A hierarchy of rules which the web server uses to evaluate incoming access requests.
A collection of ACEs. An ACL is a mechanism for defining which users have access to your server. You can define ACL rules that are specific to a particular file or directory, granting or denying access to one or more users and groups.
A web-based server that contains the forms you use to configure all of your Sun Java System Web Servers.
The username and password file for the Enterprise Administrator Server superuser.
Software that runs the network-management software in a network device, such as a router, host, or X terminal. See also intelligent agents.
Allows Glossarys to verify their identity to the server. Basic or Default authentication requires users to enter a username and password to access your web server or web site. It requires a list of users and groups in an LDAP database. See also digest and SSL authentication.
The granting of access to an entire server or particular files and directories on it. Authorization can be restricted by criteria including hostnames and IP addresses.
A nontransferable, nonforgeable, digital file issued from a third party that both communicating parties already trust.
CA list, provided by the CA, of all revoked certificates.
An internal or third-party organization that issues digital files used for encrypted transactions.
Common Gateway Interface. An interface by which external programs communicate with the HTTP server. Programs that are written to use CGI are called CGI programs or CGI scripts. CGI programs handle forms or parse output the server does not normally handle or parse.
An additional root directory you can create to limit the server to specific directories. You’d use this feature to safeguard an unprotected server.
A cipher is a cryptographic algorithm (a mathematical function), used for encryption or decryption.
Information disguised by encryption, which only the intended recipient can decrypt.
Software, such as Mozilla Firefox, used to request and view World Wide Web material.
A group of remote ”slave’ administration servers added to and controlled by a ”master’ and administration server. All servers in a cluster must be of the same platform and have the same userid and password.
A list of key information about users who have compromised keys. The CA also provides this list.
A background process responsible for a particular system task.
Dynamic Host Configuration Protocol. An Internet Proposed Standard Protocol that allows a system to dynamically assign an IP to individual computers on a network.
Allows the user to authenticate without sending the username and password as cleartext. The browser uses the MD5 algorithm to create a digest value. The server uses the Digest Authentication plug-in to compare the digest value provided by the client.
Domain Name System. The system that machines on a network use to associate standard IP addresses (such as 22.214.171.124) with hostnames (such as www.sun.com). Machines normally get this translated information from a DNS server, or they look it up in tables maintained on their systems.
A hostname that the DNS server knows points to a different host—specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as www.yourdomain.domain might point to a real machine called realthing.yourdomain.domain where the server currently exists.
A directory on the server machine that contains the files, images, and data you want to present to users accessing the server.
The process of transforming information so it can’t be decrypted or read by anyone but the intended recipient.
A method of indexing that provides more information than simple indexing. Fancy indexing displays a list of contents by name with file size, last modification date, and an icon reflecting file type. Because of this, fancy indexes might take longer than simple indexes for the client to load.
A network configuration, usually both hardware and software, that protects networked computers within an organization from outside access. Firewalls are commonly used to protect information such as a network’s email and data files within a physical building or organization site.
A format used by the server for entering information into the access logs.
An encryption system used by U.S. government agencies to manage sensitive but unclassified information.
File Transfer Protocol. An Internet protocol that allows files to be transferred from one computer to another over a network.
Graphics Interchange Format. A cross-platform image format originally created by CompuServe. GIF files are usually much smaller in size than other graphic file types (BMP, TIFF). GIF is one of the most common interchange formats. GIF images are readily viewable on UNIX, Microsoft Windows, and Apple Macintosh systems.
The termination of a process or service and its subsequent restart. See also soft restart.
A document that exists on the server and acts as a catalog or entry point for the server’s contents. The location of this document is defined within the server’s configuration files.
Hypertext Markup Language. A formatting language used for documents on the World Wide Web. HTML files are plain text files with formatting codes that tell browsers such as the Mozilla Firefox how to display text, position graphics and form items, and display links to other pages.
The combination of port number and IP address. Connections between the server and clients happen on an HTTP Listener.
The next generation of HyperText Transfer Protocol.
A process that makes areas of an image active, letting users navigate and obtain information by clicking the different regions of the image with a mouse. Imagemap can also refer to a CGI program called “imagemap,” which is used to handle imagemap functionality in other HTTPD implementations.
A UNIX file listing programs that need to be restarted if they stop for any reason It ensures that a program runs continuously. Because of its location, it is also called /etc/inittab. This file isn’t available on all UNIX systems.
An object within a server that performs various requests (such as HTTP, NNTP, SMTP, and FTP requests) on behalf of the user. In a sense, the intelligent agent acts as a client to the server, making requests that the server fulfills.
Integrated Services Digital Network.
An HTML tag that turns on searching in the client. Documents can use a network navigator’s capabilities to accept a search string and send it to the server to access a searchable index without using forms. In order to use <ISINDEX>, you must create a query handler.
ISMAP is an extension to the IMG SRC tag used in an HTML document to tell the server that the named image is an imagemap.
Internet Service Provider. An organization that provides Internet connectivity.
An object-oriented programming language created by Sun Microsystems used to create real-time, interactive programs called applets.
Extensions that enable all Java servlet metafunctions, including instantiation, initialization, destruction, access from other components, and configuration management. Java servlets are reusable Java applications that run on a web server rather than in a web browser.
A compact, object-based scripting language for developing client and server Internet applications.
Extensions that enable all JavaServer page metafunctions, including instantiation, initialization, destruction, access from other components, and configuration management. JavaServer pages, are reusable Java applications that run on a web server rather than in a web browser.
The last modification time of the document file, returned in the HTTP response from the server.
A database where lists of users and groups is stored for use in authentication.
The main Web Server configuration file. This file contains global server configuration information (such as, port, security, and so on). This file sets the values for variables that configure the server during initialization. Enterprise Sever reads this file and executes the variable settings on startup. The server does not read this file again until it is restarted, so you must restart the server every time you make changes to this file.
A message digest algorithm by RSA Data Security. MD5 can be used to produce a short digest of data that is unique with high probability. It is mathematically extremely hard to produce a piece of data that produces the same message digest email.
A message digest produced by the MD5 algorithm.
Management Information Base.
The MIME (Multi-purpose Internet Mail Extension) type configuration file. This file maps file extensions to MIME types, to enable the server to determine the type of content being requested. For example, requests for resources with .html extensions indicate that the client is requesting an HTML file, while requests for resources with .gif extensions indicate that the client is requesting an image file in GIF format.
Software utility required for installing PKCS#11 module for external encryption or hardware accelerator devices.
A machine users can use to remotely manage a network. A managed device is anything that runs SNMP such as hosts, routers, and web servers. An NMS is usually a powerful workstation with one or more network management applications installed.
Network Information Service. A system of programs and data files that UNIX machines use to collect, collate, and share specific information about machines, users, file systems, and network parameters throughout a network of computers.
The server’s object configuration file. This file contains additional initialization information, settings for server customization, and instructions that the server uses to process requests from clients (such as browsers). Sun Java System Web Server reads this file every time it processes a client request.
Software utility required to export the certificate and key databases from your internal machine, and import them into an external PKCS#11 module.
The decryption key used in public-key encryption.
A set of rules that describes how devices on a network exchange information.
Directories not inside the document root that are in a UNIX user’s home directory, or directories that are under the user’s control.
The encryption key used in public-key encryption.
the performance limits you set for a server instance, virtual server class, or virtual server.
A system by which clients accessing a particular URL are sent to a different location, either on the same server or on a different server. This system is useful if a resource has moved and you want the clients to use the new location transparently. It’s also used to maintain the integrity of relative links when directories are accessed without a trailing slash.
Request For Comments. Usually, procedures or standards documents submitted to the Internet community. People can send comments on the technologies before they become accepted standards.
An extension that allows you to extend and/or customize the core functionality of Sun Java System Web Servers and provide a scalable, efficient mechanism for building interfaces between the HTTP server and back-end applications. Also known as NSAPI.
The opposite of fancy indexing—this type of directory listing displays only the names of the files without any graphical elements.
Simple Network Management Protocol.
Firewall software that establishes a connection from inside a firewall to the outside when direct connection will otherwise be prevented by the firewall software or hardware (for example, the router configuration).
A way to restart the server that causes the server to internally restart, that is, reread its configuration files. A soft restart sends the process the HUP signal (signal number one). The process itself does not die, as it does in a hard restart.
Confirms users’ identities with security certificates by using the information in the client certificate as proof of identity, or verifying a client certificate published in an LDAP directory.
A function that converts a date and a time to a string. It’s used by the server when appending trailers. strftime has a special format language for the date and time that the server can use in a trailer to illustrate a file’s last-modified date.
A Java application that provides server administrators with a graphical interface for managing all Sun Java System Web Servers from one central location anywhere within your enterprise network. From any installed instance of the Sun Java System Web Server Administration Console, you can see and access all the Sun Java System servers on your enterprise’s network to which you have been granted access rights.
Abbreviation for symbolic links, which is a type of redirection used by the UNIX operating system. Sym-links let you create a pointer from one part of your file system to an existing file or directory on another part of the file system.
Transmission Control Protocol/Internet Protocol. The main network protocol for the Internet and for enterprise (company) networks.
A specified time after which the server should give up trying to finish a service routine that appears hung.
Secure Sockets Layer. A software library establishing a secure connection between two parties (client and server) used to implement HTTPS, the secure version of HTTP.
A program on some UNIX systems that shows the current state of system resource usage.
The highest category of hostname classification, usually signifying either the type of organization the domain is (for example, .com is a company, .edu is an educational institution) or the country of its origin (for example, .us is the United States, .jp is Japan, .au is Australia, .fi is Finland).
Uniform Resource Identifier. A file identifier that provides an additional layer of security by using an abbreviated URL. The first part of the URL is substituted with a URL mapping that hides the file’s full physical pathname from the user. See also URL mapping.
A sample URL is http://www.sun.com/index.html.
A process that repairs and updates a URL database that has been damaged by a software failure, a system crash, a disk breakdown, or a full file system.
The process of mapping a document directory’s physical pathname to a user-defined alias so that files within the directory need only refer to the directory’s alias instead of the file’s full physical pathname. Thus, instead of identifying a file as usr/sun/servers/docs/index.html, you can identify the file as /myDocs/index.html. This provides additional security for a server by eliminating the need for users to know the physical location of server files.
Virtual servers are a way of setting up multiple domain names, IP addresses, and server monitoring capabilities with a single installed server.
A collection of virtual servers that shares the same basic configuration information in a obj.conf file.
A collection of servlets, JavaServer Pages, HTML documents, and other web resources which might include image files, compressed archives, and other data. A web application may be packaged into an archive (a WAR file) or exist in an open directory structure.
CGI programs written in a Windows-based programming language such as Visual Basic.