Oracle iPlanet Web Server 7.0.9 Administrator's Guide

Chapter 1 Getting Started

This chapter describes the basics of Web Server by providing a brief description of terms used in this guide.

Introduction

Web Server 7.0.9 is a multi-process, multi-threaded, secure web server built on industry standards. It provides high performance, reliability, scalability, and manageability for medium to large enterprises.

Web Server 7.0.9 provides comprehensive command-line interface support, consolidated configuration, enhanced security with Elliptic Curve Cryptography support, and clustering support. It also comes with a robust built-in migration tool that helps migrate applications and configurations from Web Server 6.0 and 6.1 to Web Server 7.0.9.

What is New?

See Oracle iPlanet Web Server 7.0.9 Release Notes for more information on the new features and enhancements in Web Server 7.0.9.

Starting the Administration Server

In order to use the administration interface, you need to start the Administration Server.

Starting the Administration Server in Unix/Linux

To start the Administration Server perform the following tasks:

ProcedureStarting the Administration Server in Unix/Linux

  1. Go to the install_root/admin-server/bin directory (for example, /usr/sjsws7.0/admin-server/bin)

  2. Type ./startserv.

    This command starts the Administration Server using the port number you specified during installation.

Starting the Administration Server in Windows

The Web Server 7.0.9 installation program creates a program group with several icons for Windows platforms. The program group includes the following icons:

Note that the Administration Server runs as a services applet; thus, you can also use the Control Panel to start this service directly.

Different Ways of Administering Your Server

You can manage Web Server 7.0.9 by using the following user interfaces:

You can either use the wadm shell interface which is discussed later in this chapter, or the web-based Administration Console to manage instances. Note that the Administration Node can have only one instance of a particular Configuration running.

Using Administration Console

After installing Web Server 7.0.9, use your browser to access the Administration Console.

The URL you use to navigate to the Administration Server page depends on the computer host name and the port number you choose for the Administration Server when you install Web Server 7.0.9. For example, if you installed the Administration Server with SSL port 1234, the URL will look like this:

https://myserver.sun.com:1234/

You need to log in to the Administration Console to perform server administration. You set up the administrator user name and password when you install Web Server 7.0.9 on your computer. The following figure shows the authentication screen:

Web Server 7.0.9

The first page you see when you access the Administration Server is the common tasks page. Use the buttons on this page to manage, add, remove, and migrate servers. The common tasks page is shown in the following figure.

Web Server 7.0.9
Note –

Clicking any of these tabs may result in child tabs appearing on the page. The actions provided by the child tabs are specific to the parent tab functionality.

The following figure shows the child tabs for a selected tab:

Web Server 7.0.9

Clicking on the tab opens pages in the same window. There are certain tasks that involve gathering data from the user in series of steps. The Administration Console has a wizard interface for such tasks. Wizards always openin a new window.

Help on Administration Console GUI Screens

All form elements and GUI components have a detailed inline help that provides information on the validation and optional parameters. When you use the wizard interface, you can click on the help tab at any time in order to obtain help for the current task.

Using CLI

This section describes the Command Line Interface for Web Server 7.0.9 and defines all the commands that are supported for configuring and administering the server.

Web Server 7.0.9 has introduced a new CLI called wadm.

The earlier version of the Server supported a few discrete command lines, which together addressed only a subset of whole administration functionality provided in the GUI. The command line interfaces supported in Web Server 6.1 were HttpServerAdmin, wdeploy and flexanlg. The new CLI (wadm) features include:


Note –

Web Server 7.0.9 does not support HttpServerAdmin.



Note –

wdeploy is supported in Web Server 7.0.9 only for backward compatibility with 6.x versions and will work only on the Administration Server node.


Modes of CLI

wadm supports invocation in the following three modes. They are:

The following figure depicts the syntax for invoking wadm commands.

Web Server 7.0.9
Note –

With the wadm CLI, you can perform all of the same tasks as the Administration Console.


Where Can I Find wadm CLI?

Question:

Where can I find the CLI for Web Server 7.0.9 administration?

Answer:

The administration CLI is located at install-root/bin/wadm. To use the CLI, you need to know:


Note –

The Administration server needs to be running in order to use the CLI. You can start the server by running install-root/admin-server/bin/startserv.


Authentication in CLI

wadm will use the username and password of the administrator to authenticate the Administration Server. A valid username and password file must be passed as arguments to each command running in single mode. The shell mode accepts the username and password file when the wadm executable is invoked. Commands invoked in the shell mode do not require the connection options (for example, user, password-file, host, port and ssl). If connection options are specified, they will be ignored.

Some commands supported by the CLI require password inputs. For example, bindpw, user-password and token-pin. The user can specify these passwords in the same file that contains the administration user password. If the password-file is not specified with the command, then user will be prompted for the password.

The wadm communicates with the Administration Server through SSL if SSL is enabled on Administration Server. The Certificate passed by the Administration Server will be verified against the truststore (~/.wadmtruststore). If the certificate exists and is valid, the command proceeds normally. Otherwise, wadm displays the certificate and gives the user the choice of accepting it. If the user accepts it, the certificate will be added to the truststore and the command will proceed normally.


Note –

truststore need not be password protected since it does not contain any sensitive data.


Resetting the Administration Password

Open a command prompt terminal and navigate to install-root/bin/wadm directory and type the following command to reset the password:

./wadm reset-admin-password.

You will be prompted to type the new admin password. Type the password again to confirm. Restart the server in order for the password to take effect. Then use the new password to login to the server.


Note –

While changing the password using set-admin-prop command you must restart the Administration Server from install-root/admin-server/bin/restart directory. Do not use restart-admin command to restart the server.


CLI Scripts

install-root/samples/admin/scripts directory contains scripts that you can run using the wadm command line utility. wadm is built on a TCLengine and hence supports TCL scripting. These scripts can be used to perform common administrative tasks. They also demonstrate how new utilities can be built on top of existing commands.

The following table describes the scripts:

Table 1–1 Sample CLI Scripts

Script 

Description 

Usage 

enable-ssl.tcl

Enables SSL on a given virtual server and port. 

wadm -f enable-ssl.tcl <config> <vs> <server> <port>

filter-mime.tcl

Fetches the matching MIME types from the given configuration and virtual server. 

wadm -f filter-mime.tcl "<regex>" <config> <vs>

remove-mime.tcl

Removes the matching MIME types from the given configuration and virtual server. 

wadm -f remove-mime.tcl "<regex>" <config> <vs>

add-mime-ext.tcl

Adds the specified extension to the matching MIME types in the given configuration and virtual server. 

wadm -f add-mime-ext.tcl "<regex>" "ext" <config> <vs>

summary.tcl

Provides a summary of the installation. It contains list of listeners, ports, and SSL status. 

wadm -f summary.tcl

list-webapps.tcl

Provides a summary of all the deployed web applications. 

wadm -f list-webapps.tcl

collate-logs.tcl

Provides a collated logs across multiple nodes. 

wadm -f collate-logs.tcl <config> <node1> <node2> ..

renew-selfsigned-cert.tcl

Enables renewal of self-signed certificates with a given nickname 

wadm -f renew-selfsigned-cert.tcl <config> <cert-nickname> [<validity>]

Understanding Web Server 7.0

Web Server includes a new administration framework that provides enhanced distributed management across servers in a server farm. Robust administration capabilities enable Web Servers to be managed and deployed remotely using both graphical and command-line interfaces. Servers can be managed on a central location in a server farm and distributed to one or more nodes to create server instances. Monitoring and lifecycle management of these server instances are also provided.

Web Server is configured to enable you to turn various features on or off, determine how to respond to individual client requests, and write programs that run on and interact with the server’s operation. The instructions (called directives) that identifies these options are stored in configuration files. Web Server 7.0.9 reads the configuration files on startup and during client requests to map your choices with the desired server activity.

For more information about these files, see the Web Server 7.0.9 Administrator’s Configuration File Reference Guide.

In Web Server 7.0.9 all configurable elements of a server instance like web applications, configuration files, and search collection indexes are logically grouped and termed as a Configuration. A Configuration can be created, modified or deleted using CLI or the web based administration interface. You can manage more then one Configuration at a time. The term Configuration also refers to the set of metadata that configures the runtime services of the server. For example, a runtime service serves web pages from a configured document root. The configuration metadata is used by the server runtime to load built-in services, third party plug-ins and setup other server extensions such as database drivers for serving web pages and dynamic web applications.


Note –

All the Configuration related files are stored in a repository in your file system called as Configuration Store. You must refrain from manually editing any of the files in this repository unless explicitly specified in this guide.

In Web Server, any change to the Configuration using the CLI or through the web-based administration interface is first made to the Configuration Store and then the Configuration is deployed. Consequently the changes are copied to the instance directory. When a web application is deployed it gets deployed under:


<install-dir>/admin-server/config-store/<config_name>/web-app/<virtual_servername>/

When you deploy a configuration, the entire web application directory and configuration directory under config-store is zipped up and copied to the server instance directory. This file is the current.zip file under:


<install-dir>/admin-server/config-store/<config_name>

Depending on the size of the web application, deploying a selected configuration might take some time to complete.


The following figure shows a schematic diagram of how Configurations are deployed to Administration Nodes:

Web Server 7.0.9

When you deploy a Configuration to a Node (Network resource, such as server or a host), an Instance of that Configuration is created. The instance contains log files and other runtime files such as lock databases, caches and temporary files that are required by the instance. You can manage these instances through the CLI or web based administration interface.

Instances can also span across one or more nodes to form a Cluster. All nodes that form a cluster must have identical configuration and be homogeneous. They must have the same operating system, be identically configured, and offer the same services.

One node in the server farm has a server running on which the administration application is deployed. This specially configured server is called the Administration Server and the administration application that is deployed is the web-based Administration Console. You use the Administration Console to control the lifecycle of server instances.

The Administration Server controls the actions of other servers in that node called as Administration Nodes. An administration node does not provide a GUI interface. One node in the server farm has the Administration Server installed. All other nodes in the server farm have Administration Nodes installed. An administration Node is registered with an Administration Server upon installation. This action will make the Administration Server aware of that Administration Node.

The Administration server and the administration node always communicate over SSL. The Administration Server and Administration Node authenticate each other by the Administration Server trusting the Administration Node's server certificate and the Administration Node trusting the client certificate presented by the Administration Server. During registration of an Administration Node, the Administration Server will generate a server certificate for that Administration Node, which is then downloaded and installed on the Administration Node. The issuer of the server certificate is also installed on the Administration Node.