Skip navigation.

eDocs Home > BEA Tuxedo 9.0 Documentation > Command Reference > Section 1 - Commands

Command Reference

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents View as PDF   Get Adobe Reader

 

tuxadm(1)

Name

tuxadm—BEA Tuxedo Administration Console CGI gateway.

Synopsis

http://cgi-bin/tuxadm[TUXDIR=tuxedo_directory | INIFILE=initialization_file][other_parameters]

Description

tuxadm is a common gateway interface (CGI) process used to initialize the Administration Console from a browser. As shown in the "Synopsis" section, this program can be used only as a location, or URL from a Web browser; normally it is not executed from a standard command line prompt. Like other CGI programs, tuxadm uses the QUERY_STRING environment variable to parse its argument list.

tuxadm parses its arguments and finds a Administration Console initialization file. If the TUXDIR parameter is present, the initialization file is taken to be $TUXDIR/udataobj/webgui/webgui.ini by default. If the INIFILE option is present, the value of that parameter is taken to be the full path to the initialization file. Other parameters may also be present.

Any additional parameters can be used to override values in the initialization file. See the wlisten reference page for a complete list of initialization file parameters. The ENCRYPTBITS parameter may not be overridden by the tuxadm process unless the override is consistent with the values allowed in the actual initialization file.

The normal action of tuxadm is to generate, to its standard output, HTML commands that build a Web page that launches the Administration Console applet. The general format of the Web page is controlled by the TEMPLATE parameter of the initialization file, which contains arbitrary HTML commands, with the special string %APPLET% on a line by itself in the place where the Administration Console applet should appear. Through the use of other parameters from the initialization file (such as CODEBASE, WIDTH, HEIGHT, and so on) a correct APPLET tag is generated that contains all the parameters necessary to create an instance of the Administration Console.

Notes: BEA Tuxedo 9.0 addresses a couple of security vulnerabilities in the Administration Console. Consult BEA security advisories at the following URL for more information on the vulnerabilities addressed in this fix.

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/index.jsp

For any invalid input, the Administration Console now returns a generic error message (asking the user to check TUXDIR and INIFILE settings) instead of reporting the exact nature of invalidity. This change is made to repel security attacks such as 'disclosure of information' and 'cross-site scripting'.

In order to make the access tighter, the Administration Console now supports a setting where it allows only TUXDIR parameter to be specified in the URL. Any other parameter in the URL (such as INIFILE) will result in access failure.

The setting can be enabled by setting an environment variable TM_CONSOLE_DISALLOW_URLARGS to y. In the default configuration, this setting is not enabled.

Errors

tuxadm generates HTML code that contains an error message if a failure occurs. Because of the way CGI programs operate, there is no reason to return an error code of any kind from tuxadm.

See Also

tuxwsvr(1), wlisten(1)

 

Skip navigation bar  Back to Top Previous Next