Skip Headers

Oracle9i Application Server Release Notes
Release 2 (9.0.3) for Solaris Operating System (SPARC)

Part Number B10015-01
Go To Core Documentation
Core
Go To Platform Documentation
Platform
Go To Table Of Contents
Contents

Go to previous page Go to next page

5
Oracle HTTP Server

This chapter discusses issues associated with Oracle HTTP Server. It covers the following topics:

5.1 General Issues and Workarounds

This section covers the following general issues and their workarounds for Oracle HTTP Server:

5.1.1 Manual Configuration to Access mod_osso Protected Pages from Netscape 4.7

You may not be able to access mod_osso protected pages from Netscape 4.7. If you want to access mod_osso protected pages from Netscape 4.7, then the partner application corresponding to mod_osso should be modified from the Oracle9iAS Single Sign-On server configuration console to point to Oracle9iAS Web Cache port number, which is usually 7777. For details on how to use the Oracle9iAS Single Sign-On console, see Oracle9iAS Single Sign-On Administrator's Guide.

5.2 Configuration Issues and Workarounds

This section covers the following configuration issues and their workarounds for Oracle HTTP Server:

5.2.1 Securing a Web Site Having OPMN/Oracle HTTP Server Infrastructure

When using OPMN/Oracle HTTP Server infrastructure, you must specify at least one non_ssl port. For a purely secure Web Site, it only accepts SSL connection. You must provide an extra non_ssl port in httpd.conf. You can do so by adding the following lines to maintain a secure Web Site:

Listen port

<VirtualHost _default_:port>
   SSLEngine Off
   <Location />
      Order deny,allow
      Deny from all
      Allow from localhost
      Allow from <ip1 of a localhost>
      Allow from <ip2 of a localhost>
      Allow from <ip3 of a localhost>
   </Location>
</VirtualHost>

Therefore, security is maintained by restricting the non-ssl port to only accept traffic from the local host.

5.2.2 Receiving Single Sign-On Errors When Accessing Protected Page

When attempting to access a protected resource, you are redirected to the Oracle9iAS Single Sign-On Server. However, you may receive 503 errors initially. To avoid errors, disable the KeepAlive directive when you are using a server load balancer.

5.2.3 Configuring a Virtual Host Improperly Can Cause DADs to Break

After installation, if you wish to configure Virtual Hosts in the httpd.conf file, or by using the advanced section of the EMD console, or by using a text editor on the httpd.conf file, use the following guidelines:

  1. Ensure that the server definitions for VirtualHosts are provided after the Port, Listen, and ServerName directives. A simple example of a correctly set Virtual Host section might be as follows:

    #
    # these are set at the end of the httpd.conf file after the IAS installation
    occurs
    #
    Port 7778
    ServerName someServer.mycompany.com
    Listen 7779
    #
    # these lines were added manually to create a virtualHost
    #
    NameVirtualHost 1.2.3.4
    <VirtualHost 1.2.3.4>
        DocumentRoot /u01/app/oracle/product/iAS9020_portal/Vhost1.htdocs
        ServerName Vhost1.mycompany.com
    </VirtualHost>
    
    
  2. Ensure that if you use a regular text editor to make changes to the file, you use the following dcmctl utility to update your changes.

    ORACLE_HOME/dcm/bin/dcmctl updateConfig
    
    

    This is automatically done for you if you edit the file through the EMD console.

5.2.4 Using a Full or Partial Host Name in Oc4jMount Syntax in mod_oc4j.conf File

While using the following Oc4jMount syntax in mod_oc4j.conf file:

Oc4jMount /path/* instance://[hostname:]ias_instance:oc4j_instance

5.3 Administration Issues and Workarounds

This section covers the following administration issues and their workarounds for Oracle HTTP Server:

5.3.1 Microsoft Internet Explorer Reporting Incorrect Host Header

If an infrastructure Oracle9iAS Single Sign-On Server install and a middle tier install are on the same machine (in different Oracle Homes), Microsoft Internet Explorer reports an incorrect host header after a redirect. This incorrect host headed causes mod_osso to generate an error message when trying to access a protected resource after the user has been redirected from the Oracle9iAS Single Sign-On Server back to the original server. If you click Reload in Internet Explorer, the session continues successfully. This issue will not occur if any of the following conditions are true:

5.3.2 Microsoft Internet Explorer Reporting Errors

When you install an infrastructure instance of Oracle9iAS and a middle tier on a same machine, Microsoft Internet Explorer might report various errors where an incorrect host header is sometimes passed after redirection. Specifically, if you have already logged on via the Single Sign-On Server to the middle tier instance and then click a link redirecting you to the infrastructure instance, you will receive an OSSO error page. Pressing the Back button allows you to continue to the page you originally wished to reach.

5.3.3 Stop and Start Oracle HTTP Server After Adding an SSL-Enabled Virtual Host

In Oracle9iAS Release 2 (9.0.3), when you add an ssl-enabled virtual host to Oracle HTTP Server, you must stop and then start Oracle HTTP Server for this virtual host to function. Simply restarting Oracle HTTP Server will not enable the virtual host and may cause Oracle HTTP Server to crash, depending on your configuration. Virtual hosts that specify a wallet file but no wallet password will cause Oracle HTTP Server to crash on restart.

5.4 Documentation Errata

This section covers the following known documentation issues for Oracle HTTP Server:

5.4.1 Correction for "Configuring the IIS Listener for Single Sign-On"

Step 6 in the "Configuring the IIS Listener for Single Sign-On" section of the "Using Oracle9iAS Proxy Plug-in" appendix of the Oracle HTTP Server Administration Guide, incorrectly states the following:

Restart IIS (stop and then start the IIS Server), ensuring that the oproxy filter is marked with a green up-pointing arrow.

It should read:

Restart IIS (stop and then start the IIS Server), ensuring that the osso filter is marked with a green up-pointing arrow.

5.4.2 Login Server File Example Giving Incorrect Syntax

In the "Using Single Sign-On with the Plug-in" section of appendix A of the Oracle HTTP Server Administration Guide, the "OSSO Configuration File Examples" incorrectly presents the syntax for the LoginServerFile directive with double quotes around the value.

The correct syntax is:

LoginServerFile = /path/config/sso_conf


Go to previous page Go to next page
Oracle
Copyright © 2002 Oracle Corporation.

All Rights Reserved.
Go To Core Documentation
Core
Go To Platform Documentation
Platform
Go To Table Of Contents
Contents