Sun Java System Web Server 7.0 Update 6 Release Notes

Resolved Issues

This section lists the important issues fixed in the following releases:

Issues Resolved in 7.0 Update 6

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 6

Problem ID



Web Server 7 appears to ignore any attempt at configuring the "classdebuginfo" in sun-web.xml.


Detailed error message should be logged when adding of PDF documents to search collection fails. 


Virtual server creation will fail if there is a trailing space in the "Name" or "Hosts" fields. 


Self-signed certificate should use SHA1 as signature algorithm. 


Error while renewing a certificate in Sun Metaslot. 


Web Server should bundle the latest SASL. 


Race condition in the JVM when deploying a web application that contains a logger.  


<request-header-timeout> should default to 30 from –1.


Remove the Localization package/patch dependency check in the checkinstall script.


Favicon does not show up correctly in Internet Explorer 7. 


LDAP authentication fails with Directory Proxy server where anonymous authentication is set to false. 


ACL vulnerability (when dynamic group is used) allows non-authorized user to login. 


LDAP update in the Administration GUI fails if LDAP is a Directory Server consumer. 


In the Administration Console, the new configuration wizard text has to be improved. 


When configuring the error code for request limits, there is no mention of valid values. 


Last Modified date and the creation dates are incorrectly displayed in PROPFIND.


Last line of installation log file points to itself. The end of the log file has reference to the same file for more information. 


In certain scenarios, “Unable to connect to the node host” error from the Administration Server.


CLI page for add-webapps and Admin Guide's page titled 'Deploying Java Web Applications' should be updated.


use-responseCT-for-headers should be documented.


Support for FastCGI suid environment on RHEL5.0 in Web Server 7.0


Sample application documentation must say that Admin server must be started for ant deploy to be successful.


Windows vulnerability — Appending "::$DATA" to the file extension discloses the contents of JSP page.


Document typo in Sun Java System Web Server 7.0 U5 Administrator's Configuration File Reference Guide. 


Very little information about virtual-server-name_obj.conf in documentation.


ADMIN4159 error while renewing a certificate in Sun MetaSlot. 


Document the configuration settings necessary to get the FastCGI suid environment working for the different OS platforms.


CSR generated while renewing a CA-signed certificate needs formatting in GUI. 

Issues Resolved in 7.0 Update 5

This section lists the issues resolved in Sun Java System Web Server 7.0 Update 5

Problem ID



create-fastcgi-handler does not work as expected when value of app-args is specified as “a=b” or “c=d”.


Admin CLI does not accept input strings that has multibyte characters.


Migration from the previous versions of Web Server to Web Server 7.0 Update 3, resulted in unusual migration log files, although the migration of instance was successful.


obj-https-INSTANCE.conf is different from obj.conf.

<https-instance>-obj.conf gets created when a first change is made to obj.conf from admin server GUI or CLI. This situation occurs only if the Client tag is added, before this first change is made to the instance configuration through admin server. Once the <https-instance>-obj.conf is created, the same steps does not simulate this phenomenon.


The admin server adds the check-request-limits function at an invalid location in obj.conf.

While configuring check-request-limits function to obj.conf , you should ensure that it is inserted before find-index function.


Variables are removed from server.xml.

The null values for the CGI variables names, of a migrated instance, cannot be saved in the admin GUI. Hence they are removed from the server.xml.


Web Server 7.0 Admin GUI, throws the following error when Java is disabled- “BreadCrumbsModel: index out of bounds 1”.


Admin server fails to start.

The admin tools allow default language to be set to zh_cn, after which the server will not start and throws an error:

config:CONF1104:File /sun/webserver7/https-agc184.PRC.Sun.COM/config/server.xml 
line 98: Invalid <default-language> value:zh_cn


Permission error occurs while uploading a .war file using the admin GUI.


Usage of blank spaces while creating a new configuration, using admin GUI, throws an error.


The setNodeProperties in NodeMBean always rewrites the server-farm.xml. While rewriting, it converts the host name entry of the node to lowercase.


The admin server hangs during startup or configuration listing or any activity that is not directly on the instance or node.


The Web Server 7.0 Admin server fails to recognize the reason parameter of send-error SAF.


The Admin server fails to recognize Extended Validation SSL Server Certification.


Web Server should support binary logging.


Setting java-home of admin server does not propagate the settings to admin scripts.


Web Server 7.0 has a problem while using JSTL tlds and jaxp.


Web Server 7.0 Update 3 displays a blank screen as a response to maxSessions, instead of an error response.


NSAPI functions like vs_get_mime_type crashes Web Server for internal non-HTTP requests.


Increase MaxKeepAliveThread limit from 128 to 256.


Require binary logging, as access logging is affecting performance.


%Req->reqpb.clf-request.protocol.version% is not set properly in binary mode and hence binlog throws an error.


Web server setup fails when a localized directory is specified for document root.


Web Server installer throws a “PatchListener-Solaris-detectPatches-Failed” error under certain circumstances.


During unconfigureServer process a warning message “WARNING: ADMIN2028: Error removing init scripts” is displayed in case of AIX.


Update Web Server plugin to work with Netbeans 6.5.


Patches 125437–14 and 125438–14 are not alternate root compliant.


Web Server 7.0 Update 3 does not scale well on Windows, when compared to Apache.


Web Server 7.0 Update 3 throws an error while trying to create a new search event by Japanese encoding.


In Web Server 7.0, wildcard pattern matching for ACL does not work properly with IP addresses.


REQUEST_HEADERS:'/ regular expression /' does not work properly.


Enabling sendfilev for JSP applications can cause the server response to fail.

Issues Resolved in 7.0 Update 4

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 4.

Problem ID



Set environment variables REQUEST_URI and SCRIPT_FILENAME in CGI and FastCGI subsystems.


When starting a server instance that has a long running plugin initialization, the Admin server process produces high CPU load.


Incompatibility with Reuters IFP leads to server crash.


Renewed/new certificates are not utilized after configuration is deployed and restarted.


Session failover behaves incorrectly when two NICs are active on deployed nodes.


default-sun-web.xml is not referenced.


Setup fails when a localized directory is specified for Document Root.


The new Virtual Server wizard does not allow non-ASCII characters.


When using a LDAP authentication database, with a base DN having UTF8 characters, it causes an error such as:

ADMIN3143: Base DN 'ou=k?v?nok,dc=red,dc=iplanet,dc=com' does not exist


Web Server 7.0 Update 2 shows an error on startup, when the document root directory name ends in a .war.


When upgrading Web Server 7.0 Update 2 to Update 3, some no longer required files are left behind.


CgiStub exhibits unstable behavior when freeing file descriptors on Solaris.


An error is reported when creating a certificate with some Country selections.


State is sometimes not properly referenced when configuring new server configurations.


The registration page in setup displays very small text fields.


Upgrades from previous Update releases fail, if there exists a file named https-<instancename>.


Administration server does not startup on a new Java Enterprise System installation.


When deploying a web application using Admin GUI, the target directory is ignored if the file is on the server.


Silent install fails if CONFIGURE_LATER is set to true.



unconfigureServer is required when server is configured in configure later mode.


Create service in Admin GUI allows you to create a new service, even when the service already exists.


An incorrect error message is displayed in Admin GUI while saving the "Forward Parameters" as below:

Child 'from_hidden' does not have a registered descriptor
 in 'editReverseProxyPS1'


htaccess can cause server crashes.


Temporary directory of the Admin server /tmp/admin-server-xxx with /tmp/admin-server-xxx/configname/extracted/config/server.xml file is not being deleted, during a ./admin-server/bin/stopserv.


If a request is wrapped by a servlet or filter and forwarded to a static resource, an incorrect error HTTP 405 is returned.


<If> statements can corrupt the obj.conf files in the Admin Server.


SNMP is not compatible with default tcp_hiwat setting on Solaris 10.


In Update 2, the output of get-perfdump should not include sessions that are in keep alive mode.


When using Admin GUI in French locale the error message does not give the nodename during deployment, as shown below:

The administration server has detected that you have modified some of the
 instance configuration files on the following nodes: <b>\{0\}</b>.


In the French and Japanese locale Admin GUI, Sun Online account signup form for registration is not being properly displayed.


The Administration server does not always display the latest certificate.


The online installer help does not properly reflect removal of language packs from the installer component panel.


Creating a new configuration with CGI Enabled as File Type causes a failure.


Toggle state in some Admin server tables is incorrect.


Links do not point to localized sites.


Search engine fails with an error, when a html document with title contain characters like A&B.


The Admin GUI does not allow server header to be suppressed.


Provide consistent translations in German locale.


Inconsistency exists between button in a description and button's label.


A part of the table title in logviewer is corrupted.


Part of the French translation on Web Server parameters page is cut off.


Inconsistent translation of "Core Server" in French locale.


Button labels and Message strings should have consistent translations.


Allowed to register, even though the password and retype password are not identical.


The wadm cli does not display web application path.


The Japanese Admin GUI displays garbled messages.


Inconsistent translation of Reverse-proxy.


Bad translation of the term 'fancy' in French locale.


In Japanese locale, the OLH have invalid character.

Issues Resolved in 7.0 Update 3

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 3

Problem ID



Cannot access shell/system variables from wadm.


User and password dialog presented instead of directory index.

By default, Web Server 7.0 does not send a directory index unless the user has been authenticated. Attempting to access a directory prompts the user to enter a user name and password. This occurs because the default Access Control List (ACL) in Web Server 7.0 grants the list access right only to authenticated users. 


Clicking on the Version button in the Admin Console result in “file not found” warning in Administration error logs.


When a single user in group is deleted, an incorrect message “Group Saved Successfully" is displayed.


Web Server should store its pid file and UNIX domain sockets in /var/run instead of /tmp.


No obvious way to reset the administration server password.


[JESMF CONFORM] CP when stopping should call MfManagedElementServer_stop().


Admin Server does not time-out if the server instance restart does not respond.

On UNIX systems, the Administration Server waits until the server instance is restarted when the restart-instance command is executed. If the instance is not successfully restarted, the Administration Server does not respond to requests.


SNMP master agent process fails to start on Web Server


On Windows, wdeploy command fails if older version of libnspr4.dll is found in the system32 directory.


Web Server installer should import the admin self signed certificate into IE certificate tab.

When the Admin console is accessed using a browser, a pop-up (in the case of IE6 and Mozilla/Firefox) or a warning page (IE7) may be displayed stating that the certificate is not issued by a trusted certificate authority. This is because, the administration server uses a self-signed certificate. To proceed to the Administration GUI login page, do the following:  

  • On Mozilla/Firefox, click on the OK button in the pop-up window.

  • On Internet Explorer 6, click on the Yes button in the pop-up window.

  • On Internet Explorer 7, click on the "Continue to this website" link in the page.

The above procedure will accept the certificate temporarily for that browser session. 

To accept the certificate permanently, follow the steps below: 

  • On Firefox/Mozilla:

    Select the "Accept this certificate permanently" radio button in the pop-up window and click OK.

  • On Internet Explorer 6.0:

    1. Click on the "View Certificate" button in the pop-up window.

      Displays another pop-up window.

    2. Select the "Certification Path" tab, select the admin-ca-cert.

    3. Click on the "View Certificate" button and then on "Install Certificate..." button.

      Invokes the certificate import wizard using which you can import the admin CA certificate into the trusted root certificate database.

  • On Internet Explorer 7:

    1. Click on the "Continue to this website" link on the warning page.

      The login page is displayed.

    2. Click on the "Certificate Error" link located next to the address bar.

      A warning window is displayed. Click on the "View certificates" link.

    3. Follow the steps 1 to 3 as described in the section "On Internet Explorer 6" to import the admin CA certificate into the trusted root certificate database.


Create self signed certificate fails when the "Sun Metaslot" pin is not set


GUI Registration reminder doesn't show up properly on IE6

IE6 select element does not support z-index which is necessary for layering to work. Thus, if there is a layer, registration reminder, overlapping the drop downs (config and vs) , the drop downs will still be visible. 


Connection queue size set by server for 1024 max file descriptor is very less (128)

Web Server reserves the file descriptors for various components. If connection pool queue size, file cache max open files and keep-alive max connections are not set, then after reserving file descriptors for other components, Web Server divides the available descriptors among three. On systems where default value of max file descriptor is low, for example, Solaris 8 and RHEL, the connection pool size might be set to a low value. For example, on RHEL, the default value of max file descriptors is 1024. If the connection queue size is not assigned, then Web Server assigns 128 connections to connection queue. The value can be very low on busy systems. If connections starts timing out, users should set higher value for max file descriptors. 


Memory leak in Fastcgistub causes hang in the Fastcgi sub-system


Exception installing Web Server on Ubuntu.

On Linux Ubuntu, the package which contains the /bin/domainname is not available by default. You must install these packages for the Web Server installation to succeed.

To install the package, type the following command: 

sudo apt-get install nis


Web Server cannot be installed without installing compat-libstdc++.


REDHAT ES4.0 Linux 64-bit installation fails by having compat-libstdc++-33-3* (64-bit)version


On Windows, Web Server installation should use -Xrs JVM option by default.

Workaround:For more information on this fix see, Sun Java System Web Server Administrator's Configuration File Reference Guide.


Unclear error message if CLI and Administration Server versions are incompatible.

While upgrading Web Server 7.0 installation to Web Server 7.0 Update 2 , make sure that the entire setup CLI, Administration Server and all the Administration Nodes are also upgraded to Web Server 7.0 Update 2. This is because, Web Server 7.0 administration interfaces will not work correctly with Web Server 7.0 Update 2 administration interfaces. 


The Admin console does not add the required functions in the obj.conf file for a migrated instance.

When a JVM disabled Web Server 6.0 instance is migrated to Web Server 7.0 and when the migrated instance is enabled with the JVM option using the Admin console, the process does not add the following necessary lines in obj.conf file.

NameTrans fn="ntrans-j2ee" name="j2ee"
PathCheck fn="find-index-j2ee"
ObjectType fn="type-j2ee"
Error fn="error-j2ee"


On Windows, server fails to start after upgrading from Web Server 7 that is part of the Java ES 5 release to Web Server 7.0 Update 2 release using the patch.


Security patch 121656-16 is a mandatory perquisite for Sun Java System Web Server 7.0 Update 2 Linux patch on Java ES 5/U1.

However, the security patch exhibits cyclic dependency, hence making it impossible to apply any of the patches. 


Upgrade fails when upgrading to U2 when no sample apps is present in the existing installation.

On non-windows platforms (Solaris, Linux and HP-UX), if you have installed Web Server 7.0 or 7.0 update 1 without sample applications and if you upgrade to Web Server 7.0 update 2, you will see the following error message:  

A problem occurred during upgrade. To troubleshoot the problem, review the installation log at: <install-dir>/setup/Sun_Java_System_Web_Server_install.log

Note –

This error does not impact the upgrade.


Sample applications documentation must mention adding jar file to the class path in the properties file.

In the install-dir/samples/java/webapps/security/jdbcrealm/docs/index.html, under 'Compiling and Assembling the Application' section, there must be a mention of adding JDBC driver jar file to class path suffix in the file.


server.xml does not store the full file pattern for converting and including search .

The schema does not store the full file pattern allowed by both the Admin Console and the search administration tools in this version of the Web Server. It also has no way to represent the full file pattern that might sometimes need migration from the previous versions of the Web Server.  


On Red Hat Linux Enterprise Linux 5, Search functionality does not work properly.

On a Red Hat Enterprise Linux machine, if the compat-libstdc++ library is installed, you must remove the installed rpm and download/install the compat-libstdc++-296-2.96-132.7.2.i386.rpm .

For x86 32–bit and 64–bit download and install the compat-libstdc++-296-2.96-132.7.2.i386.rpm.

Note –

Do not download/install an rpm from unreliable sources as it may lead to security vulnerabilities.


Red Hat Enterprise Linux instance fails to start when the file system SELinux security is enabled.

Newer Linux distributions have new kernel security extensions enabled from the SELinux project. These extensions allow finer grained control over system security. However, SELinux also changes some default system behaviors, such as shared library loading that can be problematic to third-party programs. If you receive the error message “Cannot restore segment prot after reloc: Permission denied" when starting the Web Server Admin Server or instance, that means the system is SELinux enabled. 


Sun crypto 1000 with Web Server needs Solaris 10 patch 125465-02 (SPARC) and 125466-02 (x86).


Servlet container collects statistics when stats enabled element is set to false in the server.xml file.


JSF Web Applications running on Web Server 7.0 may break when running on Web Server 7.0 Update 1.

Web Server 7.0 Update 1 ships with JavaServer Faces 1.2 technology. All JavaServer Faces web applications are expected to work with Web Server 7.0 Update 1 without any modifications. However, there are a few known compatibility issues with JavaServer Faces 1.2 and might require applications to be modified to address these incompatibilities. The incompatibilities are documented in the JavaServer Faces release notes at:

Java ES 5 Portal Server users are suggested to delay upgrading to Web Server 7.0 Update 1 until Java ES 5 Update 1 is released.  


On Windows 2003, when a command is executed from the CLI, the message is not encoded correctly.


FastCGI Handler new Role is always created with "English" name.


Unlocalized strings are seen in CGI settings page.


CLI installer "Enter your option" is in English in localization locale.


Portal Server configures JVM stack size to 128K (too low) for Web Server 7.0 64–bit to start.

If Web Server 7.0 is already configured in 64–bit mode, and the Portal Server installation is started, Portal Server configuration does not set stack size to 128K. However, if both Portal Server and Web Server are already installed and configured in 32–bit mode, switching to 64–bit mode involve series of manual steps that are described in the Workaround section. 


schemagen/xjc/wsgen/wsimport scripts not present in Java ES Web Server installation.

schemagen/xjc/wsgen/wsimport scripts are present in different locations in Java ES installation and stand-alone installation of Web Server.


When upgrading Java ES 5 software to Java ES 5 Update 1, Portal Server samples fail with JSF exceptions if you have upgraded only Web Server but not the Portal Server.

For more information, see Compatibility Issues.


SMF commands removes Java ES environment from startserv and stopserv scripts (Solaris 10 only).


Web Server running on Windows contains no description for the service and the description is not updated after applying Java ES Update 1 patches.


Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1


Samples bundled with WS 7.0 cannot be used for experimenting session replication feature


Transfer-encoding header is sent after the body has been sent for fastcgi-perl.


iWS7.0U1 - Page-encoding is not case sensitive capable, e.g. utf-8 is different from UTF-8


servlet container implementation of encode/decode cookies has changed from >= SJSWS6.1


Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1


Uploading file > 2MB is limited by java webcontainer.


web 7.0 u2 jdbc resource settings do not allow -1 in maximum wait time and idle time out


JDBC resource pool of web70 doesn't work as expected after restarting RDB.


Can't redirect the stderr message from FastCGI into error log.

The data sent from FastCGI to stderr is not logged into the error log.


compress-file function lacks documentation (SJSWS7.0)


web server documentation needs to be more specific on filter it's scope and what they are


server goes into a loop given a particular htaccess configuration


filter is applied twice when a web-apps 's welcome file list is accessed as /contextroot

When a welcome file is accessed as /context-root, filters present are applied twice.


web 7.0 u2 patch 125437-13 should doc pre-requisite of nss patch 3.11.8 or above as needed


pull-config garbles binary file in config/ directory due to tokenizing (SJSWS7.0u2)


instance does not start if the user has certain umask settings during installation


es, fr - OLH is not displaying, exception thrown

Issues Resolved in 7.0 Update 2

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 2

Problem ID



Request to the server fails with using of "Sun Software PKCS#11 softtoken".


Server should automatically size connection queue, keep-alive subsystem, and file cache.


Java garbage collector activity is higher in Web Server 7.0 when compared against Web Server 6.1.

The servlet container in Web Server 7.0 creates many Java objects. 


If a servlet is mapped to req URI formed by partial req + welcome file, the behavior is wrong.

If a web container receives a valid partial request, the web container must examine the welcome file list defined in the deployment descriptor. The welcome file list is an ordered list of partial URLs with no trailing or leading /. The Web Server must append each welcome file in the order specified in the deployment descriptor to the partial request and check whether a static resource or a servlet in the WAR file is mapped to that request URI. The web container must send the request to the first resource in the WAR that matches.


Multi-byte characters in headers can not be retrieved by req.getHeader().

The characters are not parsed correctly, when request.getHeader() is called.


The hardcoded message "ADMIN3594: Configuration changes require a server restart" is not localized.


In the Japanese locale online help, the description about the PAM for "Editing Authentication Databases" incorrectly states the name of Directory Server.

The description must be read as: "Editing Authentication Databases" PAM -- PAM is the new auth-db supported by Sun Java System Web Server 7.0.  


Search collection subdirectory with leading slash causes confusing error.

When you try to create a search collection and set the document root subdirectory with a leading slash, the error message produced wrongly informs you that a slash at the beginning is needed. 


Inconsistent wording found in Directory listing type.

The sentence "Error response file to use when indexing is None" should be changed to "Error response file to use when listing is None". 


The word "Other" in the list of countries is not translated.


In the Add Documents window, Included checkbox for subdirectory is not translated.


Japanese language help: “Editing Authentication Databases” have different description about PAM.


Translation issue of Admin GUI messages in Japanese.


Translation issue of GUI installer OLH.


In Java ES, Web Server 7.0 with Access Manager displays a null pointer exception.


Web Server fails to start when HTTP listener protocol family="nca" is used for Solaris SPARC, Linux and HP-UX platforms.

Web Server instance does not restart on setting the Protocol-Family property to nca in the EditHTTPListener wizard.


Setting digestauthstate property through the set-authdb-prop CLI does not validate the value and allows to set junk value for this property.


The Results page in all Admin Console wizards should be aligned properly.


The default server.xml should not contain the <stack-size> element.


The create-instance command fails on remote node intermittently and logs HTTP 400 error.


Executing the create-instance command immediately after starting a remote node fails on the remote node.


The list-cert command does not list the certificates if the certificate nickname contains a colon.


<pkcs11> element not removed from server.xml even when child elements are absent.


<pkcs11/> added to server.xml when token pin is set.


Cannot edit WebDAV collection properties through the Admin Console

When a configuration is deployed on multiple nodes, the lockdb path must be a shared location mounted on the same path on all the nodes. Additionally, to list or expire locks in the lockdb from the Admin Console, the same path must be writable from the Administration Server.


The add-webapp command when used with JSP pre-compilation option does not delete the previously precompiled JSP files.


The Admin Console or the Admin CLI does not provide support to add CA certificates to the Administration Server.


'external' expression function with quoted path is not working.


On HP-UX, SNMP fails for some oid values.


On HP-UX 11.11, Web Server fails to start when max heap size is 2048 MBytes or greater.


The basic-search.html has unclear description.


Installing the stand-alone product over an existing Java ES installation and vice-versa is not supported.


On Windows - unable to deploy configuration and start up after disabled Java


Server should automatically size connection queue, keep-alive subsystem, and file cache.

Issues Resolved in 7.0 Update 1

The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 1

Problem ID 



Java LDAP connection pool interaction issue - initial connection is never timed out.

Specifying a Java LDAP connection pool through the JVM options in the server.xml file and referencing this with an external JNDI resource when the web server is started, creates a pooled LDAP connection. With this connection, it is always marked as busy and the connection never expires.


Values of 'mail-resource' sub elements are not getting set on mail session object.


NSAPIRequest.setupRequestFields is slow.

com.sun.webserver.connector.nsapi.NSAPIRequest.setupRequestFields is slow primarily because of excessive String-->byte and byte-->String conversion when parsing Cookie headers.


The servlet container does not use accelerator cache when processing RequestDispatcher includes.


On Windows, dynamic reloading of JSP produces incorrect output.


ssl-check is not working with NSAPI based plug-in.

"PathCheck fn="ssl-check" secret-keysize=128 bong file="xxxxx.yyy.html" 

For static file requests, if the secret-keysize of the client is less than the size specified by the server and a bong file is present, then the bong file is sent back as the response. However, requests for dynamic content (for example, JSP files) return the actual requested object (for example, the JSP file) rather than the bong file.


Problem having server-parsed HTML (ParseHTML) and .htaccess with restricted group option.

Authentication succeeds when parsing through a HTML file which has the shtml include entries and is configured to authenticate through .htaccess which has the "restricted by group" option enabled. If the group user gets authenticated, then the result page does not get shtml include entries. This however works fine with the user in .htaccess file has "restricted by user" option.


SSL session cache cannot be disabled.

Session cache is enabled by default. When the session cache is disabled and URL is accessed through the HTTPs protocol, the URL does not go through and the server log displays an error message indicating that the SSL cannot be configured without session-cache.


Samples refer to "Sun ONE" instead of "Sun Java System".

The servlet sample,, co-packaged with Web Server 7.0 refers to “SunONE” instead of “Sun Java System”.


sampleapps/java/webapps/simple docs invalid.

The documents for a simple sample application shows an incorrect pathname. The path should be install_dir/plugins/java/samples/webapps/simple/src instead of install_dir/samples/java/webapps/simple/src.


No CLI support to configure FastCGI. Need to manually edit obj.conf or magnus.conf files to configure FastCGI.


Memory leak found in FastCGI.


Admin Console online help needs to be updated.

The online help needs to be updated for the following:  

  1. Context-based help should be provided.

  2. All screens must have a corresponding help page.

  3. Help pages must reflect the changes in the GUI.

  4. Inconsistent usage of terminology between the GUI and online help.

  5. Fix grammatical errors.

  6. Detailed description for some topics.


Mismatch between online help and the Admin Console.


Missing help file under config tokens page.

Common Tasks > Edit Configuration > Certificates > PKCS11 Tokens, the help file for this screen is missing. 


Cannot dynamically reconfigure HTTP listener family. The Instance does not start on setting the protocol family to nca.


<listen-queue-size> upper bound is set to 65535, which is too small. Need to increase the <listen-queue-size> upper bound.


Incorrect ObjectType fn="force_type" added in object cgi on creation of new cgi directory.

When creating a new cgi directory, an incorrect object type force_type is added to the obj.conf file.


On Windows, dialog box to enter the token password appears on restarting an instance after the deployment. This behavior is not see on other platforms.


On Windows, wadm does not update classpath correctly if classpath contains a semicolon (;)

The semicolon in tcl is interpreted as a command terminator, which is used to group multiple commands in a single line. On Windows, semicolon is used as a path separator.


SNMP Management Information Base (MIB) for "iwsFractionSysMemUsage" does not show correct results

SNMP MIB "Fraction of process memory in system memory" which is part of iws.mib gives wrong results when queried by the SNMP manager utility.


Incorrect error message is displayed if you execute the list-tokens command without specifying the configuration value.


Incorrect error message is displayed if you execute the list-authdb-userprops command without specifying the authdb value.


No error message is displayed if you execute the get-ssl-prop command with an invalid http-listener value.


Cannot edit the MIME types using the Admin Console.


Displays an improper message when you stop an instance that does not exist.

An error message `Successfully stopped the server instance' is displayed if you try to stop an instance that does not exist. 


wadm allows you to create a configuration with a negative port number.


Incorrect error message is displayed if you execute the create-cert-request command with an invalid key-size value.


The delete-group command displays an incorrect error message if you specify an invalid group value.


No error message is displayed when you execute the list-group-members command with an invalid group-ID value.


Cannot set the rewrite-location properties using the set-reverse-proxy-prop command.

You cannot set the -rewrite-location property to false. The value specified for the -rewrite-location is not validated. For example, specifying the = symbol for the i-rewrite-location option corrupts the obj.conf file and results in parser error.


The set-token-prop command sets wrong passwords in the server.xml file even if the token pin has not been specified.


Incorrect error message is displayed on LDAP user creation failure.


If an invalid node name is specified while deleting an instance, an incorrect error message is displayed.


The register-node command runs successfully with non SSL port only in shell mode.

In shell mode, typing the register-node command with the -no-ssloption registers the node successfully as the command is falsely executed in the SSL mode.


The get-jvm-prop command does not print the command when echo is enabled in shell mode.


Incorrect error messages are displayed when you execute the list-locks and expire-lock commands.


A 'null' message is displayed if you execute the list-instances, list-crls, list-tokens, and list-certs commands without specifying the configuration name.


The error message for the list-url-redirects command is not localized.


wadm prompts for a token pin if you specify an invalid configuration name while trying to delete an existing certificate.


While creating an HTTP listener using the CLI, the create-http-listener command creates a listener with null value as name.


If you do not specify a virtual server while executing the list-dav-collections command, an incorrect error message is displayed.


If you do not specify the authentication database while executing the list-users, list-org-units, list-groups, and list-group-members commands, an incorrect error message is displayed.


If you do not specify a virtual server while executing the list-uri-patterns command, an incorrect error message is displayed.


list-userprops CLI gives improper message.

If you do not specify a JNDI name or specify an invalid JNDI name while executing the list-jdbc-resource-userprops, list-soap-auth-provider-userprops, list-auth-realm-userprops, list-external-jndi-resource-userprops, list-custom-resource-userprops commands, an incorrect error message is displayed.  


Error message given when entering invalid wadm command is misleading.

When you type an invalid command, an error message “Invalid command <command name>. Use "help" command for a list of valid commands.” is displayed. The help man page does not contain a list of valid command. Therefore this error message is misleading. 


The create-user command usage for the LDAP authentication database is ambiguous.


The set-cert-trust-prop command accepts incorrect properties and does not show proper error message.


Administration Server does not validate the password length and mechanism support of the given token.


Certificate with same server name as existing certificate cannot be created with the same nickname.


Virtual Server Web Applications page title help is incorrect.


Prompt to enter token pin while starting instance should not appear if configuration has not been deployed.


Admin Console does not provide an option to edit document directories and CGI records.


Admin Console should have a tab to add and edit MIME mappings at the Virtual server level.


`Current Password' field in the Nodes -> Select Administration Server-> Certificates -> Token Password Management page should be disabled if no token password has been set for the administrator.


Unable to configure uri-pattern specific configurations using the Admin Console.


Admin Console displays invalid properties when custom authentication database user properties are created through Administration CLI.


The Admin Console Migrate wizard creates multiple configurations if you click the Finish button multiple times.


Admin Console has 508 compliance issues.


User selection process in the Common Tasks->Edit Virtual Server->WebDAV->New page needs validation.


Installed CRL should have a meaningful name.


Administration CLI should support URIs, URI prefixes, URI wildcard patterns, and URI regular expressions for all commands that operate on URI space.


Search schedule events do not work from the Admin Console.


64–bit instance does not start on 32–bit remote node.


When a server certificate with data in non-DER format is installed, an incorrect error message is displayed.


Exceptions in Certificate Installation wizard not clear.


No validation exists for 'Java Home' field; accepts invalid data.


HTTP Listener field accepts names with spaces. This is invalid.


Unable to edit MIME types either using the Admin Console or the CLI.


GUI and CLI accept Web Server 7.0's server root for migration

The Admin Console and the CLI accept the Web Server 7.0 path instead of Web Server 6.1 or Web Server 6.0 path during migration. Web Server 7.0 path is not a valid path for the server-root property in the migrate-server command.


Default and null values get stored in obj.conf when a new configuration is created and saved using the Admin Console.

Administration Server stores the values passed by the Admin Console into obj.conf file without any validation.


SaveConfigException displayed on CLI during set-authdb-prop.

If a nonexistent file path is provided to the path property for keyfile authdb by using the set-authdb-prop command, results in SaveConfigException instead of a File does not exist message.

See the error log for the Administration Server. 


At times, the execution of stop-admin command displays the "Admin Server Not Running" message when the Administration Server is actually running.


The get-cert-prop does not display only those properties mentioned in the <displayproperties> element.


Server error on trying to access a file in the cgi-bin directory.


wadm commands do not return valid error codes [0-125] when success or failure.


Session failover does not happen with RequestDispatcher include call.

While deploying two web applications on a cluster where the first application calls on the second application using the RequestDispatcher() include call, the persistence valves are not called during the RequestDispatcher()'s invoke() method, and session replication does not occur.


Incorrect load factor set for BaseCache.

Session replication does not support more than two web applications. 


Session replication fails to work on multiple web applications involving RequestDispatcher due to bad sequence.


Incorrect path is set on SR-intanceId cookie.

The SR-instanceId cookie should be set to the web application's path instead of the servlet's path.


The create-authdb command does not validate the URL at the time of the authentication database (authdb) creation. The create-authdb command successfully creates an authentication database with the wrong URL.


The get-error-log and the get-access-log commands displays cluttered and improper messages.


The wadm deploy fails to deploy the cluster configuration.

If any changes occur to the instance configuration files, manually or otherwise, the deploy-config command displays an error message stating that the instance has been modified.


No Admin Console is available to deploy web applications in user specific location.


Does not prompt for the token password when the instance is started from the wadm command prompt with a wrong token-pin.


Incorrect text in Groups settings page.

The text should read as “From this page you can add/remove user groups in the selected Authentication Database” instead of “From this page you add/remove user groups in the selected Authentication Database.” 


Incorrect message when you delete a JVM profiler.

The message should read as “Profiler deleted successfully” instead of “Profiler saved successfully”. 


Incorrect error message is displayed when you provide a wrong path while adding web application.


The window titles of the Admin Console wizards are not consistent.


Admin Console gives incorrect error message when you provide invalid Directory Server configuration values.


URI prefix of document directories is accepts the value without '\'.


The list-instances command lists the instances even if you do not specify the configuration value.


Token password changes made through the CLI is not reflected in GUI. It requires a browser refresh.


Migrating certificate with an invalid file path using the migrate-jks-keycert command, prompts the user to enter the keystore-password and the key-password.


The create-selfsigned-cert command allows you to define an inappropriate validity period while creating a server certificate.


The delete-cert command does not delete a certificate which is created with token "Sun Software PKCS#11 softtoken".


The list-events command output is not aligned.


dayofweek does not take "*" as an option.

For example, set an ACL as follows:  

acl "uri=/"; 
deny (all) dayofweek="*"; 
allow (all) dayofweek="Sat,Sun";

In this program, you are restricting access on all days of week except Saturday and Sunday. This program does not work as you can you can successfully access the ACL on a Monday. 


Admin Console should provide large text region for entering class path prefix, class path suffix, and native library path prefix.


Usability issues in the Install CRL page after incorrect file path is entered for CRL file on server.


The Instance->New page has incorrect title.


The Common Tasks->Select configuration ->Select Virtual Server ->Edit Virtual Server ->WebDAV->New page should have the Enter Users field only if the authentication database is PAM.


Admin Console allows you to create an ACE without entering user or group information for ACL. The check is not done if the authentication database is PAM.


Inline help for range of values accepted by Request Header Time-out text field is incorrect.


The Admin Console displays an exception when you create a duplicate record of a MIME types.


Deploying a new web application using the Admin console kills sessions for all existing web applications.


With delete instance option, instead of deleting the symbolic links, the uninstaller deletes files from symbolic links.


Crash detected when creating properties with empty URI pattern


htaccess rules can become corrupted in memory.

If a single .htaccess file has more than five allow or deny rules, it is possible that some of the rules may become corrupted in memory. If this occurs, some of the rules may be bypassed.


deploy-config fails when you modify JSPs or any other files in the webapps directory of the instance.

When using the pull-config either through the Admin Console or through the CLI, only the contents of the instance_dir/config directory is pulled into the config-store. In Web Server 7.0, when pull-config was used, the contents were pulled into instance_dir/config, instance_dir/lib, and instance_dir/web-app directories.


Front-end file accelerator cache.

Depending on ACLs and obj.conf configuration, a front end accelerator cache can service static file requests for URIs that were previously processed using NSAPI. The accelerator cache must work with the default configuration.


Output directives are not invoked for 0-byte files.

Output directives are not invoked for 0-length responses unless protocol_start_response() is called. send-file does not call protocol_start_response() function. Output directives are not invoked when sending 0-byte files.


Server crash with large output buffers.

If the output stream buffer size is bigger than the input buffer size, the server might attempt to buffer data at an invalid address. The default input buffer size is 8192 bytes.  


Cannot disable access logging in default server instance.

The value of the <access-log> <enabled> element is ignored in the server.xml file.


Accelerator cache does not handle ssl-unclean-shutdown properly.

The accelerator cache does not interact correctly with the AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true" directive in the default configuration. When such a directive is present, the accelerator cache applies the "unclean shutdown" setting to every connection, regardless of the browser used.


On HP-UX, SNMP fails for some oid values.


Due to lack of the HP-UX API support and complexity, network in and out traffic statistics is not implemented. Use HP tools for monitoring the traffic statistics. 


The AdminException messages displayed on the Admin Console are not localized.


Displays incorrect characters in search results on the left panel of online help on non-English locales.


Localized online help content have some differences from the English version.


Intermittent deploy-config failure while running QA Regression Tests on tinderbox