Sun ONE Portal Server 6.1 Release Notes

Sun™ ONE Portal Server 6.1 Release Notes

Version 6.1

Part Number 816-6746-10

June 2003

These release notes contain important information available at the time of release of Version 6.1 of Sun™ Open Net Environment (Sun ONE) Sun ONE Portal Server. New features and enhancements, known limitations and problems, technical notes, and other information are addressed here. Read this document before you begin using Sun ONE Portal Server 6.1.

The most up-to-date version of these release notes can be found at the Sun ONE documentation web site: http://docs.sun.com/prod/sunone. Check the web site prior to installing and setting up your software and then periodically thereafter to view the most up-to-date release notes and manuals.

These release notes contain the following sections:

Revision History

Table 1 is a two column table that describes the revision history for these release notes. The first column lists the date and the second column provides a description of changes for each revision.

Table 1  Revision History 

Date

Description of Changes

June 6, 2003

Initial release of these release notes

About Sun ONE Portal Server, Version 6.1

Sun ONE Portal Server provides a platform to create portals for your organization’s integrated data, knowledge management, and applications. The Sun ONE Portal Server platform offers a complete infrastructure solution for building and deploying all types of portals, including business-to-business, business-to-employee, and business-to-consumer.

What’s New in Sun ONE Portal Server, Version 6.1

New features in Sun ONE Portal Server, version 6.1 include:

Sun™ ONE Identity Server Upgrade

This version of the Sun ONE Portal Server software uses Sun™ ONE Identity Server 6.0 SP1.

Multiple Application Server Support

Support for installing Sun ONE Portal Server on the following application server web containers has been integrated in the pssetup install script:

Instructions for installing Sun ONE Portal Server on the supported application server are included with the Sun ONE Portal Server installation documentation; see the Sun ONE Portal Server 6.1 Installation Guide.

Automatic Installation of the Yahoo! Provider

The Yahoo! Provider is now integrated with the Sun ONE Portal Server software and is automatically installed with the Sun ONE Portal Server. It now requires no special install or uninstall procedures.

Bugs Fixed in Sun ONE Portal Server 6.1

Table 2 is a two column table that lists, the bugs fixed in this release of Sun ONE Portal Server. The first column lists the number of the fixed bug, and the second column provides a brief description of the bug.

Table 2  Fixed Bugs in Sun ONE Portal Server 6.1 

Bug Number

Description

4741009

When the number of channels in a category exceeds 10, clicking on the Content link in the table container shows error page.

4754230

Cookies are not rewritten correctly for an iPlanet Portal Server gateway that is installed in a top level domain.

4762844

Some browsers do not support unescaped special characters causing links on Sun ONE Calendar Server to be rewritten incorrectly if accessed through the gateway.

4769951

Setting a user created start tab fails. When Desktop users create their own tab and assign it as the Start Tab, the newly created tab will not be the start tab when logging back into the Desktop.

4782746

The install scripts save the Sun ONE Directory Server and Sun ONE Identity Server credentials into pkginfo files of all installed Sun ONE Portal Server packages.

4782705

Sun ONE Portal Server entries in the Sun ONE Directory Server are not being removed when uninstalling only the Sun ONE Portal Server software.

4784407

The rewriter does not work on URLs with HTML encoding.

4787934

The User-Agent header value is modified internally to a Java™ process when a page is scraped by the URL scraper. If an application relies on this value, the application can malfunction when the value is changed by the software.

4790402

The rewriter should not rewrite the hash symbol “#” in an HREF tag.

4791468

Secure Remote Access for Sun ONE Portal Server 6.0 defines the letter “i” as a global variable in such JavaScript™ functions as psSplit in URIUtils.js file. This can collide with the variables defined by customer applications.

4808266

Certain searches are returning 100% scores when they should be returning scores less than 100%.

4809307

Cookies are not forwarded by Sun ONE Portal Server 6.0 when the re-writer proxy is in use. If a third party application produces a cookie, it is not forwarded by the Sun ONE Portal Server when the rewriter proxy is in use.

4812074

Resource descriptions are not expired cleanly from the main database. The rdmgr -E command leaves the resource descriptions in the index but not in main database.

4818210

The query parser does not read the word “and,” when it is part of a taxonomy id, as part of the taxonomy object string. Instead it reads it as a query operator <and> . This causes browsing of categories to fail to return otherwise valid RD matches.

4829030

Cookies are not restored to the original form when forwarding them back to the third party web server or application server.

Hardware and Software Requirements

The following hardware and software are required for this release of Sun™ ONE Portal Server.

Table 3 is a two column table that lists the component requirements for the Sun ONE Portal Server. The first column lists the component, and the second column provides the requirements for the component.

Table 3  Operating System and Hardware Requirements 

Component

Solaris™ Requirement

Operating system

Solaris™ 8 Operating System or Solaris 9™ Operating System

Note: For an installation of the Sun ONE Portal Server on BEA WebLogic or IBM WebSphere, only the Solaris 8 Operating System is supported.

The Solaris 8 Operating System requires the following operating system patches as well for a successful installation of the product:

  • 109326-03
  • 108434-03
  • 108827-15
  • 112438-01

CPU

1 450 MHz UltraSPARC® II CPU or better

RAM

512 Mbytes of RAM

Disk space

1 Gbyte of disk space

Swap space

1 Gbyte of hard drive swap space

Note

The pssetup script checks for the operating system patches required for the Sun ONE Portal Server to work. If you have applied an operating system patch which obsoletes one of the required OS patches instead of installing or updating to the required patch, the pssetup script ask you if you want to abort the installation.

For example, if you are installing the Sun ONE Portal Server on the Solaris 8 Operating System and do not have patch 108827, or have not updated to 108827-15 because you have applied patch 108993-18, the pssetup script will still try to detect 108827-15. In this case the bug fixes required for Sun ONE Portal Server are present in 108993-18 and you can continue with the installation when asked to abort if all the other required patches are installed.

Software Requirements

The following list of software is required for a successful installation of the Sun ONE Portal Server product. The Sun ONE Portal Server can be installed by itself on existing installations of the following software, or a full Sun ONE Portal Server installation can be used to install the required software components. Older versions of these software products are not supported.

Browser Recommendations

The following browsers are supported for administration and for accessing the Sun ONE Portal Server Desktop:

Known Issues

This section address known issues associated with the following software products. Workarounds are provided where possible.

Authless Anonymous

Problem

Sun ONE Portal Server assumes that the naming attribute for authless anonymous user is uid.

Solution

On an installation that uses a naming attribute other than uid, the sample portal should not be installed automatically, and it must be customized before installing it.

Problem

The authless anonymous user is able to access attributes that are user writable.

Solution

To tighten control of authless anonymous user access to attributes that are user writable, the authless anonymous user can be assigned the deny write role through administration console after the portal installation.

Desktop

After migrating to Sun ONE Portal Server 6.1, channels are missing from the Data Migration tab. (4867829)

This problem occurs when migrating Sun ONE Portal Server 3.0 Service Pack 4 data to Sun ONE Portal Server 6.1 on Sun™ ONE Web Server.

When a container in an organization that replaces the display profile of the parent organization does not have the container defined, some channels are missing on the Data Migration tab. This happens when merge="replace" is used inside the <Container> or <Channel> definition in the suborganization or role display profile; the merge is not performed properly.

Workaround

Create a dummy definition of a container or channel at the higher level display profile document (organization or global) level without merge="replace". This definition can be empty. For example,

<Conatiner name="MigratedTabContainer1" provider="TemplateTableContainer">

<Properties/>

<Available/>

<Selected/>

<Channels/>

</Container>

Documentation

The Provider Javadoc™ does not state that the methods isUserInRole() and getUserPrincipal() are not supported. (4874709)

The Provider interface Javadoc lists methods that are unsupported by the HttpServletRequest object that is handed to providers in their init(), getContent(), getEdit() and processEdit() methods.

Two additional methods are not supported, but erroneously not listed in the Provider Javadocs. These methods are:

If either of these methods are called on the HttpServletRequest object that is passed into the provider’s init(), getContent(), getEdit(), or processEdit() methods, an OperationNotSupportedException will be thrown.

Workaround

Methods in the ProviderContext interface can be called to achieve the same functionality that would otherwise be available by these two unsupported HttpServletRequest operations.

To get the user principal, call ProviderContext.getUserID():

Instead of:

String up = req.getUserPrincipal()

Use:

String up = getProviderContext().getUserID();

To test if the user is in a role, get the set of roles that the user belongs to by calling ProviderContext.getRoles() and test for containment in the returned set:

Instead of:

boolean inRole = req.isUserInRole("x");

Use:

boolean inRole = getProviderContext().getRoles().contains("x");

Installation

Problem

Sun ONE Portal Server services are installed at the global level with the assumption that the services will be needed for all organizations.

Solution

On an existing Sun ONE Identity Server installation, if portal services are not needed at the global lever, these services will have to be explicitly deleted from organizations that do not want to use them.

In a future release, the Sun ONE Portal Server services will be installed at the organization level.

Java Development Kit

Problem

Excessive memory consumption related to garbage collection occurs when using JDK 1.4.1 with Sun ONE Application Server. Due to this issue, one may run into an out-of-memory situation, with or without a “java.lang.OutofMemoryError” in the Sun ONE Application Server server.log.

Solution 1

Add the following Java Virtual Machine (JVM™) options to minimize runaway memory consumption:

(-Xms3072M -Xmx3072M) + (-XX:SoftRefLRUPolicyMSPerMB=0) + (-XX:MaxTenuringThreshold=1 -XX:SurvivorRatio=128)

Note

The default initial and maximum heap sizes are 2048M when the perftune script is run.

Solution 2

When upgrades of the JDK and perftune scripts become available, use JDK 1.4.2 and an updated perftune script that contains the garbage collection parameters. This version of the JDK will not be available when the Sun ONE Portal Server product is released, however it will be available shortly after the Sun ONE Portal Server release. Check the software download website periodically to see when JDK 1.4.2 is released.

Migration

The following bugs describe problems associated with migrating from Sun ONE Portal Server 3.x to Sun ONE Portal Server 6.x.

When migrating to Sun ONE Portal Server 6.1 on BEA WebLogic and IBM WebShpere platforms, an error appears in import process message. (4871426)

The error message “Error:DEPLOY_ADMIN_PASSWORD is not set” occurs because the deploy administrator password is not queried only for the containers Sun™ ONE Web Server and Sun ONE Application Server.

Workaround

If the Sun ONE Portal Server product is deployed on BEA WebLogic or IBM WebSphere platforms, after migration, redeploy the Sun ONE Portal Server using the proper options for your specific application server.

When a user logs in to an organization with the membership module, Identity Server uses the first organization name that it finds. (4855717)

This problem occurs when migrating from Sun ONE Portal Server 3.0 to Sun ONE Portal Server 6.1 on Sun ONE Application Server 7. If an organization and a suborganization have the same name, the Sun™ ONE Identity Server will try to access the first use of the name that it finds. This can result in an error and the user is denied access.

Workaround

Use the full domain name when trying to access an organization that exists as a suborganization.

For example:

http://server1.sesta.com:81/amserver/UI/Login?module=Membership&org=o=myorg,dc=iplanet,dc=com

Sun ONE Identity Server

The com.iplanet.am.cookie.encode property in the AMConfig.properties file should be set to true for Weblogic and Websphere. (4881398)

The com.iplanet.am.cookie.encode property in the AMConfig.properties file should be set to “true” when the target web container is Weblogic or WebSphere. This is necessary because Weblogic and WebSphere do not automatically encode cookie values set by web applications.

Setting com.iplanet.am.cookie.encode to “true” under WebLogic and WebSphere will prevent characters like the comma, semi-colon and white space to be set in cookie values by Sun ONE Identity Server without being escaped or encoded. When characters such as comma, semi-colon and white space are set as cookie values directly without being encoded or escaped, some web browsers will not parse the cookie value correctly. Thus, the application will receive corrupted cookie values in subsequent requests.

Workaround

When the target web container is WebSphere or WebLogic, edit the AMConfig.properties file and set the value of the com.iplanet.am.cookie.encode property to true.

Problem

By default, the Sun ONE Portal Server uses the xalan.jar file that ships with the Sun ONE Identity Server. This produces some performance degradation on the RSS/XML provider on the Desktop.

There are 2 ways to work around this problem.

Solution 1

One way is to use the Sun ONE Portal Server xalan.jar file instead of the Sun ONE Identity Server xalan.jar file.

  1. Make a backup copy of the xalan.jar in SUNWam/lib.
  2. Copy the xalan.jar from PS_install_dir/lib to IS_install_dir/lib

    3. For example, type:

  1. Restart the server.

    2. This workaround will cause the SAML and liberty functionality to break on Sun ONE Identity Server.

Solution 2

The second way of working around this problem is to use the default xalan.jar that ships with Sun ONE Identity Server and exclude the RSS/XML channel from the sample Desktop and deployment.

Yahoo! Provider

YahooDTFilter does not get removed from the web.xml file when the Yahoo! channel is removed if the Sun ONE Portal Server is deployed on Sun ONE Application Server or Sun ONE Web Server.(4881274)

Even when the Yahoo! channel is not enabled and is removed from the desktop profile, the YahooDTFilter exists as a DeskTopFilter in the web.xml file. This problem occurs if Sun ONE Portal Server 6.1 is deployed on the Sun ONE Application Server 7.0 or the Sun ONE Web Server 6.0 Service Pack 5.

The presence of this filter will be a part of every HTTP request that is received, causing a large burden on the servlet engine’s request processing work. The performance degradation in the servlet engine’s processing of HTTP requests, compared to the case without the filter, can be as high as 20–30% in average response times for loading pages.

Workaround

Remove the Yahoo! filter.

To remove the Yahoo! filter, edit the web.xml file under

/var/opt/SUNWappserver7/domains/domain1/server1/applications/j2ee-modules/portal_1/WEB-INF

Remove the following deployment descriptors from the web.xml file:

<filter>

<filter-name>DeskTopFilter</filter-name>

<filter-class>com.sun.portal.yahoo.YahooDTFilter</filter-class>

</filter>

<filter-mapping>

<filter-name>DeskTopFilter</filter-name>

<servlet-name>desktopServlet</servlet-name>

</filter-mapping>

The com.iplanet.am.jssproxy.resolveIPAddress property in the AMConfig.properties file is set to false by default, which can cause a host alias conflict that causes an SSL connection to fail for the Yahoo! provider. (4831446)

Since the Yahoo! host edit.corporate.yahoo.com has more than one host alias, this setting needs to be set to “true” so that Sun ONE Identity Server will use the host’s IP address for certificate verification.

Workaround

Edit the AMConfig.properties file and set the flag for the com.iplanet.am.jssproxy.resolveIPAddress property to true.

  1. Change directories to the install directory of Sun ONE Identity Server.
  2. Change directories to /opt/SUNWam/lib.
  3. Edit the AMConfig.properties file and set the flag for the com.iplanet.am.jssproxy.resolveIPAddress property to “true.”

    4. com.iplanet.am.jssproxy.resolveIPAddress=true

Documentation Updates

The following documentation supplements the information found in the Sun ONE Portal Server 6.1 Installation Guide.

Performance and Tuning

Sun ONE Portal Server Desktop Tuning

Running the perftune script changes the following parameters for optimizing the Provider Caller Resource Pooling, in the /etc/opt/SUNWps/desktop/desktopconfig.properties file. To minimize unnecessary memory growth due to spawning of desktop caller threads when performing long-run tests, these properties (except for templateScanInterval) should be changed back to their original default values.

Make the following changes to these properties:

Sun ONE Application Server Tuning

The recommended JVM options for Sun ONE Application Server 7.0 are as follows for both JDK 1.4.1_01 and 1.4.2.

If the machine for the server can accommodate only 4 GB of physical memory, then the value -Xms2048M can be used instead of -Xms3072M; with only 4 GB of the physical memory, the JVM will not start if -Xms3072M is set. These JVM options should override the JVM options set by the perftune script.

The full set of JVM parameters includes:

How to Report Problems and Provide Feedback

If you have problems with Sun™ ONE Portal Server, contact Sun customer support using one of the following mechanisms:

So that we can best assist you in resolving problems, please have the following information available when you contact support:

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions. Email your comments to Sun at this address:

docfeedback@sun.com

Please include the part number (816-6746-10) of the document in the subject line and the book title (Sun ONE Portal Server 6.1 Release Notes) in the body of your email.

Additional Sun Resources

Listed below are the documents released with the Sun™ ONE Portal Server 6.1 documentation suite:

The following guides have not been updated for the Sun ONE Portal Server 6.1 release; however, the information contained in these documents is applicable to the Sun ONE Portal Server 6.1 product.

Useful Sun ONE information can be found at the following Internet locations:

Copyright © 2003 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun logo, Solaris, Java and the Java Coffee Cup logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. Use of Sun ONE Portal Server is subject to the terms described in the license agreement accompanying it.