Skip Headers
Oracle® iPlanet Web Server Release Notes
Release 7.0.24

Go to Table of Contents
Go to Feedback page
Contact Us

Go to previous page
PDF · Mobi · ePub

B Issues Resolved in Previous Web Server Releases

The following sections list the important issues fixed in the previous releases:

B.1 Issues Resolved in 7.0.23

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.23. The documentation issues are prefixed "Doc:" in the Description column of the table.

Issue ID Description
22376510 Poor performance of Oracle iPlanet Web Server 7.0 observed when the keep-alive option is enabled.
21356151 Log path is removed after adding a new variable at the virtual server level.
21148493 Service Registration form blocks access to the common tasks page.
20862718 An excessive amount of malloc() invocations due to a bug in the pool implementation of free blocks.
21744964 Doc: Information about the io-timeout element for HTTP settings. See Section 3.2.25
21440256 Doc: Information about the NetWriteTimeout parameter. See Section 3.2.26
22615808 NSS upgrade to 3.21

B.2 Issues Resolved in 7.0.22

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.22. The documentation issues are prefixed "Doc:" in the Description column of the table.

Issue ID Description
20852421 Reverse proxy wraps client hello message in SSL2-compatible format.
20954530 NSS upgrade to 3.17.4.
21089550 Version changes for Oracle iPlanet Web Server 7.0.23.

B.3 Issues Resolved in 7.0.21

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.21. The documentation issues are prefixed "Doc:" in the Description column of the table.

Issue ID Description
14703488 Removal of max-procs parameter from the Admin CLI/GUI interfaces.
18185294 A search events fails when platform is set to 64-bit.
18398500 For an auto-deployed web application without a welcome-file in its deployment descriptor, an attempt to access the base url of the web-app results in the display of the directory listing even though it may contain some file such as index.jsp.
18841083 In an auto-deployed web-app, if welcome-file redirects to another page, then a directory listing was being displayed for that directory.
19000390 Multi-byte characters in the response header get garbled.
19885785 The get-client-cert operation does not work when SSL3 is disabled.

B.4 Issues Resolved in 7.0.20

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.20. The documentation issues are prefixed "Doc:" in the Description column of the table.

Issue ID Description
12306936 Renewal of CA-signed certificate fails from Admin UI with Security Token Mismatch Error.
12984556 Fix to Security Token Mismatch Error in Renew Certificate Wizard.
16834733 Oracle iPlanet Webserver with an SSL listener crashes if the SSL cache is disabled, and the client certificate expires.
17309955 Corrected a mismatch of key-value names for bind-password in the Admin GUI.
17446698 Resolved memory leak issue in admin server related to instance member state changes.
17652218 Server should return a Bad Response (400) for a malformed request, rather than closing the connection.
17835893 Doc: New configuration option for get/set properties in auth.db.

See Section 3.2.23

18026360 Resolved memory leak issue in admin server related to instance member state changes.
18263786 The default size of the header buffer used in the reverse-proxy is now the same as the request-header-buffer-size element of the http element in server.xml.
18278817 Doc: Document the components you can use with a custom log format.

See Section 3.2.23

18313136 Unable to create a certificate with a generalized time format.

B.5 Issues Resolved in 7.0.19

There are no new issues resolved in Oracle iPlanet Web Server 7.0.19. This release addresses security issues.

B.6 Issues Resolved in 7.0.18

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.18.

Issue ID Description
14846203 Oracle iPlanet Web Server 7.0 must support Internet Explorer 9 browsers.
15866045 Oracle iPlanet Web Server 7.0.12 B07/05/2011 has high CPU usage with search Japan special characters.
16412868 Administration GUI and configuration files are not in sync after deploying the configuration.
16451039 Migrate maxrequestsperconnection property from Web Server 6.1 to max-request in Web Server 7.0.
16576024 Doc: The button to copy the configuration is Duplicate not Copy.

See Section 3.2.20

16583088 SNMP statistics cannot be gathered for both 32-bit and 64-bit Oracle iPlanet Web Server instances.
16589719 Doc: Enhance Oracle iPlanet Web Server reverse proxy set up instructions.

See Section 3.2.21

16661593 Problem running NSAPI plug-in on Oracle iPlanet Web Server 7.0.15 and Solaris 11.
16669390 Doc must list bug 12176204.

See Section B.22

16675649 fn=set-default-type does not recognize charset header already in response.
16741509 Oracle iPlanet Web Server 7.0.15 uses substantial swap space in (Exalogic) Solaris 11.1.
16758897 Doc: Unable to create an ACL based on the incoming referrer header.

See Section 3.2.22

16853609 htaccess does not handle IP address when internet 6 is set for protocol family.
16889404 CGI cannot take content length greater than 2GB.
16911058 IPV4-mapped address does not work with ACL.
16931512 Oracle iPlanet Web Server 7.0 to bundle JDK7 instead of JDK6.
17059127 Oracle iPlanet Web Server 7.0 must use JMX 2.0 for administration server to work with JDK 7.
17222335 The code <% session.setAttribute("k",null);%> does not work when session replication is on.
17286373 GET request fails when it contains <tab> or extra <space> characters.
17445403 Doc: Fix the typo " Administration Server cashes..."

See Section B.8

B.7 Issues Resolved in 7.0.17

This section lists the issues resolved in Oracle iPlanet Web Server Relaese 7.0.17.

Issue ID Description
13574210 Watchdog can leak memory on Unix platforms.
14536445 Web server crashes on servact_addlogs when using NSAPI restart.
14554106 Disable symbolic link can change processing.
14648134 ampersand in webDAV PROPFIND response not encoded in src and dst tags.
14664654 Doc: max- procs should be removed from the product document of Web Sserver 7.0.

See Section 3.2.19.

14694989 Core truncates the request data in presence of filters and content- length.
14846823 http compression needs to check for transfer-encoding chunked.
14847166 Doc should list 14094667 as an issue fixed in 7.0.16.

See Section B.8.

15840953 Doc: update readme to add required patch for Web server 7.0.16 on 64- bit Linux 6.X.

See Section

15874248 Oracle iPlanet Web Server 7.0 needs JDK 7 certification.
15952066 Failure reading chunked post data in SSL.
16088397 In Web Server 7.0, server.xml conn-queue and KA settings does not check max OS FD number.
16093987 When OS FD =2G, auto tuning may set file cache Fd = zero.
16384686 Doc: correct the broken link for NSS.

See Section A.14.3

For information about issues resolved in previous Oracle iPlanet Web Server 7.0 releases, see Appendix B.

B.8 Issues Resolved in 7.0.16

This section lists the issues resolved in Oracle iPlanet Web Server Release 7.0.16

Issue ID Description
12068601 Documentation for htpasswd command.

See Section 3.2.17.

12308574 Sed-response appends ext NEWLINE \n to the Response, regardless of sed rules.
13493902 Docs need to provide information on the supported usage and limitations of dynamic changes in htpasswd during web server run time.

See Section 2.8

13611326 In the console mode, the installer must display Start Administration Node when creating administration node.
13612190 Watchdog-driven log rotation can be modified.
13831388 Oracle iPlanet Web Server 7 returns invalid xml for webdav PROPFIND directory that has an ampersand in its name.
13860860 Oracle iPlanet Web Server needs to ship updated JDK:1.6.0_33
13918547 When using Administration GUI console, specified LDAP authentication database does not exist.
13984399 Administration server crashes when parallel instances are started in non-C locale. Doc needs to update Solaris patch number.

See Section

14019888 Oracle iPlanet Web Server installation on Red Hat Enterprise Linux and Oracle Enterprise Linux requires file
14094667 .ht access file dynamic change during loads can cause web server crash for Web server 7.0.
14207464 When the instances are SMF-enabled, if you create or delete a new instance with SMF service, all other running instances with SMF services are restarted.
14223471 Administration instance SMF service cannot be disabled on Oracle iPlanet Web Server 7.0.15.
14223540 SMF service for administration server cannot be deleted by using the wadm CLI command.
14236877 Administration CLI must allow create or delete service for administration server configuration.
14248615 Error occurs when you recreate an SMF-enabled configuration.
14271270 Add support for blocking I/O on the operating system socket when MaxProcs >1.
14272703 Change in the default handling OT query strings in the redirect SAF.
14341484 sed-response output filter adds 1 additional byte to the end of a response body regardless of rule.
14396341 Support needed for Oracle Enterprise Linux 6.2 and 6.3.
14398581 When admin instance is not SMF-enabled during installation, but SMF-enabled via UI later, the instance cannot be stopped using stopserv command.
14408205 Attempt to stop the administration instance fails if one or more SMF-disabled instances are started via administration interfaces.
14463712 Encode the special character & in the URL UTIL_URL_ESCAPE.
14469503 Doc:.noStartOnBoot file under instance root can control auto-start.

See Section 3.2.18.

14471309 The message ADMIN3984 gets logged twice while saving LDAP authentication database for administration. This happens only the first time.
14471778 When you click Save on the Administration Node page, the message ADMIN3984 gets logged for non-existence of LDAP authentication database.
14475514 The message ADMIN3984 gets logged when resetting authentication database when LDAP properties are lost.
14512832 Doc needs to provide the information that Search Collections does not support PDF 9.0.

See Section 3.2.16.

14553796 In Web server 7.0.15, instances cannot be SMF-disabled when the admin instance is set to be SMF-enabled.

B.9 Issues Resolved in 7.0.15

This section lists the issues resolved in Oracle iPlanet Web Server Release 7.0.15.

Issue ID Description
12306447 Docs need to provide information on how to protect a resource

See Section 3.2.11.

12584046 Admin server hangs when SMF is enabled
12643441 Crash in fastcgistub process
12657657 Reboot of OS causes newly created SMF service to go from enabled to disabled
12777290 Doc has the incorrect -d "com.iplanet.ias.server.logging.serverlogmanager"

See Section 3.2.12.

12833917 "-" lost after configuration virtual-server access-log format from the admin console
12844341 Server sends invalid range data if content of the file changes
12856417 Specially crafted shtml URIs can crash the web server
12877126 Repeated crash in function void httprequest::processqos() after setting QoS
12894984 Range request with If-Range with Etag does not return full content if file is changed
12919247 set-cookie response has an extra space between "path=" and "; httponly"
12919334 Range header DoS vulnerability
12989862 Fix request for 6932016 should add info regarding 7003615

See problem ID 6932016 in Table 2-5.

13011275 Add minimum required memory and minimum recommended disk space to release notes

See Section 1.3.2.

13251178 Admin console shows long URL link for configuration name
13439900 "allow" header contains incorrect HTTP methods; for example, trace on 405 responses
13473614 maxprocs > 1 causes logging into rotated access/errors log files
13484895 ktsearch needs to be updated
13540300 Doc bug regarding default value of keep-alive threads

See Section 3.2.13.

13543379 HTTP listener port is still open after changing the port through the admin console
13546987 Log rotation not working in multiprocess mode
13559815 With high system FD limits (2G), autotuning causes the server to crash
13560430 Description of limit queue length not correct

See Section 3.2.14.

13586813 Certification on Oracle Enterprise Linux 6
13586985 Certification on Oracle Solaris 11
13620632 403 forbidden returned for some contents when ACL is configured with SSL
13681165 JDBC connection leak when connection is set to autocommit false and when the JDBC connection pool is set with connection-validation=true and with table mode
13683057 Unable to read a cookie value containing double quotation marks
13700818 Migrate maxparametercount property of Java element in DTD
13700834 Add admin console option to specify max-parameter-count
13725520 Web server is crashing when SSL session cache is disabled
13817143 JDBC monitoring for leased connections not correct after database failover
13874425 If open FD limit of system is set to 2G, thread-pool queue-size does not work
13889880 7.0.13 patch causes problems with F5-BigIP

See Section 3.2.15.

For information about issues resolved in previous Oracle iPlanet Web Server 7.0 releases, see Appendix B.

B.10 Issues Resolved in 7.0.14

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.14.

Issue ID Description
13565231 Need configurable property to restrict number of parameters a JSP or servlet can use, to prevent Java hash table collision (CVE-2011-5035, vulnerability 903934)
13707603 Hash collision fix needs to reset parameter count to process requests

B.11 Issues Resolved in 7.0.13

This section lists the issues resolved in Oracle iPlanet Web Server 7.0.13.

Issue ID Description
13079329 RFE: Limit keep-alive requests on a single TCP socket in Oracle iPlanet Web Server 7.0
13355800 Add option to limit keep-alive requests to resolve CVE-2011-3389
13355817 CVE-2011-3389, TLS 1.0 vulnerability
13405070 Integrate security version 3.13.1 with Web Server 7.0.13
13455620 Doc: Document the newly added listener property max-requests-per-connection

B.12 Issues Resolved in 7.0.12

This section lists the important issues resolved in Web Server 7.0.12.

Issue ID Description
12219154 Incorrect layout in the Installer help
12249856 Windows return Forbidden instead of "Not Found" for URI length greater than 176 characters
12285988 Doc: Additional documentation required when using SMF on Solaris 10. For more information, see Section 3.2.9, "Using SMF on Solaris 10"
12301718 admin: Web Server 7 Admininstration GUI threw an exception error ADMIN3594, when pull and deploy a manual change in config
12301907 admin: Web Server 7 - Error in administration server log when a Japanese customer used Accept-Language: ja (also for Chinese)
12302497 Cannot install Web Server 7.0.9 when "Identity Synchronization for Windows" is already installed.
12303923 Doc: Do not change Windows during CSR. For more information, see Section 2.1, "Web Server Administration Issues"
12304500 Crash at function Lasipeval when ACL file contains the IP address
12304725 web doc RFE - PID file will disappear in some Red Hat Linux operating system and then unable to stop the server.
12305178 Web Server 7.0: RPP, not RFC complaint with regard to the added Via header
12305221 Race condition in lookup function can result in accessing deleted memory pointer
12305440 Web Server 7.0: Reverse Proxy Plug-In percent encodes the '+' character in a URL
12305700 Web Server 7.0.8: content-type header gets added twice
12305812 Windows - Renew certificate with OU=COMMA and space inside caused ADMIN4078 CertificateMgrUtil.exe error
12305828 Race condition in stale condition measurement results in idle connection deletion under stress
12306018 Web Server7: Doc: .exe files cannot be downloaded in default configuration. For more information, see Section 2.4, "Web Server Installation Issues"
12307171 Administrator GUI ACL Control List that denies access With "Respond with URL" message cannot be changed after set
12307182 Web Server 7.0 crashes in Set-Default-Type on Red Hat 5.5 (7.0.9)
12307239 Web Server7.0U9:Unable to retrieve session objects
12308375 Doc: Add a section for Reverse Proxy Plug-In (RPP).


12308571 Primodial process keeps accessing the rotated access and error logs
12308871 Server sends invalid range of data if the file content changes
12309078 PWC4011:Unable to set request character uncoding to UTF-8 from context
12309413 admin: Administration console deploy configuration changes throws error - Exception : ADMIN3011: T
12309860 admin: cannot include double quotes in O value for CSR with ADMIN4120 message
12310193 admin: Not able to supply 2nd token pin via --password-file option (OIWS 7)
12354092 Doc: CR#6947733 is not listed. For more information, see Section 3.2.10, "Problem with set-cookie Header" and Section 2.2, "Web Server Core Issues"
12354365 Set-cookie adds httponly parameter automatically on Web Server 7.0.9
12382350 Web Server 7.0u9 crashes in INTUTIL_IS_URL
12634549 Integrate security version 3.12.10 with Web Server Release 7.0.24
12682013 Doc: Document password-file used in wadm CLI should contain token name in small letters. For more information, see Section 3.2.8, "Token Name"
12685874 Doc: PID file disappears in the Red Hat Linix operating system and later the server cannot be stopped. For more information, see Section 3.2.7, "PID File Disappears in Red Hat Linux"
12693227 Upgrade NSPR libraries to the latest version
12714871 Doc: Need an option that disables to escape the original URL in reverse proxy. For more information, see Section 3.2.6, "Introducing exclude-escape-chars Parameter in http-client-config"
12721207 Doc: Workaround for Bug#12657657. For more information, see Section 2.1, "Web Server Administration Issues"

B.13 Issues Resolved in 7.0.11

This section lists the important issues resolved in Web Server 7.0.11.

Issue ID Description
7007933 Upgrade to 7.0.10 fails from 7.0u2 onward
7018896 JDK 6 update 24 bundled with Oracle iPlanet Web Server 7.0.11
7022621 JDK versions supported for WS7

See Section 1.3.3, "Supported JDKs."

B.14 Issues Resolved in 7.0.10

This section lists the important issues resolved in Web Server 7.0.10.

Issue ID Description
6908578 Admin GUI combines schedule of two different servers on search
6939452 Nonconfigured scheduled maintenance to search collection entries seen in WS7.0 migrated configurations
6953631 HTTP2228: Response content length mismatch and problems with referer header
6960107 Attempt to change temp directory fails when server is running
6962650 Cannot display CA with "&" inside certicate nickname in the admin GUI; example: AT&T CAs
6965425 Kerberos : "auth-user" in "rq->vars" pblock MUST be set when Kerberos Auth-db is being used
6968390 htaccess : large(>1024) line in group file is causing authentication issues
6968626 Kerberos : gssapi.cpp should delete user from subject Plist rather than resource Plist
6968996 Kerberos: get_auth_user_gssapi function should have a return value in all cases
6971888 Web Server startup fails because of incorrect linking of xerces library on Solaris x86
6972007 ADMIN3763 error when admin node hostname is not lowercase
6978321 Web 7 can hang when servlet cache is enabled and customer Java code throws exception
6981086 Reverse proxy crashes inside log_error_v originated from (proxyerror_agent_errorf)
6982551 ACL cannot delete correctly by admin GUI
6987881 Integrate security version 3.12.8
6993394 Bundle latest JDK update 22

B.15 Issues Resolved in 7.0.9

This section lists the important issues resolved in Oracle iPlanet Web Server 7.0.9.

Problem ID Description
6611067 Red Hat Enterprise Linux instance fails to start when the file system SELinux security is enabled.

Newer Linux distributions have new kernel security extensions enabled from the SELinux project. These extensions allow finer grained control over system security. However, SELinux also changes some default system behaviors, such as shared library loading that can be problematic to third-party programs. If you receive the error message "Cannot restore segment prot after reloc: Permission denied" when starting the Web Server administration server or instance, that means the system is SELinux enabled.


  1. Change the default security context for the libraries loaded by Web Server by running the following commands:

    chcon -t texrel_shlib_t $WS_DIR/lib/*.so
    chcon -t texrel_shlib_t $WS_DIR/jdk/jre/lib/i386/server/*.so
  2. Disable SELinux by adding the following line to the /etc/sysconfig/selinux file.

6837680 range header in reverse proxy does not take multiple values
6885216 WS7.0u6:wadm does not print error when password file is not correct
6896709 Web Server 7.0 does not handled web apps deployed outside the installation path correctly
6899047 conn->elapsed does not get refreshed for new ka request in low latency mode (request header timeout).
6901051 unable to install a cert if o or ou contains comma
6911225 PAM auth : Passwd aging causes webservd to dump core in free_resp function
6911277 Server return 404 for /j_security_check -ending URLs
6913746 unable to startup the server if the first character is a digit in the hostname
6914493 regression: wadm reset-admin-password command fails on Web Server 7.0 U6 and U7
6917800 doc bug for Web Server 7 auto tuning which may cause a large memory usage
6920807 Admin GUI "Certificate Authorities tab" and wadm "list-certs" showed error in Japanese Windows operating system
6927134 web 7u8 - Admin GUI will add additional IF/ELSEIF in the <virtual-server>-obj.conf
6928578 htaccess config causes websever to crash on RHEL & SUSE Linux installation
6928808 ClassCast exception for HEAD requests on Java resources that do request dispatching
6931166 LIBPATH needs to be fixed for AIX 5.3/6.1 JDK6SR7 certification
6933187 Interval in check offline server of loadbalancer should be configurable.
6940796 net_read can set EAGAIN in errno when it times out.
6944895 web 7 RPP missing jsessionid
6947057 web7 RPP docs - to add retries parameter in docs
6955691 WS7: webdav crash when max-xml-request-body-size set to unlimited
6958053 web 7: file with comma in its filename inside a war file cause Admin GUI "Deployment Pending"
6960564 Installation of WS7U8 on IBM AIX 6.1 generates an error message but is successful.
12354092 CR#6947733 is fixed.

B.16 Issues Resolved in 7.0 Update 8

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 8.

Problem ID Description
6916391 Digest authentication buffer overflows.
6916392 TRACE heap overflow.
6916390 WebDav format string bug.
6916389 WebDav stack overflow.
6917879 TRACE request with empty header names can cause malformed responses.
6930175 Web Server 7.0 Update 8 supports Windows 2008 Standard Edition Service Pack 2 32-bit(x86).

B.17 Issues Resolved in 7.0 Update 7

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 7.

Problem ID Description
6888100 While migrating from Web Server 7.0 Update 5 to Update 6, the LDAP authentication fails because rebind is not done after password validation.
6898371 Severe TLS/SSL protocol vulnerability. It requires NSS upgrade
6811286 Admin GUI becomes unresponsive when large web application has been deployed.
6849009 When using the admin gui or CLI to list the certificates using CertificateMgrUtil in Web Server 7.0 Update 4 and Web Server 7.0 Update 5, it can take over 60 seconds to perform the listing.
6855262 Web Server runs out of FILEs when using >=128 vcpus
6855513 In Web Server 7.0 Update 7, the thread-pool auto configuration algorithm is broken.
6857815 Kerberos/SPNEGO support was added.
6867192 Web Server 7.0 Update 7 documents auto configuration feature for configuring the max-threads, thread-pool queue-size, and keep alive max-connections.
6869991 Xerces C library has a vulnerability.
6880214 Web Server 7.0 needs to bundle JDK 6 instead of JDK 5 as JDK 5 is getting EOSL-ed.
6881339 Server crashes if async request is aborted by keep alive thread (if stats is turned on).
6882830 Single-Sign-on (SSO) for FORM authenticated application, the JSESSIONIDSSO cookie is not set.
6887782 If PR_GetSockName fails, then Connection::create will return failure and then the connection gets added in both unused and Ready Queue.
6741844 In Web Server 7.0 session failover does not happen after "Invalid Sequence Number" exception is thrown.
6763470 LDAP group authentication from Microsoft Active Directory fails if user name has a "," in between.
6815996 Web Server 7.0 Update 4 64 bit crashes when accessing a file in a directory that has a .htaccess file.
6830258 Web Server closes the Keep alive connections much before keep alive timeout (poor QoS on Specweb on Linux).
6841548 The flexlog.cpp code is optimized.
6849198 The URLs of server side include files work after "/" is appended to URL.
6857790 The administration server's auto tuning of threads takes lots of resources on CMT systems.
6873985 Web Server 7.0 Update 7 documents the list of unsupported file formats that can't be indexed and searched.
6875450 Web Server 7.0 Update 4 core patches (SPARC, x86) includes the localization patch "126332-06" in SUNW_REQUIRES field.
6877764 Web Server 7.0 Update 7 will not return Content-type: text/html when there is no message body.
6878259 Webstack PHP support for Sun Web Server 7.0 Update 7.
6885643 Web Server 7.0 classdebuginfo set to false is not working with JDK6.
6897071 Web Server 7.0 Update 6 - Admin GUI shows null in NODES when installed with external JDK.
6567720 Enhances admin framework to support enabling Kerberos authentication.
6853924 Web Server 7.0 Update 7 states that when renewing a certificate the key size can be changed.
6854885 Web Server 7.0 CA-signed certificate created through admin GUI is not associating the certificate with listener.

B.18 Issues Resolved in 7.0 Update 6

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 6.

Problem ID Description
6854841 Web Server 7 appears to ignore any attempt at configuring the "classdebuginfo" in sun-web.xml.
6813426 Detailed error message should be logged when adding of PDF documents to search collection fails.
6801517 Virtual server creation will fail if there is a trailing space in the "Name" or "Hosts" fields.
6809090 Self-signed certificate should use SHA1 as signature algorithm.
6856484 Error while renewing a certificate in Sun Metaslot.
6847901 Web Server should bundle the latest SASL.
6707244 Race condition in the JVM when deploying a web application that contains a logger.
6856472 <request-header-timeout> should default to 30 from -1.
6826625 Remove the Localization package/patch dependency check in the checkinstall script.
6781962 Favicon is not displayed correctly in Internet Explorer 7.
6749879 LDAP authentication fails with Directory Proxy server where anonymous authentication is set to false.
6806858 ACL vulnerability (when dynamic group is used) allows non-authorized user to login.
6811110 LDAP update in the Administration GUI fails if LDAP is a Directory Server consumer.
6832878 In the Administration Console, the new configuration wizard text has to be improved.
6801700 When configuring the error code for request limits, there is no mention of valid values.
6814138 Last Modified date and the creation dates are incorrectly displayed in PROPFIND.
6856456 Last line of installation log file points to itself. The end of the log file has reference to the same file for more information.
6834762 In certain scenarios, "Unable to connect to the node host" error from the Administration Server.
6848803 CLI page for add-webapps and Admin Guide's page titled 'Deploying Java Web Applications' should be updated.
6828720 use-responseCT-for-headers should be documented.
6827940 Support for FastCGI suid environment on RHEL5.0 in Web Server 7.0
6809081 Sample application documentation must say that the administration server must be started for ant deploy to be successful.
6860680 Windows vulnerability — Appending "::$DATA" to the file extension discloses the contents of JSP page.
6841507 Document typo in Sun Java System Web Server 7.0 U5 Administrator's Configuration File Reference Guide.
6834770 Very little information about virtual-server-name_obj.conf in documentation.
6839431 ADMIN4159 error while renewing a certificate in Sun MetaSlot.
6842383 Document the configuration settings necessary to get the FastCGI suid environment working for the different operating system platforms.
6841454 CSR generated while renewing a CA-signed certificate needs formatting in GUI.

B.19 Issues Resolved in 7.0 Update 5

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 5.

Problem ID Description
6732548 create-fastcgi-handler does not work as expected when value ofapp-args is specified as "a=b" or "c=d".
6750707 Admin CLI does not accept input strings that has multibyte characters.
6723824 Migration from the previous versions of Web Server to Web Server 7.0 Update 3, resulted in unusual migration log files, although the migration of instance was successful.
6764940 obj-https-INSTANCE.conf is different fromobj.conf.

<https-instance>-obj.conf gets created when a first change is made to obj.conf from the administration server GUI or CLI. This situation occurs only if the Client tag is added, before this first change is made to the instance configuration through the administration server. Once the<https-instance>-obj.conf is created, the same steps does not simulate this phenomenon.

6765451 The administration server adds thecheck-request-limits function at an invalid location in obj.conf.

While configuringcheck-request-limits function toobj.conf , you should ensure that it is inserted before find-index function.

6769410 Variables are removed fromserver.xml.

The null values for the CGI variables names, of a migrated instance, cannot be saved in the admin GUI. Hence they are removed from theserver.xml.

6772188 Web Server 7.0 Admin GUI, throws the following error when Java is disabled- "BreadCrumbsModel: index out of bounds 1".
6709085 The administration server fails to start.

The admin tools allow default language to be set tozh_cn, after which the server will not start and throws an error:

config:CONF1104:File /sun/webserver7/https-agc184.PRC.Sun.COM/config/server.xml 
line 98: Invalid <default-language> value:zh_cn
6759756 Permission error occurs while uploading a.war file using the admin GUI.
6762245 Usage of blank spaces while creating a new configuration, using admin GUI, throws an error.
6777195 The setNodeProperties inNodeMBean always rewrites theserver-farm.xml. While rewriting, it converts the host name entry of the node to lowercase.
6772231 The administration server hangs during startup or configuration listing or any activity that is not directly on the instance or node.
6780377 The Web Server 7.0 administration server fails to recognize thereason parameter ofsend-error SAF.
6793862 The administration server fails to recognize Extended Validation SSL Server Certification.
6798954 Web Server should support binary logging.
6542360 Setting java-home of the administration server does not propagate the settings to admin scripts.
6781234 Web Server 7.0 has a problem while using JSTLtlds andjaxp.
6790392 Web Server 7.0 Update 3 displays a blank screen as a response tomaxSessions, instead of an error response.
6768357 NSAPI functions likevs_get_mime_type crashes Web Server for internal non-HTTP requests.
6776108 IncreaseMaxKeepAliveThread limit from 128 to 256.
6781976 Require binary logging, as access logging is affecting performance.
6806781 %Req->reqpb.clf-request.protocol.version% is not set properly in binary mode and hencebinlog throws an error.
6707017 Web Server setup fails when a localized directory is specified for document root.
6753741 Web Server installer throws a "PatchListener-Solaris-detectPatches-Failed" error under certain circumstances.
6774822 DuringunconfigureServer process a warning message "WARNING: ADMIN2028: Error removing init scripts" is displayed in case of AIX.
6775953 Update Web Server plugin to work with Netbeans 6.5.
6722375 Patches 125437-14 and 125438-14 are not alternate root compliant.
6779166 Web Server 7.0 Update 3 does not scale well on Windows, when compared to Apache.
6781147 Web Server 7.0 Update 3 throws an error while trying to create a search event by Japanese encoding.
6761027 In Web Server 7.0, wildcard pattern matching for ACL does not work properly with IP addresses.
6775403 REQUEST_HEADERS:'/ regular expression /'does not work properly.
6773327 Enablingsendfilev for JSP applications can cause the server response to fail.
6775948 Include file missing in nsapi.h throws a warning message while compiling some NSAPI modules.


Add include <netdb.h> before nsapi.h.

B.20 Issues Resolved in 7.0 Update 4

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 4.

Problem ID Description
6708647 Set environment variables REQUEST_URI and SCRIPT_FILENAME in CGI and FastCGI subsystems.
6715164 When starting a server instance that has a long running plugin initialization, the administration server process produces high CPU load.
6740996 Incompatibility with Reuters IFP leads to server crash.
6747181 Renewed/new certificates are not utilized after configuration is deployed and restarted.
6620166 Session failover behaves incorrectly when two NICs are active on deployed nodes.
6663982 default-sun-web.xml is not referenced.
6707017 Setup fails when a localized directory is specified for Document Root.
6708894 The new Virtual Server wizard does not allow non-ASCII characters.
6712479 When using a LDAP authentication database, with a base DN having UTF8 characters, it causes an error such as:
ADMIN3143: Base DN 'ou=k?v?nok,dc=red,dc=iplanet,dc=com' does not exist
6713238 Web Server 7.0 Update 2 shows an error on startup, when the document root directory name ends in a .war.
6713786 When upgrading Web Server 7.0 Update 2 to Update 3, some no longer required files are left behind.
6714230 CgiStub exhibits unstable behavior when freeing file descriptors on Solaris.
6716553 An error is reported when creating a certificate with some Country selections.
6717187 State is sometimes not properly referenced when configuring new server configurations.
6717328 The registration page in setup displays very small text fields.
6718752 Upgrades from previous Update releases fail, if there exists a file named https-<instancename>.
6721107 The administration server does not startup on a new Java Enterprise System installation.
6721193 When deploying a web application using Admin GUI, the target directory is ignored if the file is on the server.
6722701 Silent install fails if CONFIGURE_LATER is set to true.
6722702 unconfigureServer is required when server is configured in configure later mode.
6722727 Create service in Admin GUI allows you to create a service, even when the service already exists.
6724246 An incorrect error message is displayed in Admin GUI while saving the "Forward Parameters" as below:
Child 'from_hidden' does not have a registered descriptor
 in 'editReverseProxyPS1'
6728160 htaccess can cause server crashes.
6729296 Temporary directory of the administration server /tmp/admin-server-xxx with /tmp/admin-server-xxx/configname/extracted/config/server.xml file is not being deleted, during a ./admin-server/bin/stopserv.
6731124 If a request is wrapped by a servlet or filter and forwarded to a static resource, an incorrect error HTTP 405 is returned.
6740786 <If> statements can corrupt the obj.conf files in the administration server.
6714929 SNMP is not compatible with default tcp_hiwat setting on Solaris 10.
6741649 In Update 2, the output of get-perfdump should not include sessions that are in keep alive mode.
6743019 When using Admin GUI in French locale the error message does not give the nodename during deployment, as shown below:
The administration server has detected that you have modified some of the
 instance configuration files on the following nodes: <b>\{0\}</b>.
6751264 In the French and Japanese locale Admin GUI, Sun Online account signup form for registration is not being properly displayed.
6760687 The administration server does not always display the latest certificate.
6765564 The online installer help does not properly reflect removal of language packs from the installer component panel.
6766109 Creating a new configuration with CGI Enabled as File Type causes a failure.
6629611 Toggle state in some administration server tables is incorrect.
6633333 Links do not point to localized sites.
6608135 Search engine fails with an error, when a html document with title contain characters like A&B.
|6705752 The Admin GUI does not allow server header to be suppressed.
6708548 Provide consistent translations in German locale.
6709378 Inconsistency exists between button in a description and button's label.
6709427 A part of the table title in logviewer is corrupted.
6711035 Part of the French translation on Web Server parameters page is cut off.
6711518 Inconsistent translation of "Core Server" in French locale.
6712045 Button labels and Message strings should have consistent translations.
6723559 Allowed to register, even though the password and re-entered password are not identical.
6733189 The wadm cli does not display web application path.
6754078 The Japanese Admin GUI displays garbled messages.
6762559 Inconsistent translation of Reverse-proxy.
6763094 Bad translation of the term 'fancy' in French locale.
6715350 In Japanese locale, the OLH have invalid character.

B.21 Issues Resolved in 7.0 Update 3

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 3.

Problem ID Description
6387762 Cannot access shell/system variables from wadm.
4793938 User and password dialog presented instead of directory index.

By default, Web Server 7.0 does not send a directory index unless the user has been authenticated. Attempting to access a directory prompts the user to enter a user name and password. This occurs because the default Access Control List (ACL) in Web Server 7.0 grants the list access right only to authenticated users.

6426116 Clicking on the Version button in the Admin Console result in "file not found" warning in Administration error logs.
6446206 When a single user in group is deleted, an incorrect message "Group Saved Successfully" is displayed.
6431984 Web Server should store its pid file and UNIX domain sockets in /var/run instead of /tmp.
6475536 No obvious way to reset the administration server password.
6489727 [JESMF CONFORM] CP when stopping should call MfManagedElementServer_stop().
6493971 The administration server does not time out if the server instance restart does not respond.

On UNIX systems, the Administration Server waits until the server instance is restarted when the restart-instance command is executed. If the instance is not successfully restarted, the Administration Server does not respond to requests.

6515745 SNMP master agent process fails to start on Web Server
6545779 On Windows, wdeploy command fails if older version of libnspr4.dll is found in the system32 directory.
6606243 Web Server installer should import the admin self signed certificate into IE certificate tab.

When the Admin Console is accessed using a browser, a pop-up (in the case of IE6 and Mozilla/Firefox) or a warning page (IE7) may be displayed stating that the certificate is not issued by a trusted certificate authority. This is because, the administration server uses a self-signed certificate. To proceed to the Administration GUI login page, do the following:

  • On Mozilla/Firefox, click OK in the pop-up window.

  • On Internet Explorer 6, click Yes in the pop-up window.

  • On Internet Explorer 7, click the "Continue to this website" link in the page.

This procedure will accept the certificate temporarily for that browser session.

To accept the certificate permanently, follow the steps below:

  • On Firefox/Mozilla:

    Select the "Accept this certificate permanently" radio button in the pop-up window and click OK.

  • On Internet Explorer 6.0:

    1. Click the "View Certificate" button in the pop-up window.

      Displays another pop-up window.

    2. Select the "Certification Path" tab, select the admin-ca-cert.

    3. Click the "View Certificate" button and then on "Install Certificate..." button.

      Invokes the certificate import wizard using which you can import the admin CA certificate into the trusted root certificate database.

  • On Internet Explorer 7:

    1. Click the "Continue to this website" link on the warning page.

      The login page is displayed.

    2. Click the "Certificate Error" link located next to the address bar.

      A warning window is displayed. Click the "View certificates" link.

    3. Follow the steps 1 to 3 as described in the section "On Internet Explorer 6" to import the admin CA certificate into the trusted root certificate database.

6606132 Create self signed certificate fails when the "Sun Metaslot" pin is not set
6709477 GUI Registration reminder does not show up properly on IE6

IE6 select element does not support z-index which is necessary for layering to work. Thus, if there is a layer, registration reminder, overlapping the drop downs (config and vs) , the drop downs will still be visible.

6639402 Connection queue size set by server for 1024 max file descriptor is very less (128)

Web Server reserves the file descriptors for various components. If connection pool queue size, file cache max open files and keep-alive max connections are not set, then after reserving file descriptors for other components, Web Server divides the available descriptors among three. On systems where default value of max file descriptor is low, for example, Solaris 8 and RHEL, the connection pool size might be set to a low value. For example, on RHEL, the default value of max file descriptors is 1024. If the connection queue size is not assigned, then Web Server assigns 128 connections to connection queue. The value can be very low on busy systems. If connections starts timing out, users should set higher value for max file descriptors.

6644322 Memory leak in Fastcgistub causes hang in the Fastcgi sub-system
6474037 Exception installing Web Server on Ubuntu.

On Linux Ubuntu, the package which contains the /bin/domainname is not available by default. You must install these packages for the Web Server installation to succeed.

To install the package, enter the following command:

sudo apt-get install nis

6414481 Web Server cannot be installed without installing compat-libstdc++.
6641672 REDHAT ES4.0 Linux 64-bit installation fails by having compat-libstdc++-33-3* (64-bit)version
6472668 On Windows, Web Server installation should use -Xrs JVM option by default.

Workaround:See Oracle iPlanet Web Server Administrator's Guide.

6559918 Unclear error message if CLI and Administration Server versions are incompatible.

While upgrading Web Server 7.0 installation to Web Server 7.0 Update 2 , make sure that the entire setup CLI, Administration Server and all the administration nodes are also upgraded to Web Server 7.0 Update 2. This is because, Web Server 7.0 administration interfaces will not work correctly with Web Server 7.0 Update 2 administration interfaces.

6595795 The Admin Console does not add the required functions in the obj.conf file for a migrated instance.

When a JVM disabled Web Server 6.0 instance is migrated to Web Server 7.0 and when the migrated instance is enabled with the JVM option using the Admin Console, the process does not add the following necessary lines in obj.conf file.

NameTrans fn="ntrans-j2ee" name="j2ee"
PathCheck fn="find-index-j2ee"
ObjectType fn="type-j2ee"
Error fn="error-j2ee"
6641844 On Windows, server fails to start after upgrading from Web Server 7 that is part of the Java ES 5 release to Web Server 7.0 Update 2 release using the patch.
6644314 Security patch 121656-16 is a mandatory perquisite for Sun Java System Web Server 7.0 Update 2 Linux patch on Java ES 5/U1.

However, the security patch exhibits cyclic dependency, hence making it impossible to apply any of the patches.

6640206 Upgrade fails when upgrading to U2 when no sample apps is present in the existing installation.

On non-windows platforms (Solaris, Linux and HP-UX), if you have installed Web Server 7.0 or 7.0 update 1 without sample applications and if you upgrade to Web Server 7.0 update 2, you will see the following error message:

A problem occurred during upgrade. To troubleshoot the problem, review the installation log at: <install-dir>/setup/Sun_Java_System_Web_Server_install.log

Note: This error does not impact the upgrade.

6559735 Sample applications documentation must mention adding jar file to the class path in the properties file.

In the install-dir/samples/java/webapps/security/jdbcrealm/docs/index.html, under 'Compiling and Assembling the Application' section, there must be a mention of adding JDBC driver jar file to class path suffix in the file.

6413058 server.xml does not store the full file pattern for converting and including search .

The schema does not store the full file pattern allowed by both the Admin Console and the search administration tools in this version of Web Server. It also has no way to represent the full file pattern that might sometimes need migration from the previous versions of Web Server.

6632936 On Red Hat Linux Enterprise Linux 5, Search functionality does not work properly.

On a Red Hat Enterprise Linux machine, if the compat-libstdc++ library is installed, you must remove the installed rpm and download/install the compat-libstdc++-296-2.96-132.7.2.i386.rpm .

For x86 32-bit and 64-bit download and install the compat-libstdc++-296-2.96-132.7.2.i386.rpm.

Note: Do not download/install an rpm from unreliable sources as it may lead to security vulnerabilities.

6602075 Sun crypto 1000 with Web Server needs Solaris 10 patch 125465-02 (SPARC) and 125466-02 (x86).
6432870 Servlet container collects statistics when stats enabled element is set to false in the server.xml file.
6567124 JSF Web Applications running on Web Server 7.0 may break when running on Web Server 7.0 Update 1.

Web Server 7.0 Update 1 ships with JavaServer Faces 1.2 technology. All JavaServer Faces web applications are expected to work with Web Server 7.0 Update 1 without any modifications. However, there are a few known compatibility issues with JavaServer Faces 1.2 and might require applications to be modified to address these incompatibilities. The incompatibilities are documented in the JavaServer Faces release notes at:

Java ES 5 Portal Server users are suggested to delay upgrading to Web Server 7.0 Update 1 until Java ES 5 Update 1 is released.

6549619 On Windows 2003, when a command is executed from the CLI, the message is not encoded correctly.
6630841 FastCGI Handler new Role is always created with "English" name.
6632818 Unlocalized strings are seen in CGI settings page.
6628910 CLI installer "Enter your option" is in English in localization locale.
6484181 Portal Server configures JVM stack size to 128K (too low) for Web Server 7.0 64-bit to start.

If Web Server 7.0 is already configured in 64-bit mode, and the Portal Server installation is started, Portal Server configuration does not set stack size to 128K. However, if both Portal Server and Web Server are already installed and configured in 32-bit mode, switching to 64-bit mode involve series of manual steps that are described in the Workaround section.

6487041 schemagen/xjc/wsgen/wsimport scripts not present in Java ES Web Server installation.

schemagen/xjc/wsgen/wsimport scripts are present in different locations in Java ES installation and standalone installation of Web Server.

6550622 When upgrading Java ES 5 software to Java ES 5 Update 1, Portal Server samples fail with JSF exceptions if you have upgraded only Web Server but not the Portal Server.

For more information, see "Compatibility Issues"

6643821 SMF commands removes Java ES environment from startserv and stopserv scripts (Solaris 10 only).
6549580 Web Server running on Windows contains no description for the service and the description is not updated after applying Java ES Update 1 patches.
6641175 Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1
6576542 Samples bundled with WS 7.0 cannot be used for experimenting session replication feature
6600183 Transfer-encoding header is sent after the body has been sent for fastcgi-perl.
6613414 iWS7.0U1 - Page-encoding is not case sensitive capable; for example, utf-8 is different from UTF-8
6613865 servlet container implementation of encode/decode cookies has changed from >= SJSWS6.1
6641175 Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1
6641231 Uploading file > 2MB is limited by java webcontainer.
6658609 web 7.0 u2 jdbc resource settings do not allow -1 in maximum wait time and idle time out
6660297 JDBC resource pool of web70 does not work as expected after restarting RDB.
6671260 Can't redirect the stderr message from FastCGI into error log.

The data sent from FastCGI to stderr is not logged into the error log.

6671957 compress-file function lacks documentation (SJSWS7.0)
6671992 Web Server documentation needs to be more specific on filter it's scope and what they are
6680376 server goes into a loop given a particular htaccess configuration
6681681 filter is applied twice when a web-apps 's welcome file list is accessed as /contextroot

When a welcome file is accessed as /context-root, filters present are applied twice.

6708333 web 7.0 u2 patch 125437-13 should doc pre-requisite of nss patch 3.11.8 or later as needed
6697002 pull-config garbles binary file in config/ directory due to tokenizing (SJSWS7.0u2)
6701520 instance does not start if the user has certain umask settings during installation
6710993 es, fr - OLH is not displaying, exception thrown
6641109 Webserver crashing configured with an NFS-mounted docroot directory

Web Server crashes if NFS file is removed or replaced, while using NFS and MediumFileSizeLimit >0. Therefore, you should not use MediumFileSizeLimit>0, if the document root is mounted over NFS.


When Web Server documents are residing on an NFS mount, as in NFS client, set MediumFileSizeLimit to 0 in nsfc.conf.

B.22 Issues Resolved in 7.0 Update 2

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 2.

Problem ID Description
12176204 Remove shlib_flags parameter.
6467621 Request to the server fails with using of "Sun Software PKCS#11 softtoken".
6564797 Server should automatically size connection queue, keep-alive subsystem, and file cache.
6493271 Java garbage collector activity is higher in Web Server 7.0 when compared against Web Server 6.1.

The servlet container in Web Server 7.0 creates many Java objects.

6497803 If a servlet is mapped to req URI formed by partial req + welcome file, the behavior is wrong.

If a web container receives a valid partial request, the web container must examine the welcome file list defined in the deployment descriptor. The welcome file list is an ordered list of partial URLs with no trailing or leading /. Web Server must append each welcome file in the order specified in the deployment descriptor to the partial request and check whether a static resource or a servlet in the WAR file is mapped to that request URI. The web container must send the request to the first resource in the WAR that matches.

6316881 Multibyte characters in headers can not be retrieved by req.getHeader().

The characters are not parsed correctly, when request.getHeader() is called.

6554326 The hardcoded message "ADMIN3594: Configuration changes require a server restart" is not localized.
6565615 In the Japanese locale online help, the description about the PAM for "Editing Authentication Databases" incorrectly states the name of Directory Server.

The description must be read as: "Editing Authentication Databases" PAM -- PAM is the new auth-db supported by Sun Java System Web Server 7.0.

6563951 Search collection subdirectory with leading slash causes confusing error.

When you try to create a search collection and set the document root subdirectory with a leading slash, the error message produced wrongly informs you that a slash at the beginning is needed.

6571208 Inconsistent wording found in Directory listing type.

The sentence "Error response file to use when indexing is None" should be changed to "Error response file to use when listing is None".

6549584 The word "Other" in the list of countries is not translated.
6556225 In the Add Documents window, Included checkbox for subdirectory is not translated.
6565615 Japanese language help: "Editing Authentication Databases" have different description about PAM.
6628918 Translation issue of Admin GUI messages in Japanese.
6628917 Translation issue of GUI installer OLH.
6604075 In Java ES, Web Server 7.0 with Access Manager displays a null pointer exception.
6479062 Web Server fails to start when HTTP listener protocol family="nca" is used for Solaris SPARC, Linux and HP-UX platforms.

Web Server instance does not restart on setting the Protocol-Family property to nca in the EditHTTPListener wizard.

6464953 Setting digestauthstate property through the set-authdb-prop CLI does not validate the value and allows to set junk value for this property.
6504050 The Results page in all Admin Console wizards should be aligned properly.
6473376 The default server.xml should not contain the <stack-size> element.
6367751 The create-instance command fails on remote node intermittently and logs HTTP 400 error.
6547264 Executing the create-instance command immediately after starting a remote node fails on the remote node.
6468132 The list-cert command does not list the certificates if the certificate nickname contains a colon.
6437577 <pkcs11> element not removed from server.xml even when child elements are absent.
6473589 <pkcs11/> added to server.xml when token pin is set.
6534202 Cannot edit WebDAV collection properties through the Admin Console

When a configuration is deployed on multiple nodes, the lockdb path must be a shared location mounted on the same path on all the nodes. Additionally, to list or expire locks in the lockdb from the Admin Console, the same path must be writable from the Administration Server.

6554691 The add-webapp command when used with JSP pre-compilation option does not delete the previously precompiled JSP files.
6556820 The Admin Console or the Admin CLI does not provide support to add CA certificates to the Administration Server.
6489269 'external' expression function with quoted path is not working.
6432375 On HP-UX, SNMP fails for some oid values.
6483212 On HP-UX 11.11, Web Server fails to start when max heap size is 2048 MBytes or greater.
6474011 The basic-search.html has unclear description.
4988156 Installing the standalone product over an existing Java ES installation and vice-versa is not supported.
6610103 On Windows - unable to deploy configuration and start up after disabled Java
6856484 Server should automatically size connection queue, keep-alive subsystem, and file cache.

B.23 Issues Resolved in 7.0 Update 1

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 1.

Problem ID Description
6390112 Java LDAP connection pool interaction issue - initial connection is never timed out.

Specifying a Java LDAP connection pool through the JVM options in the server.xml file and referencing this with an external JNDI resource when Web Server is started, creates a pooled LDAP connection. With this connection, it is always marked as busy and the connection never expires.

6472223 Values of 'mail-resource' sub elements are not getting set on mail session object.
6487083 NSAPIRequest.setupRequestFields is slow.

com.sun.webserver.connector.nsapi.NSAPIRequest.setupRequestFields is slow primarily because of excessive String-->byte and byte-->String conversion when parsing Cookie headers.

6501785 The servlet container does not use accelerator cache when processing RequestDispatcher includes.
6500647 On Windows, dynamic reloading of JSP produces incorrect output.
6433752 ssl-check is not working with NSAPI based plug-in.
"PathCheck fn="ssl-check" secret-keysize=128 bong file="xxxxx.yyy.html" 

For static file requests, if the secret-keysize of the client is less than the size specified by the server and a bong file is present, then the bong file is sent back as the response. However, requests for dynamic content (for example, JSP files) return the actual requested object (for example, the JSP file) rather than the bong file.

6421617 Problem having server-parsed HTML (ParseHTML) and .htaccess with restricted group option.

Authentication succeeds when parsing through a HTML file which has the shtml include entries and is configured to authenticate through .htaccess which has the "restricted by group" option enabled. If the group user gets authenticated, then the result page does not get shtml include entries. This however works fine with the user in .htaccess file has "restricted by user" option.

6489913 SSL session cache cannot be disabled.

Session cache is enabled by default. When the session cache is disabled and URL is accessed through the HTTPs protocol, the URL does not go through and the server log displays an error message indicating that the SSL cannot be configured without session-cache.

6302983 Samples refer to "Sun ONE" instead of "Sun Java System".

The servlet sample,, co-packaged with Web Server 7.0 refers to "SunONE" instead of "Sun Java System".

6495588 sampleapps/java/webapps/simple docs invalid.

The documents for a simple sample application shows an incorrect pathname. The path should be install-dir/plugins/java/samples/webapps/simple/src instead of install-dir/samples/java/webapps/simple/src.

6347905 No CLI support to configure FastCGI. Need to manually edit obj.conf or magnus.conf files to configure FastCGI.
6504587 Memory leak found in FastCGI.
6479045 Admin Console online help needs to be updated.

The online help needs to be updated for the following:

  1. Context-based help should be provided.

  2. All screens must have a corresponding help page.

  3. Help pages must reflect the changes in the GUI.

  4. Inconsistent usage of terminology between the GUI and online help.

  5. Fix grammatical errors.

  6. Detailed description for some topics.

6482764 Mismatch between online help and the Admin Console.
6498477 Missing help file under config tokens page.

Common Tasks > Edit Configuration > Certificates > PKCS11 Tokens, the help file for this screen is missing.

6479062 Cannot dynamically reconfigure HTTP listener family. The Instance does not start on setting the protocol family to nca.
6482536 <listen-queue-size> upper bound is set to 65535, which is too small. Need to increase the <listen-queue-size> upper bound.
6500715 Incorrect ObjectType fn="force_type" added in object cgi on creation of new cgi directory.

When creating a new cgi directory, an incorrect object type force_type is added to the obj.conf file.

6479247 On Windows, dialog box to enter the token password appears on restarting an instance after the deployment. This behavior is not see on other platforms.
6425144 On Windows, wadm does not update classpath correctly if classpath contains a semicolon (;)

The semicolon in tcl is interpreted as a command terminator, which is used to group multiple commands in a single line. On Windows, semicolon is used as a path separator.

6292582 SNMP Management Information Base (MIB) for "iwsFractionSysMemUsage" does not show correct results

SNMP MIB "Fraction of process memory in system memory" which is part of iws.mib gives wrong results when queried by the SNMP manager utility.

6471744 Incorrect error message is displayed if you execute the list-tokens command without specifying the configuration value.
6471754 Incorrect error message is displayed if you execute the list-authdb-userprops command without specifying the authdb value.
6472210 No error message is displayed if you execute the get-ssl-prop command with an invalid http-listener value.
6476111 Cannot edit the MIME types using the Admin Console.
6478601 Displays an improper message when you stop an instance that does not exist.

An error message `Successfully stopped the server instance' is displayed if you try to stop an instance that does not exist.

6480523 wadm allows you to create a configuration with a negative port number.
6489765 Incorrect error message is displayed if you execute the create-cert-request command with an invalid key-size value.
6489777 The delete-group command displays an incorrect error message if you specify an invalid group value.
6489779 No error message is displayed when you execute the list-group-members command with an invalid group-ID value.
6490728 Cannot set the rewrite-location properties using the set-reverse-proxy-prop command.

You cannot set the -rewrite-location property to false. The value specified for the -rewrite-location is not validated. For example, specifying the = symbol for the i-rewrite-location option corrupts the obj.conf file and results in parser error.

6492315 The set-token-prop command sets wrong passwords in the server.xml file even if the token pin has not been specified.
6492469 Incorrect error message is displayed on LDAP user creation failure.
6494353 If an invalid node name is specified while deleting an instance, an incorrect error message is displayed.
6494950 The register-node command runs successfully with non SSL port only in shell mode.

In shell mode, typing the register-node command with the -no-ssloption registers the node successfully as the command is falsely executed in the SSL mode.

6405018 The get-jvm-propcommand does not print the command when echo is enabled in shell mode.
6499507 Incorrect error messages are displayed when you execute the list-locks and expire-lock commands.
6499510 A 'null' message is displayed if you execute the list-instances, list-crls, list-tokens, and list-certs commands without specifying the configuration name.
6499512 The error message for the list-url-redirects command is not localized.
6500119 wadm prompts for a token pin if you specify an invalid configuration name while trying to delete an existing certificate.
6500146 While creating an HTTP listener using the CLI, the create-http-listener command creates a listener with null value as name.
6500150 If you do not specify a virtual server while executing the list-dav-collections command, an incorrect error message is displayed.
6500151 If you do not specify the authentication database while executing the list-users, list-org-units, list-groups, and list-group-members commands, an incorrect error message is displayed.
6500152 If you do not specify a virtual server while executing the list-uri-patterns command, an incorrect error message is displayed.
6500154 list-userpropsCLI gives improper message.

If you do not specify a JNDI name or specify an invalid JNDI name while executing the list-jdbc-resource-userprops, list-soap-auth-provider-userprops, list-auth-realm-userprops, list-external-jndi-resource-userprops, list-custom-resource-userprops commands, an incorrect error message is displayed.

6503350 Error message given when entering invalid wadm command is misleading.

When you enter an invalid command, an error message "Invalid command <command name>. Use "help" command for a list of valid commands." is displayed. The help man page does not contain a list of valid command. Therefore this error message is misleading.

6503944 The create-user command usage for the LDAP authentication database is ambiguous.
6504095 The set-cert-trust-prop command accepts incorrect properties and does not show proper error message.
6443845 Administration Server does not validate the password length and mechanism support of the given token.
6449506 Certificate with same server name as existing certificate cannot be created with the same nickname.
6461553 Virtual Server Web Applications page title help is incorrect.
6473518 Prompt to enter token pin while starting instance should not appear if configuration has not been deployed.
6476095 Admin Console does not provide an option to edit document directories and CGI records.
6476736 Admin Console should have a tab to add and edit MIME mappings at the Virtual server level.
6478090 `Current Password' field in the Nodes -> Select Administration Server-> Certificates -> Token Password Management page should be disabled if no token password has been set for the administrator.
6490705 Unable to configure uri-pattern specific configurations using the Admin Console.
6496545 Admin Console displays invalid properties when custom authentication database user properties are created through Admin CLI.
6502303 The Admin Console Migrate wizard creates multiple configurations if you click the Finish button multiple times.
6504495 Admin Console has 508 compliance issues.
6504951 User selection process in the Common Tasks->Edit Virtual Server->WebDAV->New page needs validation.
6360666 Installed CRL should have a meaningful name.
6364821 Admin CLI should support URIs, URI prefixes, URI wildcard patterns, and URI regular expressions for all commands that operate on URI space.
6366956 Search schedule events do not work from the Admin Console.
6378612 64-bit instance does not start on 32-bit remote node.
6423391 When a server certificate with data in non-DER format is installed, an incorrect error message is displayed.
6439132 Exceptions in Certificate Installation wizard not clear.
6468676 No validation exists for 'Java Home' field; accepts invalid data.
6474668 HTTP Listener field accepts names with spaces. This is invalid.
6476111 Unable to edit MIME types either using the Admin Console or the CLI.
6483365 GUI and CLI accept Web Server 7.0's server root for migration

The Admin Console and the CLI accept the Web Server 7.0 path instead of Web Server 6.1 or Web Server 6.0 path during migration. Web Server 7.0 path is not a valid path for the server-root property in the migrate-server command.

6492176 Default and null values get stored in obj.conf when a new configuration is created and saved using the Admin Console.

Administration Server stores the values passed by the Admin Console into obj.conf file without any validation.

6497004 SaveConfigException displayed on CLI during set-authdb-prop.

If a nonexistent file path is provided to the path property for keyfile authdb by using the set-authdb-prop command, results in SaveConfigException instead of a File does not exist message.

See the error log for the Administration Server.

6497143 At times, the execution of stop-admin command displays the "Admin Server Not Running" message when the Administration Server is actually running.
6498411 The get-cert-prop does not display only those properties mentioned in the <displayproperties> element.
6500715 Server error on trying to access a file in the cgi-bin directory.
6364702 wadm commands do not return valid error codes [0-125] when success or failure.
6370032 Session failover does not happen with RequestDispatcher include call.

While deploying two web applications on a cluster where the first application calls on the second application using the RequestDispatcher() include call, the persistence valves are not called during the RequestDispatcher ()'s invoke() method, and session replication does not occur.

6381950 Incorrect load factor set for BaseCache.

Session replication does not support more than two web applications.

6381954 Session replication fails to work on multiple web applications involving RequestDispatcher due to bad sequence.
6383313 Incorrect path is set on SR-intanceId cookie.

The SR-instanceId cookie should be set to the web application's path instead of the servlet's path.

6450360 The create-authdb command does not validate the URL at the time of the authentication database (authdb) creation. The create-authdb command successfully creates an authentication database with the wrong URL.
6450800 The get-error-log and the get-access-log commands displays cluttered and improper messages.
6459106 The wadm deploy fails to deploy the cluster configuration.

If any changes occur to the instance configuration files, manually or otherwise, the deploy-config command displays an error message stating that the instance has been modified.

6462891 No Admin Console is available to deploy web applications in user specific location.
6439577 Does not prompt for the token password when the instance is started from the wadm command prompt with a wrong token-pin.
6465470 Incorrect text in Groups settings page.

The text should read as "From this page you can add/remove user groups in the selected Authentication Database" instead of "From this page you add/remove user groups in the selected Authentication Database."

6465480 Incorrect message when you delete a JVM profiler.

The message should read as "Profiler deleted successfully" instead of "Profiler saved successfully".

6466409 Incorrect error message is displayed when you provide a wrong path while adding web application.
6467164 The window titles of the Admin Console wizards are not consistent.
6467785 Admin Console gives incorrect error message when you provide invalid Directory Server configuration values.
6470585 URI prefix of document directories is accepts the value without '\'.
6471737 The list-instances command lists the instances even if you do not specify the configuration value.
6472385 Token password changes made through the CLI is not reflected in GUI. It requires a browser refresh.
6467665 Migrating certificate with an invalid file path using the migrate-jks-keycert command, prompts the user to enter the keystore-password and the key-password.
6469104 The create-selfsigned-cert command allows you to define an inappropriate validity period while creating a server certificate.
6469109 The delete-cert command does not delete a certificate which is created with token "Sun Software PKCS#11 softtoken".
6471649 The list-events command output is not aligned.
6474584 dayofweek does not take "*" as an option.

For example, set an ACL as follows:

acl "uri=/"; 
deny (all) dayofweek="*"; 
allow (all) dayofweek="Sat,Sun";

In this program, you are restricting access on all days of week except Saturday and Sunday. This program does not work as you can you can successfully access the ACL on a Monday.

6477840 Admin Console should provide large text region for entering class path prefix, class path suffix, and native library path prefix.
6478165 Usability issues in the Install CRL page after incorrect file path is entered for CRL file on server.
6478229 The Instance->New page has incorrect title.
6478292 The Common Tasks->Select configuration ->Select Virtual Server ->Edit Virtual Server ->WebDAV->New page should have the Enter Users field only if the authentication database is PAM.
6478303 Admin Console allows you to create an ACE without entering user or group information for ACL. The check is not done if the authentication database is PAM.
6478612 Inline help for range of values accepted by Request Header Time-out text field is incorrect.
6500228 The Admin Console displays an exception when you create a duplicate record of a MIME types.
6501807 Deploying a new web application using the Admin Console kills sessions for all existing web applications.
6504748 With delete instance option, instead of deleting the symbolic links, the uninstaller deletes files from symbolic links.
6505994 Crash detected when creating properties with empty URI pattern
6510486 htaccess rules can become corrupted in memory.

If a single .htaccess file has more than five allow or deny rules, some of the rules might become corrupted in memory. If this occurs, some of the rules may be bypassed.

6506936 deploy-configfails when you modify JSPs or any other files in the webapps directory of the instance.

When using the pull-config either through the Admin Console or through the CLI, only the contents of the instance-dir/config directory is pulled into the config-store. In Web Server 7.0, when pull-config was used, the contents were pulled into instance-dir/config, instance-dir/lib, and instance-dir/web-app directories.

6492407 Front-end file accelerator cache.

Depending on ACLs and obj.conf configuration, a front end accelerator cache can service static file requests for URIs that were previously processed using NSAPI. The accelerator cache must work with the default configuration.

6498928 Output directives are not invoked for 0-byte files.

Output directives are not invoked for 0-length responses unless protocol_start_response() is called. send-file does not call protocol_start_response() function. Output directives are not invoked when sending 0-byte files.

6502258 Server crash with large output buffers.

If the output stream buffer size is bigger than the input buffer size, the server might attempt to buffer data at an invalid address. The default input buffer size is 8192 bytes.

6504755 Cannot disable access logging in default server instance.

The value of the <access-log> <enabled> element is ignored in the server.xml file.

6505390 Accelerator cache does not handle ssl-unclean-shutdown properly.

The accelerator cache does not interact correctly with the AuthTrans fn="match-browser" browser="*MSIE*" directive in the default configuration. When such a directive is present, the accelerator cache applies the "unclean shutdown" setting to every connection, regardless of the browser used.

6432375 On HP-UX, SNMP fails for some oid values.


Due to lack of the HP-UX API support and complexity, network in and out traffic statistics is not implemented. Use HP tools for monitoring the traffic statistics.

6430293 The AdminException messages displayed on the Admin Console are not localized.
6508299 Displays incorrect characters in search results on the left panel of online help on non-English locales.
6507819 Localized online help content have some differences from the English version.
6536820 Intermittent deploy-config failure while running QA Regression Tests on tinderbox
6486480 service-nsfc-dump entry hit counts are 0 with <replacement>false</replacement>.

If <replacement>false</replacement> is specified in server.xml file, entry hit counts show as 0 in the service-nsfc-dump output. However, the cache hit counts are displayed correctly.