware accelerators you will need to specify the name of the PKCS 11 module followed by the password See Also Sun ONE Web Server 6 1 Administrator s Guide Chapter 6 Other Server Configuration Files 225 server policy server policy clfilter Purpose Controls what access applications have to resources This is the standard J2SE policy file The J25E SecurityManager is not active by default in Sun ONE Web Server 6 1 The policies granted in this policy file do not have any effect unless the SecurityManager is turned on in server xml If you wish to use the J2SE SecurityManager you can turn it on by adding the following JVM options lt JVMOPTIONS gt Djava security manager lt JVMOPTIONS gt lt JVMOPTIONS gt Djava security policy server_root config server policy lt JVMOPTIONS gt Location server_root config Syntax grant codeBase path monn ermission permission_class package permission_type p See Also e Sun ONE Web Server 6 1 Programmer s Guide e http java sun com docs books tutorial securityl 2 tour2 index ht ml http java sun com j2se 1 4 1 docs guide security permissions htm 1 Purpose The files obj conf clfilter magnus conf clfilter and server xml clfilter contain filter specifications for cluster management operations
118. escribes parameters for the send error function Table 4 72 send error parameters Parameter Description path Specifies the full file system path of an HTML file to send to the client The file is sent as text htm1 regardless of its name or actual type If the file does not exist the server sends a simple default error page reason Optional Text of one of the reason strings such as Unauthorized or Forbidden The string is not case sensitive code Optional Three digit number representing the HTTP response status code such as 401 or 407 This can be any HTTP response status code or reason phrase according to the HTTP specification The following is a list of common HTTP response status codes and reason strings e 401 Unauthorized e 403 Forbidden e 404 Not Found e 500 Server Error bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 207 Error Example Error fn send error code 401 path sun server61 docs errors 401 html qos error Applicable in Error class directives The gos error function returns an error page stating which quality of service limits caused the error and what the value of the QOS statistic was The code for this SAF is one of the examples in the Sun ONE Web Server 6 1 NSAPI Programmer s Guide For more information see the Sun ONE Web Server 6 1 Performance Tuning Scaling and Sizing Guide Parameters
119. esource The base directory determines two things e The topmost directory for which requests will invoke this call to the load config function For example if the base directory is D sun server61 docs nikki then only requests for resources in this directory or its subdirectories and their subdirectories trigger the search for dynamic configuration files A request for the resource D sun server61 docs somefile html does not trigger the search in this case since the requested resource is in a parent directory of the base directory e The topmost directory in which the server looks for dynamic configuration files to apply to the requested resource If the base directory is D sun server61 docs nikki the server starts its search for dynamic configuration files in this directory It may or may not also search subdirectories but never parent directories depending on other factors Chapter 4 Predefined SAFs in obj conf 147 PathCheck When you enable dynamic configuration files through the Server Manager interface the system writes additional objects with ppath parameters into the obj conf file If you manually add directives that invoke load config to the default object rather than putting them in separate objects the Server Manager interface might not reflect your changes If you manually add pathcheck directives that invoke 10ad config to the file obj conf put them in additional objects created with the lt OBJECT gt ta
120. etween iPlanet Web Server 4 1 and Sun ONE Web Server GA musica wri na an AS AE E eee 229 ARAS COM ina ea pai bs 229 ODpPCONE sii iii el a E RE sala ode ei REL aa 232 conteste 6 223 ei ei aca ala 232 miles properes snr i den cage waded lip o ii enna 234 servlets properes 0 a aa 234 Appendix B Configuration Changes Between iPlanet Web Server 6 0 and Sun ONE Web SERVER GA ille a ii 237 Magnet cried A Raiano 237 Trt PURE hihi airline 237 Directives iii ii bee bade beh odd diated LA Digit dia rie 238 ODECOME lividi ale e ia ARE l 239 O E 239 Appendix Time Formats lt lt lt osorno e eee ee ete ens 243 Appendix D Alphabetical List of Server Configuration Elements 245 Appendix E Alphabetical List of Predefined SAFS 0 249 ING OX A eee eee de Eee SE REG RARE Sale Dee ee RARA 255 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 About This Guide This guide discusses the purpose and use of the configuration files for Sun Open Net Environment Sun ONE Web Server 6 1 including server xm1 magnus conf and mime types and provides comprehensive lists of the elements and directives in these configuration files This preface contains information about the following topics Who Should Use This Guide Using the Documentation How This Guide Is Organized Documentation Conventions Product Support Who Should Use This Guide The inte
121. fault Value Description Values name Name of the thread pool maxthreads Maximum number of threads in the pool minthreads Minimum number of threads in the pool queueSize Number of Size of the queue for the pool bytes stackSize Number of Stack size of each thread in the bytes native kernel thread pool Directives The following table lists Table 3 1 magnus conf directives Directive Allowed Values Default Value Description ACLCacheLifetime Any number 120 Determines the number of seconds of seconds before cache entries expire Each time an entry in the cache is referenced its age is calculated and checked against ACLCacheLifetime The entry is not used if its age is greater than or equal to the ACLCacheLifetime If this value is set to 0 the cache is turned off ACLUserCacheSize 200 Determines the number of users in the User Cache ACLGroupCacheSize 4 Determines how many group IDs can be cached for a single UID cache entry AdminLanguage en English en Specifies the language for the Server fr French de German ja Japanese Chapter 3 Manager Syntax and Use of magnus conf 107 Summary of Init Functions and Directives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description AsyncDNS on of f off Specifies whether asynchronous DNS is allowed CGIExpirationTimeout Any number 300 Specifies the maximum time in of seconds 5 minutes seconds that CGI processes are
122. figuration Elements in server xml magnus conf This file sets values of variables that configure the server during initialization The server looks at this file and executes the settings on startup The server does not look at this file again until it is restarted See Chapter 3 Syntax and Use of magnus conf for a list of all the variables and Init directives that can be set in magnus conf obj conf This file contains instructions for the Sun ONE Web Server about how to handle HTTP requests from clients and service web server content such as native server plugins and CGI programs The server looks at the configuration defined by this file every time it processes a request from a client This file contains a series of instructions directives that tell the Sun ONE Web Server what to do at each stage in the request response process You can modify and extend the request handling process by adding or changing the instructions in obJ Conf All obj conf files are located in the server_root config directory There is one obj conf file for each virtual server class Whenever this guide refers to the obj conf file it refers to all obj conf files or to the obj conf file for the virtual server class being described By default each active obj conf file is named vs_class 0bj conf Editing one of these files directly or through the Administration interface changes the configuration of a virtual server class 16 Sun ONE Web S
123. following table describes attributes for the SSLPARAMS element 32 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 SSLPARAMS attributes Attribute Default Listener Elements Description servercertnickname ssl2 ssl2ciphers ss13 ssl3tlsciphers tls Server Cert false none true none true The nickname of the server certificate in the certificate database or the PKCS 11 token In the certificate the name format is tokenname nickname Including the tokenname part of the name in this attribute is optional optional Determines whether SSL2 is enabled Legal values are on off yes no 1 0 true and false Ifboth SSL2 and SSL3 are enabled for a virtual server the server tries SSL3 encryption first If that fails the server tries SSL2 encryption optional A space separated list of the SSL2 ciphers used with the prefix to enable or to disable for example rc4 Allowed values are rc4 rc4export rc2 rc2export idea des desede3 optional Determines whether SSL3 is enabled Legal values are on off yes no 1 0 true and false If both SSL2 and SSL3 are enabled for a virtual server the server tries SSL3 encryption first If that fails the server tries SSL2 encryption optional A space separated list of the SSL3 ciphers used with the prefix to enable or to disable for example rsa_des_sha Allowed SSL3 values are rsa_rc4_128_md5
124. g rather than putting them in the default object Use the ppath attribute of the OBJECT tag to specify the partial path name for the resources to be affected by the access rules in the dynamic configuration file The partial path name can be any path name that matches a pattern which can include wildcard characters For example the following lt OBJECT gt tag specifies that requests for resources in the directory D sun server61 docs are subject to the access rules in the file my nsconfig lt Object ppath D sun server61 docs gt PathCheck fn load config file my nsconfig descend 1 basedir D sun server61 docs lt Object gt NOTE If the ppath resolves to a resource or directory that is higher in the directory tree or is in a different branch of the tree than the base directory the load config function is not invoked This is because the base directory specifies the highest level directory for which requests will invoke the load config function The load config function returns REQ_PROCEED if configuration files were loaded REQ_ABORTED on error Or REQ_NOACTION when no files are loaded Parameters The following table describes parameters for the load config function 148 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Table 4 22 load config parameters Parameter Description file Optional Name of the dynamic configuration fi
125. gt KV Sissi gt lt PROPERTY name docroot value Sdocrootbase java Sid gt lt VS gt lt PROPERTY name docrootbase value export gt lt VSCLASS gt Variables in subelements override variables in the parent elements For example it is possible to set a variable for a class of virtual servers and override it with a definition of the same variable in an individual virtual server server xml File lt xml version 1 0 encoding UTF 8 gt lt Copyright c 2003 Sun Microsystems Inc All rights reserved Use is subject to license terms gt lt DOCTYPE SERVER PUBLIC Sun Microsystems Inc DTD Sun ONE Web Server 6 1 EN file home nb136819 space servers slws61 bin https dtds sun web server_6_1 dtd gt lt SERVER gt lt PROPERTY name docroot value home nb136819 space servers siws61 docs gt 72 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Sample server xml File lt PROPERTY name accesslog value home nb136819 space servers slws61 https admserv logs acces s gt lt PROPERTY name user value gt lt PROPERTY name group value gt lt PROPERTY name chroot value gt lt PROPERTY name dir value gt lt PROPERTY name nice value gt lt LS id 1s1 port 5555 servername plaza india sun com defaultvs vs admin gt lt LS id 1s2 port 9999
126. he server which object loaded from an obj conf file is the default The default object is expected to have all the name translation NameTrans directives for the virtual server any server behavior that is configured in the default object affects the entire server If you specify an object that doesn t exist the server doesn t report an error until a client tries to retrieve a document The Server Manager assumes the default to be the object named default Don t deviate from this convention if you use or plan to use the Server Manager Chapter 2 Server Configuration Elements in server xml 37 Listener Elements VSCLASS attributes Attribute Default Description accept language false optional If t rue the server parses the Accept Language header and sends an appropriate language version based on which language the client can accept You should set this value to on only if the server supports multiple languages Can be overridden in a VS element Legal values are on off yes no 1 0 true and false VS Defines a virtual server A virtual server also called a virtual host is a virtual web server that serves content targeted for a specific URL Multiple virtual servers may serve content using the same or different host names port numbers or IP addresses The HTTP service can direct incoming web requests to different virtual servers based on the URL Subelements The following table describes subelements fo
127. hreads parameter 107 MMapSessionManager 18 19 month name 243 MtaHost directive 111 231 N name parameter 128 133 137 203 204 of define perf bucket function 102 of thread pool init function 107 NameTrans function descriptions 127 native thread pools settings in magnus conf 88 NativePoolMaxThreads magnus conf directive 88 NativePoolMaxThreads directive 111 NativePoolMinThreads 260 Sun ONE lt Product Name gt Administrator s Guide April 2001 magnus conf directive 88 NativePoolMinThreads directive 111 NativePoolQueueSize magnus conf directive 89 NativePoolQueueSize directive 111 NativePoolStackSize magnus conf directive 88 NativePoolStackSize directive 111 NativeThread parameter 105 NetSiteRoot magnus conf directive 99 NetSiteRoot directive 112 231 238 nice parameter 187 nocache parameter 190 nostat parameter 129 nsacl directory 20 nsapi directory 20 NSCP_POOL_STACKSIZE 88 NSCP_POOL_THREADMAX 88 NSCP_POOL_WORKQUEUEMAX 88 nsessions property 220 nsfc conf 223 NSIntAbsFilePath parameter 170 171 ntcgicheck function 151 nt console init function 105 238 ntrans base 128 129 134 nt uri clean function 150 num buffers parameter 103 O obj conf changes to 232 239 directives 117 objectfile 37 ObjectType function descriptions 156 opts parameter 101 Output function descriptions 164 outputStreamFlushTimer property 233 P parameterEncoding property 234 parse html function 232 path p
128. i function runs a file as a shell CGI program and sends the results to the client Shell CGI is a server configuration that lets you run CGI applications using the file associations set in Windows For information about shell CGI programs consult the Sun ONE Web Server 6 1 Administrator s Guide Parameters The following table describes parameters for the send shellcgi function Table 4 59 send shellcgi parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions 192 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Examples Service fn send shellcgi Service type magnus internal cgi fn send shellcgi send wincgi Applicable in service class directives Windows Only The send wincgi function runs a file as a Windows CGI program and sends the results to the client For information about Windows CGI programs consult the Sun ONE Web Server 6 1 Administrators Guide Parameters The following table describes para
129. ibute of Obsolete auth native element Appendix A Configuration Changes Between Planet Web Server 4 1 and Sun ONE Web Server 6 1 233 rules properties Table A 3 contexts properties to sun web xml correspondences contexts properties Property sun web xml Element or Attribute Comments classpath extra class path attribute of class loader element singleClassLoader none Obsolete because each web application has a single class loader as mandated by the Servlet 2 3 specification serverName none Specified in the server xml file for each virtual server contentTypelgnoreFromSSI none Obsolete due to web application support parameterEncoding parameter encoding element isModifiedCheckAggressive none Obsolete includeTransparency none Obsolete rules properties The rules properties file is no longer supported in Sun ONE Web Server 6 1 The function of the rules properties file is now handled by the servlet mapping element in the web xml file For more information see the Servlet 2 3 API specification at http java sun com products servlet index html servlets properties 234 The servlets properties file is no longer supported for the default virtual server and other virtual servers Most of the same functions are in the sun web xml file A few servlets properties functions are in the server xml file A few servlets properties functions are in the web xml file For more information
130. ibutes The following table describes attributes for the SEARCHCOLLECTION element SEARCHCOLLECTION attributes Attribute docroot enabled 46 Sun ONE Web Server 6 1 Default none none none none true Description Specifies unique identifier for this collection Should be a legal XML ID type Specifies a file system location for storing search collection meta data Specifies a URI for the indexable collection of documents Specifies a file system path for the collection of documents Specifies whether a collection can be searched Legal values are yes no true false on off 1 and 0 e Administrator s Configuration File Reference August 2003 Web Application Elements DISPLAYNAME Specifies a human readable name for the collection to be used while displaying the collection to the end user Example lt DISPLAYNAME gt Omega Manual lt DISPLAYNAME gt Subelements none Attributes none Web Application Elements The Web application elements are as follows e WEBAPP WEBAPP Defines a Java web application rooted at a given URI within a vs Subelements The following table describes subelements for the weBAPP element webapp subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element Attributes The following table describes attributes for the weBAPP element Chapter 2 Server Configuration Elements i
131. ich is used for account management purposes If an inetUserStatus attribute is present in an entry and has a value of inact ive or deleted the entry is ignored Groups are located under the Groups subtree and consist of LDAP entries of type groupOfUniqueNames The Domain Component dc Tree The dc tree contains hierarchical domain entries each of which is a DNS name component Entries that represent the domain name of a customer are overlaid with the LDAP auxiliary class inetDomain For example the two LDAP entries dc customerl dc com o Internet o root and dc customer2 dc com o Internet o root contain the inetDomain class but dc com o Internet o root does not The latter is present only to provide structure to the tree Entries with an inetDomain attribute are called virtual domains These must have the attribute inetDomainBaseDN filled with the DN of the top level organization entry where the data of this domain is stored in the convergence tree For example the virtual domain entry in dc cust2 dc com o Internet o root would contain the attribute inetDomainBaseDN with value o Cust 2 o isp o root If an inetDomainStatus attribute is present in an entry and has a value of inactive or deleted the entry is ignored Chapter 2 Server Configuration Elements in server xml 69 Variables Variables Some variables are defined in server xml for use in the obj conf file The following file fragment defines a doc
132. ide tasks e Using the Administration and command line interfaces e Configuring server preferences e Using server instances e Monitoring and logging server activity e Using certificates and public key cryptography to secure the server e Configuring access control to secure the server e Using Java 2 Platform Enterprise Edition J2EE platform security features e Deploying applications e Managing virtual servers e Defining server workload and sizing the system to meet performance needs e Searching the contents and attributes of server documents and creating a text search interface e Configuring the server for content compression e Configuring the server for web publishing and content authoring using WebDAV Using programming technologies and Programmer s Guide APIs to do the following e Extend and modify Sun ONE Web Server Dynamically generate content in response to client requests e Modify the content of the server About This Guide 11 How This Guide Is Organized Table 1 Sun ONE Web Server Documentation Roadmap For Information About See the Following Creating custom Netscape Server NSAPI Programmer s Guide Application Programmer s Interface NSAPI plugins Implementing servlets and JavaServer Programmer s Guide to Web Applications Pages JSP technology in Sun ONE Web Server Editing configuration files Administrator s Configuration File Reference Guide Tuning Sun ONE W
133. ig directory 19 config file 20 configuration files stored in server root 18 configuration new installing dynamically 21 CONNECTIONPROPERTY 63 connectons settings in magnus conf 81 ConnQueueSize magnus conf directive 83 ConnQueueSize directive 108 content type icons 175 contentTypelgnoreFromSSI property 234 context property 235 contexts properties changes to 232 convergence tree auxiliary class inetSubscriber 69 in LDAP schema 68 organization of 68 user entries are called inetOrgPerson 69 CopyFiles parameter 225 core SAFs 117 Core Server Elements 26 createconsole 67 CUSTOMRESOURCE 56 D DaemonStats directive 230 DAV 42 DAVCOLLECTION 43 day of month 243 dbm parameter 124 desuffix property 221 default virtual server for a connection group 32 DefaultCharSet directive 108 230 238 DefaultLanguage magnus conf directive 80 DefaultLanguage directive 109 define perf bucket function 102 deny existence function 142 descend parameter 149 description parameter 102 digest directory 19 digestauth property 221 digestfile 221 dir parameter 133 144 186 directives obj conf 117 disable parameter 106 144 disable types parameter 149 DISPLAYNAME 47 DNComps property 218 DNS magnus conf directive 81 DNS directive 109 DNS lookup directives in magnus conf 81 dns cache init function 102 docRoot property 233 docs directory 18 document root function 129 domain component tree 68 domain component tree dc 69 dorequest p
134. ions Examples Service type text html method GET fn append trailer trailer lt hr gt lt img src logo gif gt Copyright 1999 Add a trailer with the date in the format MM DD YY Service type text html method GET fn append trailer timefmt D trailer lt HR gt File last updated on LASTMOD See Also add footer add header imagemap Applicable in service class directives The imagemap function responds to requests for imagemaps Imagemaps are images that are divided into multiple areas that each have an associated URL The information about which URL is associated with which area is stored in a mapping file Chapter 4 Predefined SAFs in obj conf 173 Service Parameters The following table describes parameters for the imagemap function Table 4 43 imagemap parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service type magnus internal imagemap method GET HEAD fn imag
135. ire auth basic ncsa Applicable in AuthTrans class directives The basic ncsa function verifies authorization information sent by the client against a database The Authorization header is sent as part of the basic server authorization scheme This function is usually used in conjunction with the PathCheck class function require auth Parameters The following table describes parameters for the basic ncsa function Table 4 3 basic auth parameters Parameter Description auth type Specifies the type of authorization to be used This should always be basic dbm Optional Specifies the full path and base file name of the user database in the server s native format The native format is a system DBM file which is a hashed file format allowing instantaneous access to billions of users If you use this parameter don t use the userfile parameter as well userfile Optional Specifies the full path name of the user database in the NCSA style HTTPD user file format This format consists of lines using the format name password where password is encrypted If you use this parameter don t use dbm 124 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 AuthTrans Table 4 3 basic auth parameters Parameter Description grpfile Optional Specifies the NCSA style HTTPD group file to be used Each line of a group file consists of group user1 user userN where each user is separated by spaces
136. irectory is secure On UNIX specifying TempDirSecurity off allows the server to use tmp as a temporary directory CAUTION Specifying TempDirSecurity off or using tmp as a temporary directory on UNIX is highly discouraged Using tmp asa temporary directory opens a number of potential security risks Syntax TempDirSecurity on off Default on User Windows The User directive specifies the user account the server runs with By using a specific user account other than LocalSystem you can restrict or enable system features for the server For example you can use a user account that can mount files from another machine Chapter 3 Syntax and Use of magnus conf 79 Language Issues UNIX The User directive specifies the UNIX user account for the server If the server is started by the superuser or root user the server binds to the port you specify and then switches its user ID to the user account specified with the User directive This directive is ignored if the server isn t started as root The user account you specify should have read permission to the server s root and subdirectories The user account should have write access to the logs directory and execute permissions to any CGI programs The user account should not have write access to the configuration files This ensures that in the unlikely event that someone compromises the server they won t be able to change configuration files and gain broader access to your
137. ired parameter is missing if there is extra path information after the file name in the URL or if the file cannot be opened for read only access Parameters The following table describes parameters for the append trailer function Table 4 42 append trailer parameters Parameter trailer timefmt Description Text to append to HTML documents The string is unescaped with util_uri_unescape before being sent The text can contain HTML tags and can be up to 512 Characters long after unescaping and inserting the date If you use the string LASTMOD which is replaced by the date the file was last modified you must also specify a time format with timefmt Optional Time format string for LASTMOD If timefmt is not provided LASTMOD will not be replaced with the time Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Table 4 42 append trailer parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions UE bucket Optional Common to all obj conf funct
138. is authorized Before this function is called an authorization function such as basic auth must be called in an AuthTrans directive If a user was authorized in an AuthTrans directive and the auth user parameter is provided then the user s name must match the auth user wildcard value Also if the auth group parameter is provided the authorized user must belong to an authorized group which must match the auth user wildcard value Parameters The following table describes parameters for the require auth function Table 4 26 require auth parameters Parameter Description path Optional Wildcard local file system path on which this function should operate If no path is provided the function applies to all paths auth type Type of HTTP authorization used and must match the auth type from the previous authorization function in AuthTrans Currently basic is the only authorization type defined realm String sent to the browser indicating the secure area or realm for which a user name and password are requested auth user Optional Specifies a wildcard list of users who are allowed access If this parameter is not provided any user authorized by the authorization function is allowed access 152 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Table 4 26 require auth parameters Parameter Description auth group Optional Specifies a wildcard list of groups that are allowed access
139. is located in the instance_dir config directory A schema file sun web server_6_1 dtd determines the format and content of the server xml file This chapter describes server xml and sun server_1_0 dtd in the following sections The sun web server_6_1 dtd File Elements in the server xml File Core Server Elements Listener Elements WebDAV Elements Search Elements Web Application Elements Java Configuration Elements Resource Elements LOG User Database Selection The Sun ONE LDAP Schema Chapter 2 Server Configuration Elements in server xml 23 The sun web server_6_1 dtd File e Variables e Sample server xml File The sun web server 6 1 dtd File The sun web server_6_1 dtd file defines the structure of the server xml file including the elements it can contain and the subelements and attributes these elements can have The sun web server_6_1 dtd file is located in the install_dir bin https dtds directory Each element defined in a DTD file which may be present in the corresponding XML file can contain the following e Subelements e Data e Attributes Subelements Elements can contain subelements For example the following file fragment defines the vscLass element lt ELEMENT VSCLASS VARS VS QOSPARAMS gt The ELEMENT tag specifies that a vscLass element can contain VARS vs and QOSPARAMS elements in that order The following table shows how optional suffix characters of subelement
140. is yes For more information about util_uri_escape see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Chapter 4 Predefined SAFs in obj conf 135 NameTrans Table 4 12 redirect parameters Parameter Description bucket Optional Common to all obj conf functions Examples In the first example any request for http server name whatever is translated to a request for http tmpserver whatever NameTrans fn redirect from url prefix http tmpserver In the second example any request for http server name toopopular whatever is translated to a request for http bigger better stronger morepopular whatever NameTrans fn redirect from toopopular url http bigger better stronger morepopular strip params Applicable in NameTrans class directives The strip params function removes embedded semicolon delimited parameters from the path For example a URI of dir1 param1 dir2 would become a path of dir1 dir2 When used the strip params function should be the first NameTrans directive listed Parameters The following table describes parameters for the strip params function Table 4 13 strip params parameters Parameter Description bucket Optional Common to all obj conf functions 136 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 NameTrans Example NameTrans fn strip params unix home Applicable in NameTrans class directives UNIX Only Th
141. ist dir for requests whose method is INDEX Parameters The following table describes parameters for the list dir function Table 4 48 list dir parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Servi ce class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 179 Service Example Service fn list dir method INDEX make dir Applicable in service class directives Parameters The following table describes parameters for the make dir function The make dir function creates a directory when the client sends a request whose method is MKDIR The function can fail if the server can t write to that directory When remote file manipulation is enabled in the server the obj conf file contains a Service class function that invokes make dir when the request method is MKDIR Table 4 49 make dir parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions
142. ist is case sensitive if the file system is case sensitive bucket Optional Common to all obj conf functions Example PathCheck fn find index index names index html home html find links Applicable in PathCheck class directives UNIX Only The find 1inks function searches the current path for symbolic or hard links to other directories or file systems If any are found an error is returned This function is normally used for directories that are not trusted such as user home directories It prevents someone from pointing to information that should not be made public Parameters The following table describes parameters for the find links function Chapter 4 Predefined SAFs in obj conf 143 PathCheck 144 Table 4 19 find links parameters Parameter Description disable Character string of links to disable e his hard links e sis soft links e o allows symbolic links from user home directories only if the user owns the target of the link dir Directory to begin checking If you specify an absolute checkFileExistence bucket Examples path any request to that path and its subdirectories is checked for symbolic links If you specify a partial path any request containing that partial path is checked for symbolic links For example if you use user anda request comes in for some user directory then that directory is checked for symbolic links Checks linked file for existence and aborts
143. itFile system Windows call Not supported on IRIX Compaq Solaris or Linux off UNIX MaxFiles 1024 Maximum number of files in the file cache HashInitSize Limited by 0 Initial number of hash buckets If 0 the available number of hash buckets is dynamically memory determined as 2 MaxFiles 1 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 password conf nsfc conf properties Attribute Allowed Default Description Values Value CopyFiles on off on Windows only Prevents sharing violations by copying files to a temporary directory TempDir A path lt TempDir Specifies a temporary directory for the file gt lt server_ cache if CopyFiles is on id gt file lt TempDi r gt is the value of TempDir in the magnus conf file See TempDir on page 79 cache lt server_id gt is the server instance id password conf Purpose By default the Sun ONE Web Server prompts the administrator for the SSL key database password before starting up If you want the Web server to be able to restart unattended you need to save the password in a password conf file Be sure that your system is adequately protected so that this file and the key databases are not compromised Location server_root config This file is not present by default You must create it if you need it Syntax PKCS 11_module_name password If you are using the internal PKCS 11 software encryption module that com
144. ket Parameter on page 120 To read the report point the browser here http server_id port perf Parameters The following table describes parameters for the service dump function Table 4 62 service dump parameters Parameter Description type Must be perf for this function method Optional Common to all Service class functions Chapter 4 Predefined SAFs in obj conf 195 Service Table 4 62 service dump parameters Parameter Description query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Examples lt Object name default gt NameTrans fn assign name from perf name perf lt Object gt lt Object name perf gt Service fn service dump lt Object gt See Also stats xml service j2ee Applicable in Service class directives The service j2ee function services requests made to Java web applications Parameters The following table describes parameters for the service j2ee function 196 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Table 4 63 service j2ee parameters Parameter Description type
145. le containing the access rules to be applied to the requested resource If not provided the file name is assumed to be nsconfig disable types Optional Specifies a wildcard pattern of types to disable for the base directory such as magnus internal cgi Requests for resources matching these types are aborted descend Optional If present specifies that the server should search in subdirectories of this directory for dynamic configuration files For example descend 1 specifies that the server should search subdirectories No descend parameter specifies that the function should search only the base directory basedir Optional Specifies base directory This is the highest level directory for which requests will invoke the load config function and is also the directory where the server starts searching for configuration files If basedir is not specified the base directory is assumed to be the root directory that results from translating the requested resource s URL to a physical path name For example if the request is for http server name a b file html the physical file name would be document root a b file html bucket Optional Common to all obj conf functions Examples In this example whenever the server receives a request for any resource containing the substring secret that resides in D Sun WebServer61 serverl docs nikki or a subdirectory thereof it searches for a configuration file called checkaccess n
146. lected performance bucket data e service j2ee services requests made to Java web applications e service trace services TRACE requests e shtml_send parses an HTML file for server parsed HTML commands e stats xml creates a performance report in XML format e upload file uploads and saves a file add footer Applicable in Service class directives This function appends a footer to an HTML file that is sent to the client The footer is specified either as a file name or a URL thus the footer can be dynamically generated To specify static text as a footer use the append trailer function Parameters The following table describes parameters for the add footer function Chapter 4 Predefined SAFs in obj conf 169 Service Table 4 40 add footer parameters Parameter Description file Optional Path name to the file containing the footer Specify either file or uri By default the path name is relative If the path name is absolute pass the NSIntAbsFilePath parameter as yes uri Optional URI pointing to the resource containing the footer Specify either file or uri NSIntAbsFilePath Optional If the file parameter is specified the NSIntAbsFilePath parameter determines whether the file name is absolute or relative The default is relative Set the value to yes to indicate an absolute file path type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional
147. led attributes The REQUIRED label means that a value must be supplied The IMPLIED label means that the attribute is optional and that Sun ONE Web Server generates a default value Wherever possible explicit defaults for optional attributes such as t rue are listed Attribute declarations specify the type of the attribute For example CDATA means character data and boolean is a predefined enumeration Chapter 2 Server Configuration Elements in server xml 25 Elements in the server xml File Elements in the server xml File This section describes the XML elements in the server xml file Elements are grouped as follows e Core Server Elements e Listener Elements e WebDAV Elements e Search Elements e Web Application Elements e Java Configuration Elements e Resource Elements NOTE Subelements must be defined in the order in which they are listed under each Subelements heading unless otherwise noted For an alphabetical listing of elements in server xml see Alphabetical List of Server Configuration Elements Core Server Elements General elements are as follows e SERVER e PROPERTY e DESCRIPTION e VARS SERVER Defines a server This is the root element there can only be one server element in a server xml file 26 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Subelements Core Server Elements The following table describes sub
148. lower connections Syntax AcceptTimeout seconds Default 30 seconds for servers that don t use hardware encryption devices and 300 seconds for those that do ConnQueueSize Specifies the number of outstanding yet to be serviced connections that the web server can have It is recommended that this value always be greater than the operating system limit for the maximum number of open file descriptors per process Default The default value is 4096 HeaderBufferSize The size in bytes of the buffer used by each of the request processing threads for reading the request data from the client The maximum number of request processing threads is controlled by the RqThrottle setting Default The default value is 8192 8 KB Chapter 3 Syntax and Use of magnus conf 83 Threads Processes and Connections KeepAliveThreads This directive determines the number of threads in the keep alive subsystem It is recommended that this number be a small multiple of the number of processors on the system for example a 2 CPU system should have 2 or 4 keep alive threads The maximum number of keep alive connections allowed MaxKeepAliveConnect ions should also be taken into consideration when choosing a value for this setting Default 1 KeepAliveTimeout This directive determines the maximum time that the server holds open an HTTP Keep Alive connection or a persistent connection between the client and the server The Keep Alive feature f
149. lt that it returns a busy response to the client It is then free to handle another incoming request instead of being tied up waiting in the queue Default 0 This section lists the directives in magnus conf that affect requests for CGI programs The directives are e CGIExpirationTimeout e CGIStubIdleTimeout e CGIWaitPid UNIX Only e MaxCGIStubs e MinCGlStubs CGIExpirationTimeout This directive specifies the maximum time in seconds that CGI processes are allowed to run before being killed The value of CGIExpirationTimeout should not be set too low 300 seconds 5 minutes would be a good value for most interactive CGIs but if you have CGIs that are expected to take longer without misbehaving then you should set it to the maximum duration you expect a CGI program to run normally A value of 0 disables CGI expiration which means that there is no time limit for CGI processes Note that on Windows platforms init cgi time out does not work so you must use CGIExpirationTimeout Chapter 3 Syntax and Use of magnus conf 89 CGI 90 Default 0 CGIStubIdleTimeout This directive causes the server to kill any CGIStub processes that have been idle for the number of seconds set by this directive Once the number of processes is at MinCGIStubs the server does not kill any more processes Default 30 CGIWaitPid UNIX Only For UNIX platforms when CGIWaitPid is set to on the action for the SIGCHLD signal is the
150. meters for the send wincgi function Table 4 60 send wincgi parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 193 Service Examples Service fn send wincgi Service type magnus internal cgi fn send wincgi service dav Applicable in service class directives The service dav function services a request to a WebDAV enabled URI In response to a request for a WebDAV resource the service dav function services the static content and restarts the request with the sourceuri for dynamic content The sourceuri is identified by the magnus internal setting If no sourceuri is defined for dynamic content an HTTP error message is returned Requests to WebDAV resources are authenticated and authorized by the AuthTrans and PathCheck NSAPI stages respectively By default all access to sourceuri is restricted by the PathCheck entry in the dav object OPTIONS on a WebDAV enabled URI are always handl
151. ministrator s Configuration File Reference August 2003 Variables General Variables The following table lists general server xm1 variables The left column lists variables and the right column lists descriptions of those variables General Variables Property Description docroot The document root of the virtual server Typically evaluated as the parameter to the document root function in the obj conf file accesslog The access log file for a virtual server send cgi Variables The following table lists server xml variables used by the send cgi function in the obj conf file The left column lists variables and the right column lists descriptions of those variables send cgi Variables Property Description user The value of the user CGI parameter group The value of the group CGI parameter chroot The value of the chroot CGI parameter dir The value of the dir CGI parameter nice The value of the nice CGI parameter For more information about the send cgi function see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Variable Evaluation Variables are evaluated when generating specific objectsets for individual virtual servers Evaluation is recursive variable values can contain other variables For example Chapter 2 Server Configuration Elements in server xml 71 Sample server xml File Sample lt VSCLASS gt SMS Genera lt PROPERTY name docroot value docrootbase nonjava id gt lt VS
152. mmon to all ob j conf functions Example PathCheck fn unix uri clean See Also nt uri clean ObjectType Object Type directives determine the MIME type of the file to send to the client in response to a request MIME attributes currently sent are type encoding and language The MIME type is sent to the client as the value of the Content Type header Object Type directives also set the type parameter which is used by Service directives to determine how to process the request according to what kind of content is being requested If there is more than one Object Type directive in an object all of the directives are applied in the order they appear If a directive sets an attribute and later directives try to set that attribute to something else the first setting is used and the subsequent ones are ignored The obj conf file almost always has an object Type directive that calls the type by extension function This function instructs the server to look in a particular file the MIME types file to deduce the content type from the extension of the requested resource The following Object Type class functions are described in detail in this section e force type sets the Content Type header for the response to a specific type 156 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 ObjectType e set default type allows you to define a default charset content encoding and content language for the respo
153. n ONE Web Server is determined by a set of configuration files When you use the Administration interface you change the settings in these configuration files You can also manually edit these files This chapter has the following sections e Configuration Files e Directory Structure e Dynamic Reconfiguration Configuration Files The configuration and operation of the Sun ONE Web Server is controlled by configuration files The configuration files reside in the directory instance_dir config This directory contains various configuration files for controlling different components The exact number and names of configuration files depends on which components have been enabled or loaded into the server However this directory always contains four configuration files that are essential for the server to operate These files are e server xml contains most of the server configuration e magnus conf contains global server initialization information e obj conf contains instructions for handling HTTP requests from clients Chapter 1 Basics of Server Operation 15 Configuration Files e mime types contains information for determining the content type of requested resources server xml This file contains most of the server configuration A schema file sun web server_6_1 dtd defines its format and content For more information about how the server uses sun web server_6_1 dtd and server xml see Chapter 2 Server Con
154. n realm an AUTHREALM name attribute for this server instance The default realm will be used to process authentication events for any web applications which do not otherwise specify which realm to use anonymousrole ANYONE optional Used as the name for default or anonymous role The anonymous role is always assigned to all principals Chapter 2 Server Configuration Elements in server xml 53 Java Configuration Elements SECURITY attributes Attribute Default audit false loglevel Value of level attribute of LOG element AUTHREALM Defines a realm for authentication Description optional If t rue additional access logging is performed to provide audit information Legal values are on of f yes no 1 0 true false Audit information consists of e Authentication success and failure events e Servlet access grants and denials optional Controls the type of messages logged by this element to the errors log For details see the description of the level attribute of the LOG element Authentication realms require provider specific properties which vary depending on the needs of a particular implementation Here is an example of the default file realm lt authrealm name file classname com iplanet ias security auth realm file FileRealm gt lt property name file value instance_dir config keyfile gt lt property name jaas context value fileRealm gt lt authrealm gt
155. n server xml 47 Java Configuration Elements WEBAPP attributes Attribute Default Description uri path enabled empty string none true This is the context path at which the web application is installed Section 5 4 of the Servlet 2 3 specification If this attribute is then this web application is designated to be the default web application for the virtual server The default web application for a virtual server responds to all requests that cannot be resolved to other web applications deployed to the virtual server Every virtual server has a default web application A fully qualified or relative path to the directory in which the contents of the war file have been extracted This attribute can be used to temporarily disable the web application from servicing requests without removing the contents of the web application on disk Legal values are on off yes no 1 0 true false Java Configuration Elements The Java configuration elements are as follows JAVA JVMOPTIONS PROFILER SECURITY AUTHREALM 48 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 JAVA Java Configuration Elements Defines configurable properties for the integrated Java Virtual Machine JVM and for Java based security and resources Subelements The following table describes subelements for the JAVA element JAVA subelements
156. n to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example lt Object ppath mydocs secret gt Service fn key toosmall lt Object gt 178 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service list dir Applicable in Service class directives The list dir function returns a sequence of text lines to the client in response to a request whose method is INDEX The format of the returned lines is name type size mimetype The name field is the name of the file or directory It is relative to the directory being indexed It is URL encoded that is any character might be represented by amp xx where xx is the hexadecimal representation of the character s ASCII number The type field is a MIME type such as text html Directories will be of type directory A file for which the server doesn t have a type will be of type unknown The size field is the size of the file in bytes The mtime field is the numerical representation of the date of last modification of the file The number is the number of seconds since the epoch Jan 1 1970 00 00 UTC since the last modification of the file When remote file manipulation is enabled in the server the obj conf file contains a Service class function that calls 1
157. nded audience for this guide is the person who administers and maintains the Sun ONE Web Server This guide assumes you are familiar with the following topics J2EE specification HTTP HTML XML Java programming Java APIs as defined in servlet JSP and JDBC specifications Using the Documentation e Relational database concepts Using the Documentation The Sun ONE Web Server manuals are available as online files in PDF and HTML formats at http docs sun com prod sunone The following table lists the tasks and concepts described in the Sun ONE Web Server manuals Table 1 Sun ONE Web Server Documentation Roadmap For Information About See the Following Late breaking information about the Release Notes software and documentation Getting started with Sun ONE Web Server Getting Started Guide including hands on exercises that introduce server basics and features recommended for first time users Performing installation and migration Istallation and Migration Guide tasks e Installing Sun ONE Web Server and its various components supported platforms and environments e Migrating from Sun ONE Web Server 4 1 or 6 0 to Sun ONE Web Server 6 1 10 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Using the Documentation Table 1 Sun ONE Web Server Documentation Roadmap For Information About See the Following Performing the following administration Administrator s Gu
158. ne Specifies the value of the property or variable DESCRIPTION Contains a text description of the parent element Subelements none Attributes none VARS Defines variables that can be given values in server xml and referenced in obj conf For more information see Variables on page 70 Subelements none Attributes none Listener Elements The Listener elements are as follows e LS e SSLPARAMS Chapter 2 Server Configuration Elements in server xml 29 Listener Elements e MIME e ACLFILE e TYPE e VSCLASS e VS e QOSPARAMS e USERDB LS Defines an HTTP listen socket NOTE When you create a secure listen socket through the Server Manager security is automatically turned on globally in magnus conf When you create a secure listen socket manually in server xml security must be turned on by editing magnus conf The Conn ECTIONGROUP element from the schema file for server xml in version 6 0 of Web Server is no longer supported Its attributes and the subelement SSLPARAMS are added to the LS element in Sun ONE Web Server 6 1 Subelements The following table describes subelements for the Ls element LS subelements Element Required Description DESCRIPTION zero or one Contains a text description of the listen socket SSLPARAMS zero or one Defines Secure Socket Layer SSL parameters 30 Sun ONE Web Server 6 1 Administrator s Configuration File Reference
159. nput directives are executed when the server or a plugin first attempts to read entity body data from the client The Input stage allows you to select filters that will process incoming request data read by the Service step NSAPI filters in Sun ONE Web Server 6 1 enable a function to intercept and potentially modify the content presented to or generated by another function You can add NSAPI filters that process incoming data by invoking the insert filter SAF in the Input stage of the request handling process The Input directives are executed at most once per request You can also define the appropriate position of a specific filter within the filter stack For example filters that translate content from XML to HTML are placed higher in the filter stack than filters that compress data for transmission You can use the filter_create function to define the filter s position in the filter stack and the init filter order to override the defined position When two or more filters are defined to occupy the same position in the filter stack filters that were inserted later will appear higher than filters that were inserted earlier That is the order of Input fn insert filter and Output fn insert filter directives in obj conf becomes important The following Input class functions are described in detail in this section 162 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Input e insert filter adds a filter t
160. ns Subelements The following table describes subelements for the RESOURCES element RESOURCES subelements Element Required Description CUSTOMRESOURCE zero or more Defines a custom resource EXTERNALJNDIRESOUR zero or more Defines a resource that resides in an CE external JNDI Java Naming and Directory Interface repository JDBCRESOURCE zero or more Defines a JDBC Java Database Connectivity resource JDBCCONNECTIONPOOL zero or more Defines the properties that are required for creating a JDBC connection pool MAILRESOURCE zero or more Defines the properties that are required for creating a mail resource Attributes none CUSTOMRESOURCE Defines a custom resource which specifies a custom server wide resource object factory Such object factories implement the javax naming spi ObjectFactory interface Subelements The following table describes subelements for the CUSTOMRESOURCE element CUSTOMRESOURCE subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element 56 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 CUSTOMRESOURCE subelements Resource Elements Element PROPERTY Attributes The following table describes attributes for the CUSTOMRESOURCE element CUSTOMRESOURCE att
161. nse being sent back to the client e shtml hacktype requests that htm and html files are parsed for server parsed HTML commands e type by exp sets the Content Type header for the response based on the requested path e type by extension sets the Content Type header for the response based on the file s extension and the MIME types database force type Applicable in object Type class directives The force type function assigns a type to requests that do not already have a MIME type This is used to specify a default object type Make sure that the directive that calls this function comes last in the list of Object Type directives so that all other Object Type directives have a chance to set the MIME type first If there is more than one Object Type directive in an object all of the directives are applied in the order they appear If a directive sets an attribute and later directives try to set that attribute to something else the first setting is used and the subsequent ones are ignored Parameters The following table describes parameters for the force type function Table 4 31 force type parameters Parameter Description type Optional Type assigned to a matching request the Content Type header enc Optional Encoding assigned to a matching request the Content Encoding header lang Optional Language assigned to a matching request the Content Language header Chapter 4 Predefined SAFs in obj conf 15
162. ntAbsFilePath Optional If the file parameter is specified the NSIntAbsFilePath parameter determines whether the file name is absolute or relative The default is relative Set the value to yes to indicate an absolute file path type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Servi ce class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 171 Service 172 Examples xt html method GET fn add header Servic type t file headers headerl html xt html method GET fn add footer Servic type t file D Sun WebServer61 serverl headers headerl html NSIntAbsFilePath yes See Also add foot r append trailer append trailer Applicable in Service class directives The append trailer function sends an HTML file and appends text to the end It only appends text to HTML files This is typically used for author information and copyright text The date the file was last modified can be inserted Returns RI EO_ABORTI ED if a requ
163. o all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions DUE bucket Optional Common to all obj conf functions Example Service fn index common type magnus internal directory method GET HEAD header hdr readme rdme txt index simple See Also index simple Applicable in service class directives find index home pag 176 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service The index simple function generates a simple index of the files in the requested directory It scans a directory and returns an HTML page to the browser displaying a bulleted list of the files and directories in the directory The list is sorted alphabetically Files beginning with a period are not displayed Each item appears as an HTML link Indexing occurs when the requested resource is a directory that does not contain either an index file or a home page or no index file or home page has been specified by the functions find index or home page Parameters The following table describes parameters for the index simple function Table 4 46 index simple parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions quer
164. o the filter stack to process incoming data e remove filter removes a filter from the filter stack insert filter Applicable in Input class directives The insert filter SAF is used to add a filter to the filter stack to process incoming client to server data The order of Input fn insert filter and Output fn insert filter directives can be important Returns Returns REQ_PROCEED if the specified filter was inserted successfully or REQ_NOACTION if the specified filter was not inserted because it was not required Any other return value indicates an error Parameters The following table describes parameters for the insert filter function Table 4 36 insert filter parameters Parameter Description filter Specifies the name of the filter to insert bucket Optional Common to all obj conf functions Example Input fn insert filter filter http decompression remove filter Applicable in Input Output Service and Error class directives Chapter 4 Predefined SAFs in obj conf 163 Output Output The remove filter SAF is used to remove a filter from the filter stack If the filter has been inserted multiple times only the topmost instance is removed In general it is not necessary to remove filters with remove filter as they will be removed automatically at the end of the request Returns Returns REQ_PROCEED if the specified filter was removed successfull
165. on off yes no true Or false Default no Chapter 3 Syntax and Use of magnus conf 97 Deprecated Directives HTTPVersion The current HTTP version used by the server in the form m n where m is the major version number and n the minor version number Default The default value is 1 1 MaxRqHeaders Specifies the maximum number of header lines in a request Values range from 0 to 32 Default 32 Umask UNIX only This directive specifies the umask value used by the NSAPI functions System_fopenWA and system_fopenRW to open files in different modes Valid values for this directive are standard UNIX umask values For more information on these functions see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Deprecated Directives The following directives have been deprecated in Sun ONE Web Server 6 1 e AdminLanguage e ClientLanguage e NetsiteRoot e ServerID e ServerName e ServerRoot 98 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Deprecated Directives AdminLanguage For an international version of the server this directive specifies the language for the Server Manager Values are en English fr French de German or ja Japanese Default The default is en ClientLanguage For an international version of the server this directive specifies the language for client messages such as File Not Found Values are en English fr French de Germ
166. on to all obj conf functions Example MyLWApp is a LiveWire application PathCheck fn set virtual index virtual index MyLWApp ssl check Applicable in Pathcheck class directives If a restriction is selected that is not consistent with the current cipher settings under Security Preferences this function opens a popup dialog warning that ciphers with larger secret keysizes need to be enabled This function is designed to be used together with a Client tag to limit access of certain directories to nonexportable browsers The function returns REQ_NOACTION if SSL is not enabled or if the secret keysize parameter is not specified If the secret keysize for the current session is less than the specified secret keysize and the bong file parameter is not specified the function returns REQ_ABORTED with a status of PROTOCOL_FORBIDDEN If the bong file is specified the function returns REQ_PROCEED and the path variable is set to the bong file name Also when a keysize restriction is not met the SSL session cache entry for the current session is invalidated so that a full SSL handshake will occur the next time the same client connects to the server Requests that use ss1 check are not cacheable in the accelerator file cache if ssl check returns something other than REQ_NOACTION Parameters The following table describes parameters for the ss1 check function 154 Sun ONE Web Server 6 1 N
167. onal Common to all ob j conf functions Example Service fn remove dir method RMDIR 182 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 remove file Applicable in Service class directives Service The remove file function deletes a file when the client sends a request whose method is DELETE It deletes the file indicated by the URL if the user is authorized and the server has the needed file system privileges When remote file manipulation is enabled in the server the obj conf file contains a Service class function that invokes remove file when the request method is D ELETE Parameters The following table describes parameters for the remove file function Table 4 52 remove file parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service fn remov file method DELETE remove filter Applicable in Input Output Service
168. one See the ss12ciphers attribute of the SSLPARAMS element in server xml ClientLanguage none Deprecated DaemonStats none Obsolete due to new performance statistics system See the Sun ONE Web Server 6 1 Performance Tuning Sizing and Scaling Guide for further information DefaultCharSet none Deprecated ErrorLog none See the file attribute of the LOG element in server xml IOTimeout AcceptTimeout Use the Accept Timeout directive to specify the number of seconds the server must wait for data from a client before closing the connection LoadObjects none See the objectfile attribute in the VSCLASS elementin server xml LogVerbose none See the loglevel attribute in server xml MaxThreads none Obsolete due to new thread handling system 230 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Table A 1 magnus conf changes magnus conf 4 x Directive 6 1 Directive Comments inProcs none Obsolete due to new thread handling system inThreads none Obsolete due to new thread handling system taHost none Ignored etsiteRoot none Deprecated Port none See the LS element in server xml RootObject none See the rootobject attribute of the VSCLASS element in server xml RqThrottleMinPerSocket none See the the acceptorthreads attribute of the LS element in server xml none RqThrottleMin New Specifies the number of request processing threads that are c
169. or earlier versions of the server allows the client server connection to stay open while the server processes the client request The default connection is a persistent connection that remains open until the server closes it or the connection has been open for longer than the time allowed by KeepAliveTimeout The timeout countdown starts when the connection is handed over to the keep alive subsystem If there is no activity on the connection when the timeout expires the connection is closed Default The default value is 30 seconds The maximum value is 300 seconds 5 minutes KernelThreads Sun ONE Web Server can support both kernel level and user level threads whenever the operating system supports kernel level threads Local threads are scheduled by NSPR Netscape Portable Runtime within the process whereas kernel threads are scheduled by the host operating system Usually the standard debugger and compiler are intended for use with kernel level threads By setting KernelThreads to 1 on you ensure that the server uses only kernel level threads not user level threads By setting KernelThreads to 0 off you ensure that the server uses only user level threads which may improve performance Default The default is 0 off 84 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Threads Processes and Connections ListenQ Specifies the maximum number of pending connections on a listen socket
170. ource to the client start with magnus internal 212 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 What Does the Client Do with the MIME Type For example if the requested resource s file extension is map the type is mapped to magnus internal imagemap If the extension is cgi exe or bat the type is set to magnus internal cgi type magnus internal imagemap ext s map type magnus internal cgi exts cgi exe bat If the type starts with magnus internal the server executes whichever Service directive in obj conf matches the specified type For example if the type is magnus internal imagemap the server uses the imagemap function to generate the response to the client as indicated by the following directive Service method GET HEAD type magnus internal imagemap fn imagemap What Does the Client Do with the MIME Type The service function generates the data and sends it to the client that made the request When the server sends the data to the client it also sends headers These headers include whichever MIME type attributes are known which is usually type When the client receives the data it uses the MIME type to decide what to do with the data For browser clients the usual thing is to display the data in the browser window If the requested resource cannot be displayed in a browser but needs to be handled by another application its type starts with applic
171. perform asynchronous DNS lookup Deprecated Deprecated Ignored See the file attribute of the LOG element in server xml Use the Accept Timeout directive to specify the number of seconds the server must wait for data from a client before closing the connection See the loglevel attribute of the LOG element in server xml See the logvsid attribute of the LOG element in server xml Deprecated 238 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 obj conf Table B 2 Changes in magnus conf directives 6 0 Directive 6 1 Value Comments ServerConfigurationFile none Ignored ServerID none Deprecated ServerName none Deprecated See the servername attribute of the LS element in the server xml file ServerRoot none Deprecated obj conf The obj conf file has acquired new SAFs and parameters as listed in Table 6 7 Only the new and changed directives are listed Table B 3 obj conf changes Supported in 6 0 Supported in 6 1 Comments JSP092 object none Removed Sun ONE Web Server 6 1 supports the JSP 2 3 specification and so the JSP092 object is not required server xml This section describes the following changes e server xml to server xml correspondences e start jvm and server xml correspondences e jvm12 conf and server xml correspondences The following table lists the correspondences between the server xml file in iPlanet Web Server 6 0
172. ptional Specifies a prefix for the system classpath You should only prefix the system classpath if you wish to override system classes such as the XML parser classes Use this attribute with caution optional Specifies the classpath for the environment from which the server was started This classpath can be accessed using System getProperty java class path optional Specifies a suffix for the system classpath optional Specifies a prefix for the native library path The native library path is the automatically constructed concatenation of the path to the server s native shared libraries the standard JRE Java Runtime Environment native library path the shell environment setting LD_LIBRARY_PATH on UNIX and any path specified in the PROFILER element Since this is synthesized it does not appear explicitly in the server configuration optional Specifies a suffix for the native library path 50 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 JAVA attributes Java Configuration Elements Attribute Default envclasspathignore true d bytecodeprocessors none dynamicreloadinter 2 val Value of level attribute of LOG element loglevel JVMOPTIONS Description optional If false the CLASSPATH environment variable is read and appended to the server classpath The CLASSPATH environment variable is added after the classpath suf fix at the very
173. r 1 Basics of Server Operation Lei 15 COnNiourenon Files tia ea ROTA SAI AR e e 15 PA ea 16 MOP CONE sl di RR E 16 VCO riore oil 16 MUERES a aeree ea 17 bfhertConfigurationi Files iii ib Pari pai a hod be 17 Directory APUCE enapan E Se A IT ei 17 PR PAROS wiih ds cedars tela bine een Ra 17 UNIX and Linux Platforms iii I e E RCo are a 20 Dy namie RetomBizuratoni nd A e 21 Chapter 2 Server Configuration Elements in server xml Li 23 The sumaweb server 6 Teta File ic la a Eee e hae 24 Subelements A area nee drew Ee ae ee Ee il 24 Dala a ee O CREO CE nt ee ee ee Se eee ee OE TITO OO eee ae ee 25 a A ei Parsee See a due ee eRe a ad Me ae aed 25 Elements ii the server a cod aaa da wk aetna E Ea 26 Core Server Elements e aa 26 SERVER a ada bases aia n 26 4 PROPERTY iii ila tae a wade hapa Aa i ra 28 DESCRIPTION nie dalia iii O ne 29 VARS cic cos ad a e aan 29 Listener Elements siii ie O e e ARA 29 LS urina e IA ESA TAR Fee a 30 SSEPARA MSG 0 iena lare oral Sle Pas danno 32 AA nn ia ELE ere 34 TAPA ei a iii 35 AGLFILE A In Aa 35 NY ONS AA ai ai 36 O 38 QOSPARA MS nit A A tees we ee iii 40 IWSERIDB sca EA RR AA ata pta 41 WebDAV Elentir AA as ceases 42 DAV cnica a io air dc 42 DAVCOLEECT N a Ss A ia ao 43 Search Elements ci e a 45 SBARCHI iD ea 45 SEARCHCOLLECTION I iii A EE 46 DISPLAYNAME 0000 A a iia 47 Web Application Elements cocida e A a are 47 WEBBER aa De tl ack a 47 Java Configuration
174. r configuration file changes between the 6 0 and the 6 1 version of Sun ONE Web Server The following files are described e magnus conf obj conf e server xml us conf This section lists the magnus conf related changes in the following areas e Init Functions e Directives Init Functions The magnus conf file in SUN ONE Web Server 6 1 has acquired new Init SAFs as listed in the following table Table B 1 magnus conf Init functions Parameter 6 1 Function Parameter Comments NSServlet EarlyInit none Removed 237 magnus conf Table B 1 magnus conf Init functions 6 0 Function Parameter 6 1 Function Parameter Comments NSServletLateInit none nt console init createconsole Removed Removed On Windows you can configure the createconsole attribute of the LOG element to redirect stderr output to the console Directives The magnus conf file has lost directives to other configuration files and some directives supported by the magnus conf file in previous releases are now deprecated The following table summarizes the changes Table B 2 Changes in magnus conf directives 6 0 Directive 6 1 Value AdminLanguage none AsyncDNS AsyncDNS CGIWaitPid none ClientLanguage none DefaultCharSet none ErrorLog none IOTimeout AcceptTimeout LogVerbose none LogVsId logvsid NetsiteRoot none Comments Deprecated Ignored Even if the value is set to on the server does not
175. r the vs element VS subelements Element Required Description DESCRIPTION zero or one Contains a text description of this element VARS zero or one Specifies a property or a variable of the VS PROPERTY zero or more Specifies a property or a variable of the VS QOSPARAMS zero or one Defines quality of service parameters USERDB zero or more Defines the user database for the virtual server DAV zero or one Defines the WebDAV configuration for the virtual server SEARCH zero or one Defines the search configuration for the virtual server WEBAPP zero or more Specifies a web application 38 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Attributes Listener Elements The following table describes attributes for the vs element VS attributes Attribute Default Description id connections urlhosts objectfile rootobject mime none none none objectfile ofthe enclosing VSCLASS default none Virtual server ID This is a unique ID that allows lookup of a specific virtual server Can also be referred to as the variable id in an obj conf file A virtual server ID cannot begin with a number optional A space separated list of LS ids that specify the connection s the virtual server uses Required only for a VS thatis not the defaultvs ofa listen socket A space separated list of values allowed in the Host request header to sel
176. r webserv jstl jar home nb136819 space serve rs slws61 bin https jar webserv admin jar home nb136819 space serv ers slws61 bin https jar ktsearch jar classpathsuffix envclasspathignored true nativelibrarypathprefix debug false debugoptions Xdebug Xrunjdwp transport dt_socket server y suspend n dynamicreloadinterval 1 gt lt JVMOPTIONS gt Dorg xml sax parser org xml sax helpers XMLReaderAdapt er lt JVMOPTIONS gt lt JVMOPTIONS gt Dorg xml sax driver org apache crimson parser XMLReade rImpl lt JVMOPTIONS gt lt JVMOPTIONS gt Djava security manager lt JVMOPTIONS gt lt JVMOPTIONS gt Djava security policy home nb136819 space servers slw s61 https admserv config server policy lt JVMOPTIONS gt lt JVMOPTIONS gt Djava security auth login config home nb136819 space servers slws61 https admserv config login conf lt JVMOPTIONS gt lt JVMOPTIONS gt Djava util logging manager com iplanet ias server logg ing ServerLogManager lt JVMOPTIONS gt lt JVMOPTIONS gt Xms128m Xmx256m lt JVMOPTIONS gt lt SECURITY defaultrealm file anonymousrole ANYONE audit false gt lt AUTHREALM name file classname com iplanet ias security auth realm file FileRealm gt lt PROPERTY name file value home nb136819 space servers slws61 https admserv config key file gt lt PROPERTY name jaas context value fileRealm gt lt AUTHREALM gt lt SECURITY gt
177. reated when the server is started ServerID none Deprecated ServerName none Deprecated See the servername attribute of the LS element in the server xml file ServerRoot none Deprecated SSL2 none See the ss12 attribute of the SSLPARAMS element in server xml SSL3 none See the ss13 attribute of the SSLPARAMS element in server xml SSL3Ciphers none See the the ssl3tlsciphers attribute of SSLPARAMS element in server xml SSLClientAuth clientauth See thethe clientauth attribute Appendix A of the SSLPARAMS element in server xml Configuration Changes Between Planet Web Server 4 1 and Sun ONE Web Server 6 1 2311 obj conf Table A 1 magnus conf changes 4 x Directive 6 1 Directive Comments VirtualServerFile none Obsolete due to virtual server implementation obj conf The obj conf file has lost its Init directives to the magnus conf file and acquired new directives and parameters Table A 2 summarizes the changes in the obj conf file Only the changed directives are listed Table A 2 obj conf changes 4 x Directive 6 1 Directive Comments Init functions none All functions have moved to magnus conf except for cache init and load types which are obsolete for load types see the MIME element in the server xml file Service fn parse html Service fn shtml_send contexts properties The contexts properties file is no longer supported Servlet contexts or web applications are now defined
178. recommended allowed to run before being killed CGIStubIdleTimeout Any number 30 Causes the server to kill any of seconds CGIStub processes that have been idle for the number of seconds set by this directive Once the number of processes is at MinCGIStubs the server does not kill any more processes CGIWaitPid on off on UNIX only makes the action for the SIGCHLD signal the system default action for the signal Makes the SHTML engine wait explicitly on its exec cmd child processes ChildRestartCallback on off yes no Forces the callback of NSAPI no true functions that were registered using false the daemon_atrestart function when the server is restarting or shutting down ChunkedRequestBufferSiz Any number 8192 Determines the default buffer size ChunkedRequest Timeout ClientLanguage ConnQueueSize DefaultCharSet of bytes Any number of seconds en English fr French de German ja Japanese Any number of connections A valid character set name 60 1 minute en 4096 iso 8859 1 for un chunking request data Determines the default timeout for un chunking request data Specifies the language for client messages such as File Not Found Specifies the number of outstanding yet to be serviced connections that the web server can have Specifies the default character set for the server The default language is used for both the client responses and administration
179. request with 403 forbidden if this check fails Optional Common to all obj conf functions PathCheck fn find links disable sh dir foreign dir PathCheck fn find links disable so dir public_html See Also unix home find pathinfo Applicable in pathcheck class directives The find pathinfo function finds any extra path information after the file name in the URL and stores it for use in the CGI environment variable PATH_INFO Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Parameters The following table describes parameters for the find pathinfo function Table 4 20 find pathinfo parameters Parameter Description bucket Optional Common to all ob j conf functions Examples PathCheck fn find pathinfo PathCheck fn find pathinfo find pathinfo forward get client cert Applicable in PathCheck class directives The get client cert function gets the authenticated client certificate from the SSL3 session It can apply to all HTTP methods or only to those that match a specified pattern It only works when SSL is enabled on the server If the certificate is present or obtained from the SSL3 session the function returns REQ_NOACTION allowing the request to proceed otherwise it returns REQ_ABORTED and sets the protocol status to 403 FORBIDDEN causing the request to fail and the client to be given the FORBIDDEN status Chapter 4 Predefined SAF
180. ressed version e If set to no the compressed version will always be selected even if it is older than the noncompressed version By default the value is set to yes vary Specifies whether to insert a Vary Accept Encoding header Possible values are yes or no e Ifsettoyes aVary Accept Encoding header is always inserted when a compressed version of a file is selected e Ifsettono aVary Accept Encoding header is never inserted By default the value is set to yes bucket Optional Common to all ob j conf functions Example lt Object name default gt NameTrans fn assign name from html name find compressed lt Object gt lt Object name find compressed gt PathCheck fn find compressed lt Object gt See Also http compression Chapter 4 Predefined SAFs in obj conf 141 PathCheck deny existence Applicable in PathCheck class directives The deny existence function sends a not found message when a client tries to access a specified path The server sends not found instead of forbidden so the user cannot tell if the path exists Parameters The following table describes parameters for the deny existence function Table 4 17 deny existence parameters Parameter Description path Optional Wildcard pattern of the file system path to hide If the path does not match the function does nothing and returns REO_NOACTION If the path
181. ri clean denies access to requests with unsafe path names by indicating not found check acl Applicable in PathCheck class directives The check ac1 function specifies an access control list ACL to use to check whether the client is allowed to access the requested resource An access control list contains information about who is or is not allowed to access a resource and under what conditions access is allowed Regardless of the order of PathCheck directives in the object check acl functions are executed first They cause user authentication to be performed if required by the specified ACL and will also update the access control state Parameters The following table describes parameters for the check ac1 function Table 4 15 check acl parameters Parameter Description acl Name of an access control list path Optional Wildcard pattern that specifies the path for which to apply the ACL bucket Optional Common to all obj conf functions Example PathCheck fn check acl acl HRonly Chapter 4 Predefined SAFs in obj conf 139 PathCheck find compressed Applicable in PathCheck class directives The find compressed function checks if a compressed version of the requested file is available If the following conditions are met find compressed changes the path to point to the compressed file e A compressed version is available e The compressed version is at least as recent as the noncompressed v
182. ributes zero or more Description Specifies a property or a variable Attribute jndiname restype factoryclass enabled Default none none none true Description Specifies the JNDI name for the resource Specifies the fully qualified type of the resource Specifies the fully qualified name of the user written factory class which implements javax naming spi ObjectFactory optional Determines whether this resource is enabled at runtime Legal values are on off yes no 1 0 true false EXTERNALJNDIRESOURCE Defines a resource that resides in an external JNDI repository For example a generic Java object could be stored in an LDAP server An external JNDI factory must implement the javax naming spi InitialContextFactory interface Subelements The following table describes subelements for the EXTERNALJNDIRESOURCE element EXTERNALJNDIRESOURCE subelements Element Description DESCRIPTION Contains a text description of this element PROPERTY zero or more Specifies a property or a variable Chapter 2 Server Configuration Elements in server xml 57 Resource Elements Attributes The following table describes attributes for the EXTERNALJNDIRESOURCE element EXTERNALJNDIRESOURCE attributes Attribute Default Description jndiname none Specifies the JNDI name for the resource
183. rictHttpHeaders on off Default on TerminateTimeout Specifies the time that the server waits for all existing connections to terminate before it shuts down Default 30 seconds ThreadIncrement The number of additional or new request processing threads created to handle an increase in the load on the server for example when the number of pending connections in the request processing queue exceeds the number of idle request processing threads When a server starts up it creates RgThrott 1eMin number of request processing threads As the load increases it creates ThreadIncrement additional request processing threads until RaThrottle request processing threads have been created Default The default value is 10 UseNativePoll UNIX only Uses a platform specific poll interface when set to 1 on Uses the NSPR poll interface in the KeepAlive subsystem when set to 0 off Default 1 on Chapter 3 Syntax and Use of magnus conf 87 Native Thread Pools Native Thread Pools This section lists the directives for controlling the size of the native kernel thread pool You can also control the native thread pool by setting the system variables NSCP_POOL_STACKSIZE NSCP_POOL_THREADMAX and NSCP_POOL_WORKQUEUEMAX If you have set these values as environment variables and also in magnus conf the environment variable values will take precedence The native pool on UNIX is normally not engaged as all threads
184. rity The Security directive globally enables or disables SSL by making certificates available to the server instance It must be on for virtual servers to use SSL If enabled the user is prompted for the administrator password in order to access certificates and so on NOTE When you create a secure listen socket through the Server Manager security is automatically turned on globally in magnus conf When you create a secure listen socket manually in server xml security must be turned on by editing magnus conf Syntax Security onloff Default off Example Security off ServerString Allows the administrator to change the string sent with the Server HTTP header Syntax ServerString string string is the new string to send as the header All characters including quotes will be sent The string none will cause the header to not be sent at all Example ServerString My Own Server 1 0 ServerString none SSLCacheEntries Specifies the number of SSL sessions that can be cached There is no upper limit Syntax SSLCacheEntries number If the number is 0 the default value which is 10000 is used 94 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Security SSLClientAuthDataLimit Specifies the maximum amount of application data in bytes that is buffered during the client certificate handshake phase Default The default value is 1048576 1 MB SSLClientAuthTimeout
185. rn means does not match For a list of characters that can be used in patterns see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Parameters The following table describes parameters for the send file function Chapter 4 Predefined SAFs in obj conf 189 Service Table 4 57 send file parameters Parameter Description nocache Optional Prevents the server from caching responses to static file requests For example you can specify that files in a particular directory are not to be cached which is useful for directories where the files change frequently The value you assign to this parameter is ignored If you do not wish to use this parameter leave it out type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service type magnus internal method GET HEAD fn send file In the following example the server does not cache static files from export somedir when requested by the URL prefix myur1 190 Sun ONE Web Se
186. root variable lt PROPERTY name docroot value server docs class2 acme gt A docroot variable allows different document root directories to be assigned for different virtual servers The variable is then used in the obj conf file For example NameTrans fn document root root docroot Using this docroot variable allows you to define different document roots for different virtual servers within the same virtual server class Format of a Variable A variable is found in obj conf when the following regular expression matches S A Za z A Za z0 9_ This expression represents a followed by one or more alphanumeric characters A delimited version property is not supported To get a regular character use to have variable substitution The id Variable A special variable id is always available within a vs element and refers to the value of the id attribute It is predefined and cannot be overridden The id attribute uniquely identifies a virtual server For example lt PROPERTY name docroot value export Sid gt If the id attribute of the parent vs element is myserver the docroot variable is set to the value export myserver Other Important Variables In a default installation the following variables are used to configure various aspects of the server s operation Unlike the id variable they are not predefined in the server and they can be overridden 70 Sun ONE Web Server 6 1 Ad
187. ror 210 Table 4 74 query handler parameters Parameter Description code Optional Three digit number representing the HTTP response status code such as 401 or 407 This can be any HTTP response status code or reason phrase according to the HTTP specification The following is a list of common HTTP response status codes and reason strings e 401 Unauthorized e 403 Forbidden e 404 Not Found e 500 Server Error bucket Optional Common to all obj conf functions Examples Error query fn query handler path http cgi do grep Error query fn query handler path http cgi proc info remove filter Applicable in Input Output Service and Error class directives The remove filter SAF is used to remove a filter from the filter stack If the filter has been inserted multiple times only the topmost instance is removed In general it is not necessary to remove filters with remove filter as they will be removed automatically at the end of the request Returns Returns REQ_PROCEED if the specified filter was removed successfully or REQ_NOACTION if the specified filter was not part of the filter stack Any other return value indicates an error Parameters The following table describes parameters for the remove filter function Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Error Table 4 75 remove filter parameters Parameter Descrip
188. rver 6 1 NSAPI Programmer s Guide August 2003 Service lt Object name default gt NameTrans fn pfx2dir from myurl dir export mydir name myname Service method GET HEAD POST type magnus internal fn send file lt Object gt lt Object name myname gt Service method GET HEAD type magnus internal fn send file nocache lt Object gt send range Applicable in service class directives When the client requests a portion of a document by specifying HTTP byte ranges the send range function returns that portion Parameters The following table describes parameters for the send range function Table 4 58 send range parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Servi ce class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Chapter 4 Predefined SAFs in obj conf 191 Service Example Service fn send rang send shellcgi Applicable in Service class directives Windows Only The send shellcg
189. rvers share the same log file 110 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Summary of Init Functions and Directives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description MaxCGIStubs Any number 10 Controls the maximum number of MaxKeepAliveConnections MaxProcs axRgHeaders inCGIStubs taHost NativePoolMaxThreads NativePoolMinThreads NativePoolQueueSiz NativePoolStackSize of CGI stubs 0 32768 0 32 32 Any number 2 less than MaxCGIStubs A valid e mail address none Any number of threads Any number 1 of threads Any 0 nonnegative number Any 0 nonnegative number Chapter 3 CGIStub processes the server can spawn This is the maximum concurrent CGIStub processes in execution not the maximum number of pending requests Specifies the maximum number of Keep Alive and persistent connections that the server can have open simultaneously UNIX only Specifies the maximum number of processes that the server can have running simultaneously Specifies the maximum number of header lines in a request Controls the number of processes that are started by default Specifies the SMTP mail server used by the server s agents This value must be specified before reports can be sent to a mailing address Determines the maximum number of threads in the native kernel thread pool De
190. ry sun com 389 dc 3Dcom The following table describes properties in the abswitch conf file The left column lists the property names The second column from the left lists allowed values The third column from the left lists default values The right column lists property descriptions dbswitch conf properties Property Allowed Default Description Values Value nsessions A positive 8 The number of LDAP connections for the integer database dyngroups off on on Determines how dynamic groups are recursive handled If of f dynamic groups are not supported If on dynamic groups are supported If recursive dynamic groups can contain other groups binddn A valid DN The DN used for connecting to the database If both binddn and bindpw are not present binding is anonymous bindpw The password used for connecting to the database If both binddn and bindpw are not present binding is anonymous 220 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 dbswitch conf properties dbswitch conf Property Allowed Default Values Value Description dcsuffix digestauth syntax keyfile digestfile groupfile A valid DN none relative to the LDAP URL off on off keyfile keyfil digest htaccess If present the default value of the base DN for the request s virtual server is determined by a dc tree search of the connection group s servername attribute starting a
191. s Parameter Description bucket Optional Common to all obj conf functions Example ObjectType fn shtml hacktyp xec hack tru type by exp Applicable in object Type class directives The t ype by exp function matches the current path with a wildcard expression If the two match the type parameter information is applied to the file This is the same as type by extension except you use wildcard patterns for the files or directories specified in the URLs Parameters The following table describes parameters for the type by exp function Table 4 34 type by exp parameters Parameter Description exp Wildcard pattern of paths for which this function is applied type Optional Type assigned to a matching request the Content Type header enc Optional Encoding assigned to a matching request the Content Encoding header lang Optional Language assigned to a matching request the Content Language header charset Optional is the character set for the magnus charset parameter in rq gt srvhdrs If the browser sent the Accept Charset header or its User Agent is Mozilla 1 1 or newer then append charset charset to content type where charset is the value of the magnus charset parameter in rq gt srvhdrs 160 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 ObjectType Table 4 34 type by exp parameters Parameter Description bucket Optional Common to all obj conf
192. s erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Examples Service query fn query handler path http cgi do grep Service query fn query handler path http cgi proc info Chapter 4 Predefined SAFs in obj conf 181 Service remove dir Applicable in Service class directives The remove dir function removes a directory when the client sends a request whose method is RMDIR The directory must be empty have no files in it The function will fail if the directory is not empty or if the server doesn t have the privileges to remove the directory When remote file manipulation is enabled in the server the obj conf file contains a Service class function that invokes remove dir when the request method is RMDIR Parameters The following table describes parameters for the remove dir function Table 4 51 remove dir parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Opti
193. s determine the requirement rules or number of allowed occurrences for the subelements Requirement rules and subelement suffixes Subelement Suffix Requirement Rule element Can contain zero or more of this subelement element Can contain zero or one of this subelement element Must contain one or more of this subelement element no suffix Must contain only one of this subelement 24 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 The sun web server_6_1 dtd File If an element cannot contain other elements you see EMPTY or PCDATA instead of a list of element names in parentheses Data Some elements contain character data instead of subelements These elements have definitions of the following format lt ELEMENT element name PCDATA gt For example lt ELEMENT DESCRIPTION PCDATA gt In the server xml file white space is treated as part of the data in a data element Therefore there should be no extra white space before or after the data delimited by a data element For example lt DESCRIPTION gt myserver lt DESCRIPTION gt Attributes Elements that have ATTLIST tags contain attributes name value pairs For example lt ATTLIST JDBCRESOURCE jndiname CDATA REQUIRED poolname CDATA REQUIRED enabled Sboolean true gt A JDBCRESOURCE element can contain jndiname poolname and enab
194. s functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Servi ce class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out query Optional Common to all Service class functions bucket Optional Common to all obj conf functions Example Service type magnus internal shtml_send method GET HEAD fn shtml_send stats xml Applicable in Service class directives Chapter 4 Predefined SAFs in obj conf 199 Service The stats xml function creates a performance report in XML format If performance buckets have been defined this performance report includes them However you do need to initialize this function using the stats init function in magnus conf then use a NameTrans function to direct requests to the stat s xml function See the examples below The report is generated here http server_id port stats xml iwsstats xml The associated DTD file is here http server_id port stats xml iwsstats dtd For more information about the format of the iwsstats xml file see the Sun ONE Web Server 6 1 Performance Tuning Sizing and Scaling Guide Parameters The following table describes parameters for the stats xm1 function Table 4 66 stats xml parameters Parameter Description type Optional Common to all Service
195. s in obj conf 145 PathCheck Parameters The following table describes parameters for the get client cert function Table 4 21 get client cert parameters Parameter dorequest require method bucket Description Controls whether to actually try to get the certificate or just test for its presence If dorequest is absent the default value is 0 e 1 tells the function to redo the SSL3 handshake to get a client certificate if the server does not already have the client certificate This typically causes the client to present a dialog box to the user to select a client certificate The server may already have the client certificate if it was requested on the initial handshake or if a cached SSL session has been resumed e 0 tells the function not to redo the SSL3 handshake if the server does not already have the client certificate If a certificate is obtained from the client and verified successfully by the server the ASCII base64 encoding of the DER encoded X 509 certificate is placed in the parameter auth cert in the Request gt vars pblock and the function returns REQ_PROCEED allowing the request to proceed I Controls whether failure to get a client certificate will abort the HTTP request If require is absent the default value is 1 e 1 tells the function to abort the HTTP request if the client certificate is not present after dorequest is handled In this case the HTTP status is se
196. s in obj conf 185 Service For details about the CGI environment variables and their NSAPI equivalents see the Sun ONE Web Server 6 1 NSAPI Programmer s Guide For additional information about CGI see the Sun ONE Web Server 6 1 Administrator s Guide and the Sun ONE Web Server 6 1 Programmer s Guide There are three ways to change the timing used to flush the CGI buffer e Adjust the interval between flushes using the flushTimer parameter e Adjust the buffer size using the UseOutput St reamSize parameter e Force Sun ONE Web Server to flush its buffer by forcing spaces into the buffer in the CGI script Parameters The following table describes parameters for the send cgi function Table 4 55 send cgi parameters Parameter Description user group chroot dir rlimit_as rlimit_core rlimit_nofile UNIX only Specifies the name of the user to execute CGI programs as UNIX only Specifies the name of the group to execute CGI programs as UNIX only Specifies the directory to chroot to before execution begins UNIX only Specifies the directory to chdir to after chroot but before execution begins UNIX only Specifies the maximum CGI program address space in bytes You can supply both current soft and maximum hard limits separated by a comma The soft limit must be listed first If only one limit is specified both limits are set to this value UNIX only Specifies the ma
197. s properties in the nsfc conf file The left column lists the property names The second column from the left lists allowed values The third column from the left lists default values The right column lists property descriptions Chapter 6 Other Server Configuration Files 223 nsfc conf 224 nsfc conf properties Attribute Allowed Default Description Values Value FileCacheEnable on off on Enables the file cache CacheFileContent on off on Enables caching of file contents as well as file information for files smaller than MediumFileSizeLimit smaller than SmallFileSizeLimit if TransmitFile ison MaxAge Number of 30 The maximum age of a valid cache entry seconds This setting controls how long cached information is used once a file has been cached An entry older than MaxAge is replaced by a new entry for the same file MediumFileSizeLimi Limited by 537600 UNIX only Maximum size of a file that t available 525K can be cached as a memory mapped file if memory TransmitFile is off MediumFileSpace Limited by 10485760 Total size of all files that are cached as available 10 M memory mapped files if TransmitFile memory is off SmallFileSizeLimit Limited by 2048 2K UNIX only Maximum size of a file that available can be read into memory memory SmallFileSpace Limited by 1048576 Total size of all files that are read into available UNIX 1 memory memory M 0 Windows TransmitFile on of f on Enables use of the Transm
198. s the server function find pathinfo does by default The value you assign to this parameter is ignored If you do not wish to use this parameter leave it out The find pathinfo forward parameter is ignored if the ntrans base parameter is not set in rg gt vars when the server function find pathinfo is called By default ntrans base is set This feature can improve performance for certain URLs by reducing the number of stats performed in the server function find pathinfo On Windows this feature can also be used to prevent the PATHINFO from the server URL normalization process changing to when the PathCheck server function find pathinfo is used Some double byte characters have hexadecimal values that may be parsed as URL separator characters such as or Using the find pathinfo forward parameter can sometimes prevent incorrect parsing of URLs containing double byte characters Optional Common to all obj conf functions In the first example the URL http server name cgi bin resource such as http x y z cgi bin test cgi is translated to the physical path name httpd cgi local resource such as httpd cgi local test cgi and the server also starts processing the directives in the object named cgi NameTrans fn pfx2dir from cgi bin dir httpd cgi local name cgi In the second example the URL http server name icons resource such as http x y z icons happy smiley gif is translated to the physical pa
199. sconfig The server starts the search in the directory D Sun WebServer61 serverl docs nikki and searches subdirectories too It loads each instance of checkaccess nsconfig that it finds applying the access control rules contained therein to determine whether the client is allowed to access the requested resource Chapter 4 Predefined SAFs in obj conf 149 PathCheck lt Object ppath secret gt PathCheck fn load config file checkaccess nsconfig basedir D Sun WebServer61 serverl docs nikki descend 1 lt Object gt nt uri clean Applicable in Pathcheck class directives Windows Only The nt uri clean function denies access to any resource whose physical path contains or these are potential security problems Parameters The following table describes parameters for the nt uri clean function Table 4 23 nt uri clean parameters Parameter Description tildeok If present allows tilde characters in URIs This is a potential security risk on the Windows platform where longfi 1 htm might reference longfilename htm but does not go through the proper ACL checking If present sequences are allowed dotdirok If present sequences are allowed bucket Optional Common to all obj conf functions Example PathCheck fn nt uri clean See Also unix uri clean 150 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck
200. see Variables For a list of variables commonly defined in server xml see Variables Used in the Interface A property adds configuration information to its parent element that is one or both of the following e Optional with respect to Sun ONE Web Server e Needed by a system or object that Sun ONE Web Server doesn t have knowledge of such as an LDAP server or a Java class For example an AUTHREALM element can include PROPERTY subelements lt AUTHREALM name file classname com iplanet ias security auth realm file FileRealm gt lt PROPERTY name file value instance dir config keyfile gt lt PROPERTY name jaas context value fileRealm gt lt AUTHREALM gt Which properties an AUTHREALM element uses depends on the value of the AUTHREALM element s name attribute The file realm uses file and jaas context properties Other realms use different properties Subelements The following table describes subelements for the PROPERTY element PROPERTY subelements Element Required Description DESCRIPTION zero or one Contains a text description of the property Attributes The following table describes attributes for the PROPERTY element 28 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Listener Elements PROPERTY attributes Attribute Default Description name none Specifies the name of the property or variable value no
201. session and stores it as the ss1 id variable in the Session gt client parameter block e qos handler handles the current quality of service statistics basic auth Applicable in AuthTrans class directives The basic auth function calls a custom function to verify authorization information sent by the client The Authorization header is sent as part of the basic server authorization scheme This function is usually used in conjunction with the PathCheck class function require auth Parameters The following table describes parameters for the basic auth function Table 4 2 basic auth parameters Parameter Description auth type Specifies the type of authorization to be used This should always be basic userdb Optional Specifies the full path and file name of the user database to be used for user verification This parameter will be passed to the user function 122 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 AuthTrans Table 4 2 basic auth parameters Parameter Description userfn Name of the user custom function to verify authorization This function must have been previously loaded with load modules It has the same interface as all of the SAFs but it is called with the user name user password pw user database userdb and group database groupdb if supplied in the pb parameter The user function should check the name and password using the database and return REO_NOACTION if they
202. set to true Legal values are on of f yes no 1 0 true false Properties Most JDBC 2 0 drivers allow use of standard property lists to specify the user password and other resource configuration information Although properties are optional with respect to Sun ONE Web Server some properties may be necessary for most databases For details see Section 5 3 of the JDBC 2 0 Standard Extension API When properties are specified they are passed to the vendor s data source class specified by the datasourceclassname attribute using set Name value methods The following table describes some common properties for the JDBCCONNECTIONPOOL element The left column lists the property name and the right column describes what the property does JDBCCONNECTIONPOOL properties Property Description user Specifies the user name for this connection pool password Specifies the password for this connection pool databaseName Specifies the database for this connection pool serverName Specifies the database server for this connection pool port Specifies the port on which the database server listens for requests networkProtocol Specifies the communication protocol 62 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Resource Elements JDBCCONNECTIONPOOL properties Property Description roleName Specifies the initial SQL role name datasourceName Specifies an underlying XADat aSource ora
203. t is returned after the NameTrans step The path is checked for things such as CGI path information and for dangerous elements such as and and and then any access restriction is applied 138 If there is more than one PathCheck directive each of the functions is executed in order The following PathCheck class functions are described in detail in this section check acl checks an access control list for authorization deny existence indicates that a resource was not found find index locates a default file when a directory is requested find links denies access to directories with certain file system links find pathinfo locates extra path info beyond the file name for the PATH_INFO CGI environment variable get client cert gets the authenticated client certificate from the SSL3 session load config finds and loads extra configuration information from a file in the requested path nt uri clean denies access to requests with unsafe path names by indicating not found ntcgicheck looks for a CGI file with a specified extension Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck e pcheck dav inserts a DAV specific service function e require auth denies access to unauthorized users or groups e set virtual index specifies a virtual index for a directory e ssl check checks the secret keysize e ssl logout invalidates the current SSL session in the server s SSL session cache e unix u
204. t the dcsuffix DN If not present the default value of the base DN is the base DN value in the LDAP URL The basedn attribute of a USERDB element in the server xml file overrides this value Specifies whether the database can perform digest authentication If on a special Directory Server plugin is required For information about how to install this plugin see the Sun ONE Web Server 6 1 Administrator s Guide Specifies what type of file auth db will be used Specifies the path to the keyfile Required if syntax is set to keyfile Specifies the path to the digestfile Required if syntax is set to digestfile Path to the AuthGroupFile If the groupfile is the same as the userfile this file contains both user and group data otherwise it contains only group data Required if syntax is set to htaccess For more information about the syntax of the AuthGroupFile see the Sun ONE Web Server 6 1 Administrator s Guide Chapter 6 Other Server Configuration Files 221 Deployment Descriptors dbswitch conf properties Property Allowed Default Description Values Value userfile Path to the AuthUserFile If the userfile is the same as the groupfile this file contains both user and group data otherwise it contains only user data Required if syntax is set to htaccess For more information about the syntax of the AuthUserFile see the Sun ONE Web Server 6 1 Administrator s Guide Deployment Descriptors
205. t to PROTOCOL_FORBIDDEN and the function returns REQ ABORTED e 0 tells the function to return REQ_NOACTION if the client certificate is not present after dorequest is handled Optional Specifies a wildcard pattern for the HTTP methods for which the function will be applied If method is absent the function is applied to all requests Optional Common to all obj conf functions 146 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 PathCheck Example Get the client certificate from the session If a certificate is not already associated with the session request one The request fails if the client does not present a valid certificate PathCheck fn get client cert dorequest 1 load config Applicable in PathCheck class directives The load config function searches for configuration files in document directories and adds the file s contents to the server s existing configuration These configuration files also known as dynamic configuration files specify additional access control information for the requested resource Depending on the rules in the dynamic configuration files the server may or may not allow the client to access the requested resource Each directive that invokes load config is associated with a base directory which is either stated explicitly through the basedir parameter or derived from the root directory for the requested r
206. ter Description type Optional Common to all Service class functions Chapter 4 Predefined SAFs in obj conf 201 AddLog AddLog Table 4 67 upload file parameters Parameter Description method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Service class functions ChunkedRequestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service fn upload fil After the server has responded to the request the AddLog directives are executed to record information about the transaction If there is more than one AddLog directive all are executed The following AddLog class functions are described in detail in this section e common log records information about the request in the common log format e flex log records information about the request in a flexible configurable format e record useragent records the client s IP address and User Agent header common log Applicable in AddLog class directives 202 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 AddLog The common 1og function records request specific data in the common log format used by most HTTP servers
207. ter Description path Path and name of the home page file If path starts with a slash it is assumed to be a full path to a file This function sets the server s path variable and returns REQ_PROCEED If path is a relative path it is appended to the URI and the function returns REQ_NOACTION continuing on to the other NameTrans directives bucket Optional Common to all obj conf functions Examples NameTrans fn document root root usr sun webserver61 serverl docs NameTrans fn document root root docroot ntrans dav Applicable in NameTrans class directives The ntrans dav function determines whether a request should be handled by the WebDAV subsystem and if so adds a dav object to the pipeline Chapter 4 Predefined SAFs in obj conf 131 NameTrans Parameters The following table describes parameters for the ntrans dav function Table 4 9 ntrans dav parameters Parameter Description name Specifies an additional named object in obj conf whose directives will be applied to this request bucket Optional Common to all obj conf functions Example NameTrans fn ntrans dav name dav See Also service dav ntrans j2ee Applicable in NameTrans class directives The ntrans j2ee function determines whether a request maps to a Java web application context Parameters The following table describes parameters for the ntrans j2ee function Table 4 10 ntrans j2ee
208. termines the minimum number of threads in the native kernel thread pool Determines the number of threads that can wait in the queue for the thread pool Determines the stack size of each thread in the native kernel thread pool Syntax and Use of magnus conf 111 Summary of Init Functions and Directives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description Net SiteRoot A path none Specifies the absolute pathname to the top level directory under which server instances can be found There is no default value you must specify a value PidLog A valid pathto none Specifies a file in which to record the a file process ID pid of the base server process PostThreadsEarly 1 on 0 off 0 off If on checks whether the minimum number of threads are available at a socket after accepting a connection but before sending the response to the request RevBufSize Range is 0 uses Controls the size of the receive platform platform buffer at the server s sockets specific specific default RqThrottle Any number Specifies the maximum number of of requests simultaneous request processing threads that the server can handle simultaneously per socket RqThrottleMin Any number Specifies the number of request less than processing threads that are created RaThrottle when the server is started As the load on the server increases more request processing threads are created up
209. terval parameter 106 upload file function 201 uri parameter 170 171 uri property 233 URL mapping to other servers 133 url parameter 135 url prefix parameter 135 UseNativePoll magnus conf directive 87 UseNativePoll directive 114 UseOutputStreamSize magnus conf directive 96 264 Sun ONE lt Product Name gt Administrator s Guide April 2001 obj conf Service parameter 167 UseOutputStreamSize directive 114 User magnus conf directive 79 user account specifying 79 User Database Selection 67 User directive 115 user home directories symbolic links and 144 user parameter 186 USERDB 41 67 userdb directory 20 userdb parameter 122 userfile 222 userfile parameter 124 userfn parameter 123 usesyslog 67 util_strftime 243 V Variable Evaluation 71 Variables send cgi Variables 71 vARIABLES General Variables 71 send cgi Variables 71 verifycert property 219 virtual server log 65 virtual index parameter 153 VirtualServerFile directive 112 232 virtual servers parameter 106 VS 38 VSCLASS 36 id 37 W Web Application Elements 47 WEBAPP 47 WebDAV Elements 42 weekday 243 widths parameter 101 WincgiTimeout magnus conf directive 91 WincgiTimeout directive 115 Index 265 266 Sun ONE lt Product Name gt Administrator s Guide April 2001
210. th name users nikki images resource such as users nikki images smiley gif 134 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 NameTrans NameTrans fn pfx2dir from icons happy dir users nikki images The third example shows the use of the find pathinfo forward parameter The URL http server name cgi bin resource is translated to the physical path name export home cgi bin resource NameTrans fn pfx2dir find pathinfo forward from cgi bin dir export home cgi bin name cgi redirect Applicable in NameTrans class directives The redirect function lets you change URLs and send the updated URL to the client When a client accesses your server with an old path the server treats the request as a request for the new URL Parameters The following table describes parameters for the redirect function Table 4 12 redirect parameters Parameter from url url prefix escape Description Specifies the prefix of the requested URI to match Maybe optional Specifies a complete URL to return to the client If you use this parameter don t use url prefix and vice versa Maybe optional The new URL prefix to return to the client The from prefix is simply replaced by this URL prefix If you use this parameter don t use url and vice versa Optional Flag that tells the server to util_uri_escape the URL before sending it It should be yes or no The default
211. the virtual path does not exist on the system for example for NSAPI plugin URLs to improve performance by avoiding unnecessary stats on those URLs When the default PathCheck server functions are used the server does not stat for the paths ntrans base virtual path and ntrans base virtual path if ntrans base is set the default condition it does not stat for the URLs virtual path and virtual path if ntrans base is not set Optional Common to all obj conf functions Example This NameTrans directive is in the default object NameTrans fn assign name name personnel from a b c pers lt Object name personnel gt additional directives lt Object gt NameTrans fn assign name from perf find pathinfo forward name perf NameTrans fn assign name from nsfc nostat nsfc name nsfc document root Applicable in NameTrans class directives Chapter 4 Predefined SAFs in obj conf 129 NameTrans The document root function specifies the root document directory for the server If the physical path has not been set by a previous NameTrans function the http server name part of the path is replaced by the physical path name for the document root When the server receives a request for http server name somepath somefile the document root function replaces http server name with the value of its root parameter For example if the document root directory is usr s
212. thprefix and classpathsuffix attributes of the JAVA element Appendix B Configuration Changes Between Planet Web Server 6 0 and Sun ONE Web Server 6 1 241 server xml 242 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 Appendix C Time Formats This module describes the format strings used for dates and times in the server log These formats are used by the NSAPI function ut il_strftime by some built in SAFs such as append trailer and by server parsed HTML parse html The formats are similar to those used by the strftime C library routine but not identical The following table describes the format strings for dates and times Format strings Attribute Allowed Values a Abbreviated weekday name 3 chars d Day of month as decimal number 01 31 S Second as decimal number 00 59 M Minute as decimal number 00 59 H Hour in 24 hour format 00 23 Y Year with century as decimal number up to 2099 b Abbreviated month name 3 chars h Abbreviated month name 3 chars T Time HH MM SS LX Time HH MM SS A Full weekday name B Full month name C a b e H M S Y c Date amp time m d y H M S 243 244 Format strings Attribute D e I j k l m n p R r t U YW W YX y Allowed Values Date m d y Day of month as decimal number 1 31 without leading zeros Hour in 12 hour format 01 12 Day of y
213. tion filter Specifies the name of the filter to remove bucket Optional Common to all ob j conf functions Example Error fn remove filter filter http compression Chapter 4 Predefined SAFs in obj conf 211 Error 212 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Introduction Chapter 5 MIME Types This chapter discusses the MIME types file The sections are Introduction Determining the MIME Type How the Type Affects the Response What Does the Client Do with the MIME Type Syntax of the MIME Types File Sample MIME Types File Introduction The MIME types file in the config directory contains mappings between MIME Multipurpose Internet Mail Extensions types and file extensions For example the MIME types file maps the extensions html and htm to the type text html type text html exts htm html When the Sun ONE Web Server receives a request for a resource from a client it uses the MIME type mappings to determine what kind of resource is being requested Chapter 5 MIME Types 211 Determining the MIME Determi ype MIME types are defined by three attributes language lang encoding enc and content type type At least one of these attributes must be present for each type The most commonly used attribute is type The server frequently considers the type when deciding how to generate the response to the client The enc and lang attributes are rarely used
214. tion Parameter Allowed Default Value Description Values stdout console Directs output to the NT perf init disable pool init free size disable register http method methods stats init profiling update interval virtual servers thread pool init true fals 1048576 bytes or less true false A comma separated list yes no 1 or greater 1 or greater tru false no 1000 console Enables system performance measurement via performance buckets Disables the function when true Configures pooled memory allocation optional maximum size in bytes of free block list optional flag to disable the use of pooled memory if true Lets you extend the HTTP protocol by registering new HTTP methods Names of the methods you are registering Enables reporting of performance statistics in XML format Enables NSAPI performance profiling using buckets This can also be enabled through perf init The period in seconds between statistics updates within the server The maximum number of virtual servers for which statistics are tracked This number should be set higher than the number of virtual servers configured Configures an additional thread pool 106 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Summary of Init Functions and Directives in magnus conf magnus conf Init functions Function Parameter Allowed De
215. tion records request specific data in a flexible log format It may also record requests in the common log format There is a log analyzer in the extras flexanlg directory for Sun ONE Web Server There are also a number of free statistics generators for the common log format The log format is specified by the flex init function call For information about rotating logs see flex rotate init in the Sun ONE Web Server 6 1 NSAPI Programmer s Guide Parameters The following table describes parameters for the flex log function Table 4 69 flex log parameters Parameter Description name Optional Gives the name of a log file which must have been given as a parameter to the flex init function in magnus conf If no name is given the entry is recorded in the global log file iponly Optional Instructs the server to log the IP address of the remote client rather than looking up and logging the DNS name This will improve performance if DNS is off in the magnus conf file The value of iponly has no significance as long as it exists you may use iponly 1 bucket Optional Common to all obj conf functions Examples Log all accesses to the global log file AddLog fn flex log Log accesses from outside our subnet 198 93 5 to nonlocallog lt Client ip 198 93 5 gt AddLog fn flex log name nonlocallog lt Client gt 204 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 AddLog
216. tiple languages Legal values are on off yes no 1 0 true false optional Determines whether a virtual server is active on or inactive off disabled The default is on active When inactive a virtual server does not service requests If a virtual server is disabled only the global server administrator can turn it on QOSPARAMS Defines quality of service parameters of an SERVER VSCLASS or vs element Subelements none Attributes The following table describes attributes for the QOSPARAMS element 40 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Listener Elements QOSPARAMS attributes Attribute Default Description maxbps none required if enforcebandwidth is yes The maximum bandwidth limit for the server vsclass or vs in bytes per second enforcebandwidth false optional Specifies whether the bandwidth limit should be enforced or not Allowed values are yes no true false on off 1 0 maxconn none required if enforceconnections is enforceconnections false USERDB yes The maximum number of concurrent connections for the SERVER VSCLASS or VS optional Specifies whether the connection limit should be enforced or not Allowed values are yes no true false on of 1 0 Defines the user database used by the vs element Subelements The following table describes subelements for the usERDB element
217. tisfy client requests optional Specifies the amount of time in milliseconds that the caller is willing to wait for a connection If 0 the caller is blocked indefinitely until a resource is available or an error occurs optional Specifies the number of connections to be destroyed if the existing number of connections is above the steady pool size subject to the max pool size limit This is enforced periodically at the idle time out in seconds interval An idle connection is one that has not been used for a period of idle time out in seconds optional Specifies the maximum time that a connection can remain idle in the pool After this amount of time the pool can close this connection 60 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 JDBCCONNECTIONPOOL attributes Resource Elements Attribute transactionisolati onlevel isolationlevelguar anteed connectionvalidati onrequired connectionvalidati onmethod Default default JDBC driver isolation level true false auto commit Description optional Specifies the transaction isolation level on the pooled database connections Allowed values are read uncommitted read committed repeatable read or serializable Applications that change the isolation level on a pooled connection programmatically risk polluting the pool which can lead to errors See isolationlevelguaranteed for more
218. tives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description IOTimeout Any number 30 for servers Specifies the number of seconds the of seconds that don t use server waits for data to arrive from hardware the client If data does not arrive encryption before the timeout expires then the devices and connection is closed 300 for those that do KeepAliveThreads Any number 1 Specifies the number of threads in of threads the keep alive subsystem It is recommended that this number be a small multiple of the number of processors on the system KeepAliveTimeout 300 seconds 30 Determines the maximum time that maximum the server holds open an HTTP Keep Alive connection or a persistent connection between the client and the server KernelThreads 0 off 1 on 0 off If on ensures that the server uses only kernel level threads not user level threads If off uses only user level threads ListenQ Ranges are 4096 AIX Defines the number of incoming platform 200 NT 128 connections for a server socket specific all others LogFlushInterval Any number 30 Determines the log flush interval in of seconds seconds of the log flush thread LogVerbose on of f off If on logs all server messages including those that are not logged by default LogVsId on of f off Determines whether virtual server IDs are displayed in the error log You should enable LogvsId when multiple virtual se
219. to a maximum of RqThrottle threads Security on off off Globally enables or disables SSL by ServerConfigurationFile ServerID A file name A string server xml none making certificates available to the server instance Must be on for virtual servers to use SSL The name of the file that specifies virtual servers Specifies the server ID such as https boots mcom com 112 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Summary of Init Functions and Directives in magnus conf Table 3 1 magnus conf directives Directive Allowed Values Default Value Description ServerRoot A path none Specifies the server root This directive is set during installation and is commented out Unlike other directives the server expects this directive to start with Do not change this directive SndBufSize Range is 0 uses Controls the size of the send buffer platform platform at the server s sockets specific specific default SSL3SessionTimeout 5 86400 86400 The number of seconds until a 24 hours cached SSL3 session becomes invalid SSLCacheEntries A 10000 usedif Specifies the number of SSL sessions non negative 0 is specified that can be cached There is no integer upper limit SSLClientAuthDataLimit Number of 1048576 Specifies the maximum amount of Bytes 1MB application data that is buffered during the client certificate handshake phase SSLClientAuthTimeout Any num
220. ts loadbal contains the required files for the Resonate load balancer integration plugin nsapi contains header files and example code for creating your own functions using NSAPI For more information see the Sun ONE documentation web site at http docs iplanet com docs manuals enterprise html search contains information for your server s search plugins snmp contains information for your server s SNMP plugins e setup contains the various Sun ONE Web Server setup files including setup log and uninstall inf e userdb contains user databases and related information e LICENSE txt is the license file e README txtis the readme file that contains a link to the Sun ONE Web Server Release Notes UNIX and Linux Platforms In addition to the files and directories described in All Platforms the following files are created at the server root directory for UNIX and Linux platforms e startconsole launches a browser to the Administration Server page The following files are created under the server root https admserv directory for UNIX and Linux platforms O ClassCache contains classes and Java files generated as result of the compilation of JavaServer pages conf_bk contains backup copies of the server s configuration files config contains the Administration Server configuration files logs contains the Administration Server log files SessionData contains session database data from MMapSessionManager
221. ts the correspondences between the jvm12 conf file in Planet Web Server 6 0 and the server xml file in Sun ONE Web Server 6 1 Table B 6 jvm12 conf and server xml correspondences jvm minHeapSize Use the Xms lt value gt JVM option Example lt JVMOPTIONS gt Xms128m Xmx256m lt JVMOPTIONS gt jvm maxHeapSize Use the Xmx lt value gt JVM option Example lt JVMOPTIONS gt Xms128m Xmx256m lt JVMOPTIONS gt 240 Sun ONE Web Server 6 1 Administrators Configuration File Reference August 2003 jvm jvm jvm jvm jvm server xml Table B 6 jvm12 conf and server xml correspondences enableClassGC option profiler verboseMode printErrors disableThreadRecycling serializeAttach stickyAttach trace allowExit include CLASSPATH enableDebug jvm classpath Use the Xnoclassgc JVM option to disable garbage collection Use the JVMOPTIONS element Use the PROFILER element Use the verbose JVM option Not supported Not supported Not supported Not supported Configured in the LOGLEVEL element of the web container Refer to the following document for more information about how this is configured in the server policy file http java sun com 32se 1 4 1 docs guide s ecurity permissions html Use the envclasspathignored attribute of the JAVA element Use the debug and debugoptions attributes of the JAVA element Use the classpa
222. ttribute Allowed Default Description Values Value FilterComps See Commente Used to form the filter for performing an Description d out LDAP search while mapping the certificate to a user entry Values are as follows e Commented out or empty sets the filter to objectclass e Comma separated attributes forms the filter verifycert onoroff off Specifies whether certificates are verified comment ed out CmapLdapAttr LDAP certSubject Specifies the name of the attribute in the attribute DN LDAP database that contains the DN of name comment the certificate ed out library Path to None Specifies the library path for custom shared lib or certificate mapping code dll InitFn Name of None Specifies the initialization function in the initialization certificate mapping code referenced by function library dbswitch conf Purpose Specifies the LDAP directory that Sun ONE Web Server uses Location server_root userdb Syntax directory name LDAP_URL name property1 valuel name property2 value2 The default contents of this file are as follows Chapter 6 Other Server Configuration Files 219 dbswitch conf directory de fault null none Edit the file as follows for anonymous binding over SSL directory de fault ldaps directory sun com 636 dc 3Dcom Edit the file as follows for anonymous binding not over SSL directory de See Also User Database Selection fault ldap directo
223. ues by processing the directives in the personnel object The assign name function always returns REQ_NOACTION Parameters The following table describes parameters for the assign name function Table 4 6 assign name parameters Parameter Description from Wildcard pattern that specifies the path to be affected name Specifies an additional named object in obj conf whose directives will be applied to this request find pathinfo forw Optional Makes the server look for the PATHINFO ard forward in the path right after the nt rans base instead of backward from the end of path as the server function assign name does by default The value you assign to this parameter is ignored If you do not wish to use this parameter leave it out The find pathinfo forward parameter is ignored if the nt rans base parameter is not set in rq gt vars By default ntrans base is set This feature can improve performance for certain URLs by reducing the number of stats performed 128 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Table 4 6 NameTrans assign name parameters Parameter nostat bucket Description Optional Prevents the server from performing a stat on a specified URL whenever possible The effect of nostat virtual path in the NameTrans function assign name is that the server assumes that a stat on the specified virtual path will fail Therefore use nostat only when the path of
224. uff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example The following example uses variables defined in the server xml file for the send cgi parameters For more information about defining variables see the Sun ONE Web Server 6 1 Administrator s Configuration File Reference Chapter 4 Predefined SAFs in obj conf 187 Service 188 lt Object name default gt NameTrans fn pfx2dir from cgi bin dir home foo com public_html cgi bin name cgi lt Object gt lt Object name cgi gt ObjectType fn force type type magnus internal cgi Service fn send cgi user Suser group Sgroup dir dir chroot chroot nice nice lt Object gt send error Applicable in service class directives The send error function sends an HTML file to the client in place of a specific HTTP response status This allows the server to present a friendly message describing the problem The HTML page may contain images and links to the server s home page or other pages Parameters The following table describes parameters for the send error function Table 4 56 send error parameters Parameter Description path Specifies the full file system path of an HTML file to send to the client The file is sent as text html regardless of its name or actual type If the
225. un webserver61 serverl docs then when the server receives a request for http server name a b file html the document root function translates the path name for the requested resource to usr sun webserver61 serverl docs a b file html This function always returns REQ_PROCEED NameTrans directives listed after this will never be called so be sure that the directive that invokes document root is the last NameTrans directive There can be only one root document directory To specify additional document directories use the pfx2dir function to set up additional path name translations Parameters The following table describes parameters for the document root function Table 4 7 document root parameters Parameter Description root File system path to the server s root document directory bucket Optional Common to all obj conf functions Examples NameTrans fn document root root usr sun webserver61 serverl docs NameTrans fn document root root docroot See Also p x2dir 130 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 NameTrans home page Applicable in NameTrans class directives The home page function specifies the home page for your server Whenever a client requests the server s home page they ll get the document specified Parameters The following table describes parameters for the home page function Table 4 8 home page parameters Parame
226. uration File Reference August 2003 MIME attributes Attribute Default Listener Elements Description id none file none Internal name for the MIME types listing Used in a VS element to define the MIME types used by the virtual server The MIME types name cannot begin with a number The name of a MIME types file For more information see MIME Types on page 211 TYPE Defines the type of the requested resource Subelements none Attributes The following table describes attributes for the TYPE element TYPE attributes Attribute Default Description type none Defines the type of the requested resource language none Defines the content language encoding none Defines the content encoding extensions none Defines the file extensions associated with the specified resource ACLFILE References one or more ACL files Chapter 2 Server Configuration Elements in server xml 35 Listener Elements Subelements The following table describes subelements for the ACLFILE element ACLFILE subelements Element Required Description DESCRIPTION zero or one Contains a text description of the ACLFILE element Attributes The following table describes attributes for the ACLFILE element ACLFILE attributes Attribute Default Description id none Internal name for the ACL file listing Used in a vs element to define the ACL file used by the virtual server An ACL file listing
227. ver 6 0 and Sun ONE Web Server 6 1 This appendix describes the changes in configuration files between the 6 0 and 6 1 versions of Sun ONE Web Server Appendix C Time Formats This appendix describes the format strings used for dates and times in the server log Appendix D Alphabetical List of Server Configuration Elements This chapter provide an alphabetical list for easy lookup of elements in server xml and directives in magnus conf Appendix E Alphabetical List of Predefined SAFs This chapter provide an alphabetical list for easy lookup of directives in ob j conf Documentation Conventions This section describes the types of conventions used throughout this guide File and directory paths are given in UNIX format with forward slashes separating directory names For Windows versions the directory paths are the same except that backslashes are used to separate directories URLs are given in the format http server domain path file html In these URLs server is the server name where applications are run domain is your Internet domain name path is the server s directory structure and file is an individual filename Italic items in URLs are placeholders Font conventions include o The monospace font is used for sample code and code listings API and language elements such as function names and class names file names pathnames directory names and HTML tags About This Guide 13 Pro
228. ves in magnus conf 116 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 Chapter 4 Predefined SAFs in obj conf The obj conf configuration file contains directives that instruct the Sun Open Net Environment Sun ONE Web Server how to handle HTTP and HTTPS requests from clients and service web server content such as native server plugins and CGI programs You can modify and extend the request handling process by adding or changing the instructions in ob3 conf All obj conf files are located in the instance_dir config directory where instance_dir is the path to the installation directory of the server instance There is one obj conf file for each virtual server class unless several virtual server classes are configured to share an obj conf file Whenever this guide refers to the obj conf file it refers to all obj conf files or to the obj conf file for the virtual server class being described By default the ob conf file for the initial virtual server class is named ob conf and the obj conf files for the administrator defined virtual server classes are named virtual_server_class_id obj conf Editing one of these files directly or through the Administration interface changes the configuration of a virtual server class This chapter describes the standard directives and predefined Server Application Functions SAFs that are used in the obj conf file to give instructions to the server For det
229. which is recommended for example o root may have o isp and o internet under it or have two separate roots one for the convergence tree and one for the dc tree The Convergence Tree The top level of the convergence tree must have one organization entry for each customer or organization and one for the ISP itself Underneath each organization there must be two organizationalUnit entries ou People and ou Groups A third ou Devices can be present if device data is to be stored for the organization 68 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 The Sun ONE LDAP Schema Each user entry must have a unique uid value within a given organization The namespace under this subtree can be partitioned into various ou entries that aggregate user entries in convenient groups for example ou eng ou corp User uid values must still be unique within the entire People subtree User entries in the convergence tree are of type inetOrgPerson The cn sn and uid attributes must be present The uid attribute must be a valid e mail name specifically it must be a valid local part as defined in RFC822 It is recommended that the cn contain name initial sn It is recommended that the RDN of the user entry be the uid value User entries must contain the auxiliary class inet User if they are to be considered enabled for service or valid User entries can also contain the auxiliary class inet Subscriber wh
230. ximum CGI program core file size A value of 0 disables writing cores You can supply both current soft and maximum hard limits separated by a comma The soft limit must be listed first If only one limit is specified both limits are set to this value UNIX only Specifies the maximum number of file descriptors for the CGI program You can supply both current soft and maximum hard limits separated by a comma The soft limit must be listed first If only one limit is specified both limits are set to this value 186 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Service Table 4 55 send cgi parameters Parameter Description nice UNIX only Accepts an increment that determines the CGI program s priority relative to the server Typically the server is run with a nice value of 0 and the nice increment would be between 0 the CGI program runs at same priority as server and 19 the CGI program runs at much lower priority than server While it is possible to increase the priority of the CGI program above that of the server by specifying a nice increment of 1 this is not recommended type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Common to all Servi ce class functions ChunkedRequestB
231. y Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions iS flushTimer Optional Common to all Servi ce class functions ChunkedReguestBuff Optional Common to all Service class functions erSize ChunkedRequestTime Optional Common to all Service class functions out bucket Optional Common to all obj conf functions Example Service type magnus internal directory fn index simple See Also index common Chapter 4 Predefined SAFs in obj conf 177 Service key toosmall Applicable in Service class directives NOTE This function is provided for backward compatibility only and was deprecated in Sun ONE Web Server 4 x It is replaced by the PathCheck class SAF ssl check The key toosma11 function returns a message to the client specifying that the secret key size for SSL communications is too small This function is designed to be used together with a Client tag to limit access of certain directories to nonexportable browsers Parameters The following table describes parameters for the key toosma11 function Table 4 47 key toosmall parameters Parameter Description type Optional Common to all Service class functions method Optional Common to all Service class functions query Optional Common to all Service class functions UseOutputStreamSiz Optional Common to all Service class functions e flushTimer Optional Commo
232. y or REQ_NOACTION if the specified filter was not part of the filter stack Any other return value indicates an error Parameters The following table describes parameters for the remove filter function Table 4 37 remove filter parameters Parameter Description filter Specifies the name of the filter to remove bucket Optional Common to all obj conf functions Example Input fn remove filter filter http compression All output directives are executed when the server or a plugin first attempts to write entity body data from the client The output stage allows you to select filters that will process outgoing data You can add NSAPI filters that process outcoming data by invoking the insert filter SAF in the output stage of the request handling process The Output directives are executed at most once per request You can define the appropriate position of a specific filter within the filter stack For example filters that translate content from XML to HTML are placed higher in the filter stack than filters that compress data for transmission You can use the filter_create function to define the filter s position in the filter stack and the init filter order to override the defined position 164 Sun ONE Web Server 6 1 NSAPI Programmer s Guide August 2003 Output When two or more filters are defined to occupy the same position in the filter stack filters that were inserted later
233. y other elements to the error log Allowed values are as follows from highest to lowest finest fine fine info warning failure config security and catastrophe optional If t rue virtual server IDs are displayed in the virtual server logs This is useful if multiple vs elements share the same log file Legal values are on of f yes no 1 0 true false optional If t rue redirects stdout output to the errors log Legal values are on off yes no 1 0 true false optional If t rue redirects stderr output to the errors log Legal values are on off yes no 1 0 true false optional UNIX only If t rue redirects log messages to the console 66 Sun ONE Web Server 6 1 Administrator s Configuration File Reference August 2003 User Database Selection LOG attributes Attribute Default Description createconsole false optional Windows only If t rue creates a Windows console Legal values are on off yes no 1 0 true false usesyslog false optional If t rue uses the UNIX syslog service or Windows Event Logging to produce and manage logs Legal values are on off yes no 1 0 true false User Database Selection A USERDB object selects a user database for the parent virtual server This selection occurs in the following manner e The USERDB element s id attribute maps to an ACL file s database attribute e The USERDB element s database attribute maps to a dbswitch conf
Download Pdf Manuals
Related Search