|Previous Contents Index DocHome Next|
|iPlanet Web proxy Server 3.6 Administrator's Guide - NT Version|
Chapter 5 Configuring Server Preferences
This chapter describes the proxy server's system settings and tells you how to configure them. System settings affect the entire proxy server. They include options such as the user account the proxy server uses and the port to which it listens.
For directions on starting and stopping the server, see Starting and Stopping the Proxy Server.
Starting and Stopping the Proxy Server
There are several methods by which you can start and stop your proxy server. One of these methods is to use the Server On/Off form in the Server Manager. Other methods for starting and stopping your proxy server are discussed in Chapter 2 "Starting the Administration and Proxy Servers ."
To use the Server On/Off form to start or stop the proxy server,
From the Server Manager, choose Server Preferences|On/Off.
Click the Server On or Server Off button.
Viewing Server Settings
During installation, you configure some settings for your proxy server. You can view these and other system settings from the Server Manager. The View Server Settings form lists all of the settings for your proxy server. This form also tells you if you have unsaved and unapplied changes, in which case you should save the changes and restart the proxy server so it can begin using the new configurations.
There are two types of settings, technical and content. The proxy server's technical settings come from the magnus.conf file, and the content settings come from the obj.conf file. These files are located in the server root directory in the subdirectory called admserv/proxy-id. For more information about the magnus.conf file and obj.conf files, see Appendix C, "Proxy Configuration Files."
To view the settings for your server, in the Server Manager, choose Server Preferences|View Server Settings. This list explains the server's technical settings:
Server Root is the directory where the server binaries are kept. You first specified this directory during installation.The server's content settings depend on how you've configured your server. Typically, the proxy lists all templates, URL mappings, and access control. For individual templates, this form lists the template name, its regular expression, and the settings for the template (such as cache settings).
Restoring and Viewing Backup Configuration Files
You can view or restore a backup copy of your configuration files (magnus.conf, obj.conf, bu.conf, mime.types, and genwork.proxy-id.acl). This feature lets you go to a previous configuration if you're having trouble with your current configuration. For example, if you make lots of changes to the proxy's configuration and then the proxy doesn't work the way you thought it should (for example, you denied access to a URL but the proxy will service the request), you can revert to a previous configuration and then redo your configuration changes.
To view a previous configuration,
From the Server Manager, choose Server Preferences|Restore Configuration. The Restore Configuration form appears. The form lists all of the previous configurations ordered by date and time.To restore a backup copy of your configuration files,
Click the View button for the version you want to display. A listing of the technical and content settings in that configuration appears.
From the Server Manager, choose Server Preferences|Restore Configuration.You can also set the number of backups displayed on the Restore Configuration form. To set the number of backups displayed,
Click Restore for the version you want to restore.
- If you want to restore all files to their state at a particular time, click the Restore to time button on the left-most column of the table (time being the date and time to which you want to restore).
In the Server Manager, choose Server Preferences|Restore Configuration.
In the "Set number of sets of backups" field, enter the number of backups you want to display.
Click the Change button.
Changing System Specifics
The System Specifics form lets you set up or change the basic aspects of your server. The form allows you to change the server port, server user, authentication password, and proxy timeout for your proxy server. It also allows you to enable DNS, ICP and proxy arrays. You can also enable or disable DNS from the System Specifics form.
To change the system specifics options,
In the Server Manager, choose System Settings|System Specifics.Make sure you save and apply the changes.
The System Specifics form appears. Change the options as needed, and then click OK. The options are described in the following sections.
The server port specifies the number of the TCP port to which the proxy listens. The number you choose is used by proxy users when configuring their web browsers to use the proxy server. Users must specify this server name and port number to get access through the proxy server.
The standard Telnet port number is 23, and the standard HTTP port number is 80. Because the proxy is not a regular HTTP server, you shouldn't use port 80. Proxies haven't been assigned an official, industry-standard port number.
A recommended proxy port number is 8080. When configuring client programs to use this proxy server, you have to tell them both the host name and the port number. For example, you would use this line in the proxy preferences dialog box in Netscape Navigator:
If you aren't sure if the port number you plan to use is available, check in the /etc/services file on the server machine. Technically, the proxy port number can be any port from 1 to 65535.
- proxy.iplanet.com 8080
The server user is the user account that the proxy uses.The user name you enter as the proxy server user should already exist as a normal user account. When the server starts, it runs as if it were started by this user.
If you want to avoid creating a new user account, you can choose an account used by another HTTP server running on the same host.
The authentication password is the password for the server user account. This password can be up to 14 characters long and is case-sensitive. When changing this password, you will need to enter it twice.
A Domain Name Service (DNS) restores IP addresses into host names. When a web browser connects to your server, the server gets only the client's IP address, for example, 188.8.131.52. The server does not have the host name information, such as www1.iplanet.com. For access logging and access control, the server can resolve the IP address into a host name. On the System Specifics form, you can tell the server whether or not to resolve IP addresses into host names.
The Internet Cache Protocol (ICP) is a message-passing protocol that enables caches to communicate with one another. Caches can use ICP to send queries and replies about the existence of cached URLs and about the best locations from which to retrieve those URLs. You can enable ICP on the System Specifics form. For more information on ICP, see "Routing Through ICP Neighborhoods" on page 121.
A proxy array is an array of proxies serving as one cache for the purposes of distributed caching. If you enable the proxy array option on the System Specifics form, that means that the proxy server you are configuring is a member of a proxy array, and that all other members in the array are its siblings. For more information on using proxy arrays, see "Routing through Proxy Arrays" on page 109.
A parent array is a proxy array that a proxy or proxy array routes through. So, if a proxy routes through an upstream proxy array before accessing a remote server, the upstream proxy array is considered the parent array. For more information on using parent arrays with your proxy server, see "Routing Through a Parent Array" on page 120.
Remote access allows sites that are connected to the Internet via a modem to put a proxy server between their internal networks and the Internet. The proxy server must be running on an NT server that is connected to the Internet via a modem and has an installed and configured RAS server running on it. For more information on configuring remote access, see "Client Autoconfiguration" on page 69.
Java IP Address Checking
To maintain your network's security, your client may have a feature that restricts access to only certain IP addresses. So that your clients can use this feature, the proxy server provides support for Java IP Address Checking. This support enables your clients to query the proxy server for the IP address used to retrieve a resource. When this feature is enabled, a client can request that the proxy server send the IP address of the origin server, and the proxy server will attach the IP address in a header. Once the client knows the IP address of the origin server, it can explicitly specify that the same IP address be used for future connections.
The proxy timeout is the maximum time between successive network data packets from the remote server before the proxy server times out the request. This value applies regardless of whether the client is connected. A reasonable proxy timeout value is between 0.5 and 3 minutes.
Creating MIME Types
A MIME (Multi-Purpose Internet Mail Extension) type is a standard for multimedia e-mail and messaging. So that you can filter files depending on their MIME type, the proxy server provides a form that lets you create new MIME types for use with your server. The proxy adds the new types to the mime.types file (described on page 206). See "Filtering by MIME Type" on page 135 for more information on blocking files based on MIME types.
To add a MIME type,
In the Server Manager, choose System Settings|MIME Types.
The form that appears shows all the MIME types listed in the proxy's mime.types file.
You can edit any MIME type by clicking the link for any part of the MIME type.The form that appears is blank if you're creating a new type, or it displays the MIME type you want to edit.
- The fields on this form are:
Type is the category of MIME type. This can be type, enc, or lang, where type is the file or application type, enc is the encoding used for compression, and lang is the language encoding.Click OK to submit the form. Save and apply your changes.
MIME Type defines the content type that appears in the HTTP header. The receiving client (such as Netscape Navigator) uses the header string to determine how to handle the file (for example, by starting a separate application or using a plug-in application). The standard strings are listed in RFC 1521.
File Suffix refers to the file extensions that map to the MIME type. To specify more than one extension, separate the entries with a comma. The file extensions should be unique. That is, you shouldn't map one file extension to two MIME types.
Previous Contents Index DocHome Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated March 28, 2001