The release notes contain important information about the Sun JavaTM System Web Server 7.0 Update 8(Web Server) release. These notes address new features and enhancements, installation notes, known problems, and other late-breaking issues. Read this document before you begin using Web Server Update 8.
These release notes contain the following sections:
The Web Server documentation set describes how to install and administer the Web Server. You can access the Web Server Update 8 documentation at http://docs.sun.com/coll/1653.8.
The Sun Java System Web Server documents are now in wiki format at http://wikis.sun.com/display/WebServerdocs/Home. This wiki is intended to promote collaboration and contribution on documentation content for Web Server. You are welcome to contribute, by posting your comments or by directly editing the wiki page, as long as the content is relevant to an appropriate standard.
For an introduction to Web Server Update 8, refer to the books in the order in which they are listed in the following table.
Table 1 Books in the Web Server Documentation Set
Documentation Title |
Contents |
This wiki is intended to promote collaboration and contribution on documentation content for Web Server |
|
Sun Java System Web Server 7.0 Update 8 Documentation Center |
Web Server documentation topics organized by tasks and subject |
|
|
Sun Java System Web Server 7.0 Update 8 Installation and Migration Guide |
Performing installation and migration tasks:
|
Sun Java System Web Server 7.0 Update 8 Administrator’s Guide |
Performing the following administration tasks:
|
Using programming technologies and APIs to do the following:
|
|
Sun Java System Web Server 7.0 Update 8 NSAPI Developer’s Guide |
Creating custom Netscape Server Application Programmer’s Interface (NSAPI) plug-ins |
Sun Java System Web Server 7.0 Update 8 Developer’s Guide to Java Web Applications |
Implementing Java Servlets and JavaServer PagesTM (JSPTM) technology in Sun Java System Web Server |
Sun Java System Web Server 7.0 Update 8 Administrator’s Configuration File Reference |
Editing configuration files |
Sun Java System Web Server 7.0 Update 8 Performance Tuning, Sizing, and Scaling Guide |
Tuning Sun Java System Web Server to optimize performance |
Sun Java System Web Server 7.0 Update 8 Troubleshooting Guide |
Troubleshooting Web Server |
Sun Java System Web Server 7.0 Update 8 CLI Reference Manual |
Administration commands that allow you to administer the Web Server through the CLI |
Web Server 7.0 Update 8 contains the following fixes for security vulnerabilities:
Bug 6916389 describes the buffer overflow vulnerabilities in the WebDAV extensions to the Sun Java System Web Server. These issues may allow remote clients to trigger a Web Server crash, thus resulting in a Denial of Service (DoS) condition. These issues may also allow remote unauthorized users to gain elevated privileges, enabling them to access and modify sensitive files.
Bug 6916390 describes the format string vulnerabilities in the WebDAV extensions to the Sun Java System Web Server. These issues may allow remote clients to trigger a Web Server crash, thus resulting in a Denial of Service (DoS) condition. These issues may also allow remote unauthorized users to gain elevated privileges, enabling them to access and modify sensitive files.
Bug 6916391 describes the buffer overflow issues in the Digest Authentication methods in the Sun Java System Web Server, which may allow remote unprivileged users to crash the Web Server, thus leading to a Denial of Service (DoS) condition. These issues may also lead to execution of arbitrary code with elevated privileges.
Bug 6916392 describes the heap overflow issues in the HTTP TRACE functionality in the Sun Java System Web Server, which may allow remote unprivileged users to crash the Web Server, thus leading to a Denial of Service (DoS) condition. These issues may also be exploited to gain unauthorized access to sensitive information.
Web Server 7.0 Update 7 introduces Kerberos/SPNEGO support. This release introduces a new ACL authentication method called gssapi. The gssapi authentication method works with a Kerberos user repository. This release also introduces a suitable auth-db of type kerberos for use with the gssapi authentication method.
For more information on configuring a Kerberos authentication, see Working With the Authentication Database in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide
Kerberos enabled Web Server on Solaris are tested with clients such as IE on Windows 2003 and Firefox on RHEL 5.3.
Web Server 7.0 Update 7 supports Windows 2008 SP2 32 bit (x86) Enterprise Edition.
Web Server 7.0 Update 7 is bundled with JDK 6. There is an improvement in the performance in admin server.
Web Server 7.0 Update 7 is integrated with new Xerces C++ patch which fixes the vulnerability. For more information, see http://www.cert.fi/en/reports/2009/vulnerability2009085.html.
Web Server 7.0 Update 7 resolves a regression in LDAP authentication (6888100) accidentally introduced in Update 6. All customers using LDAP authentication are encouraged to upgrade to Update 7.
Platforms, Solaris 8 and Windows 2000 are deprecated. They will not be supported from Web Server 7.0 Update 9 onwards.
Web Server 7.0 Update 7 is upgraded to include NSS 3.12.5 which provides relief for the SSL/TLS renegotiation vulnerability: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555
This vulnerability is a flaw in the current SSL/TLS renegotiation protocol definition. It is not a bug in the Web Server implementation. Due to this reason, there is no implementation-level fix for this vulnerability. The only workaround is to disable renegotiation entirely in order to protect the Web Server from attack.
Therefore, Web Server 7.0 Update 7 disables all use of SSL/TLS renegotiation. If either the client or the Web Server attempt to trigger renegotiation on an existing SSL/TLS session, the connection will fail.
Typically renegotiation was used to obtain a client certificate sometime after the SSL/TLS connection was first established. Web applications which attempt to obtain a client certificate in this fashion will now fail.
Obtaining a client certificate during the initial connection handshake will continue to work correctly. This mode can be configured by setting the client-auth element to 'required' in server.xml:
<http-listener> <ssl> <client-auth>required</client-auth> </ssl> </http-listener> |
A future update of Web Server 7 will implement a safe renegotiation protocol as soon as the IETF finalizes the design of the new protocol enhancement. It is possible to re-enable the vulnerable SSL/TLS renegotiation capability by setting the environment variable: NSS_SSL_ENABLE_RENEGOTIATION=1. This mode is known to be vulnerable to attack as described in CVE-2009-3555.
Web Server supports the 32–bit version of the Java Platform, Standard Edition (Java SETM) 5.0 and Java Platform, Standard Edition (Java SE) 6. For the 64-bit version of Web Server, the 64–bit version of Java Development Kit (JDKTM) software support is available.
JDK 6.0 Update 17 is delivered on Solaris, Linux and Windows as part of Web Server 7.0 Update 8 release.
The following table lists the JDK versions supported on various platforms:
Table 2 Supported JDK Versions
Operating System |
Supported Java SE Version |
Whether Co-packaged With Web Server |
64–bit Support (Yes/No) |
---|---|---|---|
Solaris SPARC |
1.5.0_22 1.6.0_17 |
No Yes |
Yes |
Solaris x86/AMD,AMD64 |
1.5.0_22 1.6.0_17 |
No Yes |
Yes |
Linux (32–bit) Linux (64–bit) |
1.5.0_22 1.6.0_17 |
No Yes |
No Yes |
Windows |
1.5.0_22 1.6.0_17 |
No Yes |
No |
HP-UX |
1.5.0.16 (1.5.0.12–_21_mar_2008_11_52) 1.6.0.04 |
No |
No |
AIX |
1.5.0 pap32dev-20080315 (SR7) 1.6.0 pap3260sr1–20080416_01(SR2) |
No |
No |
At the time of installation, you must specify a valid path for the JDK. To use the JDK version that is not co-packaged with the product, download the software from the following location:
JDK version 1.6.0: http://java.sun.com/javase/downloads/index.jsp
JDK version 1.5.0: http://www.hp.com/products1/unix/java/java2/jdkjre5_0/index.html
When you use JDK 1.5.0 on AIX platform, Administration server may fail to start and displays an error message “Unable to find/open the administration server's certificate database”. This is due to the restricted security policy on the installed JDK and limiting key size.
For more information about security information on SDKs, see: http://www.ibm.com/developerworks/java/jdk/security/50/
You can overcome this problem by downloading unrestricted security policy by clicking on “ IBM SDK Policy files”. The downloaded zip file is unpacked and the two JAR files are placed in the JRE directory (jre/lib/security/).
Web Server 7.0 Update 6 is an update release to Web Server 7.0. In addition to the features and enhancements in Web Server 7.0 and Web Server 7.0 Update 1, Update 2, Update 3, Update 4 and Update 5 releases, Web Server 7.0 Update 6 release brings the following value-additional features and enhancements to the product.
New features and enhancements are described in the sections below.
For more information about Binary Logging in Web Server, see Sun Java System Web Server 7.0 Update 8 Performance Tuning, Sizing, and Scaling Guide.
Sun Java System Web Server 7.0 Update 6 is integrated with the new NSS (Network Security Services) 3.12.3. This version of the NSS fixes the security alert for CVE-2009-2404.
For more information, see the NSS 3.12.3 Release Notes. From the previously mentioned document, you can find more information on the additional environmental variables added in this version.
Sun Java System Web Server 7.0 Update 6 contains both the NSS 3.12.3 and the NSPR 4.7.4 version.
Sun Java System Web Server 7.0 Update 6 has support for the Solaris 8 Branded Zones.
See also — Features and Enhancements in Update 5 Release.
Web Server 7.0 Update 5 is an update release to Web Server 7.0. In addition to the features and enhancements in Web Server 7.0 and Web Server 7.0 Update 1, Update 2, Update 3, and Update 4 releases, Web Server 7.0 Update 5 release brings the following value-additional features and enhancements to the product.
New features and enhancements are described in the sections below.
Binary logging is a functionality introduced in Sun Java System Web Server 7.0 Update 5. This feature allows server information to be stored in a single log file that contains binary, unformatted log data of all the web sites hosted on a server. It thus minimizes the usage of system resources used for logging, may improve performance and scalability, and at the same time records detailed log information.
Web Server 7.0 Update 4 is an update release to Web Server 7.0. In addition to the features and enhancements in Web Server 7.0 and Web Server 7.0 Update 1, Update 2, and Update 3 releases, Web Server 7.0 Update 4 release brings the following value-additional features and enhancements to the product.
New features and enhancements are described in the sections below.
REQUEST_URI and SCRIPT_FILENAME Support
This Web Server update release includes addition of environment variables REQUEST_URI and SCRIPT_FILENAME in CGI and FastCGI subsystems. These variables are set by default for both CGI and FastCGI on Apache and are used by many PHP applications including WordPress.
For more information on issues related to these variables, see Problem ID 6785490 in Core.
default-sun-web.xml support has been provided in Web Server Update 4 release. For Admin server's LDAP authorization, default-sun-web.xml support is necessary and this will enable the group Id's to be configured.
OpenSolaris 2008.11 support has been provided in Web Server Update 4 release, OpenSolaris 2008.11 is the latest release of OpenSolaris Operating System, a powerful, secure, stable, highly scalable, and complete operating environment for users, developers, and deployers.
For installing the Sun Java System Web Server 7.0 Update 4 or higher in the OpenSolaris OS, you must install the following additional IPS packages from the repository:
SUNWpkgcmds
SUNWmfrun
java-dev
Web Server Update 3 is an update release to Web Server 7.0. In addition to the features and enhancements in Web Server 7.0 and Web Server 7.0 Update 1 and Update 2 releases, Web Server 7.0 Update 3 release brings the following value-additional features and enhancements to the product.
New features and enhancements are described in the sections below.
Auto-Deploying Web Applications
AIX 5.3 and 6.1 platform support has been provided in Web Server Update 3 release.
This Web Server update release introduces auto-deployment functionality that enables you to deploy one or more web applications, just by copying them to a designated directory. The server auto-deploys web applications that are in the form of web archives (.war files) or in a directory in which a web archive has been exploded.
For more information about auto-deployment feature in Web Server, see Auto-Deploying Web Applications in Sun Java System Web Server 7.0 Update 8 Developer’s Guide to Java Web Applications.
Web Server Update 2 is an update release to Web Server 7.0. In addition to the features and enhancements in Web Server 7.0, and Web Server 7.0 Update 1 releases, Web Server 7.0 Update 2 release brings the following value-additional features and enhancements to the product.
New features and enhancements are described in the sections below.
Service Management Facility (SMF) Support
Asynchronous Accelerator Cache Support
Improved Administration Experience
This Web Server update release introduces an option to instruct NSS to bypass the PKCS#11 layer during parts of the SSL/TLS processing. Bypassing the PKCS#11 layer improves performance. By default, the PKCS#11 layer is bypassed. At the time of server startup, the server queries each token holding a server key to verify that each token can support PKCS#11 bypass. If any of the tokens cannot support bypass, bypass is disabled. Therefore, no user action is required to take advantage of the performance benefits of the PKCS#11 bypass. The server automatically takes advantage of the bypass and automatically disables the bypass if the token cannot be used given the current configuration. For more information, see Sun Java System Web Server 7.0 Update 8 Administrator’s Configuration File Reference.
Web Server provides Command Line Interface (CLI) and Admin Console support to enable or disable the bypass. For more information about how to enable or disable PKCS11 bypass using the Admin Console or the CLI, see To Enable and Bypass PKCS#11 Tokens in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
This Web Server update release integrates with the Solaris 10 Service Management Facility (SMF) for the Java platform . SMF is a new feature of the Solaris Operating System that creates a supported, unified model for services and service management on each Solaris system. It is a mechanism to define, deliver, and manage long-running application services for Solaris. A service is defined by a service manifest, an XML file which describes a service and any instances associated with that service.
For more information about SMF support in Web Server, see the Integrating Service Management Facility for the Java Platform with Web Server in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
This release of Web Server supports processing of requests that can be served from the accelerator cache asynchronously thereby improves the performance of the server. Value added features are:
Handle dynamic reconfiguration
Introduced flag AsyncAccelerator in the magnus.conf to turn off async cache.
Requests are serviced through asynchronous accelerator to stats
Batch up access log writes when requests are serviced by asynchronous accelerator
This Web Server update release introduces the ability to display the exception stack trace or JSP compiler errors in a browser. In the earlier releases of Web Server, when an exception occurs in the servlet container at the request time, a "Server Error" is displayed at the client without exposing internal application details. The exception is always logged in the error log with or without this feature enabled.
Displaying exception stack trace or JSP compiler errors in a browser feature is not enabled by default. You can enable this feature through set-servlet-container-prop command or through the Display Exception checkbox in the Servlet Container tab of the Admin Console. This is useful for development purposes. It is strongly recommended not to enable this feature in production systems.
Administration experience is improved in this release of Web Server by introducing the following key features:
Web Server supports rolling back of deployed configuration. Web Server administration now enables administrators to take backups automatically on every deployed configuration. Using the administration CLI, it is possible to list backups and restore a specified backup.
This release of Web Server enables you to reset the administration server's user password. However, this functionality works only locally on the administration server's node.
Administration Console enables you to install, delete, filter CA certificates, Cert chain, and the CRLs. Additionally, the server also warns the users about the certificates that are about to expire.
You can use the Admin Console or the Update Center to register the Web Server with Sun Connection. By registering the Web Server with Sun Connection you receive benefits such as:
Patch information and bug updates
News and events
Support and training offerings
For information about the administration features, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Support for a 64-bit standalone version of Web Server is provided in this release. Web Server 7.0 64-bit Linux is a separate standalone only distribution and does not coexist with Web Server 7.0 32-bit Linux. Web Server 7.0 64-bit Linux requires 64-bit Java Development Kit 5.0 Update 12 or above. Both Administration Server and server instance are only 64-bit server. Migration from previous releases is not supported on Web Server 7.0 64-bit for Linux.
This update release of Web Server provides support to connect to the NetBeans 6.5 IDE and allows users to develop, debug, and deploy applications to the web server. The NetBeans plug-in can be downloaded from the update center using the NetBeans 6.5 IDE.
In addition to the support for NetBeans 6.5 IDE, Web Server provides support for NetBeans 6.1, 6.0, and 5.5.1versions of the IDE.
Web Server 7.0 Update 1 is an update release to the major release of Web Server 7.0.
In addition to the features and enhancements in Web Server 7.0 listed later in these release notes, Web Server 7.0 Update 1 supports the Java Platform, Enterprise Edition (Java EE) 5.0 and Web 2.0 technologies. The details of these features and enhancements are described in the sections below.
Web Server includes a Java Platform, Enterprise Edition (Java EETM) 5 compliant implementation of the Java Servlet 2.5 and JavaServer PagesTM (JSP) 2.1 technology specifications. Web Server provides the flexibility and reliability needed to design and deploy web applications that comply with Java technology standards.
Java Servlet technology provides web developers with a simple, consistent mechanism for extending the functionality of a Web Server and for accessing existing business systems. JSP technology provides a simplified and a fast way to create dynamic web content. JSP technology enables rapid development of web-based applications that are server and platform-independent.
For information about these technologies, see http://java.sun.com/javaee/5/docs/tutorial/doc/.
The JavaServer Pages Standard Tag Library 1.2 provides custom tags that encapsulate core functionality common to many web applications. JavaServer Pages Standard Tag Library has support for common, structural tasks such as iteration and conditionals. It provides tags for manipulating XML documents, internationalization tags, and SQL tags. It also provides a framework for integrating existing custom tags with JavaServer Pages Standard Tag Library tags.
Web Server supports JavaServer FacesTM technology. JavaServer Faces is a user interface framework for building web applications.
For information about these technologies, see: http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.
Web Server includes new accelerator cache technology that speeds the delivery of small files. The accelerator cache is automatically enabled and requires no configuration. For more information, see File Cache Statistics Information in Sun Java System Web Server 7.0 Update 8 Performance Tuning, Sizing, and Scaling Guide.
You can configure a single FastCGI application using the Admin Console as well as the Command Line Interface (CLI).You can also configure the FastCGI with Web Server using the configuration files.
To configure multiple FastCGI applications , see Configuring Multiple FastCGI Applications in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web Server provides plug-ins to integrate with the NetBeansTM Integrated Development Environment (IDE) for deploying and debugging web applications. NetBeans is a complete development environment to create Java Platform Enterprise Edition (Java EE) based web applications with the standard components.
In addition to the deployment of web applications, the plug-in also provides support for the following activities:
Manage instances, such as start or stop server instances
Enable or disable applications
Create server wide resources, such as JDBC resources and JDBC connection pools
For information about NetBeans, see: http://www.netbeans.org/kb/index.html.
For more information about using NetBeans with Web Server, see: http://webserver.netbeans.org.
Web Server provides support for writing regular expressions within the obj.conf file through the Admin Console. However, writing regular expressions through the Admin Console is limited to the form of <If>..</If> conditions for URL redirects.
For more information on using the Admin Console for writing regular expressions, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web Server provides support for configuring the URIs, URI prefixes, URI wildcard patterns properties through the Admin Console and the Admin CLI.
For more information on using the Admin Console for configuring URI pattern properties, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
For more information on using the CLI commands for configuring URI pattern properties, see the Sun Java System Web Server 7.0 Update 8 CLI Reference Manual.
Web Server can be configured to run as a 64–bit application on the SolarisTM, SPARC® and AMD64 platforms.
Web Server provides comprehensive command-line interface support, consolidated configuration, enhanced security with elliptic curve cryptography support, and clustering support. It also comes with a robust built-in migration tool that helps migrate applications and configurations from Web Server 6.0 and Web Server 6.1 to Web Server 7.0.
Sun Java System Web Server includes the following new features:
Web Server management infrastructure is based on the modern distributed Java Management Extensions (JMXTM) technology. JMX technology provides tools for building distributed, web-based, modular and dynamic solutions for managing and monitoring devices, applications, and service-driven networks. JMX helps to manage and monitor instances, configurations, and web applications across clustered Web Server deployments.
The Administration Server is a specially configured Web Server instance on which the administration applications are deployed. An administration instance runs on each node in the server farm. Of these nodes, one node is configured to be the Administration Server and the rest are configured to be Administration Nodes.
The web-based Administration Server is redesigned to make common tasks easier to access and complex tasks easier to accomplish.
The Administration Server includes the following new features:
Web-based wizards for performing most common tasks
Comprehensive command-line interface (CLI) support for server configuration and server administration tasks
Centralized configuration store
Support for deploying Web Server configuration information on multiple machines. This feature extends to support Web Server in a server farms and clusters.
Built-in management and monitoring of server clusters
For more information on using the administration interface to perform administrative tasks, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
The command-line interface enables you to easily configure and administer the server.
The administration CLI has the following key features:
Embedded Java Command Language (jacl) shell for scripting
Extensible CLI, which enables you to add more commands by using the third-party plug-ins
Support for local and remote administration, configuration, and management of one or more server instances
Automatically completes commands when you type one or more characters and then press a tab key
Easy-to-use CLI-based operational modes including single mode, shell mode, and file mode
For more information on the commands, see the Sun Java System Web Server 7.0 Update 8 CLI Reference Manual.
Web Server is integrated with Sun N1TM Service Provisioning Server 5.2. Sun N1 Service Provisioning System is an application provisioning tool that eliminates the need for custom scripts. With the integration of Web Server with Sun N1 Service Provisioning System, as an administrator, you do not need to write custom scripts for installing multiple Web Servers in a datacenter environment or in a server farm.
Configuration files in Web Server are rearranged and consolidated to simplify administration.
In the earlier versions of Web Server, the configuration files in userdb were shared by all instances, while the information contained in these files was often instance-specific. In Web Server 7.0, configuration files from the userdb directory are removed. Their functionality is incorporated into the server.xml file in the config directory. Configuration files from the alias and httpacl directories are moved into the config directory. These changes consolidate instance-specific configuration information within the instance-specific config directory.
For information about the configuration files, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Configuration File Reference.
The Java Naming and Directory InterfaceTM (J.N.D.I.) API provides seamless connectivity to heterogeneous enterprise naming and directory services.
Web Server provides out-of-the-box, seamless Java DataBase Connectivity (JDBCTM), technology and supports a wide range of industry-standard and customized JDBC drivers.
Web Server supports JDBC connection pooling, that is, a group of reusable connections for a particular database. Because creating each new connection is time consuming, the server maintains a pool of available connections to increase performance. When an application requests a connection, it obtains a connection from the pool. When an application closes a connection, the connection is returned to the pool.
For information on creating JDBC connection pools, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Sun Java System Web Server 7.0 provides hardware accelerator support for Sun TM Crypto Accelerator 4000 and 6000 boards, which enhance the performance of SSL on web server.
Initialize the Sun Crypto Accelerator card when using with web server. For more information about Sun Crypto Accelerator, see Sun Crypto Accelerator 6000 Board Version 1.1 User's Guide at http://docs.sun.com/source/820-4144-11/.
Web Server includes Java Web Services Developer Pack (Java WSDP) 2.0 and XML technologies. Web services developed by using Java WSDP can be deployed on Web Server as a web application by using the wadm command.
Web Server 7.0 provides support for security features such as XML Encryption, XML Digital Signature, and support for message security provider.
For more information on Java WSDP 2.0, see the following resource:
http://java.sun.com/webservices/jwsdp/index.jsp
Java WSDP 2.0 samples are located at the following location. These samples can be deployed on Web Server 7.0.
http://java.sun.com/webservices/downloads/2.0_preview_webservicespack.html
Web Server supports cluster-based session replication and failover. Session replication and failover provides high availability to web applications by replicating HTTP sessions from one server instance to another in the same server cluster. Because each HTTP session has a backup copy on a remote instance, a server failure that renders one instance in the cluster unavailable does not disturb session continuity.
For more information on Light Weight Session Replication support, Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web Server 7.0 introduces enhanced support for regular expressions and conditional processing in the obj.conf configuration file.
Key enhancements include the following:
Support for regular expressions
A restart Server Application Function (SAF) for restarting requests with a new URI
Support for dynamic SAF parameters that include expressions, variables, regular expression back references
<If>, <ElseIf>, and <Else> tags for conditional processing
Support for complex conditions that use and, or, and notoperators
sed-request and sed-response filters for rewriting request and response bodies
You can use these new features to define flexible URL rewriting and redirection rules such as those possible with mod_rewrite from the Apache HTTP server. Unlike mod_rewrite, regular expressions and conditional processing in Web Server 7.0 can be used at any stage of request processing, even with third-party plug-ins.
For more information on regular expressions and URL rewrite functions, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Configuration File Reference.
In addition to the monitoring facilities in earlier versions of Web Server, Web Server adds the following enhancements:
Monitors Servlets, JSPs, and JavaServer Pages Standard Tag Library container characteristics
Monitors process and virtual server statistics from within the Administration Server
Integrates with System Management Agent on the Solaris 10 platform. Integrates with the Java Enterprise System Monitoring Framework (Java ES Monitoring Framework) that makes Web Server monitoring information available within the Java ES Monitoring Framework.
Accesses monitoring data as Management Beans (MBeans) using the Java Monitoring and Management Console (jconsole) script, Java ES Monitoring Framework or any Java Management Extensions (JMX) compliant client applications.
For more information on Monitoring feature in Web Server, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
The Sun Java System Web Server 7.0 integrates the reverse proxy functionality within the core server.
When web server is configured with reverse proxy functionality, it acts as a proxy for one or more backend servers and serves as a single point of access or gateway in a server farm. In a reverse proxy setup, the web server forwards the HTTP request it received from the browser client to the appropriate backend server. The HTML response from the backend server is sent back to the browser through the web server. Thus, the web server with reverse proxy hides the existence of backend servers to the browser.
Web Server provides GUI and CLI support for configuring the reverse proxy.
For information about configuring reverse proxy, see Configuring Reverse Proxy in Web Server 7.0 in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web Server supports a wide variety of technologies that allow data encryption and validation, request authentication, and server process protection. Key security feature enhancements include the following:
Solaris 10 platform cryptographic framework support. For example, libpkcs11.so including support for UltraSPARC® T1 processor hardware acceleration.
Denial of Service (DoS) attack protection enhancements.
Cross site scripting protection through the native sed(1) based input filtering. For information about cross site scripting, see Preventing Cross Site Scripting Attacks in Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web services security:
IETF XML Digital Signature
W3C XML Encryption
Integrated Platform for Privacy Preferences (P3P) support.
Web-based Distributed Authoring and Versioning (WebDAV) access control support.
The Lightweight Directory Access Protocol (LDAP) auth-db is enhanced to make search expressions and match attributes configurable.
The LDAP auth-db supports Microsoft Active Directory interoperability.
Support for migration of certificate from Tomcat or other Java keystore file based repositories.
Support for dynamically applied Certificate Revocation Lists (CRLs).
Integrated IPv6 support.
Sun Java System Web Server has always supported RSA keys. In addition to the continued support for for RSA keys, Web Server 7.0 introduces support for Elliptic Curve Cryptography (ECC).
ECC is the next generation of public-key cryptography for mobile or wireless environments. ECC is based on a set of algorithms for key generation, encryption, and decryption for performing asymmetric cryptography.
For more information on how to use ECC in Web Server, see the Sun Java System Web Server 7.0 Update 8 Administrator’s Guide.
Web Server 7.0 supports Sun Java Studio Enterprise 8.1. Sun Java Studio software is Sun's powerful, extensible IDE for Java technology developers. Sun Java Studio 8.1 is based on the NetBeans software, and integrated with the Sun Java platform.
The plug-in for the Web Server can be obtained in the following ways:
From the companion CD in the Sun Java System Web Server Media Kit
By using the companion AutoUpdate feature of Sun Java Studio
From the download center for Sun Java System Web Server
Sun Java Studio 8.1 plug-in for Web Server works only with a local web server. That is, the IDE and the web server must be installed on the same machine.
For information about using the web application features in Sun Java Studio 8.1, see the following tutorial:
http://developers.sun.com/prodtech/javatools/jsenterprise/learning/tutorials/index.jsp
For more information about Sun Java Studio 8, visit:
http://www.sun.com/software/sundev/jde/
Web Server is available in the following languages:
French
German
Spanish
Japanese
Simplified Chinese
Traditional Chinese
Korean
Web Server can be installed on the Solaris, Linux, HP-UX and Windows operating systems. The following table summarizes platform support. For more information about installation requirements, see Required Patches in these release notes.
Web Server 7 runs in both 32-bit and 64-bit on a 64-bit Linux machine. Web Server runs as a 32-bit application on Windows and HP-UX.
Intel Itanium Architecture is not supported.
Minimum required memory for installing Web Server on the specified platforms is applicable when you are installing Web Server as a stand-alone product. If you are installing Web Server as part of Java ES, the minimum required memory might vary. For exact memory requirements, see the Sun Java Enterprise System 5 Release Notes for UNIX.
Vendor |
Architecture |
Operating System |
Minimum Required Memory |
Minimum Recommended Disk Space |
---|---|---|---|---|
Sun |
UltraSPARC |
Solaris 8, 9, 10. |
512 MB |
550 MB |
Sun |
Intel/AMD (32-bit and 64-bit) |
Solaris 9, 10 (x86) Solaris 10 (AMD64) OpenSolaris 2008.11 (x86/AMD64) |
512 MB |
550 MB |
Microsoft |
Intel/AMD (32-bit and 64-bit) |
Windows 2000 Advanced Server, Service Pack 4 Windows XP SP2 or above Professional Edition, Windows 2003 Server, Enterprise Edition Windows 2003 Server R2 Enterprise Edition Windows 2003 Server, Standard Edition Windows 2008 Enterprise Edition Service Pack 2 32-bit(x86) Windows 2008 Standard Edition Service Pack 2 32-bit(x86) |
512 MB |
550 MB |
Red Hat |
Intel/AMD (32-bit and 64-bit) |
Red Hat Enterprise Linux 3.0 (Update 4 or later), 4.0, 5.0 (or later updates) Red Hat Enterprise Linux 4, 5 (64-bit)
|
768 MB |
550 MB |
Novell |
Intel/AMD (32-bit and 64-bit) |
SUSE Linux Enterprise Server 9 (or later updates) SuSE Enterprise Linux 9, 10 SP2 (32–bit, 64-bit) |
512 MB |
550 MB |
Hewlett-Packard |
PA-RISC 2.0 |
HP-UX 11iv1 (B.11.11) |
512 MB |
550 MB |
IBM |
AIX 5.3 and 6.1 |
512 MB |
550 MB |
System virtualization is a technology that enables multiple operating system (OS) instances to execute independently on shared hardware. Functionally, software deployed to an OS hosted in a virtualized environment is generally unaware that the underlying platform has been virtualized. Sun performs testing of its Sun Java System products on select system virtualization and OS combinations to help validate that the Sun Java System products continue to function on properly sized and configured virtualized environments as they do on non-virtualized systems. For information about Sun support for Sun Java System products in virtualized environments, see http://download.oracle.com/820–4651.
Update your operating system with the latest applicable patches. Required patches are listed in the following sections.
x86 or SPARC users of Solaris 8, 9, or 10 Operating System should have the latest patch cluster installed. This patch cluster is available under “Recommended and Security Patches” on the http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage web site.
On a 32–bit Solaris (SPARC) platform, install SUNWlibC and SUNWlibCx packages, in addition to the patches listed in the sections below.
Web Server 7.0 installer determines if the required patches are installed on your machine, without them the installation fails. The following patches are required for successful installation and functioning of Web Server 7.0 on a supported platform.
If the patches available at http://sunsolve.sun.com are obsolete, download the most recent version of these patches as they include the latest bug fixes and product enhancements.
To know the Solaris Operation System version installed on your machine, see the /etc/release file.
The /etc/release file contains Solaris Operation System version information in the following format:
Solaris 10 6/06 s10x_u2wos_08 X86 Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 02 May 2006 |
Solaris 8 Platform (SPARC)
Solaris 8 2/02
109326-19
108434-18 — Shared library patch for C++ (for 32–bit version of Web Server)
108435-18 — Shared library patch for C++ (for 64–bit version of Web Server )
Solaris 8 Platform (x86)
109327-19
Solaris 9 Platform (SPARC)
Solaris 9 9/05
112970-12
111711-12 — Shared library patch for C++ (for the 32–bit version of Web Server)
111712-12 — Shared library patch for C++ (for the 64–bit version of Web Server)
Solaris 9 Platform (x86)
Solaris 9 9/05
114354-11
117172-17 — Kernel patch
111713-09 — Shared library patch for C++
For the 64-bit version of Web Server, you must check if the SUNWlxml package is installed on the server by running the command # pkginfo SUNWlxml which produces the following output:
system SUNWlxml The XML library |
This package is always installed with Solaris 10 standard installation, even if you choose the lowest level of installation METACLUSTER=SUNWCmreq, NAME=Minimal Core System Support.
If you do not want this package, you can either, remove it by using the pkgrm command or use a jumpstart image which lacks this package.
SPARC
119963-03 — Shared library patch for C++
x86
119964-03 — Shared library patch for C++
5300-08-01-0819 or above
6100-00-04-0815
You need to reboot your system after applying the patches.
Some incompatible patches can affect Web Server startup and cause the server not to respond to requests. The following table lists such patches. If you have an incompatible patch installed on your machine, upgrade the patch to a recommended compatible patch.
Table 4 List of Incompatible Patches
Operating System |
Incompatible Patch |
Recommended Compatible Patch |
---|---|---|
Solaris 8 SPARC |
109147-37 (linker patch) 109147-38 (linker patch) 109147-39 (linker patch) |
109147–40 (linker patch) |
Solaris 9 SPARC |
112963-22 (linker patch) 112963-23 (linker patch) 112963-24 (linker patch) |
112963-25 (linker patch) |
Solaris 9 x86 |
113986-18 (linker patch) 113986-19 (linker patch) 113986-20 (linker patch) |
113986-21 (linker patch) |
The requirements for installing Web Server on HP-UX platform are as follows:
HPUX11i-OE B.11.11.0312 (HP-UX 11i Operating Environment Component)
HPUXBase64 B.11.11 (HP-UX 64-bit Base OS)
HPUXBaseAux B.11.11.0312 (HP-UX Base OS Auxiliary)
FEATURE11-11 B.11.11.0209.5 (Feature Enablement Patches for HP-UX 11i, Sept 2002)
HWEnable11i B.11.11.0412.5 (Hardware Enablement Patches for HP-UX 11i v1)
BUNDLE B.11.11 (Patch Bundle)
BUNDLE11i B.11.11.0306.1 (Required Patch Bundle for HP-UX 11i, June 2003)
GOLDAPPS11i B.11.11.0506.4 (Applications Patches for HP-UX 11i v1, June 2005)
GOLDBASE11i B.11.11.0506.4 (Base Patches for HP-UX 11i v1, June 2005)
JAVAOOB 2.03.01 (Java2 Out-of-box for HP-UX )
PHCO_29109 1.0 (Pthread enhancement and fixes)
PHCO_30544 1.0 (Pthread.h fix and new enhancement)
PHCO_29495 1.0 (libc cumulative patch)
PHCO_31923 1.0 (libc cumulative header file patch)
PHKL_25842 Thread Abort (or its superseded patch)
PHCO_35743 s700_800 11.11 (libc cumulative patch)
The requirements for installing Web Server on Linux 3.0 platform are as follows:
coreutils-4.5.3-28.7
The following browsers are supported with Web Server Admin Console:
UNIX® and Windows platforms:
Mozilla 1.7 or above
Firefox 2.0 or above
Windows platform:
Microsoft Internet Explorer 6.0 and 7.0
This section includes notes about installing, migrating and upgrading your Sun Java System Web Server. For detailed information about these topics, review the information in the Sun Java System Web Server Installation and Migration Guide. For known issues in this release of Web Server, see Known Issues in these release notes.
You cannot install Web Server to a directory that contains an earlier version of Web Server. You can, however, migrate the existing installation after installing Web Server to a new directory.
Web Server can be installed as part of Java Enterprise System or as a standalone version.
In a standalone installation, all the necessary shared components such as NSS, NSPR are co-packaged with the Web Server installation files.
If you are installing Web Server as part of the Java ES suite, the Java ES installer installs all the shared components such as NSS and NSPR as separate packages and Web Server specific binaries as separate operating system dependent packages. Hence you need to download and install all the shared components patches and Web Server patches.
Visit Sun Solve. Download and install the latest Java ES Component Patches for the respective operating system.
Web Server 7.0 Update 5 will not start successfully without installing the latest NSS / NSPR patches on your system. Therefore, before installing Web Server 7.0 Update 5, you can check for the appropriate NSS patch available for your system in Web Server 7.0 Update 5 patch README bundled within our Update 5 patch.
Web Server 6.0 and 6.1 configurations can be migrated. Direct migration from a Web Server version lower than 6.0 is not supported. Earlier versions such as Web Server 4.0 or later must first be migrated to Web Server 6.1, then to Web Server 7.0. For information about migrating from Web Server 4.0 or later to Web Server 6.1, see the latest Sun Java System Web Server 6.1 Installation and Migration Guide and the Sun Java System Web Server 6.1 Release Notes at http://docs.sun.com/app/docs/prod/sjs.websrv61?l=en&a=view.
For detailed information on migrating from Web Server 4.1 to Web Server 7.0, and from all versions of Web Server 6.0 to Web Server 7.0, see the Sun Java System Web Server 7.0 Update 8 Installation and Migration Guide.
When you install Sun Java System Web Server 7.0 Update 7 over an existing installation of Sun Java System Web Server 7.0, the installer automatically carries out the upgrade.
If you have Sun Java System Web Server 7.0 installed, point the Sun Java System Web Server 7.0 Update 7 installer to the location of the Web Server 7.0 installation and then upgrade.
If you have installed Sun Java System Web Server 7.0 as part of Java ES 5, you are encouraged to install the following patches from the http://sunsolve.sun.com/show.do?target=patchpage web site to upgrade to Web Server 7.0 Update 7:
125437 for Solaris SPARC/SPARCV9
125438 for Solaris x86/x64
125439 for Linux
125440 for HP-UX
125441 for Windows
If you are using a localized version of Web Server, install the following patches before installing the base patches for successful upgrade from Web Server 7.0 to Web Server 7.0 Update 7:
126331–07 for Solaris SPARC (8/9/10) (Solaris SPARC Localization patch id)
126332–07 for Solaris x86 (8/9/10) (Solaris x86 Localization patch id)
In Web Server 7.0 Update 5, the multilingual files are integrated into the base patch. Hence, if Web Server 7.0 multilingual packages are installed on your system, you must first install the l10n patch 126331-05 (Sparc)/126332-05 (x86) and then install the base patch 125437-15 (Sparc)/125438-15 (x86) or higher.
For detailed information about upgrading from Web Server 7.0 to Web Server 7.0 Update 5, see Sun Java System Web Server 7.0 Update 8 Installation and Migration Guide.
Web Server 7.0 supports JavaServerTM Faces 1.2 technology. Most JavaServer Faces 1.1 applications are expected to work with Web Server 7.0 without any modifications. However, there are some compatibility issues that might be encountered when migrating applications to JavaServer Faces 1.2 applications and such applications require modifications. The changes are documented in the JavaServer Faces release notes at https://javaserverfaces.dev.java.net/rlnotes/1.2_04/issues.html.
Sun Java System Portal Server 7.1, provided with Java ES 5 is not compatible with Sun Java System Web Server 7.0 Update 1. If you have deployed Sun Java System Portal Server 7.1 along with Web Server 7.0, you need to upgrade both servers rather than only Sun Java System Web Server 7.0. The required Sun Java System Portal Server 7.1 upgrade is available with Java Enterprise System 5 Update 1 or with the following patches available on http://sunsolve.sun.com/show.do?target=patchpage web site.
124301 (SPARC)
124302 (x86)
124303 (Linux)
If you are using a localized version of Web Server, install the following Portal Server localization patches:
125301 (Solaris SPARC, Solaris x86 localization)
125302 (Linux localization)
This section lists the important issues fixed in the following releases:
This section lists the issues resolved in Sun Java System Web Server 7.0 Update 8
Problem ID |
Description |
6916391 |
Digest authentication buffer overflows. |
6916392 |
TRACE heap overflow. |
6916390 |
WebDav format string bug. |
6916389 |
WebDav stack overflow. |
6917879 |
TRACE request with empty header names can cause malformed responses. |
6930175 |
Web Server 7.0 Update 8 supports Windows 2008 Standard Edition Service Pack 2 32-bit(x86). |
This section lists the issues resolved in Sun Java System Web Server 7.0 Update 7
Problem ID |
Description |
6888100 |
While migrating from Web Server 7.0 Update 5 to Update 6, the LDAP authentication fails because rebind is not done after password validation. |
6898371 |
Severe TLS/SSL protocol vulnerability. It requires NSS upgrade |
6811286 |
Admin GUI becomes unresponsive when large web application has been deployed. |
6849009 |
When using the admin gui or CLI to list the certificates using CertificateMgrUtil in Web Server 7.0 Update 4 and Web Server 7.0 Update 5, it can take over 60 seconds to perform the listing. |
6855262 |
Web Server runs out of FILEs when using >=128 vcpus |
6855513 |
In Web Server 7.0 Update 7, the thread-pool auto configuration algorithm is broken. |
6857815 |
Kerberos/SPNEGO support was added. |
6867192 |
Web Server 7.0 Update 7 documents auto configuration feature for configuring the web servers max-threads, thread-pool queue-size, and keep alive max-connections. |
6869991 |
Xerces C library has a vulnerability. |
6880214 |
Web Server 7.0 needs to bundle JDK 6 instead of JDK 5 as JDK 5 is getting EOSL-ed. |
6881339 |
Server crashes if async request is aborted by keep alive thread (if stats is turned on). |
6882830 |
Single-Sign-on (SSO) for FORM authenticated application, the JSESSIONIDSSO cookie is not set. |
6887782 |
If PR_GetSockName fails, then Connection::create will return failure and then the connection gets added in both unused and Ready Queue. |
6741844 |
In Web Server 7.0 session failover doesn't happen after "Invalid Sequence Number" exception is thrown. |
6763470 |
LDAP group authentication from Microsoft Active Directory fails if user name has a "," in between. |
6815996 |
Web Server 7.0 Update 4 64 bit crashes when accessing a file in a directory that has a .htaccess file. |
6830258 |
Web Server closes the Keep alive connections much before keep alive timeout (poor QoS on Specweb on Linux). |
6841548 |
The flexlog.cpp code is optimized. |
6849198 |
The URLs of server side include files work after "/" is appended to URL. |
6857790 |
Admin server's auto tuning of threads takes lots of resources on CMT systems. |
6873985 |
Web Server 7.0 Update 7 documents the list of unsupported file formats that can't be indexed and searched. |
6875450 |
Web Server 7.0 Update 4 core patches (SPARC, x86) includes the localization patch "126332-06" in SUNW_REQUIRES field. |
6877764 |
Web Server 7.0 Update 7 will not return Content-type: text/html when there is no message body. |
6878259 |
Webstack PHP support for Sun Web Server 7.0 Update 7. |
6885643 |
Web Server 7.0 classdebuginfo set to false is not working with JDK6. |
6897071 |
Web Server 7.0 Update 6 - Admin GUI shows null in NODES when installed with external JDK. |
6567720 |
Enhances admin framework to support enabling Kerberos authentication. |
6853924 |
Web Server 7.0 Update 7 states that when renewing a certificate the key size can be changed. |
6854885 |
Web Server 7.0 CA-signed certificate created through admin GUI is not associating the certificate with listener. |
This section lists the issues resolved in Sun Java System Web Server 7.0 Update 6
Problem ID |
Description |
6854841 |
Web Server 7 appears to ignore any attempt at configuring the "classdebuginfo" in sun-web.xml. |
6813426 |
Detailed error message should be logged when adding of PDF documents to search collection fails. |
6801517 |
Virtual server creation will fail if there is a trailing space in the "Name" or "Hosts" fields. |
6809090 |
Self-signed certificate should use SHA1 as signature algorithm. |
6856484 |
Error while renewing a certificate in Sun Metaslot. |
6847901 |
Web Server should bundle the latest SASL. |
6707244 |
Race condition in the JVM when deploying a web application that contains a logger. |
6856472 |
<request-header-timeout> should default to 30 from –1. |
6826625 |
Remove the Localization package/patch dependency check in the checkinstall script. |
6781962 |
Favicon does not show up correctly in Internet Explorer 7. |
6749879 |
LDAP authentication fails with Directory Proxy server where anonymous authentication is set to false. |
6806858 |
ACL vulnerability (when dynamic group is used) allows non-authorized user to login. |
6811110 |
LDAP update in the Administration GUI fails if LDAP is a Directory Server consumer. |
6832878 |
In the Administration Console, the new configuration wizard text has to be improved. |
6801700 |
When configuring the error code for request limits, there is no mention of valid values. |
6814138 |
Last Modified date and the creation dates are incorrectly displayed in PROPFIND. |
6856456 |
Last line of installation log file points to itself. The end of the log file has reference to the same file for more information. |
6834762 |
In certain scenarios, “Unable to connect to the node host” error from the Administration Server. |
6848803 |
CLI page for add-webapps and Admin Guide's page titled 'Deploying Java Web Applications' should be updated. |
6828720 |
use-responseCT-for-headers should be documented. |
6827940 |
Support for FastCGI suid environment on RHEL5.0 in Web Server 7.0 |
6809081 |
Sample application documentation must say that Admin server must be started for ant deploy to be successful. |
6860680 |
Windows vulnerability — Appending "::$DATA" to the file extension discloses the contents of JSP page. |
6841507 |
Document typo in Sun Java System Web Server 7.0 U5 Administrator's Configuration File Reference Guide. |
6834770 |
Very little information about virtual-server-name_obj.conf in documentation. |
6839431 |
ADMIN4159 error while renewing a certificate in Sun MetaSlot. |
6842383 |
Document the configuration settings necessary to get the FastCGI suid environment working for the different OS platforms. |
6841454 |
CSR generated while renewing a CA-signed certificate needs formatting in GUI. |
This section lists the issues resolved in Sun Java System Web Server 7.0 Update 5
Problem ID |
Description |
|
6732548 |
create-fastcgi-handler does not work as expected when value of app-args is specified as “a=b” or “c=d”. |
|
6750707 |
Admin CLI does not accept input strings that has multibyte characters. |
|
6723824 |
Migration from the previous versions of Web Server to Web Server 7.0 Update 3, resulted in unusual migration log files, although the migration of instance was successful. |
|
6764940 |
obj-https-INSTANCE.conf is different from obj.conf. <https-instance>-obj.conf gets created when a first change is made to obj.conf from admin server GUI or CLI. This situation occurs only if the Client tag is added, before this first change is made to the instance configuration through admin server. Once the <https-instance>-obj.conf is created, the same steps does not simulate this phenomenon. |
|
6765451 |
The admin server adds the check-request-limits function at an invalid location in obj.conf. While configuring check-request-limits function to obj.conf , you should ensure that it is inserted before find-index function. |
|
6769410 |
Variables are removed from server.xml. The null values for the CGI variables names, of a migrated instance, cannot be saved in the admin GUI. Hence they are removed from the server.xml. |
|
6772188 |
Web Server 7.0 Admin GUI, throws the following error when Java is disabled- “BreadCrumbsModel: index out of bounds 1”. |
|
6709085 |
Admin server fails to start. The admin tools allow default language to be set to zh_cn, after which the server will not start and throws an error:
|
|
6759756 |
Permission error occurs while uploading a .war file using the admin GUI. |
|
6762245 |
Usage of blank spaces while creating a new configuration, using admin GUI, throws an error. |
|
6777195 |
The setNodeProperties in NodeMBean always rewrites the server-farm.xml. While rewriting, it converts the host name entry of the node to lowercase. |
|
6772231 |
The admin server hangs during startup or configuration listing or any activity that is not directly on the instance or node. |
|
6780377 |
The Web Server 7.0 Admin server fails to recognize the reason parameter of send-error SAF. |
|
6793862 |
The Admin server fails to recognize Extended Validation SSL Server Certification. |
|
6798954 |
Web Server should support binary logging. |
|
6542360 |
Setting java-home of admin server does not propagate the settings to admin scripts. |
|
6781234 |
Web Server 7.0 has a problem while using JSTL tlds and jaxp. |
|
6790392 |
Web Server 7.0 Update 3 displays a blank screen as a response to maxSessions, instead of an error response. |
|
6768357 |
NSAPI functions like vs_get_mime_type crashes Web Server for internal non-HTTP requests. |
|
6776108 |
Increase MaxKeepAliveThread limit from 128 to 256. |
|
6781976 |
Require binary logging, as access logging is affecting performance. |
|
6806781 |
%Req->reqpb.clf-request.protocol.version% is not set properly in binary mode and hence binlog throws an error. |
|
6707017 |
Web server setup fails when a localized directory is specified for document root. |
|
6753741 |
Web Server installer throws a “PatchListener-Solaris-detectPatches-Failed” error under certain circumstances. |
|
6774822 |
During unconfigureServer process a warning message “WARNING: ADMIN2028: Error removing init scripts” is displayed in case of AIX. |
|
6775953 |
Update Web Server plugin to work with Netbeans 6.5. |
|
6722375 |
Patches 125437–14 and 125438–14 are not alternate root compliant. |
|
6779166 |
Web Server 7.0 Update 3 does not scale well on Windows, when compared to Apache. |
|
6781147 |
Web Server 7.0 Update 3 throws an error while trying to create a new search event by Japanese encoding. |
|
6761027 |
In Web Server 7.0, wildcard pattern matching for ACL does not work properly with IP addresses. |
|
6775403 |
REQUEST_HEADERS:'/ regular expression /' does not work properly. |
|
6773327 |
Enabling sendfilev for JSP applications can cause the server response to fail. |
|
6775948 |
Include file missing in nsapi.h throws a warning message while compiling some NSAPI modules. Workaround: Add include <netdb.h> before nsapi.h. |
The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 4.
Problem ID |
Description |
|
6708647 |
Set environment variables REQUEST_URI and SCRIPT_FILENAME in CGI and FastCGI subsystems. |
|
6715164 |
When starting a server instance that has a long running plugin initialization, the Admin server process produces high CPU load. |
|
6740996 |
Incompatibility with Reuters IFP leads to server crash. |
|
6747181 |
Renewed/new certificates are not utilized after configuration is deployed and restarted. |
|
6620166 |
Session failover behaves incorrectly when two NICs are active on deployed nodes. |
|
6663982 |
default-sun-web.xml is not referenced. |
|
6707017 |
Setup fails when a localized directory is specified for Document Root. |
|
6708894 |
The new Virtual Server wizard does not allow non-ASCII characters. |
|
6712479 |
When using a LDAP authentication database, with a base DN having UTF8 characters, it causes an error such as:
|
|
6713238 |
Web Server 7.0 Update 2 shows an error on startup, when the document root directory name ends in a .war. |
|
6713786 |
When upgrading Web Server 7.0 Update 2 to Update 3, some no longer required files are left behind. |
|
6714230 |
CgiStub exhibits unstable behavior when freeing file descriptors on Solaris. |
|
6716553 |
An error is reported when creating a certificate with some Country selections. |
|
6717187 |
State is sometimes not properly referenced when configuring new server configurations. |
|
6717328 |
The registration page in setup displays very small text fields. |
|
6718752 |
Upgrades from previous Update releases fail, if there exists a file named https-<instancename>. |
|
6721107 |
Administration server does not startup on a new Java Enterprise System installation. |
|
6721193 |
When deploying a web application using Admin GUI, the target directory is ignored if the file is on the server. |
|
6722701 |
Silent install fails if CONFIGURE_LATER is set to true.
|
|
6722702 |
unconfigureServer is required when server is configured in configure later mode. |
|
6722727 |
Create service in Admin GUI allows you to create a new service, even when the service already exists. |
|
6724246 |
An incorrect error message is displayed in Admin GUI while saving the "Forward Parameters" as below:
|
|
6728160 |
htaccess can cause server crashes. |
|
6729296 |
Temporary directory of the Admin server /tmp/admin-server-xxx with /tmp/admin-server-xxx/configname/extracted/config/server.xml file is not being deleted, during a ./admin-server/bin/stopserv. |
|
6731124 |
If a request is wrapped by a servlet or filter and forwarded to a static resource, an incorrect error HTTP 405 is returned. |
|
6740786 |
<If> statements can corrupt the obj.conf files in the Admin Server. |
|
6714929 |
SNMP is not compatible with default tcp_hiwat setting on Solaris 10. |
|
6741649 |
In Update 2, the output of get-perfdump should not include sessions that are in keep alive mode. |
|
6743019 |
When using Admin GUI in French locale the error message does not give the nodename during deployment, as shown below:
|
|
6751264 |
In the French and Japanese locale Admin GUI, Sun Online account signup form for registration is not being properly displayed. |
|
6760687 |
The Administration server does not always display the latest certificate. |
|
6765564 |
The online installer help does not properly reflect removal of language packs from the installer component panel. |
|
6766109 |
Creating a new configuration with CGI Enabled as File Type causes a failure. |
|
6629611 |
Toggle state in some Admin server tables is incorrect. |
|
6633333 |
Links do not point to localized sun.com sites. |
|
6608135 |
Search engine fails with an error, when a html document with title contain characters like A&B. |
|
|6705752 |
The Admin GUI does not allow server header to be suppressed. |
|
6708548 |
Provide consistent translations in German locale. |
|
6709378 |
Inconsistency exists between button in a description and button's label. |
|
6709427 |
A part of the table title in logviewer is corrupted. |
|
6711035 |
Part of the French translation on Web Server parameters page is cut off. |
|
6711518 |
Inconsistent translation of "Core Server" in French locale. |
|
6712045 |
Button labels and Message strings should have consistent translations. |
|
6723559 |
Allowed to register, even though the password and retype password are not identical. |
|
6733189 |
The wadm cli does not display web application path. |
|
6754078 |
The Japanese Admin GUI displays garbled messages. |
|
6762559 |
Inconsistent translation of Reverse-proxy. |
|
6763094 |
Bad translation of the term 'fancy' in French locale. |
|
6715350 |
In Japanese locale, the OLH have invalid character. |
The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 3
Problem ID |
Description |
6387762 |
Cannot access shell/system variables from wadm. |
4793938 |
User and password dialog presented instead of directory index. By default, Web Server 7.0 does not send a directory index unless the user has been authenticated. Attempting to access a directory prompts the user to enter a user name and password. This occurs because the default Access Control List (ACL) in Web Server 7.0 grants the list access right only to authenticated users. |
6426116 |
Clicking on the Version button in the Admin Console result in “file not found” warning in Administration error logs. |
6446206 |
When a single user in group is deleted, an incorrect message “Group Saved Successfully" is displayed. |
6431984 |
Web Server should store its pid file and UNIX domain sockets in /var/run instead of /tmp. |
6475536 |
No obvious way to reset the administration server password. |
6489727 |
[JESMF CONFORM] CP when stopping should call MfManagedElementServer_stop(). |
6493971 |
Admin Server does not time-out if the server instance restart does not respond. On UNIX systems, the Administration Server waits until the server instance is restarted when the restart-instance command is executed. If the instance is not successfully restarted, the Administration Server does not respond to requests. |
6515745 |
SNMP master agent process fails to start on Web Server |
6545779 |
On Windows, wdeploy command fails if older version of libnspr4.dll is found in the system32 directory. |
6606243 |
Web Server installer should import the admin self signed certificate into IE certificate tab. When the Admin console is accessed using a browser, a pop-up (in the case of IE6 and Mozilla/Firefox) or a warning page (IE7) may be displayed stating that the certificate is not issued by a trusted certificate authority. This is because, the administration server uses a self-signed certificate. To proceed to the Administration GUI login page, do the following:
The above procedure will accept the certificate temporarily for that browser session. To accept the certificate permanently, follow the steps below:
|
6606132 |
Create self signed certificate fails when the "Sun Metaslot" pin is not set |
6709477 |
GUI Registration reminder doesn't show up properly on IE6 IE6 select element does not support z-index which is necessary for layering to work. Thus, if there is a layer, registration reminder, overlapping the drop downs (config and vs) , the drop downs will still be visible. |
6639402 |
Connection queue size set by server for 1024 max file descriptor is very less (128) Web Server reserves the file descriptors for various components. If connection pool queue size, file cache max open files and keep-alive max connections are not set, then after reserving file descriptors for other components, Web Server divides the available descriptors among three. On systems where default value of max file descriptor is low, for example, Solaris 8 and RHEL, the connection pool size might be set to a low value. For example, on RHEL, the default value of max file descriptors is 1024. If the connection queue size is not assigned, then Web Server assigns 128 connections to connection queue. The value can be very low on busy systems. If connections starts timing out, users should set higher value for max file descriptors. |
6644322 |
Memory leak in Fastcgistub causes hang in the Fastcgi sub-system |
6474037 |
Exception installing Web Server on Ubuntu. On Linux Ubuntu, the package which contains the /bin/domainname is not available by default. You must install these packages for the Web Server installation to succeed. To install the package, type the following command: sudo apt-get install nis |
6414481 |
Web Server cannot be installed without installing compat-libstdc++. |
6641672 |
REDHAT ES4.0 Linux 64-bit installation fails by having compat-libstdc++-33-3* (64-bit)version |
6472668 |
On Windows, Web Server installation should use -Xrs JVM option by default. Workaround:For more information on this fix see, Sun Java System Web Server Administrator's Configuration File Reference Guide. |
6559918 |
Unclear error message if CLI and Administration Server versions are incompatible. While upgrading Web Server 7.0 installation to Web Server 7.0 Update 2 , make sure that the entire setup CLI, Administration Server and all the Administration Nodes are also upgraded to Web Server 7.0 Update 2. This is because, Web Server 7.0 administration interfaces will not work correctly with Web Server 7.0 Update 2 administration interfaces. |
6595795 |
The Admin console does not add the required functions in the obj.conf file for a migrated instance. When a JVM disabled Web Server 6.0 instance is migrated to Web Server 7.0 and when the migrated instance is enabled with the JVM option using the Admin console, the process does not add the following necessary lines in obj.conf file. NameTrans fn="ntrans-j2ee" name="j2ee" PathCheck fn="find-index-j2ee" ObjectType fn="type-j2ee" Error fn="error-j2ee" |
6641844 |
On Windows, server fails to start after upgrading from Web Server 7 that is part of the Java ES 5 release to Web Server 7.0 Update 2 release using the patch. |
6644314 |
Security patch 121656-16 is a mandatory perquisite for Sun Java System Web Server 7.0 Update 2 Linux patch on Java ES 5/U1. However, the security patch exhibits cyclic dependency, hence making it impossible to apply any of the patches. |
6640206 |
Upgrade fails when upgrading to U2 when no sample apps is present in the existing installation. On non-windows platforms (Solaris, Linux and HP-UX), if you have installed Web Server 7.0 or 7.0 update 1 without sample applications and if you upgrade to Web Server 7.0 update 2, you will see the following error message: A problem occurred during upgrade. To troubleshoot the problem, review the installation log at: <install-dir>/setup/Sun_Java_System_Web_Server_install.log Note – This error does not impact the upgrade. |
6559735 |
Sample applications documentation must mention adding jar file to the class path in the properties file. In the install-dir/samples/java/webapps/security/jdbcrealm/docs/index.html, under 'Compiling and Assembling the Application' section, there must be a mention of adding JDBC driver jar file to class path suffix in the jdbcrealm.build.properties file. |
6413058 |
server.xml does not store the full file pattern for converting and including search . The schema does not store the full file pattern allowed by both the Admin Console and the search administration tools in this version of the Web Server. It also has no way to represent the full file pattern that might sometimes need migration from the previous versions of the Web Server. |
6632936 |
On Red Hat Linux Enterprise Linux 5, Search functionality does not work properly. On a Red Hat Enterprise Linux machine, if the compat-libstdc++ library is installed, you must remove the installed rpm and download/install the compat-libstdc++-296-2.96-132.7.2.i386.rpm . For x86 32–bit and 64–bit download and install the compat-libstdc++-296-2.96-132.7.2.i386.rpm. Note – Do not download/install an rpm from unreliable sources as it may lead to security vulnerabilities. |
6611067 |
Red Hat Enterprise Linux instance fails to start when the file system SELinux security is enabled. Newer Linux distributions have new kernel security extensions enabled from the SELinux project. These extensions allow finer grained control over system security. However, SELinux also changes some default system behaviors, such as shared library loading that can be problematic to third-party programs. If you receive the error message “Cannot restore segment prot after reloc: Permission denied" when starting the Web Server Admin Server or instance, that means the system is SELinux enabled. |
6602075 |
Sun crypto 1000 with Web Server needs Solaris 10 patch 125465-02 (SPARC) and 125466-02 (x86). |
6432870 |
Servlet container collects statistics when stats enabled element is set to false in the server.xml file. |
6567124 |
JSF Web Applications running on Web Server 7.0 may break when running on Web Server 7.0 Update 1. Web Server 7.0 Update 1 ships with JavaServer Faces 1.2 technology. All JavaServer Faces web applications are expected to work with Web Server 7.0 Update 1 without any modifications. However, there are a few known compatibility issues with JavaServer Faces 1.2 and might require applications to be modified to address these incompatibilities. The incompatibilities are documented in the JavaServer Faces release notes at: https://javaserverfaces.dev.java.net/rlnotes/1.2_04/issues.html. Java ES 5 Portal Server users are suggested to delay upgrading to Web Server 7.0 Update 1 until Java ES 5 Update 1 is released. |
6549619 |
On Windows 2003, when a command is executed from the CLI, the message is not encoded correctly. |
6630841 |
FastCGI Handler new Role is always created with "English" name. |
6632818 |
Unlocalized strings are seen in CGI settings page. |
6628910 |
CLI installer "Enter your option" is in English in localization locale. |
6484181 |
Portal Server configures JVM stack size to 128K (too low) for Web Server 7.0 64–bit to start. If Web Server 7.0 is already configured in 64–bit mode, and the Portal Server installation is started, Portal Server configuration does not set stack size to 128K. However, if both Portal Server and Web Server are already installed and configured in 32–bit mode, switching to 64–bit mode involve series of manual steps that are described in the Workaround section. |
6487041 |
schemagen/xjc/wsgen/wsimport scripts not present in Java ES Web Server installation. schemagen/xjc/wsgen/wsimport scripts are present in different locations in Java ES installation and stand-alone installation of Web Server. |
6550622 |
When upgrading Java ES 5 software to Java ES 5 Update 1, Portal Server samples fail with JSF exceptions if you have upgraded only Web Server but not the Portal Server. For more information, see Compatibility Issues. |
6643821 |
SMF commands removes Java ES environment from startserv and stopserv scripts (Solaris 10 only). |
6549580 |
Web Server running on Windows contains no description for the service and the description is not updated after applying Java ES Update 1 patches. |
6641175 |
Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1 |
6576542 |
Samples bundled with WS 7.0 cannot be used for experimenting session replication feature |
6600183 |
Transfer-encoding header is sent after the body has been sent for fastcgi-perl. |
6613414 |
iWS7.0U1 - Page-encoding is not case sensitive capable, e.g. utf-8 is different from UTF-8 |
6613865 |
servlet container implementation of encode/decode cookies has changed from >= SJSWS6.1 |
6641175 |
Streaming data (>2GB) to server using POST has problems. request.getInputStream().read() returns -1 |
6641231 |
Uploading file > 2MB is limited by java webcontainer. |
6658609 |
web 7.0 u2 jdbc resource settings do not allow -1 in maximum wait time and idle time out |
6660297 |
JDBC resource pool of web70 doesn't work as expected after restarting RDB. |
6671260 |
Can't redirect the stderr message from FastCGI into error log. The data sent from FastCGI to stderr is not logged into the error log. |
6671957 |
compress-file function lacks documentation (SJSWS7.0) |
6671992 |
web server documentation needs to be more specific on filter it's scope and what they are |
6680376 |
server goes into a loop given a particular htaccess configuration |
6681681 |
filter is applied twice when a web-apps 's welcome file list is accessed as /contextroot When a welcome file is accessed as /context-root, filters present are applied twice. |
6708333 |
web 7.0 u2 patch 125437-13 should doc pre-requisite of nss patch 3.11.8 or above as needed |
6697002 |
pull-config garbles binary file in config/ directory due to tokenizing (SJSWS7.0u2) |
6701520 |
instance does not start if the user has certain umask settings during installation |
6710993 |
es, fr - OLH is not displaying, exception thrown |
6641109 |
Webserver crashing configured with an NFS-mounted docroot directory Web Server crashes if NFS file is removed or replaced, while using NFS and MediumFileSizeLimit >0. Therefore, you should not use MediumFileSizeLimit>0, if the document root is mounted over NFS. Workaround: When Web Server documents are residing on an NFS mount, as in NFS client, set MediumFileSizeLimit to 0 in nsfc.conf. |
The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 2
Problem ID |
Description |
6467621 |
Request to the server fails with using of "Sun Software PKCS#11 softtoken". |
6564797 |
Server should automatically size connection queue, keep-alive subsystem, and file cache. |
6493271 |
Java garbage collector activity is higher in Web Server 7.0 when compared against Web Server 6.1. The servlet container in Web Server 7.0 creates many Java objects. |
6497803 |
If a servlet is mapped to req URI formed by partial req + welcome file, the behavior is wrong. If a web container receives a valid partial request, the web container must examine the welcome file list defined in the deployment descriptor. The welcome file list is an ordered list of partial URLs with no trailing or leading /. The Web Server must append each welcome file in the order specified in the deployment descriptor to the partial request and check whether a static resource or a servlet in the WAR file is mapped to that request URI. The web container must send the request to the first resource in the WAR that matches. |
6316881 |
Multi-byte characters in headers can not be retrieved by req.getHeader(). The characters are not parsed correctly, when request.getHeader() is called. |
6554326 |
The hardcoded message "ADMIN3594: Configuration changes require a server restart" is not localized. |
6565615 |
In the Japanese locale online help, the description about the PAM for "Editing Authentication Databases" incorrectly states the name of Directory Server. The description must be read as: "Editing Authentication Databases" PAM -- PAM is the new auth-db supported by Sun Java System Web Server 7.0. |
6563951 |
Search collection subdirectory with leading slash causes confusing error. When you try to create a search collection and set the document root subdirectory with a leading slash, the error message produced wrongly informs you that a slash at the beginning is needed. |
6571208 |
Inconsistent wording found in Directory listing type. The sentence "Error response file to use when indexing is None" should be changed to "Error response file to use when listing is None". |
6549584 |
The word "Other" in the list of countries is not translated. |
6556225 |
In the Add Documents window, Included checkbox for subdirectory is not translated. |
6565615 |
Japanese language help: “Editing Authentication Databases” have different description about PAM. |
6628918 |
Translation issue of Admin GUI messages in Japanese. |
6628917 |
Translation issue of GUI installer OLH. |
6604075 |
In Java ES, Web Server 7.0 with Access Manager displays a null pointer exception. |
6479062 |
Web Server fails to start when HTTP listener protocol family="nca" is used for Solaris SPARC, Linux and HP-UX platforms. Web Server instance does not restart on setting the Protocol-Family property to nca in the EditHTTPListener wizard. |
6464953 |
Setting digestauthstate property through the set-authdb-prop CLI does not validate the value and allows to set junk value for this property. |
6504050 |
The Results page in all Admin Console wizards should be aligned properly. |
6473376 |
The default server.xml should not contain the <stack-size> element. |
6367751 |
The create-instance command fails on remote node intermittently and logs HTTP 400 error. |
6547264 |
Executing the create-instance command immediately after starting a remote node fails on the remote node. |
6468132 |
The list-cert command does not list the certificates if the certificate nickname contains a colon. |
6437577 |
<pkcs11> element not removed from server.xml even when child elements are absent. |
6473589 |
<pkcs11/> added to server.xml when token pin is set. |
6534202 |
Cannot edit WebDAV collection properties through the Admin Console When a configuration is deployed on multiple nodes, the lockdb path must be a shared location mounted on the same path on all the nodes. Additionally, to list or expire locks in the lockdb from the Admin Console, the same path must be writable from the Administration Server. |
6554691 |
The add-webapp command when used with JSP pre-compilation option does not delete the previously precompiled JSP files. |
6556820 |
The Admin Console or the Admin CLI does not provide support to add CA certificates to the Administration Server. |
6489269 |
'external' expression function with quoted path is not working. |
6432375 |
On HP-UX, SNMP fails for some oid values. |
6483212 |
On HP-UX 11.11, Web Server fails to start when max heap size is 2048 MBytes or greater. |
6474011 |
The basic-search.html has unclear description. |
4988156 |
Installing the stand-alone product over an existing Java ES installation and vice-versa is not supported. |
6610103 |
On Windows - unable to deploy configuration and start up after disabled Java |
6856484 |
Server should automatically size connection queue, keep-alive subsystem, and file cache. |
The following table lists the issues resolved in Sun Java System Web Server 7.0 Update 1
This section lists the important known issues and limitations at the time of Web Server 7.0 Update 5 release.
The following table lists the known issues in the administration of Web Server.
Table 5 Known Issues in Administration
Problem ID |
Description |
|||
---|---|---|---|---|
6364924 |
A node can be registered to multiple administration servers which may cause a configuration conflict. It is possible to register a node to a second Administration Server without canceling the registration with the first Administration Server. However, this leads to the nodes becoming inaccessible to both the Administration Servers. Workaround: On each registration, restart the administration node. The administration node will be available to the most recent Administration Server it has registered to. |
|||
6379125 |
wadm command allows connecting to a node, shows a certificate and then throws a 'HTTP 400 Error'. When an administration node receives a connection, the administration node does not check the connection is from the Administration Server before proceeding. It not only prints an inappropriate error message, but also prompts the user to enter the password. |
|||
6327352 |
Session replication enabled instances does not come up normally, if other instances in the cluster are not started. |
|||
6393534 |
After migrating the Java keystore keycerts using the migrate-jks-keycert command, trying to list the migrated jks keycerts using the list-certs command, displays the CN, org and other information instead of the certificate nickname. |
|||
6407486 |
While setting the SSL property using the wadm set-ssl-prop command, the server-cert-nickname property accepts any certificate nickname, instead of accepting only the server certificate nickname. |
|||
6443742 |
The set-session-replication-prop CLI command does not work if the 'node' option is provided with a qualified domain name. Workaround Use the output of the list-nodes command for the valid names of the nodes in the set-session-replication-prop command. |
|||
6468570 |
Specifying "yes" at the wadm prompt crashes the CLI. |
|||
6469676 |
When you try to connect to the Administration Server after the administration certificates have expired, an incorrect error message is displayed. |
|||
6480600 |
The register-node command gives an incorrect error message when the Administration server runs out of disk space. |
|||
6495446 |
If no disk space is available on the device, wadm throws an incorrect error message "Unable to communicate with the administration server". |
|||
6502800 |
Executing the migrate-server command with both "--all" and "--instance" options does not result in an error. A warning or an error message should be displayed indicating that the user is attempting the set mutually exclusive options. |
|||
6416328 |
The Start Instances. button in the Admin Console is enabled for instance which is already running. The buttons should be enabled or disabled based on the status of the instance. |
|||
6418312 |
wadm allows you to define duplicate user properties. Adding duplicate user properties does not show an error message; however, a new user property is not created. |
|||
6421740 |
There is no provision to create new Access Control List (ACL) file using the Admin Console or the CLI. |
|||
6423432 |
On Windows, using an existing configuration, repeating the process of adding and removing the registered nodes causes validation failure. |
|||
6430417 |
MIME Types allows MIME value with multibyte characters. |
|||
6442081 |
Text in Access Control List page is not formatted. |
|||
6442172 |
User can be switched between `available' and `selected' lists in ACE even though the user is deleted from the authentication database. |
|||
6446162 |
No warning is issued before the deletion of key or the digestfile authentication database. |
|||
6448421 |
Administration Interface allows you to create a new user with multi-byte User ID in the keyfile authentication database. |
|||
6455827 |
User and Group table in the Admin Console displays the entire result in a single page. |
|||
6461101 |
Labeling of the Request Certificate and Install buttons in the Admin Console Create Self-Signed Certificate page needs to be revised. |
|||
6462057 |
Add and Remove buttons are enabled in new ACE window even if no items are present in the `Available' list. |
|||
6464891 |
Admin Console truncates the display of server logs at 50 lines or 2 pages. |
|||
6465382 |
No validation exist to check the entry of wrong country code in the certificate request wizard. |
|||
6465421 |
In the Admin Console, no text field description is provided for virtual-server, authdb, dav collection, and event fields . |
|||
6466336 |
Admin Console shows wrong JDK version while creating a new configuration. The JDK version displayed in the Admin Console is 5.0 u6 instead of 5.0 u7. |
|||
6471171 |
Style formatting is lost after restarting the Administration Server from Nodes -> Administration Server General tab. |
|||
6471367 |
Attempting to access the Admin Console in another tab of the same browser does not work. |
|||
6471792 |
View Log displays result in a single page. Although the search criteria selected for record size is 25 log entries, the log displays the results in one single page even if there are more than 50 log entries. |
|||
6472932 |
Token mismatch error is displayed when you remove the token password and then reset it in the Common tasks -> Select configuration -> Edit configuration -> Certificates -> PKCS11 Tokens page. |
|||
6486037 |
The Virtual Server Management->Content Handling->Document Directories->Add should have a browse option to choose the path of a additional document directory. |
|||
6492906 |
Message displayed about WebDAV collection locks in the Admin Console is misleading. If you specify the time-out value for the WebDAV collection as infinite, the Common Tasks->Select Configuration ->Select Virtual Server->Edit Virtual Sever ->WebDAV->Select collection page displays the message DOES NOT EXPIRE. What it actually means is that the lock does not expire automatically after a specified time or the time-out is infinite. |
|||
6498484 |
Incorrect error message is displayed on setting empty token password using the `Set passwords' button. |
|||
6500157 |
Instance fails to restart if you try to edit a token password and deploy a configuration on an instance which is already running. |
|||
6502287 |
The Admin Console displays an exception when you delete a configuration and click on the Migrate button. |
|||
6502374 |
The Admin Console Review screen in wizards should only show fields that have values. |
|||
6502793 |
During migration, the log-dir path permission is not validated. |
|||
6266358 |
Cannot log in through the Administration CLI if the administration password has extended ASCII characters. |
|||
6361329 |
The error-response file name should be validated. |
|||
6367282 |
Administration server starts with expired certificate; wadm should warn about expired certificates. |
|||
6375505 |
The unregister-node command should also clean up certificates on the administration node. |
|||
6408169 |
WebDAV lock CLIs do not work in a cluster environment. |
|||
6408186 |
Multiple installations of the administration nodes on the same node that is registered to the same administration server should be not be allowed. |
|||
6416369 |
Accessing the administration node URL results in Page Not Found error. As the administration node does not have a GUI, accessing the administration node URL results in Page Not Found error. |
|||
6422936 |
No validation for class path prefix and suffix, and native library path in JVM Path Settings in Java. |
|||
6423310 |
The server.xml elements should be grouped based on functionality. |
|||
6441773 |
On Windows, Administration Server moves the Web application files physically before stopping the Web application. |
|||
6462515 |
The Admin Console misleads user with "Instance modified" message when runtime files gets created in the config directory. |
|||
6462579 |
Trust store does not deleted on uninstalling the administration node after unregistering it with the administration server. |
|||
6468330 |
Changes made to the JavaHome property does not get saved after restarting the instance. |
|||
6491749 |
Need better validation in certain text fields to prevent obj.conf file corruption. Most of the functional validation of the data in a form is done in the back end. The GUI has only minimal checks such as empty fields, integer values, and ASCII values. Hence, the GUI stores the data in the obj.conf when parsed gets corrupted . |
|||
6497213 |
Executing the restart-admin command followed by the stop-admin command throws exception in administration error logs. |
|||
6587832 |
On Windows, the Admin Console intermittently fails to come up. Workaround:
|
|||
6746045 |
Once config changes are made it is found that file ownership changes in docs directory When a user creates a directory, adds some files and deploys them under the docs directory, the ownership of all files under this directory, changes to the owner who installed Web Server. Workaround: The user directories should not be created under docs directory. |
|||
6750708 |
Web Server 7.0 Administration CLI does not accept multibye characters as input. Admin CLI does not accept input strings which has multibyte or non-ascii characters. For example, if you are entering an input value containing a non-ascii character (Felhasználók) along with the command, the input value will be garbled as below:
Workaround: While modifying the server.xml file manually, to enter base DN value, you have to type the URL encoded sequence as input instead of multibyte characters. For example, type:: "Felhaszn%C3%A1l%C3%B3k" instead of "Felhasználók" |
|||
6722375 |
The Admin server throws an error as the postpatch script for patches 125437-14 and 125438-14 are not Alternate Root compliant. Workaround:
|
|||
6784450 |
Unable to login to Admin server using Mozilla Firefox 3.0 Workaround:
|
|||
6820164 |
An OpenSolaris 2008.11 Bug 4788 causes a serious impact on Web Server. Web Server's certificates are affected during deployment of Web Server on OpenSolaris 2008.11, with the below warning:
An OpenSolaris Bug 4788, with time, causes this problem. For more information about this, see Bug 4788. Workaround: Reboot your server after deploying OpenSolaris 2008.11 and correct the server time. |
|||
6842383 |
FastCGI suid environment for Red Hat Enterprise Linux To get the FastCGI suid environment to work on Red Hat Enterprise Linux, perform the following steps:
|
|||
6893239 |
JDK 1.6.0 and JDK 1.5.0 logger are not working properly. |
The following table lists the known issues in the core of Web Server.
Table 6 Known Issues in Core
Problem ID |
Description |
---|---|
6785490 |
Any URI that does not end with the "real" file name fails to execute properly, resulting in a “No input file specified” error. For PHP users: Web Server 7.0 Update 4 populates the environment variables REQUEST_URI and SCRIPT_FILENAME for FastCGI and CGI applications. The introduction of the SCRIPT_FILENAME variable causes PHP to display a No input file specified PHP error for scripts that are mapped to virtual URIs, that is, URLs ending with / instead of /index.html or URLs making use of Web Server 7.0's URI rewriting feature. The affected PHP versions are 5.2.5 through 5.2.9. For more information, see http://bugs.php.net/bug.php?id=47042. Workaround: If a PHP application is mapped to a virtual URI, then cgi.fix_pathinfo should be set to 0 in the php.ini file. This setting is required for many popular PHP applications like Drupal, Wordpress, Joomla, etc. However, this setting will cause PHP applications that rely on path-info like /foobar.php/baz/ to return a No input file specified PHP error. If a PHP application relies on path-info, then cgi.fix_pathinfo should not be disabled. |
6296993 |
When there is an error executing an obj.conf directive, the filename and line number where the offending directive was found are not logged. |
6365160 |
When server.xml schema validation fails due to a data type constraint violation, it displays an error message that does not describe the set of valid values for the element. |
6378940 |
All HTTP header parsing error are not logged with the client IP and a description of the error. |
6470552 |
set-variable SAF could not set predefined variable. |
6489220 |
Server treats non-interpolated strings that contain $$ character constants as interpolated. When a parameter value contains a $$ escape, the server constructs a PblockModel for the parameter block. This is unnecessary because $$ is a constant. |
The following table lists the known issues in the FastCGI.
Table 7 Known Issues in FastCGI
Problem ID |
Description |
---|---|
6485248 |
The fastcgi stub does not properly close all the processes when reuse-connection is set to true. Configure Web Server 7.0 to work with PHP as a FastCGI plug-in and set reuse-connection=true. When you shutting down the server or reconfiguring the server, the fastcgi() process and its child processes are left behind and not killed properly. |
The following table lists the known issues in the installation of Web Server.
Table 8 Known Issues in Installation
The following table lists the known issues in the migration and upgrade areas of Web Server.
Table 9 Known Issues in Migration and Upgrade
Problem ID |
Description |
||||
---|---|---|---|---|---|
6932016 |
Verisign EV certificate chain issue with new built-in CA root. If you are using Verisign EV 2048-bit SSL web server certificates, some older browsers might give a Certificate Authority Not Trusted warning after you upgrade from an earlier version of Web Server 7.0 to Web Server 7.0 Update 8. Workaround:
Note – If you upgrade Web Server after performing this workaround, you must repeat this workaround after the upgrade. Otherwise, the built-in VeriSign Class 3 Public Primary CA - G5 CA root certificate appears again and some older browsers might give a Certificate Authority Not Trusted warning again. |
||||
6407877 |
Incorrect migration occurs while migrating from Web Server 6.0 to 7.0 if the installed.pkg file is not found. In Web Server 6.0 to 7.0 migration, if the installed.pkg file is missing, Web Server incorrectly migrates the NSServlet entries in the magnus.conf file. |
||||
6490124 |
6.x -> 7.0: Migrated scheduled events still points to 6.x paths in the server.xml file.
|
||||
6502529 |
6.1->7.0: Migration does not handle relative path set for search-collection-dir correctly. During instance migration, specifying a relative path for the target path into which the search collections should be copied, results in the search collection directory being created with respect to the config-store. When the instance is instantiated, the indexes are created without properly migrating the search collections. |
||||
6502769 |
6.x->7.0: Migration ignores any "document-root" NameTrans specified in the obj.conf file. |
||||
6498806 |
On Windows, Web Server Admin Console does not appropriately warn users during migration. Administration Server does not detect if the selected new configuration or the service name already exists on Windows and hence does not appropriately warn the users to select a different configuration name or suggest a different configuration name as default. |
||||
6500509 |
Web Server 7.0 migration tool is unable to successfully migrate from Web Server 6.1 if it has Root Certs installed in it. |
||||
6747123 |
The request processing behavior has changed in Sun Java System Web Server 7.0 Update 2 release. This change does not manifest while using Web Server 7.0 Update 2 RPP. A modification in the Web Server's request processing engine to fix a significant error in Web Server, has changed the order in which the web server processes objects and directives in the server's obj.conf file. This correction now guarantees that the below rules are applied while processing a request:
|
The following table lists the known issues in Sample Applications of Web Server.
Table 10 Known Issues in Sample Applications
Problem ID |
Description |
---|---|
6472796 |
sendmail.jsp shows incorrect file to be edited to specify resource.host for javamail sample application. Workaround To set javamail.resource.host, edit the javamail.build.properties and not the build.xml as specified in install_dir/samples/java/webapps/javamail/src/docroot/sendmail.jsp. |
The following table lists the know issues in the search functionality of Web Server.
Table 11 Known Issues in Search
Problem ID |
Description |
---|---|
6701532 |
Search engine fails to index password protected PDF document If a PDF document is password protected and encrypted, the search engine fails to index the document's metadata. As a result, the requested search fails. |
The following table lists the known issues in the security area of Web Server.
Table 12 Known Issues in Security
Problem ID |
Description |
---|---|
6376901 |
Limitation supporting basic and digest-based ACLs for resources in the same directory. If the server uses digest and basic-based ACLs in different parts of their doc tree, attempting to use both simultaneously on different files or resources in the same directory is not possible. |
6431287 |
TLS_ECDH_RSA_* require the server cert signed with RSA keys. Cipher suites of the form TLS_ECDH_RSA_* requires server to have an ECC keypair with a cert signed using RSA keys. Note that this precludes using these cipher suites with self-signed certificates. This requirement is inherent to these cipher suites and is not a bug. The server should detect and warn about wrong configurations related to these cipher suites but currently it does not do so. |
The following table lists the known issues in the session replication functionality of Web Server 7.0.
Table 13 Known Issues in Session Replication
Problem ID |
Description |
---|---|
6324321 |
Descriptive error message is not displayed when an error occurs remotely. When an exception occurs remotely, error messages are logged in the error log of the remote instance. However, the local instance currently displays a generic remote exception which does not clearly indicate which error log that the user must view. |
6396820 |
Session replication does not failover correctly when cookies are disabled on the client. |
6406176 |
When enabled, session replication should be the default session manager. After enabling session replication by using the Admin Console or the CLI, or by editing the server.xml file, session replication is not really enabled. Instead, sun-web.xml needs to be manually edited. |
6800993 |
A minor data loss occurs, as async cluster is not available. It is observed that a small amount of http session data loss can occur in few cases. Asynchronous implementation, by using asnyc parameter, in session failover might resolve this issue. |
The following table lists the known issues in the web container of Web Server.
Table 14 Known Issues in Web Container
Problem ID |
Description |
---|---|
4858178 |
Web container writes to stderr. |
6349517 |
Incorrect web application session statistics for MaxProcs > 1 mode. Web Server runs in multi-process mode. The MaxProcs configuration variable in the magnus.conf is used to set the maximum number of processes. If the value for MaxProcs is set to greater than 1, the Web Server uses mmap-based session manager so that the session could be shared among different JVMs. While collecting statistics from multiple processes, web application MBeans provide session for individual MBeans. There is no way to find the true number of sessions by seeing individual MBean's web application session statistics.
|
6394715 |
Web container deletes the disabled web application MBeans object. When the web application is disabled by setting the <enabled> element to false in the server.xml file, the web container deletes the web application's MBeans and hence treats it as a closed or deleted web application. Since disabled objects are deleted, statistics are also lost. |
6419070 |
No information is logged in error logs at the finest log level on successful JNDI resource creation. |
6422200 |
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse does 1 byte reads. When reading the server.xml file, the first line containing the XML version number and the encoding is read 1 byte at a time. |
6440064 |
Servlet container creates a thread per virtual server. |
6501184 |
REQ_EXIT causes javax.servlet.ServletException. |
The following table lists the known issues in the localized version of Web Server.
Table 15 Known Issues in Localization
Problem ID |
Description |
||
---|---|---|---|
6543814 |
Search filter “*” does not work correctly for multi-byte strings. |
||
5046634 |
There is no functionality equivalent to use-responseCT-for-headers in Web Server 7.0. Response header encoding is enabled at the web-app level by setting the value of the configuration parameter use-responseCT-for-headers to any of the values; yes, true, or on in the web-app/sun-web.xml file. For example, set Response header encoding as follows:
|
||
6716537 |
Creating socket error message is not localized. |
||
6775946 |
patchrm 125437-15 fails if they are installed in Japanese locale. Installing patchrm 125437-15 in Japanese locale fails and throws the below error:
The log file output is as below:
This issue is observed in the following platforms:
Workaround:
|
The following table lists the known issues in the Java Enterprise System (Java ES).
Table 16 Known Issues in Java ES
Problem ID |
Description |
---|---|
6432106 |
Sun Java System Portal Server search throws exception after Web Server upgrade. Portal Server search functionality throws exception when upgrading Web Server from Java ES 4 to Java ES 5. Workaround Note – Move the existing libdb-3.3.so and libdb_java-3.3.so library files to an appropriate location, somewhere outside the Web Server's private directories. Once the Portal Server libraries are in a suitable location, that path must be specified for the <libdb-3.3.so path>:<libdb_java-3.3.so path> in the following commands. On Solaris platform, perform the following steps:
|
6504178 |
Migration logs reports a bogus "root is not a valid user" message on Java ES 5. While migrating from Java ES 4 to Java ES 5 on UNIX platforms, the migration log file reports WARNING: "root is not a valid user". This is incorrect as the "root" user is valid on that host. |
6453037 |
A lot of warnings/info messages displayed at Web Server startup on the standard output instead of routing these messages to the log file. |
If you have problems with Sun Java System Web Server, contact Sun customer support using one of the following mechanisms:
Sun Software Support services online at:
The telephone dispatch number associated with your maintenance contract
So that we can best assist you in resolving problems, please have the following information available when you contact support:
Description of the problem, including the situation where the problem occurs and its impact on your operation
Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
Detailed steps on the methods you have used to reproduce the problem
Any error logs or core dumps
Sun is interested in improving its documentation and welcomes your comments and suggestions. To share your comments:
Go to http://docs.sun.com/ and click Feedback.
Go to http://wikis.sun.com/display/WebServerdocs/Home and post your comments or directly edit the wiki page.
To provide feedback on Sun Java System Web Server product, send email to mailto:webserver@sun.com.
Useful Sun Java Systems information can be found at the following locations:
Documentation for Sun Java System Web Server 7.0 Update 8
Sun Java System Web Server Documentation Wiki
The Sun Java System Web Server documents are now in wiki format at http://wikis.sun.com/display/WebServerdocs/Home. This wiki is intended to promote collaboration and contribution on documentation content for Web Server. You are welcome to contribute, by posting your comments or by directly editing the wiki page, as long as the content is relevant to an appropriate standard.
Sun Software Products and Service
Sun Developer Information
Sun Developer Support Services
Software Support Services
Sun Support and Training Services
Support: http://www.sun.com/support
Training: http://www.sun.com/training/
Sun Gathering Debug Data
Besides searching Sun product documentation from the docs.sun.com web site, you can use a search engine of your choice by typing the following syntax in the search field:
<search-term> site:docs.sun.com
For example, to search for "Web Server", type the following:
Web Server site:docs.sun.com
To include other Sun web sites in your search (for example, java.sun.com, www.sun.com, developers.sun.com), use sun.com in place of docs.sun.comin the search field.