Sun Java System Web Server 6.1 SP12/SP13 Release Notes


The following table lists the known issues in Administration.

Table 6 Known Issues in Administration

Issue ID 



6.1 SP12 and later — Admin GUI unable to uncheck Enabled in search 

When using JDK 1.6 with Web Server 6.1 SP12 and later, you cannot disable the Enabled option in the Virtual Server Search tab. It remains enabled even after you uncheck it, click OK to save changes and are notified that the configuration was updated successfully. 

Workaround: Instead of disabling search using the Admin GUI, edit the instance/config/server.xml file, modifying enabled="true" to enabled="false" for the search web-app.



If you remove a listen socket or change its port number and restart or reconfigure the server, the server fails to close the old listen socket. The operating system continues to accept connections on that port, but the server will not respond to requests on that port. 

Work around: Close the old listen socket, stop the server and restart it.


ACL applet might fail to load with Mozilla 1.4 and Firefox 1.0.6. 


Problem using HttpServerAdmin to create a JNDI resource containing an LDAP domain name containing commas.

Workaround: For HttpServerAdmin to escape the `,' in the property, use `\\' as the escape character. Use `\' on the Windows platforms.

In the property java.naming.provider.url=ldap://localhost:389/ou=loggingQueues,ou=tms,ou=services,ou=abc the `,' are escaped as shown here:

-property java.naming.provider.url=ldap://localhost:389/ou=loggingQueues\\,ou=tms\\,ou=services\\,ou=abc


Unable to manage Directory Server user/group/ou using Web Server 6.1 SP2 Administration on RedHat Linux Advance Server 3.0.


View Access and View Error does not work properly with multibyte characters. 


When Distributed Administration is enabled, the local Administration user is disabled. 

Workaround: Create a user with the default Administration user name within the distributed Administration group.

The newly created LDAP Administration user must have the same password as the web server Administration user. 


The log file date stamp does not take the local time zone into account and shows the incorrect date. 

Workaround: If the date in the log file filename extension should match the date of the log entries, configure the server to rotate the log files at 23:59.


Web Server 6.0 SP4: Cannot enable Distributed Administration when using SASL and anonymous bind. 

Workaround: Do not use anonymous bind to an SSL-enabled directory server.


Can't get REMOTE_USER variable when authenticated by .htaccess.

Workaround: If you enable .htaccess files, the server checks for .htaccess files before serving resources. The server looks for .htaccess files in the same directory as the resource and in that directory's parent directories, up to and including the document root. For example, if the Primary Document Directory is set to /sun/server/docs and a client requests /sun/server/docs/reports/index.html, the server will check for .htaccess files at /sun/server/docs/reports/.htaccess and /sun/server/docs/.htaccess.

Note that the server's Additional Document Directories and CGI Directory functionality allows an administrator to define alternate document roots. The existence of alternate document roots affects .htaccess file processing. For example, consider a server with the Primary Document Directory set to /sun/server/docs and a CGI program at /sun/server/docs/cgi-bin/program.cgi.

If you enable CGI as a File Type, the server will evaluate the contents of both /sun/server/docs/.htaccess and /sun/server/docs/cgi-bin/.htaccess when a client issues a request for the CGI program.

However, if you configure a CGI Directory at /sun/server/docs/cgi-bin, the server will inspect /sun/server/docs/cgi-bin/.htaccess but not /sun/server/docs/.htaccess. This occurs because specifying /sun/server/docs/cgi-bin as a CGI Directory marks it as an alternate document root.


The End User Administration feature (under Distributed Administration in the Administration interface) is no longer supported. 


Inconsistent look and feel of the Administration GUI. 


The Add Server page in the Administration GUI disappears in Netscape Navigator 7.0 when insufficient information is provided. 

Workaround: Provide complete information on the Add Server page before clicking OK. If necessary, reload the page to restore the Add Server GUI, or click another page or another tab and then navigate back to the Add Server page. This problem occurs only in Netscape Navigator 7.0.


The word `null' is incorrectly displayed on an alert message. 

This word displays when editing directory services in the Pick Directory for Virtual Server page in the Virtual Server Manager. 


Superusers cannot access the Administration interface after enabling distributed administration. 

Workaround: After enabling distributed administration, create a user in LDAP with the same administration user name and password as that of superuser.


Default link not working for Logging Settings.

The default link on the Logging Settings for Virtual Server page does not set the default path, but rather acts as a reset button.


.shtml files are parsed even if you configure them to be un-parsed.

No ID 

The sun-web.xml file bundled with the web server points to the wrong DTD location.

Correction: The correct location is


Web server is not operational when installed as non-root user. 

Workaround: Start the web server instance from the command line instead of using the Web Administration console.


JSP applications are not accessible from Web Server 6.1 when the passthrough plug-in is configured.

Workaround: Change the line from the service directive of passthrough from

Service type="magnus-internal/passthrough" fn="service-passthrough"servers="http://server:port"


Service fn="service-passthrough" servers="http://server:port"


No Administration GUI feature is available to delete JSP ClassCache files.


The Administration GUI says Click Apply for the changes to take affect but no Apply button exists in the Administration Server. 


The SNMP web server subagent doesn't answer to snmpwalk command on Solaris 10. 

The SNMP master agent bundled with Web Server 6.1 hangs on Solaris 10 U2 (and higher) due to the TCP fusion feature added in Solaris 10 U2. 

Workaround: Use either of these two workaround:

  • Disable TCP fusion by adding the following line in /etc/system:

    set ip:do_tcp_fusion = 0x0

  • Change the tcp_xmit_hiwat value to a higher value like 262144.

    # ndd -set /dev/tcp tcp_xmit_hiwat 262144

    Peer snmp master agent functions properly.

    If you are setting tcp_xmit_hiwat value, you may put it into rc script to avoid setting it manually after system reboot.


ACL did not update USERDB in server.xml , then [NSACL6000] HTTP5239 errors when access page 

When you use a non-default authdb for ACL, ensure that the authdb detail has been added to server.xml. Else, the server will throw an error later when you access the page protected by ACL as :

[NSACL6000] HTTP5239: digestrealm is not a registered database


The error is because, the server.xml still has USERDB as “default” and cannot find the “digest1” for ACL as shown below:.

<VSCLASS id="vsclass1" objectfile="obj.conf">
  <VS id="https-testdigest" connections="lsl" mime="mime1"
  aclids="acll" urlhosts="apple">
			<PROPERTY name="docroot" value="/export/home/iws6.1sp9/docs"/>
			<USERDB id="default"/>

Add manually the below information into server.xml, after default USERDB declaration under the required virtual server, and restart the server.

<USERDB id="digestrealm" database="digestrealm"/>

You also need to ensure that authdb has been rightly mentioned in the dbswitch.conf and ACL file.

In dbswitch.conf file:

apple:/export/home/iws6.1sp9> cat userdb/dbswitch.conf 
directory digestrealm file 
digestrealm:syntax digest 
digestrealm:digestfile /export/home/iws6.1sp9/digestrealm

In ACL file: 

acl "default";
authenticate (user,group) {
        database = "digestrealm";
        method = "digest";
        prompt = "digestrealm";
deny (all)
 (user = "anyone");

allow (read,execute,list,info)
 (user = "all");