Sun Java System Web Server 6.1 SP10 Release Notes

Sun Java System Web Server Release Notes

Sun JavaTM System Web Server6.1 SP10 (hereafter referred to as Web Server 6.1 SP10) contains important security vulnerability fixes. All users of Sun Java System Web Server, especially those with sites that use Secure Sockets Layer (SSL) or Transport Layer Security (TLS), are strongly encouraged to install this service pack. This release also provides support for the HP-UX and AIX platforms.

These release notes contain important information available at the time of release of Sun Java System Web Server 6.1 SP10. It includes information about features and enhancements, known problems, technical notes, and pointers to additional resources. Review the release notes prior to installing and configuring your server, and then periodically thereafter for the most up-to-date information.

The complete Sun Java System Web Server 6.1 documentation is available at

These release notes contain the following sections:

Features and Enhancements

Sun Java System Web Server 6.1 provides the following features and enhancements:

Java Servlet 2.3 and JavaServer Pages (JSP) 1.2 Support

Sun Java System Web Server 6.1 includes a Java 2 Platform, Enterprise Edition (J2EETM) compliant implementation of the Java Servlet 2.3 and JavaServer PagesTM (JSPTM) 1.2 technology specifications. A J2EE compliant web container provides the flexibility and reliability needed to design and deploy web applications that comply with Java technology standards. Web applications can be deployed on a per virtual server basis.

For information about these technologies, see the following resources:

For information about developing Servlets and JavaServer Pages, see Sun Java System Web Server 6.1 SP10 Programmer’s Guide to Web Applications.

J2SE Platform 1.5 JDK Support

The Java 2 Platform Standard Edition (J2SETM) 1.5 is packaged with Sun Java System Web Server 6.1 SP10. The J2SE 1.4 has reached its End of Service Life (EOSL) and is hence deprecated. Therefore, when you upgrade or install your Web Server 6.1 SP10, the Java Development Kit JDKTM gets upgraded or installed automatically for the Solaris, Linux, and Windows platforms. For the HP-UX and AIX platforms, download the JDK from the respective platform vendors' web sites before installing the web server.

The 64-bit Solaris SPARC release of Sun Java System Web Server requires a 64-bit JDK. On all other platforms, a 32-bit JDK is required.

The web server has been certified with the following JDK versions:

J2SE Platform 1.6 JDK Support

Sun Java System Web Server 6.1 supports Java 2 Platform, Standard Edition (J2SE) 1.6, and has been certified with the following JDK versions:

WebDAV Support

Sun Java System Web Server 6.1 supports the Web-based Distributed Authoring and Versioning (WebDAV) protocol. WebDAV enables collaborative web publishing and has the following features:

WebDAV provides integrated support for content metadata, namespace management, and overwrite protection. These technologies combined with the many authoring tools that support WebDAV provide an ideal development platform for collaborative environments.

NSAPI Filters Support

Sun Java System Web Server 6.1 extends the NetscapeTM Server Application Programmer's Interface (NSAPI) to support NSAPI filters.

NSAPI filters enable the custom processing of HTTP request and response streams. This processing enabled a function to intercept and potentially modify the content presented to or generated by another function. For example, a plug-in could install a NSAPI filter to intercept a XML page generated by another plug-in's Server Application Function (SAF) and then transform that XML page into a HTML, XHTML, or WAP page appropriate for the client. Alternatively, a NSAPI filter could decompress data received from a client before presenting it to another plug-in.

For more information about NSAPI filters, see Sun Java System Web Server 6.1 SP10 NSAPI Programmer’s Guide.

HTTP Compression Support

Sun Java System Web Server 6.1 supports content compression. This compression enables you to increase the delivery speed to clients and serve higher content volumes without incurring a corresponding increase in hardware expenses. Content compression reduces content download time, a benefit most apparent to users of dial-up and high-traffic connections.

For more information, see Sun Java System Web Server 6.1 SP10 Administrator’s Guide.

Disabling HTTP PUT and DELETE

This section discusses on how to disable the PUT and DELETE options.

ProcedureTo Disable HTTP PUT and DELETE

  1. Access the Administration Console

  2. Select a server from the list of servers and click the Manage button.

  3. Click the Restrict Access link under the Preferences tab

  4. Select the Edit option from the drop-down list and click the OK button

  5. Select The entire server option from the method A table and click the Edit Access Control button

  6. Click the access rights (r-x--i) link under the Rights column

    Access Rights table appears at the bottom of the screen.

  7. Deselect the WRITE and DELETE options

  8. Click the Update button

  9. Click the Submit button

  10. Click the Apply link present at the top right of the screen and click the Apply Changes button to make the changes permanent

  11. Restart the server for changes to take effect

Search Engine Support

Sun Java System Web Server 6.1 supports a Java search engine that provides full-text search indexing and retrieval. The search feature enables you to search documents on the server and display results on a web page. Server administrators can create the indexes of documents and customize the search interface to meet user specific needs.

The default URL to access the search functionality is http://server-instance:port number/search

For example:


When the user goes to this URL, the Search page, a Java web application, is launched.

For detailed information about basic and advanced search feature, see the Online Help provided with the search engine. To access Online Help, click the Help link on the Search page. For more information, see Sun Java System Web Server 6.1 SP10 Administrator’s Guide.

Enhanced Security

Sun Java System Web Server 6.1 enables you to restrict access using flat file authentication through the Java Security Manager. Enabling the Security Manager feature can improve security by restricting the rights granted to your J2EE web applications. By default, the Security Manager feature is disabled when you install the product. To enable Security Manager, uncomment the following entries in the server.xml file:



where instance-dir is the path to the installation directory of this server instance.

For more information about server.xml, see Sun Java System Web Server 6.1 SP10 Administrator’s Configuration File Reference.

JNDI Support

Sun Java System Web Server 6.1 supports the Java Naming and Directory InterfaceTM (JNDI) API. JNDI provides seamless connectivity to heterogeneous enterprise naming and directory services.

JDBC Support

Sun Java System Web Server 6.1 includes the Java DataBase Connectivity (JDBCTM) software, and supports a wide range of industry-standard and customized JDBC drivers.

Sun Java Studio Enterprise Support

Sun Java System Web Server 6.1 supports Sun Java Studio Enterprise 8. Sun Java Studio technology is Sun's powerful and extensible integrated development environment (IDE) for Java technology developers. Sun Java Studio is based on the NetBeansTM software and is integrated with the Sun Java platform.

Sun Java Studio support is available on all platforms supported by Sun Java System Web Server 6.1. The plug-in for the web server can be obtained in the following ways:

Note –

Sun Java Studio 8 plug-in for Sun Java System Web Server 6.1 SP10 works only with a local web server, that is, the IDE and the web server must be installed on the same machine.

For information about using the web application features in Sun Java Studio 8, see Set the Sun Java System Web Server 6.1 SP10 instance as default, and follow the steps described in the tutorial.

Also, see the NetBeans tutorial at

For more information about Sun Java Studio 8, see

For additional developer resources, see Additional Sun Resources.

To Use Sun Java Studio Enterprise 8 for Debugging

Sun Java Studio Enterprise 8 can be used for remote debugging if you want to manually attach the IDE to a remote web server started in debug mode.

  1. Restart the server instance in the debug mode by using the Sun Java System Web Server Administration interface (Server Manager->JVM General->Debug Enabled).

  2. Note the JPDA port number.

  3. Start the IDE.

  4. Choose Debug->Start.

  5. Select the dt_socket method.

  6. Type the remote machine name and JPDA port number.

    Any breakpoint created in the IDE on Servlet source code of a deployed application becomes active.

Active Server Pages Support

Sun Java System Web Server 6.1 SP10 supports the Active Server Pages (ASP) specification through Sun Java System Active Server Pages version 4.0.1 (formerly Sun ChiliSoft ASP), version 4.0.2, and version 4.0.3. Active Server Pages software adds a secure and enterprise-grade ASP engine to the Sun Java System Web Server. Sun Java System Web Server 6.1 supports Sun Java System Active Server Pages 4.0.2 and 4.0.3 on the following platforms:

A license is not required for Sun Java System Active Server Pages if you are installing it to the Sun Java System Web Server. The Sun Java System Active Server Pages installer is available on the companion CD if you purchase the Sun Java System Web Server Media Kit, or you can download it from

Note the following:

PHP Compatibility

PHP: Hypertext Preprocessor (PHP) can be used with the Sun Java System Web Server using one of the three supported APIs; CGI, NSAPI, and FastCGI. PHP is a page scripting language available from the PHP group. The PHP group provides instructions on its Web site ( for configuring the PHP software to use any of these APIs:

Note –

Instead of using PHP_FCGI_CHILDREN, use the FastCGI add-on configuration parameter min-procs to control the minimum number of PHP processes.

NSS and NSPR Support

Sun Java System Web Server 6.1 supports NSS. The version of NSS included in this version of web server is (for both 32–bit and 64-bit). NSS is a set of libraries that support cross-platform development of security-enabled server applications. Sun Java System Web Server 6.1 SP10 also includes NSPR 4.7.

JES shared component patches and NSS patches should be installed first, before installing web server patch.

While upgrading JES version of web server, for example, from 6.1 SP5 to SP10, installing only SP10 patch of web server is sufficient, as web server patches are cumulative.

If you are upgrading from a previous package-based version of Java Enterprise System (Java ES) to Sun Java System Web Server 6.1 SP10, install the following NSS patches:

Note –

NSS patch 125358-xx for Solaris Sparc 8/9/10 should not be applied in this case as, this patch is not applicable for Java Enterprise System (Java ES) which bundles Sun Java System Web Server 6.1 Service Packs.

Enhanced Hardware Accelerator Encryption Support

Sun Java System Web Server 6.1 provides hardware accelerator support for SunTM Crypto Accelerator 500, 1000, 4000 and 6000 boards, which enhance the performance of SSL on web server.

Note –

Initialize the Sun Crypto Accelerator card when using with web server. For more information about Sun Crypto Accelerator, see Sun Crypto Accelerator 6000 Board Version 1.1 User's Guide at

64-bit Support

To complement the existing support to 32-bit Solaris SPARC, Sun Java System Web Server 6.1 SP10 also supports 64-bit Solaris SPARC.

The 64-bit release may be of use in certain memory-intensive deployments as it enables administrators to configure a larger file cache and Java heap than the 32-bit release. However, existing plug-ins are not compatible with the 64-bit release. These plug-ins have to be recompiled for the 64-bit release by the plug-in vendor. Java web applications that use native, and non-Java libraries should also be recompiled. Therefore, you might prefer to deploy the 32-bit release of Sun Java System Web Server.

Sun Java System Web Server 6.1 SP10 also provides 64-bit support for FastCGI, Reverse Proxy, and Java Web Services Developer Pack (JWSDP) plug-ins.

The 64-bit release is compatible with 64-bit Solaris kernels on UltraSPARC® processors. The 64-bit release cannot be used on x86 processors or with32-bit Solaris kernels. The 32-bit release continues to be compatible with both 32-bit and 64-bit Solaris kernels.

Note –

The 64-bit and 32-bit releases of Sun Java System Web Server are packaged and distributed separately. You cannot upgrade an existing 32-bit Sun Java System Web Server installation to a 64-bit installation. You can distinguish the 32-bit and 64-bit releases by the version string that is displayed in the installer, at server startup, and in the server errors log as follows:


Version String 


Sun ONE Web Server 6.1SP10 


Sun ONE Web Server 6.1SP10 (64-Bit) 

Solaris PKCS #11 Support

For web server's SSL subsystem (NSS) to use external PKCS#11 tokens, you have to configure NSS with the modutil command to make it aware of the tokens. The Solaris libpkcs11 softtoken is a PKCS#11 compliant token which can be used with NSS. As an additional benefit on UltraSPARC-T1, systems using the Solaris 10 libpkcs11 task will make use of the platform crypto acceleration support.

Run the modutil command without any arguments for usage information. For example, to add the Solaris 10 libpkcs11 task as a PKCS11 token in NSS.

  1. Ensure that SSL support has been initialized for the web server instances.

  2. Run the following command:

    % modutil -dbdir $ALIASDIR -dbprefix $PREFIX -add libpkcs -libfile /usr/lib/ -mechanisms RSA


    • $ALIASDIR is the path to the alias directory in the install root where the NSS database files are located.

    • $PREFIX is the prefix used by the key3 and cer8 database files in the alias directory and is of the form https-$INSTANCENAME-.

    The -mechanisms flag makes this token the preferred initial provider for the given algorithms.

  3. Run the modutil command without any arguments for a list of all possible mechanisms.

  4. Initialize the libpkcs11 provider's password with pktool.

    % pktool setpin

    For further details on configuring NSS, see the libpkcs11(3LIB), pkcs11_softtoken(5), and pktool(1) man pages. For more information about modutil, see

Localized Version Support

If you are using a localized version of Sun Java System Web Server 6.1x, you can take advantage of the existing localization features by installing Sun Java System Web Server 6.1 SP10 over the existing server. Sun Java System Web Server 6.1 SP10 is available in Japanese, Simplified and Traditional Chinese, French, Spanish, German, and Korean.

Supported Platforms

Sun Java System Web Server 6.1 SP10 can be installed on the Solaris, HP-UX, AIX, Linux, and Windows platforms. For more information about installation requirements, see Required Patches in these release notes and Sun Java System Web Server 6.1 SP10 Installation and Migration Guide. The following table summarizes the supported platforms.

Note –

HP-UX 11i is supported only on PA-RISC platforms.

Table 1 Sun Java System Web Server 6.1 SP10 Supported Platforms



Operating System 

Minimum Required Memory 

Recommended Memory 

Recommended Disk Space 



AIX * 5.2, 5.3 

64 MB 

192 MB 

256 MB 


PA-RISC 2.0 

HP-UX 11.11 

64 MB 

192 MB 

256 MB 



Windows 2000 Professional 

Windows 2000 Server 

Windows 2000 Advanced Server (SP4 or above) 

Windows XP Professional (SP2 or above) 

Windows Server 2003 Enterprise Edition (32–bit) R2 (SP1 or above) 

64 MB 

192 MB 

256 MB 



Solaris 8, 9, 10 

64 MB 

192 MB 

256 MB 


SPARC** (64-bit) 

Solaris 10 

64 MB 

192 MB 

256 MB 


SPARC**, x86  

Trusted Solaris 8 (Professional Services Engagement)***  

64 MB 

192 MB 

256 MB 



Solaris 9, 10 

64 MB 

192 MB 

256 MB 



Sun Linux 5.0 (Deprecated)**** 

64 MB 

192 MB 

256 MB 



Red Hat Linux Advanced Server 2.1 

  • Linux kernel 2.4.9-e.3smp

  • glibc-2.2.4-26

  • ncurses-4-5.0-5

You may also create a symbolic link from to, although we recommend that you install ncurses4-5.0-5.i386.rpm.

Red Hat Enterprise Linux 3.0 update 1 

  • uname -r: 2.4.21-9.ELsmp

Red Hat Advanced Server 4.0 

SuSE Linux Enterprise 9.0 

64 MB 

192 MB 

256 MB 

* AIX 5.1 is dropped. It was deprecated since Sun Java System Web Server 6.1 SP5.

** As of iPlanet Sun Java System Web Server 6.0, older SPARC CPUs are not supported. Sun Java System Web Server 6.1 continues to support the UltraSPARC architecture.

*** Sun or Sun Partner Advantage professional services highly recommended.

**** Support for Sun Linux 5.0 is deprecated and will be removed in the next release of the Sun Java System Web Server.

For better performance and support, migrate your web server to a supported operating system.

Note –

For a Solaris installation, Sun Java System Web Server (SP5 onwards) supports Global Zone with Sparse Root Zone and Whole Root Zone.

Required Patches

Make sure to update your operating system with the latest applicable patches.

Note –

To upgrade from Java ES 4 to Sun Java System Web Server 6.1 SP10, you should add the security patches along with the web server patches.

Solaris Patches

Solaris users must have the Sun recommended patch cluster installed. For more details, see

Solaris 8 Release (SPARC)

Solaris Release 9 (SPARC and x86)

HP-UX Patches

The following HP-UX patches are required for Sun Java System Web Server 6.1 SP10.

HP-UX 11i

AIX Patches

The following AIX patches are required for Sun Java System Web Server 6.1 SP10.

AIX 5.2

If you have deployed Java web applications on the web server, set the following environment variables to the values specified below (as per the IBM JDK documentation) before starting the server:

You can directly add the above code line to the web server start script.

AIX 5.3

AIX 5.3 Technology Level 6 SP5

When you upgrade from AIX version 5.3 to AIX version 5.3 Technology Level 6 SP5, apply the following patch so that the control returns to the command-line prompt when you start the administration server/instance server.

AIX 5.3 Technology Level 7 SP2

When you upgrade from AIX version 5.3 to AIX version 5.3 Technology Level 7 SP2, apply the following patch so that the control returns to the command-line prompt when you start the administration server/instance server.

Supported Browsers

The following browsers are supported with Sun Java System Web Server 6.1 Administration Graphical User Interface (GUI):

Mozilla 1.7 or later  

Firefox 1.0.4 or 1.5 or later 

NetscapeNavigatorTM 7.0 or later

Microsoft Internet Explorer 6 and 7 

Impact of US DST Changes 2007

Daylight Savings Time (DST) will start in U.S.A from the second Sunday of March and end on the first Sunday of November. This will impact the date and time rules of the operating system and JDK/JRE.

To make sure that log files contain the correct time in US time zones, and that Administration Server and Java Web Applications are not impacted by this change, download and use the appropriate operating system patches. You can download the Solaris patches from

For other platforms, download similar DST compatible patches from operating system vendor's web site.

Sun Java System Web Server 6.1 SP10 packages DST compatible JDK 1.5.0_16 on the Solaris, Windows, and Linux Platforms. Sun Java System Web Server 6.1 SP10, however, does not package JDK on HP-UX and AIX platforms. For these two platforms, download the appropriate DST compatible JDK from the HP or IBM web sites, prior to Sun Java System Web Server 6.1 SP10 installation. JDK versions for the supported platforms are as follows:

Solaris (SPARC, x86, and AMD64): 1.5.0_16 

Windows: 1.5.0_16 

Linux: 1.5.0_16 


AIX: 1.5.0 pap32dev-20080315 (SR7) 

Deprecated or Modified Public Interfaces in Sun Java System Web Server 6.1

The following public interfaces in Sun Java System Web Server 6.1 may be deprecated or modified in non-compatible ways in a future web server release. These interfaces remains unchanged within the Sun Java System Web Server 6.1 product. Scripts that rely on these interfaces may have to be updated to function with future web server releases.

Table 2 Deprecated or Modified Public Interfaces

Configuration File or Utility 



Modified. Some functionality might be moved to other files. 


Modified. Schema and functionality might be modified. 


Deprecated. Functionality might be moved to other files. 


Deprecated. This file may be eliminated and functionality might be moved to other files. 


Deprecated. This file may be eliminated; functionality might be moved to other files. 

file layout 

Modified. The configuration file structure might be modified. 

start, stop, restart, and rotate scripts 

Modified. The names and/or locations of these utilities might change. 

wdeploy application

Deprecated. This utility may be eliminated and functionality might be integrated with other management utilities. 

Installation, Upgrade, and Migration Notes

This section includes notes about installing, upgrading, and migrating your Sun Java System Web Server. For detailed information about these topics, refer the Sun Java System Web Server 6.1 SP10 Installation and Migration Guide. For known issues in this release of Sun Java System Web Server, see Known Issues.

Installation notes

Note the following cautions:


When you install Sun Java System Web Server 6.1 SP10 over an existing installation of Sun Java System Web Server, the installer automatically carries out the upgrade.

If you have Sun ONE Web Server 6.1 SP1 installed, point the Sun Java System Web Server 6.1 SP10 installer to the location of the 6.1 SP1 installation and then upgrade.

If you have the Sun Java Enterprise System 1 installed on your system and you want to upgrade the Sun ONE Web Server 6.1 that is part of Sun Java Enterprise System 1 to Sun Java System Web Server 6.1 SP10, refer the Sun Java Enterprise System 2004Q2 Installation Guide.


Direct migration from a version of iPlanet TM Web Server earlier than 4.1 to Sun Java System Web Server 6.1 SP10 is not supported. You must first migrate your legacy server to iPlanet Web Server 4.1, and then to Sun Java System Web Server 6.1 SP10.

For detailed migration information, see Sun Java System Web Server 6.1 SP10 Installation and Migration Guide. This guide contains information about migrating from version 4.1 to 6.1 and from version 6.0 to 6.1.

Product Documentation

Sun Java System Web Server 6.1 SP10 includes a complete set of product documentation at

Note –

The Sun Java System Web Server 6.1 SP10 release notes is published at:–5627.

Sun Java System Web Server manuals are available as online files in PDF and HTML formats. The following table lists the tasks and concepts described in each manual.

Table 3 Sun Java System Web Server Documentation Roadmap



Late-breaking information about the software and documentation 

Sun Java System Web Server 6.1 SP10 Release Notes

Getting started with Sun Java System Web Server, including hands-on exercises that introduce server basics and features recommended for first-time users. 

Sun Java System Web Server 6.1 SP10 Getting Started Guide

Performing installation and migration tasks: 

  • Installing Sun Java System Web Server and its various components, supported platforms, and environments

  • Migrating from a previous version of Sun Java System Web Server

Sun Java System Web Server 6.1 SP10 Installation and Migration Guide

The guide can also be accessed from your Web Server installation: server-root/manual/https/ig/

Performing the following administration tasks: 

  • Using the Administration and command-line interfaces

  • Configuring server preferences

  • Using server instances

  • Monitoring and logging server activity

  • Using certificates and public key cryptography to secure the server

  • Configuring access control to secure the server

  • Using Java 2 Platform, Enterprise Edition (J2EE platform) security features

  • Deploying applications

  • Managing virtual servers

  • Defining server workload and sizing the system to meet performance needs

  • Searching the contents and attributes of server documents, and creating a text search interface

  • Configuring the server for content compression

  • Configuring the server for Web publishing and content authoring using WebDAV

Sun Java System Web Server 6.1 SP10 Administrator’s Guide

The guide can also be accessed from your web server installation: server-root/manual/https/ag/

Using programming technologies and APIs to do the following: 

  • Extend and modify Sun Java System Web Server

  • Dynamically generate content in response to client requests

  • Modify the content of the server

Sun Java System Web Server 6.1 SP10 Programmer’s Guide

Creating custom Netscape Server Application Programmer’s Interface (NSAPI) plug-ins 

Sun Java System Web Server 6.1 SP10 NSAPI Programmer’s Guide

Implementing Servlets and JavaServer Pages (JSP) technology in Sun Java System Web Server 

Sun Java System Web Server 6.1 SP10 Programmer’s Guide to Web Applications

Editing configuration files 

Sun Java System Web Server 6.1 SP10 Administrator’s Configuration File Reference

Tuning Sun Java System Web Server to optimize performance 

Sun Java System Web Server 6.1 SP10 Performance Tuning, Sizing, and Scaling Guide

FastCGI plug-in information 

Sun Java System Web Server 6.1 SP10 FastCGI Plug-in Release Notes

Reverse Proxy plug-in information 

Sun Java System Web Server 6.1 SP10 Reverse Proxy Plug-in Release Notes

Accessibility Features for People With Disabilities

To obtain accessibility features that have been released since the publishing of this media, consult Section 508 product assessments available from Sun upon request to determine which versions are best suited for deploying accessible solutions. Updated versions of applications can be found at For information on Sun's commitment to accessibility, see

Resolved Issues

This section lists the most important issues fixed in the following releases:

Issues Resolved in 6.1 SP10

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP10.

Table 4 Issues Resolved in Sun Java System Web Server 6.1 SP10

Problem ID 



Search fails with an error, when html document has a title containing characters like A & B. 


At present, Sun Java System Web Server 6.1 bundles JDK 1.4.2 on Solaris, Windows, and Linux platforms. Due to End of Licence (EOL) of JDK 1.4.2, the bundled JDK has to be upgraded to the latest JDK 1.5.x. 


Admin security program will not work after you apply the latest patch 116648-21 for Sun Java System Web Server 6.1SP9, if you do not apply NSS patch 119209-17 first.  


Searched string is not highlighted in the search result page, if indexed document does not have a title. 


Integrate the latest NSS/NSPR version into Sun Java System Web Server 6.1_sp10. 


The scheduler based cron log rotation of Sun Java System Web Server 6.1 stops on Saturday night. 


SNMP is broken with default tcp_hiwat setting on Solaris 10. 


When you disable .htaccess in one virtual class, the other virtual class with .htaccess will also fail. 


When a browser requests gzip compressed result, and when the response is sent through servlet-cache-filter, the response header does not indicate that the data was compressed (although the data was compressed), causing browsers to fail.  


ACL evaluation when using Client tags is different depending on the order of requests. 


The filter 'http-compression' used to compress outgoing content lacks documentation in Sun Java System Web Server 6.1, Administrator's Configuration File Reference Guide.  


filebuf_open_nostat () behaves different for Unix and Windows. On Windows, filebuf_open_nostat () is broken, if file size is zero, while it works on Unix.  


Upgrading to Sun Java System Web Server 6.1 SP10 fails to update searchadmin script for nutch filter related details. 

Issues Resolved in 6.1 SP9

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP9.

Table 5 Issues Resolved in Sun Java System Web Server 6.1 SP9

Problem ID 



The Web server should implement a timeout parameter for it's LDAP connections pool. 

When using LDAP Authentication, the web server does not respond, if the LDAP server is unresponsive when performing ldapsession bind and ldap search. Setting the timeout value in seconds in server_root/userdb/dbswitch.conf file will stop the web server being unresponsive and also stops waiting for the LDAP server. By default there is no timeout.

Sample dbswitch.conf:

default:binddn cn=Directory Manager
default:encoded bindpw YWRtaW5hZG1pbg==
default:timeout 60


FastCGI does not shutdown properly. 


The setContentLength(0) in a servlet/JSP does not work when value is greater than 0.


Improper error messages are displayed at time out. 


Memory leak in LDAP Session due to ldap_result().


Log level does not display the appropriate message. 


The session-timeout value in web.xml is not getting precedence over sun-web.xml's timeout value.


Unable to install SSL server certificate with 99 years of validity. 


Sun Java System Web Server 6.1 is not supported for Windows 2003 SP2 and R2, 


Unable to run Sun Java System Web Server 6.1 scheduler in Java ES 4.


A particular PDF files are not recognized by the search engine. 


Web server uses anonymous bind to a Secure LDAP Server when setting up distributed Admin.  


Web server installation contains optimized and debug binaries of JDK. 


The Restricting Access to a File Type feature does not change the appropriate obj.conf file.


Web server stand alone bits should recognize if it is being used for an upgrade from a Java ES installed web server and should provide a warning message to the user. 


Server shutdown message is missing in errorlog file when Java is disabled globally.


Negative number is displayed in QueueSize of JDBC pool monitor.


Forwarding through RequestDispatcher fails for the first time when using the invoker servlet.


Incorrect handling of cookie value with single or double quote string. 


Crash in LDAP search . 


Post install script of web server does not handle the ABE case properly. 


The start script does not calculate the right value for libmtmalloc to load in Solaris 9


The file should be removed when the scheduler is stopped.


Removal of Sun Studio 10 from the /usr/dist/share directory causes build failure on Solaris Sparc 8,9 and 10.


The Cron log rotation creates invalid log archives with an instance name and sub string of another instance name. 


Cross-site scripting vulnerability in search. 


Need to provide the correct description and example for the client-ip tag.


Cross-site scripting vulnerability in advance search. 


Reverse Proxy Plug-in documentation should state that Application Server is supported. 


Steps to disable HTTP PUT and DELETE is not documented. 


Description on to use the new timeout parameter for LDAP Authentication should be put into the release notes. 


Web server start script does not return the prompt mode after starting the server on AIX. For more information, see AIX 5.3 Technology Level 6 SP5 and AIX 5.3 Technology Level 7 SP2.


Provide correct JDK version in the installation guide, which is bundled with the product. 


High CPU usage in Reverse Proxy Plugin - DaemonChannel::unchunk() 

Issues Resolved in 6.1 SP8

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP8.

Table 6 Issues Resolved in Sun Java System Web Server 6.1 SP8

Problem ID 



The wdeploy delete command follows symbolic links and deletes directories and its contents pointed by the symbolic link.


form-based authentication in a web application causes users to be logged out unexpectedly although the session should still be active.  


Need the ability to change the permissions of a directory, which is created using WebDAV. 


Fastcgistub dumps core when an instance is stopped after sending request for FastCGI Authorizer application.


Web server hangs with threads in a deadlock condition waiting for a lock owned by a NSS thread.  


If Access Manager is deployed on the web server, all versions of Sun Java System Web Server 6.1 crash on load.  


Need an option to have full URL or relative URL/URI in web server search web application. 


getParameterNames() does not return non-parameterized names in query string.


(Windows XP and Windows 2003): Unable to open the Sun Java System Web Server 6.1 SP7 release notes by clicking the Start->Programs->Sun ONE Web Server->Release Notes link. 


Web server Reverse Proxy Plug-in is not handling chunked data. 


The obj.conf file of a new virtual server class generated by the Admin Server contain errors.


Issue in the JDBC Connection Pool feature. 


Vulnerability with web server redirect functionality. 


response.sendRedirect() error if the redirect URL does not begin with a slash (/).


LDAP connection failure errors with Sun Java System Web Server 6.1 SP7. 


htaccess AuthGroupFile should support empty files as equivalent to not specifying the directive.


Sun Java System Web Server 6.1 SP7 crashes in on T2000 systems.


Update README, version string and license file for Sun Java System Web Server 6.1 SP8. 


Sun Java System Web Server 6.1 SP8 to be integrated with NSS 3.11.6 and NSPR 4.6.6. 


RPM specification and pkginfo file to be updated with the SP8 release and version number. 


UTF-7 cross site scripting vulnerability. 


Form authentication bypass and JSP source code disclosure vulnerability. 


Sun Java System Web Server 6.1 browser support should include Internet Explorer 7. 

Issues Resolved in 6.1 SP7

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP7.

Table 7 Issues Resolved in Sun Java System Web Server 6.1 SP7

Problem ID 



On UNIX: The watch dog process crashes on multiple CPUs machine during server shut down.  


While migrating from 4.1 to 6.1, the JAVA parameters are missing in the server.xml file.


Internal log rotation rotates the files twice if the system time is changed between two scheduled rotations. 


While migrating from 4.1 to 6.0, ktsearch.jar does not get migrated correctly on JES3.


A PUT request sent with the Transfer-encoding:chunked header along with a request body fails.


SNMP MIB's "Fraction of process memory in system memory" which is part of iws.mib, gives the wrong results when queried by the SNMP Manager.


In the French locale, Online Help links on the Search page lead to English pages.


When IWSSessionManager is used, invalidating a session does not call the sessionDestroyed() of HttpSessionListener.


Pragma and cache-control headers cause interoperability problems. 


zlib library throws an internal error.


The restart script fails when MaxProcs is greater than 1(one).


Unable to configure the Sun Java System Web Server to successfully run a JSP file that contains a jstl tag.


Need to support JNDI simple names for lookup in web applications for compatibility with the Application Server product. 


Cannot add pl file suffix for magnus-internal/cgi through the Administration GUI.


If a session attribute implements HttpSessionBindingListener, the session expires after the session time-out period regardless of whether the session object is accessed.


Administration server monitors the server statistics even if the Monitor Web Server Statistics option is disabled.


When a web application attempts to use an object inappropriately, it crashes the web server. 


Concurrent restart requests kill the web server processes.  


Images stored in the /ns-icons directory are not displayed properly in Internet Explorer.


On Windows: treatment of "\", the Japanese backslash mark (Yen) is different when a new CGI shell directory is created or edited. 


The restart script fails to restart the web server intermittently, causing the web server to hang. 


Incorrect URL in Sun Java System Web Server 6.0 SP10 and Sun Java System Web Server 6.1 SP5 Readme files.  


The cluster control functionality of Admin GUI hangs when a variable is added.  


The search page content has a mix of both English and other languages.  


Problem having server-parsed HTML and .htaccess with the restricted group option.


If the value of net_write SAF is three times more that the fragment size of the HTTP compression, a net_flush call does not flush all the data.


Search filter fails if the userid of a member belonging to a user group contains "," (comma). 


When a Servlet filter appends additional data to a response body generated by core, the server might crash if the size of the additional data is larger than the original response body. 


Security vulnerability in Sun Java System Web Server 6.1 sample applications.  


The ssl-check function does not work with NSAPI-based plug-in.


Server hangs on stop or restart when a connection is in the connection queue.  


Issues with revoked client certificates and CRL files under certain conditions. 


SNMP process leaks memory with each connection request. 


If the ObjectType fn="force-type" directive is removed from the obj.conf file, the server may crash when a request is made for multiple byte ranges.


LDAP server configuration fails with Sun Java System Web Server 6.1 SP5 64–bit version. 


If the URL to a web application contains URI parameters, it causes recursive redirection. 


On Windows: File handle is not released by the webservd process under certain conditions.


Sun Java System Web Server 6.1SP6 experiences high CPU in parseParameters().


Thread safety problems in the handling of some magnus.conf directives cause certain configurations to crash on startup.


watchdog can crash when ./start is executed before ./stop completes.


Display error with HTML page in <jsp:include> with tiles.


On Windows: Using hidden shared network drives as document directories results in Not Found error.


Signature DigestInfo parsing problems in NSS.


On Windows: Sun Java System Web Server (stand-alone) modifies the NSPR/NSS bits thereby breaking the FIPS mode.  


FIPS140 mode is broken in Sun Java System Web Server (stand-alone) due to missing .chk files.


The JDK shipped with Sun Java System Web Server 6.1SP6 is not compatible with 2007 Daylight Saving Time (DST) changes.  


Some keep-alive connections do not get closed after the specified time. 


SNMP master agent does not send traps when the web server instance's operational status changes. 


On HP-UX: Web Server crashes with + and JVMs. 


On HP-UX: Remove the packaged JDK for Sun Java System Web Server. 


Sun Java System Web Server 6.1 should be integrated with the latest NSS version for FIPS 140-2 compliancy. 


Low-latency/high concurrency mode sometimes does not get switched dynamically. 


On AIX: Remove the packaged JDK for Sun Java System Web Server. 


When the default log level is set to info, finer log messages are still being printed at server startup.


Server startup fails in Sun Java System Web Server 6.1 SP7 on the HP-UX platform when installed through express silent mode. 


The pkginfo file in the Solaris and RPM specification files points to the old service pack(SP5).

Issues Resolved in 6.1 SP6

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP6.

Table 8 Issues Resolved in Sun Java System Web Server 6.1 SP6

Problem ID 



WW_umask in the configuration is NULL in Solaris.



Windows 2003 mapped network drive not readable as a document root directory. 

Additional Information: To use a document root in a shared network resource, a UNC path has to be used, for example, //machine-name/shared-folder-name. A mapped drive letter like X: will not work as document root. You can specify the document root either manually in server.xml or through the Administration GUI by accessing Virtual Server Class->Content Management->Primary Content Directory.

For using a shared directory on UNIX, do the following: 

  1. Install SFU (Windows Services for UNIX) on the Windows machine where Sun Java System Web Server is installed.

  2. Map the Windows users and groups to UNIX users and groups through the SFU user interface shortcut under the Start menu.

    Note –

    While running web server, User Name Mapping Service (which is part of SFU) has to run.

When using a shared directory from another Windows machine, ensure that the password of the Administrator account on both the machines is the same, otherwise the service will not be able to access the network resource. 

Whether the shared directory is on UNIX or Windows, the service representing the instance server has to run as a particular user of Administrators group like ./Administrator rather than running it on the default local system account. Go to Control Panel->Administrative Tools->Services and make the changes in the Properties dialog box.


For HP-UX: Sun Java System Web Server sometimes returns the wrong last-modified header and date header. 


Searching of Users and Groups through the LDAP server using the Administration GUI fails. 


Sun Java System Web Server uses incorrect logic when processing the if-unmodified-since header.


Sun Java System Web Server returns the actual content with 412 code for requests that contains if-unmodified-since and range.


HttpServletResponse.reset() does not work as expected.


Crash in webapps/qa_app/jsp/encodedurlforwarder.


Multibyte characters in headers cannot be retrieved by req.getHeader().


By default, request headers are encoded using UTF-8 enc. You can customize request header encoding at the web application level by following these steps:

  1. Set the value of the configuration parameter use-requestenc-for-headers to any value such as yes, true, or on, in the web application's sun-web.xml.

    In the following example, request header encoding is enabled for the web application:

     <parameter-encoding form-hint-field="j_encoding">
     <property name="use-requestenc-for-headers" value="true" >
  2. Set the name of the character encoding in the application (JSP/Servlet) using request.setCharacterEncoding().


Redeploying the web application causes ownership changes on files.  


Updating JSP search collection creates new tmp files in the converted directory and fills up the disk space.


Internal error on accessing Administration Server.  


Administration GUI does not reflect the changes made to the access log path. 


makefiles need a cleanup in 6.1.


Buffer overflows when formatting installer error messages. 


Deadlock in keepalive subsystem caused by NSS blocking.


Administration password in plain text in a file readable by anyone. 

Workaround: Use either of these two workaround:

  • Delete the file .adminpasswd manually.

  • Change the permissions of the .adminpasswd file to 400.



Search indexing hangs on large .doc files.


  1. Add the following property within the SEARCH element.

      <PROPERTY name="conversionExtensions" Value="pdf,doc">
  2. Restart the server.

  3. Add .doc files to the collection.


The Administration Server of Sun Java System Web Server 6.1 does not change the id attribute in the USERDB tag.

Additional Information: To change the id attribute in the USERDB tag, use either of these two option:

  • Create one virtual server class file. Use this class file as template to create multiple virtual servers. In this case, most of the configuration defined by VS Class will be inherited by all virtual servers.

  • Create multiple virtual server class files within a server instance (https-localhost). Each of these virtual server class files can contain one or more virtual servers.


The MIME type file in Sun Java System Web Server binaries must include the StarOffice/OpenOffice MIME types.  


Cron log rotation on Windows can create invalid archive logs with a specific instance name. 


SNMP Master and Sub Agent startup fails. 


Problem with rewriting the special character `&' in server.xml.


Create symbol enabled builds for HP-UX (non-stripped). 


Sun Java System Web Server crashes on Linux when Init fn="stats-init" is present in magnus.conf.


After importing the 6th key to crypto, Sun Java System Web Server 6.0 displays an error: server not avail.


During a stress test on S1WS6.1SP5 SSL on SUSE Linux Enterprise Server 9 SP2, webservd has a memory leak.


Cannot set client trust or server trust on some built-in Certificate Authorities (CAs) for Sun Java System Web Server 6.1SP4/SP5. 


Sun Java System Web Server 6.1: Lock file conflict for multiple installations running on the same port but with different IP addresses.  


While updating a JSP search collection, updating a JSP file fails re-indexing. 


PDF files unable to be indexed with Sun Java System Web Server 6.1 search. This error occurs on HP-UX with OS patch PHSS_28871 installed. 


Servlet container UTF-8 URI mapping vulnerability. 


Integrate NSS 3.11.1 with Sun Java System Web Server 6.1 SP6. 


Using % in the jsp:param value fails in some circumstances.


Sun Java System Web Server has default limit for upload file size as 10 MB. 


htaccess not working in Sun Java System Web Server 6.1 SP5 for User Document Directories.


Sun Java System Web Server 6.1SP5 on Windows: Cron-based log rotation fails with garbage characters inside the scheduler.conf file.


Installing a CRL on Sun Java System Web Server 6.1SP4 (Windows) adds it to the CKLs section in the Administration GUI. 


With NSS 3.11.1, certificates with new critical extensions like PolicyConstraints mentioned in RFC3280 can be imported into the certificate database.


The SSL session was not timing out as expected when SSL3SessionTimeout or SSLSessionTimeout was configured to the user-defined value in magnus.conf. NSS 3.11.1 fixed the magnus.conf directives SSL3SessionTimeout and SSLSessionTimeout.

Issues Resolved in 6.1 SP5

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP5.

Table 9 Issues Resolved in Sun Java System Web Server 6.1 SP5

Problem ID 



NSFC buffer size should be configurable (64-Bit). 

Additional Information: Use the new BufferSize nsfc.conf directive to configure the size of the buffer used to transmit file contents on cache misses. The following directive can be added to nsfc.conf to increase the buffer size from its default of 8192 bytes to 16384 bytes: BufferSize=16384

Larger buffer size might result in improved throughput at the cost of increased latency and memory utilization. 


JES3 Web Server installation fails or core dumps if the Administration password contain shell meta characters such as ;, $, &, ^, *. (. ), |, <, >, ', `,”, \, and so on in the Administration password. 


Include -N linker option for HP-UX web server builds.


Input filter is called only for the first HTTP request when using Keep-Alive. All subsequent requests of the TCP connection are not being processed by the filter.


Global resources are not available to load-on-startup Servlets. 


Unable to migrate Sun Java System Web Server 6.0 SP7 instance to Sun Java System Web Server 6.1 SP2. 


Sun Java System Web Server migration should correctly update RootCerts.


JES Web Server 6.1 SP2 failed to index PDF version 1.5 (Acrobat 6.x) document for creating Search Collection.


Cross-site scripting vulnerability in a default error page. 


SSL: Data larger than 8k is huge when the request triggers new SSL handshake. 

Additional Information: By default, web server can upload files of sizes up to 1 MB (when client certificate authentication is optional). To upload files larger than 1 MB, increase SSLClientAuthDataLimit in the magnus.conf file. In case of simultaneous uploading of very large files, web server uses large amount of memory. To minimize memory utilization do any of the following actions:

  • If authentication is not required, turn off authentication.

  • If authentication is required, make it mandatory by setting require=1 in the obj.conf.

PathCheck fn="get-client-cert" dorequest="1" require="1"


.htaccess directive is broken.


acceptlanguage does not work for User Document Directories.


Internal-Daemon Log Rotation does not work for files larger than 2 GB. 


.htaccess fails to protect resources that do not have a corresponding file.


New NSS error codes are not being handled properly. 


Switching from HTTPS to HTTP causes generation of new session. 

Additional Information: Set the isSecure attribute of the session cookie for the web application under the cookie-properties to either true or false in the web application's sun-web.xml. The default value is true.

In the following example, isSecure is set to false for the web application by setting the parameter value to false.

      <property name="isSecure" value="false">


SNMP services fail in Sun Java System Web Server 6.1 SP2/SP3 on the Windows 2000 platform. 


Sun Java System Web Server 6.1 SP4 uninstall script displays an error message – `No such file or directory'. 


Some PDF files fail to be indexed by the search engine. 


Using JSP and several includes within the JSP throws ClassCastException in the ApplicationDispatcher.


Requests with double Content-Length header should get rejected (HRS vulnerability).

Workaround: Add the StrictHttpHeaders directive in magnus.conf and set its value to on.


Incorrectly configured home-page SAF crashes server. 


Existing 32-bit plug-ins cannot be used with the 64-bit release. Attempting to load a 32-bit plug-in using the 64-bit Sun Java System Web Server release will result in an error message such as the following: 

Sun ONE Web Server 6.1SP5 (64-Bit) B10/28/2005 09:00

failure: CORE3170: Configuration initialization failed: Error running init function load-modules: dlopen of failed ( webservd: fatal: wrong ELF class: ELFCLASS32)

The Sun Java System Web Server 6.1 SP5 (64-Bit) release introduces support for sparcv9. 

Issues Resolved in 6.1 SP4

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP4.

Table 10 Issues Resolved in Sun Java System Web Server 6.1 SP4

Problem ID 



Required patch ID 112396-03 does not exist. 

The patch #112396-03 listed as required in earlier release notes was incorrect.  

The correct patch number is 112396-02. 

Solaris users must have the Sun recommended patch cluster installed, available in the Recommended and Security Patches section at

Solaris 8 (SPARC)

  • Solaris 8 Update 7

  • Sun recommended latest Security and Recommended patch cluster

Solaris 9 (SPARC and x86)

  • Solaris 9 Update 4 or above.

  • Sun recommended latest Security and Recommended patch cluster


Client certificates with AKI extension causes SEC_ERROR_UNKNOWN_ISSUER error.


Sun Java System Web Server 6.1 fails to validate a client certificate with LDAP if the certificate contains Czech characters. 


Frequent errors encountered when running Sun Java System Web Server with JDK 1.5. 


Web server performance issue with certain error logging configuration. 


For Korean HTML collection, Korean word search with asterisk does not return any result. 


Precompiled JSP files do not work as expected with reload-interval parameter in sun-web.xml.

Workaround: Use the property use-precompiled (set to true under jsp-config in sun-web.xml) to specify that the JSP files are precompiled and should never need to be compiled at runtime.

A sample sun-web.xml is as follows:

  <property name="use-precompiled" value="true" >


Superuser Access Control page in Administration GUI not accessible after upgrade from SP1. 

6177544 not present after RPM installation of plug-in.


Sun Java System Web Server 6.1 SP4 — Using the Delete certificate Administration GUI (bin/https/admin/security) core dumps with NSS 3.9.3 beta.


Multiple package installers for the same build of web server of the Solaris SPARC/x86 platform. 


Update NSS to 3.9 series. 


Java Enterprise System symbolic link not used for J2SE location. 


Problems using ACL_LDAPSessionFree().


Web server always sets content type to text/html when Servlet filter is set. 


Sun Java System Web Server 6.1 SP4 Solaris x86 unable to start the SSL instance through the Administration GUI. 


Sun Java System Web Server SP4 for JES3 is unable to upgrade on top of Sun Java System Web Server SP2 for JES2. 


Tests fail while running web server with JDK1.5_beta2 release. 


Administration console throws exception with JDK 1.5.0_beta2 while creating and editing classes. 


I18N search: `?' wildcard search in Japanese causes wrong match.

Issues Resolved in 6.1 SP3

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP3.

Table 11 Issues Resolved in Sun Java System Web Server 6.1 SP3

Problem ID 



GUI does not correctly reflect when `Transmit File' is turned off.


I18N search: Sort encoding list of Default Encoding on search Administration GUI. 


GUI does not permit to manage users in the keyfile database.


Web server Administration console does not show all the tabs (in Mozilla browser). 


Sun Java System Web Server 6.1: Nova Search Engine sometimes does not pick up document. 


Java filters, HTTP compression, and SHTML fail to interoperate. 


A java.lang.NullPointerException is thrown if you click on the OK button without selecting the Directory Server.


Web server's JNDI needs to map resource-env-reffrom sun-web.xml.


Request flow problem with Client tag code=302. 


Enable prefixing of hostname in session ID. 

You can enable prefixing hostname in session ID for the web application by setting the value of the property prefixSessionIDWithHostname under manager-properties to yes, true, or on, in the web application sun-web.xml.

In the following example, prefixing host name in session ID is enabled for the web application by setting the parameter value to true.

    <property name="prefixSessionIDWithHostname" value="true">


Sun Java System Web Server 6.1 SP2: Plug-in defined in certmap.conf does not load.


Memory leaks when AdminLanguage and/or DefaultLanguage is specified in magnus.conf.


The load balancer plug-in (formerly Resonate plug-in) does not work on the Solaris SPARC platform.

The location of the plug-in is server-root/plugins/


Servlet session data problem. 


Create collection fails on Linux with RPM install. 


Stack size is ignored when ConnQueueSize/RqThrottle is 0.


Inconsistent behavior between HttpServerAdmin and iWS console.


Two ports (for example, 2500 and 02500) are added in server.xml as different ports.


2–byte character in HTTP header and plug-in programs. 

You can enable response header encoding at the web application level by setting the value of the configuration parameter use-responseCT-for-headers to yes, true, or on, in the web application's sun-web.xml.

In the following example, response header encoding is enabled for the web application setting the parameter value to true. A sample sun-web.xml is as follows:

  <parameter-encoding form-hint-field="j_encoding"> 
  <property name="use-responseCT-for-headers" value="true" > 

Issues Resolved in 6.1 SP2

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP2.

Table 12 Issues Resolved in Sun Java System Web Server 6.1 SP2

Problem ID 



I18N: SNMP community name does not show up on Solaris Netscape. 


CGI subsystem makes blocking calls from NSPR user threads. 


Administration ACL and Superuser AC: The `Allow only from host' option does not work. 


CORE SHTML: Cannot set Content-encoding for .shtml files.


French Thread pool name displaying garbage characters on JA-NT (Internet Explorer and Netscape). 


Web server returns 404 for files starting with `..'.


After adding a new mime type file, there is no way of verifying addition from the GUI. 


Document preference web page should provide a file to use for error responses. 


Customized access log file is not reflected in the GUI in the View Access Log tab. 


Need to disable cookie-encoding. 

By default, the Sun Java System Web Server URL encodes the cookies before sending them to the client. If you do not want the cookies to be encoded, add the following line to sun-web.xml:

<property name="encodeCookies" value="false">

For the above example, add the line directly under the sun-web-app tag. Do not embed this line in any other tag.


Internal Error from URL forwarding form. 


Clearing the ErrorResponse CGI file name.


Distributed -Administration: Overrides default ACI in Sun Java System Web Server 6.0 SP2. 


No validation of virtual server settings form. 


Internal error on removing http:// from URL forwarding form.


CGI that has scripts to grab environment variables fails to execute. 


Cluster management - Selection of source server deselects target servers. 


Asynchronous DNS is disabled by default. 


Web-application/JSP: load-on-startup not working on JSP files. 


Cluster: Null message in modify cluster when OK is clicked soon after reset. 


User and group is not validating for the users and accepting blank spaces in CGI. 


Newly added ACL files are not getting deleted after selecting delete. 


chroot and directory are not validating correctly.


Administration: Global|SNMP Master Trap Warning displays Form Element Missing:manager?.


Turn the security ON for any instance server without installing a certificate. 


After enabling IPv6 on GUI Edit listen socket, server will not start. 


Administration GUI gets cluttered when a new server is added with a duplicate port. 


Unable to access absolute URI on SSL enabled server. 


Access Log reports incorrect data. 


Urlhosts field does not accept more than one hostname.


$id variable in VSCLASS docroot is not working on Windows.


ACLI: Incorrect processing of ACL. 


MaxRqHeader directive in magnus.conf is not working as desired.


Vignette NSAPI plug-in on Sun Java System Web Server 6.0 not functioning correctly when HTTP1.1 is used. 


LDAP: Improve LDAP dynamic group performance for ACLs. 

For performance reason, a new LDAP configuration parameter, dyngroups fast is introduced for SP2. With this parameter, web server will make an assertion about group membership bypassing nested individuals among dynamic groups.

For example, assuming that user alpha belongs to group A, group A is a member of group B by group B memberURL definition (dynamic group), and your ACL only grants group B access. In such case, web server will deny access from alpha because alpha is not regarded as member of group B.

If you want to support a nested group, do not define this new config for LDAP authentication service. You will not get performance gain consequently. A sample configuration directory is as follows: 

ldapregular ldap://localhost:389/o=TestCentral

ldapregular: dyngroups fast


Validation required for the form elements in document preferences page. 


Magnus.conf: Performance setting: accepting negative numbers.


Administration: Configure Directory Service not validating binddn/password.


Sun Java System Web Server 6.1 on Windows should add CR character to the end of the line in the access log. 


Web server treats `:' (colon) as a separator between hostname/IP and port in several places. This code needs to be updated to recognize when the `:' is actually part of an IPv6 address. 


Eviction fails in NSFC when SmallFileSpace is set to a low value.


Setting the PATH variable in magnus.conf for Sun Java System Web Server 6.0 SP5 does not work.


Performance issue with large ACL file in conjunction with many virtual servers. 


Native authenticator support. 


Unable to select none as a program item under the program groups in GUI.


Keep-alive subsystem should be dynamically tuned. 

The keep-alive subsystem requires tuning for optimal performance. In Sun Java System Web Server 6.0 this subsystem was tuned for heavy load and performs poorly when only a handful of concurrent keep-alive connections exist. The keep-alive subsystem was modified for Sun Java System Web Server 6.1 SP2 so it performs some dynamic tuning to accommodate the actual load. 


shtml is parsed when execute permission is not set and configured.


AIX: Web server hangs after being restarted by watchdog. 


Access log entries in the server.xml file of the migrated instance point to an invalid path.


SNMP: Test fails for RH Linux 6.2/7.2/Adv Server 2.1, and Sun Linux 5. 


New directory Service Screen not connected to interface. 


Back button not working for frames in Netscape Navigator 7. 


The upload-file SAF does not work correctly with chunked requests.


Unable to specify protocol for URL in generated redirects. 

The server generates a self-referencing URL whenever it sends a redirect to a client. As of Sun Java System Web Server 6.1 SP1, the servername attribute of the LS element in server.xml can be used to configure the scheme used in server-generated self-referencing URLs.

For example, if an SSL offloader sits between the Internet and the web server instance, decrypting SSL-encrypted traffic for and relaying it to the web server on port 8080, an LS element such as the following could appear in server.xml:

<LS remap="ls1" port="8080" security="disabled"...servername="">

The https:// prefix in the servername value instructs the server to use the HTTPS scheme in self-referencing URLs even though the LS is not configured to handle SSL traffic.


Internal log rotation creates empty logs. 


Distributed-administration: Functioning of Administration ACL `Allow only from host/IP' is not as per documentation. 


While using untar to expand the web server bits, the ownership and group information is not correct. 


On Linux only: When you create a collection, PDF files will not be indexed and added to the collection. 


The highlighting of the connection value in the Edit Virtual Server page is not correct. 


WebDAV ACL settings are inherited into new Virtual Servers. 


The Help button in the Edit WebDAV page is not pointing to the correct help page. 


Performance affected with multiprocess mode and one thread. 


The AsyncDNS setting is ignored in Sun Java System Web Server 6.1 SP1. The web server never performs asynchronous DNS lookups.

Note that even when the magnus.conf has AsyncDNS on, Asynchronous DNS is still turned off.


An error message status is returned when you try to stop the server when it is not running. 


Cluster Management file transfer not working on Windows. 


Sun Java System Web Server 6.1 Digest authentication is not working for flat files. 


Sun Java System Web Server 6.1: Creating Digest file users through the GUI duplicates users in exponential order. 


Migration final page needs to encode the `<' and `>' characters HTML. 


JDBC: Servlet code UploadServlet mishandles SQL exceptions.


I18N search: sort encoding list of Default Encoding on search Administration GUI. 


Unable to remove search collection for a newly created virtual server. 


I18N: Un-localized timestamp for each search-returned documents. 


Error on Windows when trying to create a collection with a document root that has back slashes. 

Workaround:  This behavior occurs when you specify a document root that has back slashes or mixed slashes. Use forward slashes.


Server returns ConfigException while creating the duplicate search collection.


I18N: Can not go to `sort by date' link while searching multibyte characters. 


i18n: error adding file with Korean filename - skipping since no read permission. 


Missing quote in Oracle script for jdbcRealm sample application.


NSFC enhancement needed. 

Add the ReplaceFiles nsfc.conf directive.

When ReplaceFiles=true (default), the existing file cache behavior is preserved.

ReplaceFiles=false indicates that once a file is cached, its file cache entry should never be discarded to make room for another file. This setting is useful in benchmark scenarios because eliminates contention on the hit list lock.


Server should not accept mixed slashes for the doc root while adding a new server. 


Web server installation fails due to set -o noclobber in .env.


Sun Java System Web Server 6.1: Add listen socket protocol family field is missing for IPv6 address. 


Many of the fields in the magnus editor do not have validations because they are accepting negative integer values. 


Getting ServletException while trying to access the server with additional doc.


Change Password for the user is not working. 


The URL Forwarding Editing Page is not consistent. 


Updating Security Realm properties from Administration GUI is not reflected in server.xml.


Help on `Edit Virtual Class' does not give complete criteria for VS class deletion.


Keep-alive connections can hang under light load. 


The server.xml createconsole attribute is ignored.


Null Pointer exception thrown if the user mistakenly edits the VS Administration URL.


Performance: Web server polls kstat once per second.


I18N-korean: Re-indexing collection hangs when missing one or more existing docs. 


certmap.conf file location misrepresented.


Destination headers are not URL decoded in MOVE/COPY requests. 


SIGCHLD signals are reported on startup.


TCP_NODELAY need not be set for AF_NCA.


Source returned when the file's mime.types entry does not end with a carriage return.


Default values of maxpropdepth is poorly chosen.


The leading `/' is being removed when deleting web application through Administration GUI. 


Resource picker for restrict access fails for migrated instance of 6.1. 


Address directive not properly migrated when migrating from Sun Java System Web Server 4.1 to 6.1. 


Administration: Creating a new virtual server after migration causes $user: unable to find value.


Cross-site scripting in web server administration interface. 


Sun Java System Web Server 6.1 SP1 SNMP is not working. 


Distributed-Administration: After enabling distributed administration, if an ACL is set to allow authenticated users only, the server still allows access to other users in the Administration group. 


Add server instance is not working on the Solaris x86 platform. 


Administrator's Configuration File Reference defines non-existent TYPE element.


Search example is incorrect. 


Wrong documentation on the thread pool configuration file. 


Sun Java System Web Server 6.1 SP1 server on Solaris 8 SPARC fails to start due to


fc_net_write should result in a single system call.


Third-party profiler support for bytecode instrumentation. 


IWSSessionManager does not work as expected with Sun Java System Web Server 6.1.


The search web application shows only a maximum of 11 collections. 


Ineffective alert message displayed while re-indexing on Windows. 


Wrong number of results for particular output results (11, 21, 31...). 


Web server deployment fails with ClassCastException.


Sun Java System Web Server 6.1 Search: Requesting an ability to display the meta tag description. 


Ineffective alert message displayed while creating a duplicate collection on Linux. 


httpagt depends on NETSITE_ROOT variable.


fc_open fails when running specweb99 on x86 build.


MOVE method should rename files when possible.


PR_NetAddrToString performance is less than expected.


Web server crashes during Java-triggered reconfiguration and server shutdown. 


ServletContext.getContext(String) does not return other contexts when called from root context. It returns the root context.


`Null' is displayed for QoS vsclass values.


Invalid error message is displayed while configuring LDAP with wrong credentials. 


Cron-based log rotation fails when Administration user is root, and instance is non-root. 

Workaround: Change the user to match the Administration server user in the scheduler.conf file.


Web server hangs when using rotate-callback. 


Administration password stored as plain text in file setup.inf.


Minor coding error in send-error SAF. 


After adding a virtual server, the top frame does not show the virtual server in the dropdown box. 


Administration: No Validation for protocol value in Edit Listen socket. 


The GUI gets cluttered if an ACL file path contains a forward slash. 


Showing up invalid ACL file on the browser in the WebDAV screen. 


Perf Dump data for Average Queueing Delay is not correct. 


Cross-site security issue with Apache sample (\plugins\java\samples\webapps\simple).


Incorrect behavior in web-apps-sample sample application in Sun Java System Web Server 6.1 SP1.


Incorrect instructions in index.html of the internationalization sample application.


Samples shipped with Sun Java System Web Server 6.1. 


FastCGI beta libraries are in RTM web server packages. 


AIX 6.0 SP6: forbidden error to a GET for a file with correct group permissions. 


Log messages are truncated. 


Dynamic reconfiguration fails when server is under load. 


NSFC_GetEntryPrivateData() calls NSFC_ExitCacheMonitor() when no entry exists.


The GUI retains dismissed invalid port entries and populates it when servername field validation fails.


classpath edited using Internet Explorer is broken; server JVMTM can't start.


Cannot add path to classpath suffix using web-admin.


Cannot delete external JNDI reference. 


RPM can't locate system umask. 


pkgchk -n fails for web server package in Java ES.


Sun Java System Web Server 6.0 migration fails. 


Server fails to start up on Linux platform. Wrong JDK path during build. 


Edit Virtual Servers page should update the connections value correctly. 


Last-modified and Etag are suppressed when Servlet filters are used. 


The wrong file name is stored for key file configuration. 


Cannot start web server instance, after modifying its classpath suffix.


Sun Java System Web Server 6.1 SP2 RH Linux unable to access Administration GUI; throws error message after login. 


Solaris x86: Distributed Administration cannot be enabled. 


Validation of cookie name in cookie example Servlet. 


Superuser Access Control cannot be set even when Distributed Administration is not enabled. 


POST request body consumed twice when using bad plug-in. 


Search criteria is truncated to 100 characters. 


Search displays wrong links for the SSL enabled instance. 


Stellent filters need to be added to the Linux and Solaris x86 builds. 


indexMetatags of the nova search should be set automatically.


Indexing for the meta tag should be case-insensitive. 


Removing documents with a *.* pattern is not removing all the files when the excludeExtensions property is set.


Server returns null pointer exception while indexing .sxg file when excludeExtensions is set.


Page numbers are not displayed properly on the search results page. 


Misconfiguration of bswitch causes crash.


Plug-in crashes with malformed request. 


ACLI: Failed authentication is logged twice in the server errors log file. 


ACL: Web server returns “404 Not found” errors when ACLs deny access. 


WEBC: granting signedBy permissions to Jar files does not work.


Sun Java System Web Server 6.1 cannot process HTTP URL GET parameter that is in 8-bit charset. 


Cannot set 800 MB of JVM maximum heap size on Windows 2000 using JDK 1.3.1. 


Using % in the value of the JSP parameter corrupts the query string. 


Server aborts with SIGABRT from within libjvm.


JSP errors are wrongly reported as “Not Found” errors. 


extra-class-path attribute in class-loader element in sun-web.xml does not work as expected.


Dynamic reloading does not work for web application descriptor files, for example, web.xml.


Web container thread names are not unique. 


LDAP: Crash during LDAP authentication. 


WEBC: getRemoteUser() does not work for stand-alone JSP files.


WEBC: Request may not always contain client certificate data. 


Certificate data not always present even when available. 


Tomcat AuthenticatorBase returns 500 instead of 403.


Out–of-box default realm should be native. 


Sun Java System Web Server 6.1 incorrectly reports client key size in certain situations. 


WEBC: isUserInRole() does not match when using core authentication.


LDAP: User can enter wildcard `*' for UID in basic authentication. 


Cannot have more than one LDAP realm. 


htconvert not converting .nsconfig wildcard patterns correctly.


htconvert does not work on 6.1 style server.xml.


NPE encountered when a session is expired simultaneously by two (2) threads. 


EPIPE signal not caught as an IOException from OutputStream.write().


Using JDK 1.4.1 provided JNDI connection pool for LDAP pooling. 


Changing the log level to Security causes NullPointerException upon start.


Distributable semantics in web.xml is not honored by the web container.


getResourcePaths returns paths that contain `//'.


webservd leaks memory on RedHat Linux Advance Server 3.0.


Poor integration between NSAPI srvhdrs and HttpServletResponse headers.


LOCK-UNLOCK is not working properly and the GUI does not show lock information properly. 


Web server does not start on RedHat Linux AS 3.0 with Security turned On.


500 error when accessing a web application with transport-guarantee=CONFIDENTIAL from a non-SSL port.


ASN.1 parsing bugs/brute forcer program can cause web server crash. 


NSS: Crash in DER_UTCTimeToTime with corrupt certificate.

Issues Resolved in 6.1 SP1

The following table lists the issues resolved in Sun Java System Web Server 6.1 SP1.

Table 13 Issues Resolved in Sun Java System Web Server 6.1 SP1

Problem ID 



Option needed to disable appending of absolute URL in a Servlet or JSP container. 

Fix details: New property added to sun-web.xml: relativeRedirectAllowed

Default value: false

Description: If true, allows the web application to send a relative URL to the client using the HttpServletResponse.sendRedirect() API. That is, it suppresses the container from translating a relative URL to a fully qualified URL.


Enabling Remote File Manipulation from the Server Manager GUI allows any remote user to obtain a listing of any directory in the server's URI space. 


javahome path wrongly set when adding a server with no bundled JDK.


Adding a new server instance might fail with a Server Error message. 


Server restarts when trying to create null resource by PUT. 


Search engine does not extract and index FTS information from PDF files. 

Fix details: This fix applies to all supported platforms except Linux.

The Author, Subject, and Keywords meta tags are always indexed. Functionality has been added that now enable arbitrary meta tags to be indexed, including those tags produced when converting the FTS_* attributes from PDF files. Manual configuration of a new setting in server.xml is required, as described below.

  • In the SEARCH section of server.xml, add a PROPERTY with name="indexMetatags". The value should be a comma-delimited list of meta tag names. Note that the Author , Subject, and Keywords meta tags are always indexed, regardless of this setting.

  • To index the meta tags resulting from the conversion of PDFs and other types of documents, this configuration must use the name of the meta tag rather than the name of the field in the particular document type. For example, to index the FTS_Title contents from PDF files, "Title" must be a component of the "indexMetatags" setting:

    <PROPERTY name="indexMetatags" value="Title">

Note –

See issue 4956415 for details about displaying custom meta tag information in search results.


On Solaris 9 release: reconfig does not work in package-based installs.


ASN.1 parsing issue in SSL. 

A problem has been identified in the implementation of the SSL protocols used by the web server that may be exploited as a Denial of Service attack. Sun Java System Web Server 6.1 SP1 fixes this problem. If you use the web server to host sites that utilize SSL version 3 or TLS, you are strongly encouraged to install this service pack. 


The reconfig command does not work on Windows XP.


The commit.exe utility crashes on Windows platforms.

Issues Resolved in 6.1

The following table lists the issues resolved in Sun Java System Web Server 6.1.

Table 14 Issues Resolved in Sun Java System Web Server 6.1

Problem ID 



On Windows, the web server installation overwrites SunONE Directory Server .dll files due to cohabitation issues with Directory Server 5.x.


Rotating log files shouldn't require server restart on UNIX. 


Logs filling with `connection reset' entries. 


Installer does not set proper JDK CLASSPATH/LIBPATH when the external JDK is used. 


Incorrect error messages when LDAP server is offline. 

4799452 has been deprecated. Its exception stops valid JSP files.


ACL_LDAPSessionAllocate always returns LAS_EVAL_FAIL.


Digest authentication crashes. 


Memory leak of the slapd process with the digestauth plug-in.


digestauth plug-in code is not thread safe.


When using cachefs or nfs as ClassCache and document-root, Sun Java System Web Server does not always pick up the new JSP. 


Web server crashes when receiving Accept-Language header larger than 15 languages.


Server crash with malformed request. 


Accept-Language header security issue.


CRL corrupts database. 


digestauth plug-in crashes for a particular type of request.


Memory leak in digestauth plug-in for a particular type of request.


Log analyzer vulnerability. 


JSP: crash in getParameter when posting large amounts of data.


Basic authentication fails for users with user IDs that have spaces. 


When you create a collection, not all documents will be indexed and added to the collection. 

Issues Resolved in 6.1 Documentation

The following table lists the issues resolved in the English language version of Sun Java System Web Server 6.1 SP6 and later documentation.

Note –

The following issues exist in the localized version of Sun Java System Web Server 6.1 documentation.

Table 15 Issues Resolved in Sun Java System Web Server 6.1 Documentation

Problem ID 



Current documentation gives incorrect instructions on how to log cookie information. 


Administrator's Guide should document the steps to restart, start, or stop the schedulerd control daemon from command line.


Release Notes and Installation and Migration Guide have different Support Platform description for Sun Java System Web Server 6.1 SP7.


Two Server Instances Bind to Same Port on Windows. 


Server does not close the old listen sockets on restart or reconfigure. 


The release notes for the reverse proxy plug-in should include a Resolved Issues section. 


Administrator's Guide needs correction: the -P option in the Exporting with pk12util section should contain a hyphen (-) after https-test-host.


Online help does not document steps to restart the schedulerd.


Administrator's Guide does not document the Search Query operators.


Provide steps on "How to Stop the schedulerd from a command line".


Reverse proxy plug-in is missing some important documents. 


6.1 Passthrough/Fastcgi plug-ins startup messages create confusion. 


Upgrade procedure of Java ES does not use the JES installer. 


Description about netbuf_getbytes() is not available in the 6.1 NSAPI guide.


Sun Java System Web Server 6.1 Windows installation should use -Xrs JVM option by default. 


Sun Java System Web Server 6.1 release notes has Sun internal URL. 


Release Notes for Sun Java System Web Server 6.1 Add-Ons Reverse Proxy Plugin has an incorrect default value for the validate-server-cert SAF.


Installation and Migration Guide should document configuration file writability, root security risks, and Solaris net_privaddr privilege.


Administrator's Configuration File Reference should document the magnus.conf variable MaxKeepAliveConnections value range for 64–bit server.


Administrator's Configuration File Reference should document the MaxOpenFiles attribute in the nsfc.conf configuration file.



Administrator's Guide incorrectly describes a Find menu Passage Search option in the Advanced Search section. This menu option is not available.


Administrator's Guide describes the configuration log level incorrectly.


Administrator's Configuration File Reference describes an incorrect default value for the ChildRestartCallback directive.


Installation and Migration Guide describes an incorrect method of upgrading a new version of web server in the Before You Install Sun ONE Web Server section.


Administrator's Configuration File Reference has incorrect information about the AdminLanguage directive.


Administrator's Guide has a typographical error under section Choosing MIME Types.


NSAPI Programmer's Guide describes an incorrect example of a NSAPI Function Reference.


Administrator's Guide incorrectly documents the supported version of Java as `1.4.1_03'.


Administrator's Guide documents an incorrect certmap.conf configuration.


Administrator's Configuration File Reference does not document the optional parameter `block-size' for pool-init.


Administrator's Guide does not contain information about the htpasswd command utility.


Administrator's Configuration File Reference has incorrect information about the loglevel attribute.


Administrator's Configuration File Reference has incorrect default value for the LogFlushInterval directive.


Administrator's Guide has the following incorrect information:

  • The path where libdigest-plugin.ldif exist is not defined in the guide.

    Additional Information: libdigest-plugin.ldif is available at server-root/plugins/digest/libdigest-plugin.ldif.

  • Information to configure the web server to process digest authentication (set the digestauth property of the database definition in dbswitch.conf) is given without describing the procedure to do it.

  • is incorrectly mentioned as libdigest-plugin.lib.

  • Description of iplanetReversiblePassword is missing.


Administrator's Guide needs to be updated with additional information regarding ACL.


Installation and Migration Guide incorrectly documents the supported version of Sun accelerator hardware.


NSAPI Programmer's Guide does not clearly specify that content-type needs to be in lower case.


Installation and Migration Guide does not document the method of disabling the start-on-boot option.


Administrator's Configuration File Reference incorrectly describes the default value of the StrictHttpHeaders directive as on.


Administrator's Configuration File Reference has insufficient information about the set-variable error parameter.


Administrator's Configuration File Reference incorrectly describes a remove-file() SAF.


NSAPI Programmer's Guide incorrectly documents the description of SERVER_SOFTWARE as MAGNUS_VERSION_STRING.


Administrator's Configuration File Reference does not clearly define the default value of listenQ on Windows.


Administrator's Configuration File Reference needs more information about DNS.

Known Issues

This section lists the more important known issues and limitations at the time of the Sun Java System Web Server 6.1 SP10 release. The issues are listed as follows:


The following table lists General known issues.

Table 16 General Known Issues

Problem ID 



(Windows 2003 only) Report generation fails with lganalyz.exe application error in Sun Java System Web Server 6.1 SP6.


  1. Log in to the web server machine.

  2. Go to WSinstall\bin\https\httpadmin\bin.

  3. Run the flexanlg util command to get the report, for example, C:/Sun/WEBSER~1.1/extras/flexanlg/flexanlg -F -n jwsoffice -x -i C:/Sun/WEBSER~1.1/HTTPS-~2/logs/access -c hnrfeuok -t s5m5h10 -l c+5h5 -p ctl

Note –
  • Type the above command in a continuous line.

  • Replace jwsoffice with your hostname or IP address. You also can export the output to an HTML file and use a browser to view it. For more information on the flexanlg utility, see Sun Java System Web Server 6.1 SP10 Administrator's Guide.


Sun Java System Web Server 6.1 SP8, when run with JDK 6 shows the search collection names (checkbox) in a different order in the search pages, as compared to when it is run with older JDK versions. 


JES3: Patch upgrade of web server on Linux displays false uninstall notification. 



Contents do not get updated under a particular situation on HP-UX 11.0 platforms. 

The HP-UX operating system has two cache spaces, Page Cache and Buffer Cache, for accessing files. Normally, when the application performs the mmap function, the file is mapped to Page Cache.

However, currently the operating system has no responsibility to synchronize the data between the Page Cache and Buffer Cache if the mmap is performed as PRIVATE option. Even if you copy the file, the operating system refreshes the cached data only in the Buffer Cache.

Workaround: Use a text editor to update the contents each time.


Searching of Users and Groups through LDAP server using Administration Graphical User Interface fails. 

Workaround: For this feature to work, install Red Hat AS 3.0 update 1–uname -r: 2.4.21-9.ELsmp.


Authorization dialog appears for an unprotected directory without an index file. 

Additional information: If a directory does not have an index file such as index.html, index.jsp, or home.html, then while turning on ACL authentication anyone with read and write permission is denied the list access even though this directory is unprotected.

Workaround: To revert back to the previous behavior of 6.1, change the default ACL so that anonymous users are allowed list privileges. Make the change as follows:

allow (read, execute, info, list) user = "anyone"


Web server fails to startup with JDK 1.5 initialization. 


Set the following in the start script: 



The following table lists the known issues in Administration.

Table 17 Known Issues in Administration

Problem ID 




If you remove a listen socket or change its port number and restart or reconfigure the server, the server fails to close the old listen socket. The operating system continues to accept connections on that port, but the server will not respond to requests on that port. 

Work around: Close the old listen socket, stop the server and restart it.


ACL applet might fail to load with Mozilla 1.4 and Firefox 1.0.6. 


Problem using HttpServerAdmin to create a JNDI resource containing an LDAP domain name containing commas.

Workaround: For HttpServerAdmin to escape the `,' in the property, use `\\' as the escape character. Use `\' on the Windows platforms.

In the property java.naming.provider.url=ldap://localhost:389/ou=loggingQueues,ou=tms,ou=services,ou=abc the `,' are escaped as shown here:

-property java.naming.provider.url=ldap://localhost:389/ou=loggingQueues\\,ou=tms\\,ou=services\\,ou=abc


Unable to manage Directory Server user/group/ou using Sun Java System Web Server 6.1 SP2 Administration on RedHat Linux Advance Server 3.0.


View Access and View Error does not work properly with multibyte characters. 


When Distributed Administration is enabled, the local Administration user is disabled. 

Workaround: Create a user with the default Administration user name within the distributed Administration group.

The newly created LDAP Administration user must have the same password as the web server Administration user. 


The log file date stamp does not take the local time zone into account and shows the incorrect date. 

Workaround: If the date in the log file filename extension should match the date of the log entries, configure the server to rotate the log files at 23:59.


Sun Java System Web Server 6.0 SP4: Cannot enable Distributed Administration when using SASL and anonymous bind. 

Workaround: Do not use anonymous bind to an SSL-enabled directory server.


Can't get REMOTE_USER variable when authenticated by .htaccess.

Workaround: If you enable .htaccess files, the server checks for .htaccess files before serving resources. The server looks for .htaccess files in the same directory as the resource and in that directory's parent directories, up to and including the document root. For example, if the Primary Document Directory is set to /sun/server/docs and a client requests /sun/server/docs/reports/index.html, the server will check for .htaccess files at /sun/server/docs/reports/.htaccess and /sun/server/docs/.htaccess.

Note that the server's Additional Document Directories and CGI Directory functionality allows an administrator to define alternate document roots. The existence of alternate document roots affects .htaccess file processing. For example, consider a server with the Primary Document Directory set to /sun/server/docs and a CGI program at /sun/server/docs/cgi-bin/program.cgi.

If you enable CGI as a File Type, the server will evaluate the contents of both /sun/server/docs/.htaccess and /sun/server/docs/cgi-bin/.htaccess when a client issues a request for the CGI program.

However, if you configure a CGI Directory at /sun/server/docs/cgi-bin, the server will inspect /sun/server/docs/cgi-bin/.htaccess but not /sun/server/docs/.htaccess. This occurs because specifying /sun/server/docs/cgi-bin as a CGI Directory marks it as an alternate document root.


The End User Administration feature (under Distributed Administration in the Administration interface) is no longer supported. 


Inconsistent look and feel of the Administration GUI. 


The Add Server page in the Administration GUI disappears in Netscape Navigator 7.0 when insufficient information is provided. 

Workaround: Provide complete information on the Add Server page before clicking OK. If necessary, reload the page to restore the Add Server GUI, or click another page or another tab and then navigate back to the Add Server page. This problem occurs only in Netscape Navigator 7.0.


The word `null' is incorrectly displayed on an alert message. 

This word displays when editing directory services in the Pick Directory for Virtual Server page in the Virtual Server Manager. 


Superusers cannot access the Administration interface after enabling distributed administration. 

Workaround: After enabling distributed administration, create a user in LDAP with the same administration user name and password as that of superuser.


Default link not working for Logging Settings.

The default link on the Logging Settings for Virtual Server page does not set the default path, but rather acts as a reset button.


.shtml files are parsed even if you configure them to be un-parsed.

No ID 

The sun-web.xml file bundled with the web server points to the wrong DTD location.

Correction: The correct location is


Web server is not operational when installed as non-root user. 

Workaround: Start the web server instance from the command line instead of using the Web Administration console.


JSP applications are not accessible from Sun Java System Web Server 6.1 when the passthrough plug-in is configured.

Workaround: Change the line from the service directive of passthrough from

Service type="magnus-internal/passthrough" fn="service-passthrough"servers="http://server:port"


Service fn="service-passthrough" servers="http://server:port"


No Administration GUI feature is available to delete JSP ClassCache files.


The Administration GUI says Click Apply for the changes to take affect but no Apply button exists in the Administration Server. 


The SNMP web server subagent doesn't answer to snmpwalk command on Solaris 10. 

The SNMP master agent bundled with Sun Java System Web Server 6.1 hangs on Solaris 10 U2 (and higher) due to the TCP fusion feature added in Solaris 10 U2. 

Workaround: Use either of these two workaround:

  • Disable TCP fusion by adding the following line in /etc/system:

    set ip:do_tcp_fusion = 0x0

  • Change the tcp_xmit_hiwat value to a higher value like 262144.

    # ndd -set /dev/tcp tcp_xmit_hiwat 262144

    Peer snmp master agent functions properly.

    If you are setting tcp_xmit_hiwat value, you may put it into rc script to avoid setting it manually after system reboot.


ACL did not update USERDB in server.xml , then [NSACL6000] HTTP5239 errors when access page 

When you use a non-default authdb for ACL, ensure that the authdb detail has been added to server.xml. Else, the server will throw an error later when you access the page protected by ACL as :

[NSACL6000] HTTP5239: digestrealm is not a registered database


The error is because, the server.xml still has USERDB as “default” and cannot find the “digest1” for ACL as shown below:.

<VSCLASS id="vsclass1" objectfile="obj.conf">
  <VS id="https-testdigest" connections="lsl" mime="mime1"
  aclids="acll" urlhosts="apple">
			<PROPERTY name="docroot" value="/export/home/iws6.1sp9/docs"/>
			<USERDB id="default"/>

Add manually the below information into server.xml, after default USERDB declaration under the required virtual server, and restart the server.

<USERDB id="digestrealm" database="digestrealm"/>

You also need to ensure that authdb has been rightly mentioned in the dbswitch.conf and ACL file.

In dbswitch.conf file:

apple:/export/home/iws6.1sp9> cat userdb/dbswitch.conf 
directory digestrealm file 
digestrealm:syntax digest 
digestrealm:digestfile /export/home/iws6.1sp9/digestrealm

In ACL file: 

acl "default";
authenticate (user,group) {
        database = "digestrealm";
        method = "digest";
        prompt = "digestrealm";
deny (all)
 (user = "anyone");

allow (read,execute,list,info)
 (user = "all");


The following table lists the known issues in Core.

Table 18 Known Issues in Core

Problem ID 



webservd child process orphaned when Solaris crypto softtoken ( is used in Sun Java System Web Server 6.1SP5 64-bit.

Workaround: This problem occurs only when the server is explicitly configured to use the Solaris softtoken. If you have to use fork(), Runtime.exec(), or <!--#exec cmd="..."-->, do not configure the server to use the Solaris softtoken.


Web server crashing configured with an NFS-mounted docroot directory 

Web server crashes if NFS file is removed or replaced, while using NFS and MediumFileSizeLimit >0. Therefore, you should not use MediumFileSizeLimit>0, if the document root is mounted over NFS.


When Web server documents are residing on an NFS mount, as in NFS client, set MediumFileSizeLimit to 0 in nsfc.conf.

Documentation and Online Help

The following table lists the known issues in Documentation and Online Help.

Note –

For a list of known issues in the localized versions of 6.1 documentation, see Issues Resolved in 6.1 Documentation.

Table 19 Known Issues in Documentation

Problem ID 



Online Help indicates that the maximum characters for an authentication password is eight characters. 

Additional Information: The authentication characters for an authentication password can be more that eight characters.


No documentation available regarding feature upgrades.  

Additional Information: See Installation, Upgrade, and Migration Notes.


Need to doc the non-existance of <instance>/lib 

All documents do not inform user the nonexistence of <instance>/lib directory.

Additional Information:This directory is not created by the installer. Users have to create the directory if it does not exist.


Release Notes for SUN ONE Web Server 6.1 does not list all patches that are required for the Solaris SPARC platform.

Additional Information: 109326-09 is a required patch for Sun Java System Web Server 6.1 on Solaris release 8.


The following table lists the known issues in Installation.

Table 20 Known Issues in Installation

Problem ID 



AIX Web server fails to start with JDK 1.5. 


Set the following in the start script. 



JDK only upgrade results in disabling search. The user receives an exception, and the search page is not accessible from the GUI. 

Workaround: This exception does not happen if Sun Java System Web Server 6.1 SP2 core is installed along with or prior to installing JDK alone. In addition, if Sun Java System Web Server 6.1 SP2 core is installed on top of a JDK-upgraded Sun Java System Web Server 6.1 SP1, the exception does not show up.


Sun Java System Web Server will not start if it is installed into a directory with spaces in the name, for instance, Program Files. You will not receive an error message about this during installation, but following installation the server will not start.

Workaround: Do not install the web server into a directory with spaces in the name.


On the Windows platform, the Sun Java System Web Server installer does not accept a long name as server-root.

Workaround: Specify a path name for the Sun Java System Web Server installation directory that is no longer than 128 characters even though the field allows you to type up to 256 characters.


On the Solaris platform, Control-B does not work on screens that follow the Fully Qualified Domain Name screen in the installer, starting with the User and Group Name screen.

Workaround: If you need to return to previous screens during the installation, quit the installer and start again.


On the AIX platform, Control-C makes the terminal screen hang during installation. 

This problem occurs on the screen used to specify the name of the computer on which the web server will be installed. 


Some SNMP related files are overwritten when upgrading to Sun Java System Web Server 6.1 SP1. 

Workaround: Back up the following files before the upgrade:




The following table lists the known issues in Migration.

Table 21 Known Issues in Migration

Problem ID 



Cannot enable Java on a migrated 4.1 instance even after opting to enable JAVA at the time of migration and enabling from the GUI after migration. 

Workaround: Manually add the following entries to the obj.conf file and restart the instance:

<Object name="default">
	NameTrans fn="ntrans-j2ee" name="j2ee"
	NameTrans ......
	PathCheck .....
	ObjectType ......
	Service .......
	Error fn="error-j2ee"
	AddLog .....

<Object .....

<Object name="j2ee">
	Service fn="service-j2ee" method="*"


Cannot change the document root of a migrated server from 4.1. 

Workaround: Edit the migrated instance's obj.conf and server.xml manually. These files are located under SERVER_ROOT/HTTPS-INSTANCE/config directory.

In obj.conf change the line

NameTrans fn=document-root root="<existing_doc_root>"


NameTrans fn=document-root root="$docroot"

In server.xml, under the relevant VSCLASS change the line

<PROPERTY name="docroot" value="existing-doc-root">


<PROPERTY name="docroot" value="new-doc-root">


ktsearch.jar is not migrated correctly on Sun Java Enterprise System 3 (JES3).

Workaround: Manually edit the server.xml file of the migrated instance to point to the correct path.

For Linux: /opt/sun/private/share/lib/ktsearch.jar

For Solaris SPARC: /usr/share/lib/ktsearch.jar


Web application file status ignored during migration from 6.0 to 6.1 

Web application status defined at the file level in the server.xml file is not migrated. If a user has switched off the status of the web applications file to suppress them, upon migration these web applications are exposed.

Workaround: Edit the server.xml file of the migrated instance and turn off status for each web application.


Installation of SP_2 patch on existing install (update) 

If you want to upgrade the Sun Java System Web Server 6.1 that is installed as a part of Sun Java Enterprise System (JES), to the latest Service Pack, download and apply the relevant patches. For more details, refer to the JES 3 Migration and Upgrade Guide.


The following table lists the known issues in the sample applications. Note that none of these issues prevent the sample applications from functioning correctly.

Table 22 Known Issues in Samples

Problem ID 



Simple JSP files throw an exception due to the distributable tag in web.xml.


  1. Remove the tag distributable from the web.xml file in the /simple/src directory.

  2. Redeploy the web application.

No ID 

rmi-iiop sample is missing a step.

In the “Deploying the Sample Application” section, after executing the command ant deploy (step 2), restart the web server instance.

Note –

ant is a Java build tool and must be downloaded from Apache at Also see the information provided in install-root/plugins/java/samples/docs/ant.html.

No ID 

jdbcrealm sample has the wrong Oracle driver name.

In the “Compiling and Assembling the Sample Application” section, step 2b, change the following line from: 

<PROPERTY name="dbdrivername" value="oracle.jdbc.pool.OracleDataSource">


<PROPERTY name="dbdrivername" value="oracle.jdbc.driver.OracleDriver">


The following table lists the known issues in Search.

Table 23 Known Issues in Search

Problem ID 




AIX-Search Engine of 6.1 should have the ability to change the sort order. 

Workaround: To change the default order, add `+' as a first character of the sort string. Because `+' in URI is escaped, use `%2B' to change the order. In this case, change the URL to http://host/search/index.jsp?si=1&ns;=10&c;=test&qt;=*&sb;=%2Bwriter.


If the document root of an already indexed collection is changed, the document returned by the search throws a Document Not Found error.

Workaround: Rebuild the entire collection by performing one of the following actions:

  • Remove all documents and add them back again.

  • Delete the collection and create it again.


Search does not work when you search for a word using a different case pattern. 

Search results are not displayed on the the search page if you search using a word of mixed case. For example, typing sAmpLe instead of sample or SAMPLE. 


On HP-UX: PDF files are not converted to HTML for inclusion in search collections. 

This problem occurs if the following patch is installed on the HP-UX 11i system: 

PHSS_28871 — ld/linker cumulative patch


Search engine fails to index password protected PDF document 

If a PDF document is password protected and encrypted, the search engine fails to index the document's metadata. As a result, the requested search fails. 


Sun Java System Web Server 6.1 SP10 64-bit solaris sparc, few search tests fails when JDK 1.6.0_07 used. 

While running search tests, a few test cases fail with stack overflow error when JDK 1.6.0_07 is used. Whereas, the same test passes with bundled JDK 1.5.0_16.  

Workaround: Increase the StackSize value from 131072 to a value, for example, 262144 in the magnus.conf file.


The following table lists the known issues in Security.

Table 24 Known Issues in Security

Problem ID 



Sun Java System Web Server cannot connect to an LDAP server over SSL if LDAP client authentication is required. 

If Sun Java System Web Server contacts an LDAP server that requires client authentication (in this case, the web server is the client), the web server’s certificate cannot be sent and access will fail. 


Cannot use the same group name under different organizational units. 

If the same group name is used and you try to restrict access with the group name, Sun Java System Web Server returns an error when clients try to access the site. 

Workaround: Use a different group name for each organizational unit.


In some circumstances, the “list” right has no effect on directory listing. 

According to Chapter 9 of the Sun Java System Web Server 6.1 Administrator’s Guide, the “list” right is required to obtain directory listings from directories that do not contain an index file. However, in certain circumstances you can obtain a directory listing even if the applicable ACLs deny the list right.

If you need to restrict directory indexing, disable indexing, as discussed in Chapter 16 of the Sun Java System Web Server 6.1 Administrator’s Guide, instead of or in addition to denying the list right.



When LDAP drops the connection because of inactivity, for example, timeout set on the LDAP, web server is unable to re-initialize the connection to LDAP. This problem only occurs when web server is installed as part of the JES3/JES4 install. The problem does not exist in stand-alone (file-based) installation.  


  1. Copy the library from the file-based installation of web server and paste it to the following location in your current setup: /opt/SUNWwbsvr/bin/https/lib

  2. Restart the web server.


The following table lists the known issues in Tools.

Table 25 Known Issues in Tools

Problem ID 



On Windows, deployment fails if the class file depth along with the file name exceeds 255 characters. 


On Linux, a null pointer exception is thrown when deploying an application using the wdeploy command-line utility. This problem happens at the end of deployment, and only if it succeeds.

Workaround: The error occurs when wdeploy reads the stdout/stderr after executing reconfigure script following deployment. Check whether the server did reconfigure by looking in the errors log for the reconfigure message. If the message is not there, then run the reconfigure script manually.

Web Container

The following table lists the known issues in the Web Container.

Table 26 Known Issues in the Web Container

Problem ID 



Java logging issues in a deployed module. 


Issue on Windows related to the case of url-patterns.

As per the Servlet specification, the url-pattern elements in web.xml are case sensitive. This condition might lead to unexpected behavior for Windows users, for example, if a client makes a request for index.HTML expecting this string to match index.html.


The following table lists the known issues in WebDAV.

Table 27 Known Issues in WebDAV

Problem ID 



Unable to rename or move a resource if the parent directory is locked exclusively. 

This problem occurs when DAV clients send the incorrect If : header. For example, if you connect to the web server using Macromedia Dreamweaver or DAV Explorer, create a collection, and then lock the collection with depth infinity, which locks all of its resources as well, you will not be able to rename or move a resource. Adobe GoLive sends the correct If : header only if the lock’s owner href matches auth_user. In all other cases with GoLive, the wrong header will also be sent.


Lock Management screen in the Virtual Server Manager does not display the lock information properly for hard links. 

Symbolic links, hard and soft, are not supported by the WebDAV implementation in Sun Java System Web Server. 


The following table lists the known issues in the localization.

Table 28 Known Issues in the Localization

Problem ID 



The Administration online help of web server is not localized.  

The Administration online help has been localized only up to the first level. The initial help pages are localized but clicking the links on a page, for example, Removing a Server displays help content in the English language. 


The Administration online help is displayed in English even if the locale is set to zh-cn.

For zh-cn locale, the Administration GUI online help is in English. If the browser locale is zh-cn, then the complete Administration GUI online help is displayed in the English language.

Workaround: Set the browser's prefer locale to zh to view the online help in the Chinese language.


Sun Java System Web server 6.1 SP8: In Internet Explorer 7, you can select the locale as ja or ja-JP. If you select the locale as ja, online help is displayed in Japanese. But when you select the locale as ja-JP, online help is displayed in the English language.

How to Report Problems and Provide Feedback

If you have problems with Sun Java System Web Server 6.1 SP10, contact Sun customer support using one of the following mechanisms:

So that Support can best assist you in resolving problems, please have the following information available when you contact Support:

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions. Send your comments to Sun using the “Send comments” link at

Please include identifying information with your comments, such as the book’s part number and title.

Additional Sun Resources

Useful Sun Java Systems information can be found at the following locations: