The following topics introduce the new and changed features of Oracle HTTP Server and other significant changes that this guide describes, and provides pointers to additional information.
This section contains the following information:
This section describes features that have been added to the current release of Oracle HTTP Server:
In this release, the Oracle HTTP Server core runtime is based on the release of Apache httpd 2.4. Many new features have been added to the release that are outside the scope of this documentation. For more information on Apache 2.4 and its features, see the following URLs:
For more information on critical changes in Apache 2.4 from earlier releases, see
In previous 12c releases, the installation of the Oracle HTTP Server in a Weblogic Server domain required a connection to a database (11g did not). This is known as "full domain" mode. The current release introduces a new installation and operational mode for Oracle HTTP Server known as "Restricted-JRF". In this mode, the presence of a database is not required. All of the functionality is that is available to Oracle HTTP Server in full domain mode is also available in Restricted-JRF mode, with the exception of cross component wiring.
With Restricted mode, customers can administer/manage OHS server lifecycle and handle configuration management by using WebLogic Management framework (WLST and Fusion Middleware Control) without additional database dependency. This capability provides customers with the ability to administer an entire OHS farm through the WebLogic Management Framework. For more information on this feature, see Section 1.3.1, "Restricted-JRF Mode."
The following are among the new modules that have been added to the current release of Oracle HTTP Server:
mod_proxy_fcgi—This module provides FastCGI support for the mod_proxy module. The mod_proxy_fcgi module requires the service of the mod_proxy module and provides support for the FastCGI protocol. See Part I, "About Configuring mod_proxy_fcgi" and Appendix B, "Migrating to the mod_proxy_fcgi and mod_authnz_fcgi Modules."
mod_mpm_event (event MPM)—This module is a variant of the worker MPM and consumes threads only for connections with active processing. Event is the default MPM used in 12c (12.2.1) for Linux systems. For more information about MPM types and how to change the MPM type for your environment, see Section 6.3.1, "Understanding Performance Directives."
other modules that are new with Apache 2.4. See Chapter 2, "Understanding Oracle HTTP Server Modules."
The current release defines a migration path from the iPlanet Web Server (iWS) to Oracle HTTP Server. The migration path is described in Master Note For Migrating From iPlanet Web Server to Oracle HTTP Server 11g (Doc ID 1536893.1) available at the following URL:
This document applies to release 11g and later versions of Oracle HTTP Server.
The current release adds support for trust flags in Oracle HTTP Server. Trust flags allow adequate roles to be assigned to SSL certificates to facilitate operations like certificate chain validation and path building. For more information, see Section 9.7, "Using Trust Flags."
The current release adds support for monitoring the performance of the Oracle HTTP Server. The performance metrics are specific to the Oracle WebLogic Server Proxy Plug-In where a request is proxied to the backend WebLogic server.
The metrics are provided through the Oracle Dynamic Monitoring Service (DMS) which enables Oracle Fusion Middleware components to provide administration tools, such as Fusion Middleware Control, with data regarding the component's performance, state and on-going behavior.
See "Understanding Oracle WebLogic Server Proxy Plug-In Performance Metrics" in Using Oracle WebLogic Server Proxy Plug-Ins 12.2.1.
In the current release, Oracle HTTP Server can now front-end Oracle WebLogic Server-MT (Multi-Tenancy). For more information, see "Working with Partitions" in Using Oracle WebLogic Server Proxy Plug-Ins 12.2.1.
This section describes features that have been significantly updated from earlier versions of Oracle HTTP Server. These updates include:
New ciphers that can be used with the TLS security protocols have been added to the current release. Also, the list of ciphers that can be used with FIPS 140 has been expanded. For more information, see Section G.3.3, "SSLCipherSuite Directive" and Section G.3.5, "SSLFIPS Directive."
The following modules have been removed and replaced with the mod_proxy_fcgi and mod_authnz_fcgi modules:
mod_perl—This module allows administrators to run Perl scripts within Oracle HTTP Server. See "Replacements for mod_perl."
mod_fastcgi/mod_cgi—These modules allow administrators to efficiently execute traditional CGI scripts within Oracle HTTP Server. See "Replacements for mod_fastcgi/mod_cgi."
mod_plsql—This module allows administrators to create dynamic web pages from PL/SQL packages and stored procedures making it ideal for developing fast and flexible applications that can run on the Internet or an Intranet. See "Replacements for mod_plsql."
For more information on the mod_proxy_fcgi and mod_authnz_fcgi modules, see Appendix B, "Migrating to the mod_proxy_fcgi and mod_authnz_fcgi Modules."
The mod_perl module has been removed from the Oracle HTTP Server 12c (12.2.1) release. If you have been using the mod_perl module with Oracle HTTP Server 12.1.3 and earlier releases, then you have the following choices:
You can continue to run Perl scripts within Oracle HTTP Server 12c (12.2.1) as either CGI or FastCGI scripts.
If you want to run your Perl script as a CGI script, then you must modify your Perl script to run as a CGI or FastCGI script.
If you are running CGI scripts, then switch to using the mod_cgid module directives. The directives are described in "Apache Module mod_cgid" at this URL:
Oracle HTTP Server 12c (12.2.1) contains a Perl interpreter, however, it is internal to the product. You cannot use this interpreter for hosting Perl under a FastCGI environment. You must provide your own Perl environment.
The mod_fastcgi and mod_cgi modules have been removed from the Oracle HTTP Server 12c (12.2.1) release. Oracle provides an alternate implementation of mod_fastcgi. If you have any existing FastCGI scripts or configuration, then follow the migration steps described in Appendix B, "Migrating to the mod_proxy_fcgi and mod_authnz_fcgi Modules."
If you are running CGI scripts, then use the mod_cgid module directives instead. The directives are described in "Apache Module mod_cgid" at this URL:
The mod_plsql module has been removed from the Oracle HTTP Server 12c (12.2.1) release. Many Oracle customers use Oracle HTTP Server with mod_plsql to run Oracle Application Express (Oracle APEX), and to a lesser extent run stand-alone PL/SQL Web pages.
For more information, see the Oracle Web Tier - Statement of Direction (document ID 1576588.1) at the following URL:
Oracle recommends that customers implement Oracle REST Data Services (formerly known as Oracle APEX Listener) as an alternative. Oracle REST Data Services is a J2EE-based servlet which offers increased functionality including a web-based configuration, enhanced security, and file caching.
Oracle REST Data Services is a free product provided under Oracle Technology Network License Terms. To run in a supported configuration, you must install ORDS into Oracle WebLogic Server, Oracle Glassfish or Apache Tomcat. Running the standalone Java servlet (war file), provided in the distribution, is not supported in production environments. It is only intended for use in development and test environments.
For more information on Oracle REST Data Services, see the following URL:
http://www.oracle.com/technetwork/developer-tools/rest-data-services/overview/index.html
For ease of use and greater visibility, the names of the Oracle HTTP Server WLST custom commands have been changed in the current release. Instead of incorporating "OHS" in the command name, the command is now prefixed with "ohs_". For example, the createOHSInstance command becomes ohs_createInstance.
The old command names should be considered to be deprecated. They will be accepted by WLST in the current release, but you should avoid using them. For more information and a table of old and changed WLST custom commands, see Section A.2, "Names of WLST Custom Commands Have Changed."
The current release adds these WLST custom commands for Oracle HTTP Server. For more information on these commands, see Appendix A, "Oracle HTTP Server WLST Custom Commands."
| Command | Description |
|---|---|
| ohs_exportKeyStore | Exports the keyStore to the specified Oracle HTTP Server instance. |
| ohs_postUpgrade | Imports the contents of wallet for all of the Oracle HTTP Server instances (valid for those Oracle HTTP Server instances which have been upgraded from a previous version) in the domain to the KSS database. |
| ohs_updateInstances | Creates a keyStore in the KSS database in the case where Oracle HTTP Server instances were created using Configuration Wizard. |
The createOHSTestDomain (ohs_createTestDomain) WLST custom command has been removed from the current release. This command is no longer needed because Oracle HTTP Server 12.2.1 introduces Restricted-JRF (R-JRF) support for domain creation using the configuration wizard which does not have database dependencies.
The current release of Oracle HTTP Server is based on Apache Server 2.4. If you are using an earlier release of Oracle HTTP Server, please note the following:
FilterProvider
The syntax of the FilterProvider directive under mod_filter has changed in Apache 2.4. This directive must be upgraded manually. For more information, see http://httpd.apache.org/docs/2.4/mod/mod_filter.html and http://httpd.apache.org/docs/2.4/upgrading.html
Authorization and Access Control
There have been significant changes in authorization and access control configuration in Apache 2.4. Oracle HTTP Server Upgrade Assistant does not upgrade the authorization and access control directives to the new configuration style. Instead, Oracle HTTP Server includes the mod_access_compat module to provide compatibility with old configurations.
Oracle recommends that you manually upgrade the authorization and access-control configuration to Apache 2.4 style. For more information, see the following URL: http://httpd.apache.org/docs/2.4/upgrading.html#run-time
umask Settings
Prior to Oracle HTTP Server 12c (12.2.1), the operating system level umask setting was applicable to Oracle HTTP Server as well. With Oracle HTTP Server 12c (12.2.1), a new property is introduced in ohs.nodemanager.properties file to specify the umask setting. By default, a value of 0027 is used. For more information, see section Section 8.2.3, "Configuring the Log File Creation Mode (umask) (UNIX/Linux Only)."