test

Sun Java System Web Server 6.1 2005Q4 SP5 Release Notes

Security

The following table lists the known issues in Security.

Table 18 Known Issues in Security

Problem ID 

Description 

4898077 

Enable SSL, inconsistent behavior between HttpServerAdmin and iWS console. 

Workaround: Use the following Syntax:

HttpServerAdmin create -l -id <id> -ip <ip> -port <port> -sname serverName -defaultvs <defaultvs> [-cert <certificate name>] [-sec <on|off>] [-acct <#accthreads>] -d server_root -sinst http_instance

Note: Do not use `true|false' or `1|0' or `yes|no' for the -sec option, use `on|off' instead. 

4671445 

Sun Java System Web Server cannot connect to an LDAP server over SSL if LDAP client authentication is required. 

If Sun Java System Web Server contacts an LDAP server that requires client authentication (in this case, the Web Server is the client), the Web Server’s certificate cannot be sent and access will fail. 

4863599 

Cannot use the same group name under different organizational units. 

If the same group name is used, and you try to restrict access with the group name, Sun Java System Web Server returns an error when clients try to access the site. 

Workaround: Use a different group name for each organizational unit.

4963468 

In some circumstances, the `list' right has no effect on directory listing. 

According to Chapter 9 of the Sun Java System Web Server 6.1 Administrator’s Guide, the `list' right is required to obtain directory listings from directories that do not contain an index file. However, in certain circumstances it is possible to obtain a directory listing, even if the applicable ACLs deny the list right. For this reason, if you need to restrict directory indexing, it is recommended that you do so by disabling indexing, as discussed in Chapter 16 of the Sun Java System Web Server 6.1 Administrator’s Guide, instead of (or in addition to) denying the list right.

6310956 

6298215 

When LDAP drops the connection because of inactivity (for example, timeout set on the LDAP), Web Server is unable to re-initialize the connection to LDAP. This only occurs when Web Server is installed as part of the JES3/JES4 install, the problem is not present with standalone (file-based) installation.  

Workaround:

  1. Copy the library libldap50.so from the file-based install of Web Server and paste it to the following location in your current setup: /opt/SUNWwbsvr/bin/https/lib

  2. Restart the Web Server.