| Previous Contents Index DocHome Next |
| iPlanet Web Server, Enterprise Edition Administrator's Guide |
The Preferences Tab
The Preferences tab allows you to configure server preferences, control file access on your web site, and enable Secure Sockets Layer (SSL) to ensure privacy when communicating with other SSL-enabled products. The Preferences Tab contains the following pages:
The Server On/Off Page
The Restore Configuration Page
The File Cache Configuration Page
The Server On/Off Page
The Server On/Off page displays the current status of the server and allows you to start or stop the server.For more information, see Starting and Stopping the Server
The following elements are displayed:
Server On. Starts the server so that all listening ports are waiting for client connections.
Server Off. Shuts the server down and stops all running processes. After you shut down the server, it may take a few seconds for the server to complete its shut-down process and for the status to change to off.
About This Server. Displays server version and third-party software information in the Version Information page.
The Performance Tuning Page
The Performance Tuning page allows you to configure the server to optimize its performance.For more information on using the output of this system to tune your server, see the online Performance Tuning and Sizing Guide on http://docs.iplanet.com/docs/manuals/enterprise.html.
The following elements are displayed:
Maximum Simultaneous Requests. Specifies an upper limit on the number of simultaneous requests accepted by the server. When a new request arrives, the server checks to see if it is already processing the maximum number of requests. If it has reached the limit, it defers processing new requests until the number of active requests drops below the maximum amount. Default is 512.
DNS Enabled. Allows you to enable the server to do a reverse lookup of a client's IP in the DNS database before executing a CGI script. Servlets also depend on this flag to do reverse lookup. DNS lookups can slow performance, especially on a server that uses extensive CGI. By default, DNS lookups are not allowed. Instead, hosts are identified by IP address in the CGI environment and in log files.
Async DNS Enabled. Specifies whether asynchronous DNS is enabled. DNS causes multiple threads to be serialized when you use DNS services. If you do not want serialization, enable asynchronous DNS. You can enable it only if you have also enabled DNS. Enabling asynchronous DNS can improve your system's performance if you are using DNS.
DNS Cache Enabled. Determines whether to cache DNS entries. If you enable the DNS cache, the server can store hostname information after receiving it. If the server needs information about the client in the future, the information is cached and available without further querying. Caching DNS entries may slow down the server.
Size of DNS cache. Specifies the size of the DNS cache if you have enabled DNS. The DNS cache can contain 32 to 32768 entries; the default value is 512 entries.
Expire entries (sec). Specifies the number of seconds to allow before DNS entries are deleted from the cache if you have enabled DNS. Cache entry expiration time can range from 1 second to 1 year (specified in seconds); the default value is 1200 seconds (20 minutes).
Listen Queue Size. Determines the size of the socket-level parameter that specifies the number of incoming connections the system will accept for that socket. If you manage a heavily used web site, make sure your system's listen-queue size is large enough to accommodate the listen-queue size setting from iPlanet Web Server. Setting the listen-queue size too high can degrade server performance. The listen-queue size was designed to prevent the server from becoming overloaded with connections it cannot handle. If your server is overloaded and you increase the listen-queue size, the server will only fall further behind.
The default setting is 128 (for Unix/Linux) or 100 (for Windows NT) incoming connections.
HTTP Persistent Connection Timeout. Specifies the number of seconds the server will allow a client connection to remain open with no activity. A web client may keep a connection to the server open so that multiple requests to one server can be serviced by one network connection. Since a given server can handle a finite number of open connections (limited by active threads), a high number of open connections will prevent new clients from connecting. Setting the timeout to a lower value, however, may prevent the transfer of large files as timeout does not refer to the time that the connection has been idle. For example, if you are using a 2400 baud modem, and the request timeout is set to 180 seconds, then the maximum file size that can be transferred before the connection is closed is 432000 bits (2400 multiplied by 180).
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Native Thread Pool Page (NT)
The Native Thread Pool page allows you to configure your native thread pool (NativePool). By default, the server has at least one thread pool, the native thread pool. This thread pool is the default thread pool for external plugins, unless specified otherwise. It uses fibers (user-scheduled threads) for internal request processing.Minimum Threads. Determines the minimum number of threads in the native thread pool. If unspecified, defaults to 1.
Maximum Threads. Determines the maximum number of threads in the native thread pool. If unspecified, defaults to 128. If you specify 1, you emulate single-threaded behavior.
Queue Size. Determines the number of threads that can wait in the queue for the thread pool. If all threads in the pool are busy, the next request-handling thread that tries to get in the queue is rejected, with the result that it returns a busy response to the client. It is then free to handle another incoming request instead of being tied up waiting in the queue. If unspecified, defaults to an unlimited size.
Stack Size (bytes). Determines the stack size of each thread in the native thread pool. The minimum value you can enter is 65536. Entering 0 specifies the default stack size for the operating system.
OK. Saves your entries. You must click Save and Apply for your changes to take effect.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Generic Thread Pools Page
The Thread Pools Page allows you to add thread pools in addition to the native thread pool. Use these pools for a variety of purposes such as limiting a certain service to a specific number of concurrent threads. To change thread pool settings once you've added the pool, edit obj.conf.If you are using Windows NT, you can also add native thread pools in addition to the generic thread pools you can add with this page.
Name of Pool. Specifies the thread pool you are adding.
Minimum Threads. Determines the minimum number of threads in the pool.
Maximum Threads. Determines the maximum number of threads in the pool. If you specify 1, you emulate single-threaded behavior.
Queue Size. Determines the number of threads that can wait in the queue for the thread pool. If all threads in the pool are busy, the next request-handling thread that tries to get in the queue is rejected, with the result that it returns a busy response to the client. It is then free to handle another incoming request instead of being tied up waiting in the queue.
Stack Size (bytes). Determines the stack size of each thread in the pool. The minimum value you can enter is 65536. Entering 0 specifies the default stack size for the operating system.
OK. Saves your entries. You must click Save and Apply for your changes to take effect.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Current Thread Pools. Lists the current thread pools. To modify a thread pool, click Edit in the thread pool row. To delete a thread pool, click Remove in the thread pool row.
The File Cache Configuration Page
Use the File Cache Configuration Page to edit settings for your file cache. The file cache is enabled by default.Enable File Cache. Check the box to turn on file cache feature.
Transmit File. Check the box if you want the server to cache open file descriptors for files in the file cache, rather than the file contents.
Hash Table Size. Enter a size. The default size is twice the maximum number of files plus 1. For example, if your maximum number of files is set to 1024, the default hash table size is 2049.
Maximum Age. Enter the maximum age (in seconds) for a valid cache entry. This setting controls how long cached information will continue to be used once a file has been cached. Set the maximum age based on whether the content is updated (existing files are modified) on a regular schedule or not.
Maximum # of Files. Enter a number.
Medium File Size Limit. Enter a size. The contents of "medium" files are cached by mapping the file into virtual memory (currently only on Unix/Linux platforms).
Small File Size Limit. Enter a size. The contents of "small" files are cached by allocating heap space and reading the file into it.
Medium File Space. Enter a number. The medium file space is the size (in bytes) of the virtual memory used to map all medium sized files. By default, this is set to 10000000 (10MB).
Small File Space. Enter a number. The small file space is the size of heap space (in bytes) used for the cache, including heap space used to cache small files. By default, this is set to 1MB for Unix/Linux, 0 for Windows NT.To be supplied.
Temporary Directory. Windows NT only. Enter the temporary directory where the files are copied.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Mime Types Page
MIME (Multi-purpose Internet Mail Extension) types control what types of multimedia files your mail system supports. MIME types also specify what file extensions belong to certain server file types, for example to designate what files are CGI programs.You don't need to create a separate MIME types file for each virtual server. Instead, you create as many MIME types files as you need and associate them with a virtual server. One MIME types file, mime.types, exists by default on the server.
For more information, see The Global Mime Types Page.
The following elements are displayed:
Add. Enter a new MIME type in the MIME file field. After you click OK, the new MIME type appears in the MIME file drop-down list.
Edit. From the MIME file drop-down list, choose a MIME type to edit. After you click OK, the Global MIME Types page appears.
Delete. From the MIME file drop-down list, choose a MIME type to remove. After you click OK, the MIME type is removed from the drop-down list.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Global Mime Types Page
The Global MIME Types page allows you to map a file extension with a file type.For more information, see The Mime Types Page.
The following elements are displayed:
New Type. Adds a new MIME type. Fill in the following fields:.
Content Type. Specifies the nature of the file. For example, the file could be text, video, and so forth. The receiving client (such as Netscape Navigator) uses the header string to determine how to handle the file, (for example, by starting a separate application or using a plug-in application).
- Category. Specifies the category of the MIME type. Choose from the following options:
type: MIME standard set of identifiers for content. MIME is a standard identifier that defines the type of media content and its format so that the heterogeneous client or server applications can interpret the multimedia content that they exchange. The MIME types file contains the default MIME types definitions that will be used for the server.
enc: A response header field sent with compressed documents in addition to a document's MIME type. It indicates to the client browser the response data has been compressed or modified by a filter, so that the client can decompress the response data before presenting it to the user.
lang: A language encoding header field specifying the language of the document.
File Suffix. Specifies all the file suffixes that will be associated with the content type. To specify more than one extension, separate the entries with a comma. File extensions must be unique; do not map one file extension to two MIME types. o be supplied.
Edit. Allows you to edit the category, content type, or file suffix of the MIME type.
The Add Listen Socket Page
Before the server can process a request, it must accept the request via a listen socket, then direct the request to the correct connection group and virtual server. This page allows you to add a listen socket.For more information, see Adding and Editing Listen Sockets and Creating a Listen Socket.
ID. The internal name for the listen socket. Used to define the listen socket(s) a virtual server is bound to.
IP. The IP address of the listen socket. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, ANY or INADDR_ANY (all IP addresses). Configuring an SSL listen socket to listen on 0.0.0.0 is required if more than one virtual server is configured to it.
Port. The port number to create the listen socket on. Legal values are 1 - 65535. On Unix, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listen socket to listen on port 443 is recommended.
Servername. The server name to put in the host name section of any URLs the server sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.
Security. Turns security on for the listen socket being created. Security settings can be enabled using The Edit Listen Sockets Page.
Once Security is turned on, the Attributes link will appear. Clicking the Attributes link will take you to The Security Settings of Listen Socket Page. Security must be turned on before security settings can be enabled. If security is on for a listen socket configured with more than one virtual server, the listen socket must have IP address of 0.0.0.0 and the non-default virtual servers configured to it must have IP addresses.
Turing on SSL for a listen socket turns on the security setting in magnus.conf. For more information, see the NSAPI Programmer's Guide.
Default VS. The default virtual server for the default connection group created when you create a listen socket. This virtual server is the virtual server which .
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Edit Listen Sockets Page
Before the server can process a request, it must accept the request via a listen socket, then direct the request to the correct connection group and virtual server. This page allows you to edit listen socket settings.If you are accessing this page from the Administration Server, see The Edit Listen Sockets Page in the Administration Server section.
For more information, see Editing Listen Socket Settings and Listen Sockets.
The following elements are displayed:
Action. Determines whether a listen socket is being created, edited, or deleted.
ID. The internal name for the listen socket. Used to define the listen socket(s) a virtual server is bound to. You cannot change this name once you have created a listen socket.
IP. The IP address of the listen socket. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, or ANY for INADDR_ANY (all IP addresses). Configuring an SSL listen socket to listen on 0.0.0.0 is required if more than one virtual server is configured to it.
Port. The port number to create the listen socket on. Legal values are 1 - 65535. On Unix, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listen socket to listen on port 443 is recommended.
Security. Turns security on for the listen socket selected.
Once Security is turned on, the Attributes link will appear. Clicking the Attributes link will take you to The Security Settings of Listen Socket Page. Security must be turned on before security settings can be enabled. If security is on for a listen socket configured with more than one virtual server, the listen socket must have IP address of 0.0.0.0 and the non-default virtual servers configured to it must have IP addresses.
Turing on SSL for a listen socket turns on the security setting in magnus.conf. For more information, see the NSAPI Programmer's Guide.
Acceptors. The number of acceptor threads for the listen socket. The recommended value is the number of processors in the machine. The default is 1, legal values are 1 - 1024.
Advanced. Click the Groups button to bring up a page where you can specify connection group settings.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Connection Group Settings Page
Each listen socket has at least one connection group associated with it. This page allows you to edit the settings for each group.If you are accessing this page from the Administration Server, see The Connection Group Settings Page in the Administration Server section.
For more information, see Connection Groups.
The following elements are displayed:
Option. Edit the existing connection group or add a new one. You can only add new connection groups if the listen socket's IP address is ANY or 0.0.0.0.
IP. The IP address of the connection group. To associate a particular virtual server with a particular IP address, enter the address here and the virtual server in the Default VS field. If the IP field is set to default, the virtual server associated with the default IP is the one displayed if the request does not use another specific IP address named in other connections. If the listen socket itself has a specific IP address, you only have the default IP connection group. For more information, see Virtual Server Selection for Request Processing.
Servername. The server name to put in the host name section of any URLs the server sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.
Default VS. The default virtual server for this connection group. The list contains all available virtual servers.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Quit. Takes you back to the previous page.
The Security Settings of Listen Socket Page
The Security Settings of Listen Socket Page allows you to set security for each listen socket. For more information, see Setting Security Preferences.The following elements are displayed:
IP. Specifies the IP address of the listen socket.
CertificateName. Allows you to select an installed certificate from the drop-down list to use for this listen socket.
Client Auth. Allows you to require client authentication on this listen socket. Click the Off link to turn client authentication on.
Ciphers. Allows you to select which cipher suites this listen socket will use: SSL2 or SSL3/TLS. Clicking on the SSL2 or SSL3/TLS links will take you to The Security Features Page.
Default. Clicking the Cipher Default link enables the default ciphers for this listen socket.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Security Features Page
Either the SSL2 Encryption or the SSL3/TLS Encryption page will be displayed based on which link you clicked. For more information, see Setting Security Preferences.The following elements are displayed:
Allow. Allows you to select the SSL version by checking or unchecking the boxes. The default versions will already be checked for you.
The following elements are displayed:
SSL ciphers. Lists all of the various ciphers within this suite. You may select the ciphers you wish to enable for the listen socket you are editing by checking or unchecking the boxes. The default versions will already be checked for you.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Restore Configuration Page
The Restore Configuration page allows you to view a backup copy of your configuration files and revert to the configuration data saved on a specific date.
Note On Windows NT, use this page only to roll back your own changes to the configuration files. Do not roll back to backup versions created during installation; they may not be complete.
The following elements are displayed:
Set number of sets of backups. Specifies the number of sets of backups. Click Change to apply the change.
In the following table, click Restore to revert to the version saved on the specified date, or click View to preview the settings before choosing to revert. Click a date button to restore all working files to what they were on the selected date. You can restore the following configuration files:
https-server_name.acl. Contains the server access control lists.
magnus.conf. Contains global settings that the server uses for initialization.
obj.conf. Defines specific steps that the server takes to process instructions. In this file, you can specify path translations, and define how things such as cgi and servlet programs are handled.
mime.types. Specifies the path to the file containing the mapping of MIME types returned by the server.
server.xml. Configures the addresses and ports that the server listens on and assigns virtual server classes and virtual servers to these listen sockets. A master file, server.dtd, defines its format and content.
web-apps.xml. Defines a set of web applications hosted by a virtual server. Each virtual server can have its own web-apps.xml file.
jvml2.conf. Contains the configuration for the Java virtual machine (JVM).
servlets.properties. Contains the name of each servlet and its initialization parameters.
contexts.properties. Defines contexts, which allow multiple servlets to exchange data and access each other's fields. Contexts are useful for defining virtual servers or for code isolation.
rules.properties. Contains virtual paths for servlets.
The Restrict Access Page
The Restrict Access page specifies access control for server instances. For more information, see Setting Access Control for a Server Instance.The following elements are displayed:
Option. Allows you to choose Add, Edit, or Delete for the specified server instance.the server for which to create or edit an access control list. After choosing a server from the drop-down list, click Create or Edit ACL.
Enter the server name of an instance you wish to add.
OK. Saves your entries.Select a server instance to edit or delete from the drop-down list.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Access Control List Management Page
The Access Control List page allows you to create and manage access control lists (ACLs). ACLs allow you to control which clients can access your server. ACLs can screen out certain users, groups, or hosts to either allow or deny access to part of your server, and set up authentication so that only valid users and groups can access part of the server.For more information, see Setting Access Control for a Server Instance.
The following elements are displayed:
Pick a Resource
Displays all the resources in the server's document root that use ACLs to restrict access. An ACL can be any uniform resource identifier (URI). The URI in the ACLs list may be a directory, file name, or an alias to a resource such as a CGI script or servlet.Editing. Specifies a resource to manage.
Browse. Specifies only a portion of the server.
Wildcard. Specifies a wildcard pattern to edit. For information on using wildcard patterns, see Wildcards Used in the Resource Picker.
Edit Access Control. Edits the access control list for the selected resource.
Pick an Existing ACL
Specifies an ACL from the list of all the ACLs enabled for the server. Even if an ACL exists, if you have not enabled it, it will not appear in this list.Editing. Specifies a resource to manage.
Edit Access Control. Edits the selected access control list.
Type in the ACL Name
Creates an ACL. Use this option only if you're familiar with ACL files and the obj.conf configuration file—you'll need to manually edit obj.conf if you want to apply named ACLs to resources.Editing. Specifies a resource to manage.
Edit Access Control. Edits the selected access control list.
The Edit Access Control Page
The Edit Access Control page is divided into two frames that set the access control rules. If the resource you chose already has access control, the rules will appear in the top frame.
Upper Frame
The upper frame displays access control rules representing each configurable setting as a link. When you click on a link, the page divides into two frames, and you can use the Lower Frame to set the access control rules. For more information, see Setting the Action.The following elements are displayed in the upper frame:
Action
Action
Specifies whether to deny or allow access to the users, groups, or hosts.
Users/Groups
Allows you to specify user and group authentication when you click "anyone." The bottom frame allows you to configure User-Group authentication. By default, no users or groups outside of the group admin can access Administration Server resources. For more information, see Specifying Users and Groups.
From Host
Allows you to specify the computers you want to include in the rule when you click "anyplace". In the bottom frame, you can enter wildcard patterns of host names or IP addresses to allow or deny. For more information, see Specifying the From Host.
Rights
Allows you to specify access rights to files and directories on your web site. In addition to allowing or denying all access rights, you can specify a rule that allows or denies partial access rights. For example, you can give people read-only access rights to your files, so they can view the information but not change the files. This is particularly useful when you use the web publishing feature to publish documents. For more information, see Setting Access Rights.
Extra
Allows you to specify a customized ACL entry. This is useful if you use the access control API to customize ACLs. For more information, see Writing Customized Expressions.
Continue
Specifies that the next line in the access control rule chain is evaluated before the server determines if the user is allowed access. When creating multiple lines in an access control entry, it's best to work from the most general restrictions to the most specific ones.
Trash Can Icon
Deletes the corresponding line from the access control rules.
Access Control Is On
Specifies whether access control is enabled.
New Line
Adds a default ACL rule to the bottom row of the table. You can use the up and down arrows in the left column to move the rule.
Response when Denied
Specifies the response a user sees when denied access. You can create a different message for each access control object. By default, the user is sent the following message: "FORBIDDEN. Your client is not allowed access to the restricted object." Responding When Access is Denied.Revert. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
Lower Frame
The lower frame allows you to configure access control rules for the ACL in the Upper Frame.The following elements are displayed in the lower frame:
Allow/Deny
Allow/Deny
Allow. Allows the user, group, or host access.Deny. Denies the user, group, or host access.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
User/Group
For more information, see Specifying Users and Groups.Anyone (No Authentication). Allows everyone access to the resource. No authentication is required.
Authenticated people only. Allows only authenticated users and groups to access the resource. Choose from the following options:
All in the Authentication Database. Allows all users and groups in the LDAP directory.
Prompt for Authentication. Allows you specify message text that appears in the authentication dialog box. You can use this text to describe what the user needs to enter. Depending on the operating system, the user will see about the first 40 characters of the prompt. Netscape Navigator and Netscape Communicator cache the username and password and associate them with the prompt text. This means that if the user accesses areas (files and directories) of the server that have the same prompt, the user will not have to retype usernames and passwords. Conversely, if you want to force users to reauthenticate for various areas, you must change the prompt for the ACL on that resource.Only the Following People. Allows only the users and groups specified. Click List under Group or User to list or search for groups and users in the LDAP directory.
Authentication Methods. Specifies the method the server uses when getting authentication information from the client.
Default uses the default method you specify in the obj.conf file, or "Basic" if there is no setting in obj.conf. If you check Default, the ACL rule doesn't specify a method in the ACL file. Default is the best choice because you can easily change the methods for all ACLs by editing one line in the obj.conf file.
Authentication Database. Lets you select a database that the server uses to authenticate users. The default setting means the server looks for users and groups in an LDAP directory. However, you can configure individual ACLs to use different databases. You can specify different databases and LDAP directories in the file server_root/userdb/dbswitch.conf. Then, you can choose the database you want to use in the ACL by selecting it in the drop-down list. If you use the access control API to use a custom database (for example, to use an Oracle or Informix database), you can type the name of the database in the "Other" field in the User/Group window.Basic uses the HTTP method to get authentication information from the client. The username and password are only encrypted if encryption is turned on for the server.
SSL uses the client certificate to authenticate the user. If you use this method, SSL must be turned on for the server. If you have encryption on, you can combine Basic and SSL methods.
Other uses a custom method you create using the access control API.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
From Host
For more information, see Specifying the From Host.Any place. Allows any machine access to the resource.
Only from. Allows only the specified host names or IP address access to the resource. You specify this restriction by using wildcard patterns that match the machines' host names or IP addresses. For example, to allow or deny all computers in a specific domain, you would enter a wildcard pattern that matches all hosts from that domain, such as *.iplanet.com.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
Rights
For more information, see Setting Access Rights.All Access Rights. Allows the user, group, or host all access rights: read, write, execute, delete, list, and info.
Only the Following Rights. Allows the user, group, or host only the selected access rights. Choose from the following:
Read. Allows a user view a file. Read access right includes the HTTP methods GET, HEAD, POST, and INDEX.
Update. Saves your entries.Write. Allows a user change or delete a file. Write access right includes the HTTP methods PUT, DELETE, MKDIR, RMDIR, and MOVE. To delete a file, a user must have both write and delete privileges.
Execute. Allows a user to execute server-side applications, such as CGI programs and Java applets.
Delete. Allows a user who also has write privileges to delete a file or directory.
List. Allows a user to get directory information. The user can get a list of the files in that directory. This applies to Web Publisher and to directories that do not contain an index.html file.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
Customized Expressions
Customize Expressions. Allows you to enter custom expressions for an ACL in the text box. You can use this feature if you are familiar with the syntax and structure of ACL files. For more information on customized expressions, see Writing Customized Expressions, and ACL File Syntax.Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
Access Deny Response
Respond with the Default File (Redirection Off). The following message is sent: "FORBIDDEN. Your client is not allowed access to the restricted object.."Respond with the Following URL: (Redirection On). When selected, allows you to create a different message for each ACL. Enter the absolute path of a URL or a relative URI.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Help. Displays the online help.
The Magnus Editor Page
The Magnus Editor page allows you to change certain settings in the magnus.conf file. The magnus.conf file is located in the server-id/config directory. It establishes a set of global variable settings that affect the server's behavior and configuration.For more information, see the NSAPI Programmer's Guide and Editing the magnus.conf File.
The following elements are displayed:
Select a Setting. From the drop-down list, choose a setting to change and click the Manage button.
Choose from the following options:
The DNS Settings Page
The DNS Settings Page
The DNS Settings page allows you to enable or disable the directives in magnus.conf that affect DNS lookup.For more information, see the NSAPI Programmer's Guide.
The following elements are displayed:
AsyncDNS. Specifies whether asynchronous DNS is allowed. The DNS directive must be set to on for this directive to take effect. The value is either on or off.
DNS. The DNS directive specifies whether the server performs DNS lookups on clients that access the server.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The SSL Settings Page
The SSL Settings page allows you to edit the values of the directives in magnus.conf that affect server access and security issues for iPlanet Web Server. For more information, see SSL and TLS Protocols.For more information, see the NSAPI Programmer's Guide.
Enter a numeric value in the Value field corresponding to the directive to edit and click OK to save your changes.
SSLSessionTimeout. The number of seconds until a cached SSL2 session becomes invalid. The default value is 100.
SSLCacheEntries. The number of SSL sessions that can be cached. There is no upper limit. If the value is 0, the default value, which is 10000, is used.
SSL3SessionTimeout. The number of seconds until a cached SSL3 session becomes invalid. The default value is 86400 (24 hours).
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Performance Settings Page
The Performance Settings page allows edit the values of the directives in magnus.conf that affect threads, processes and connections for your web server.Enter a numeric value in the Value field corresponding to the directive to edit or choose On/Off from the drop-down list. Click OK to save your changes.
StackSize. Determines the maximum stack size for each request handling thread.
PostThreadsEarly. Use this directive when the server will be handling requests that take a long time to handle, such as those that do long database connections.
ListenQ. The maximum number of pending connections on a listen socket. Connections that time out on a listen socket whose backlog queue is full will fail.
NativePoolStackSize. Determines the stack size of each thread in the native (kernel) thread pool.
ThreadIncrement. The number of additional or new request processing threads created to handle an increase in the load on the server
ChunkedRequestBufferSize. Determines the default buffer size for "un-chunking" request data.
NativePoolMinThreads. Determines the minimum number of threads in the native (kernel) thread pool.
RcvBufSize. Specifies the size (in bytes) of the receive buffer used by sockets. Allowed values are determined by the operating system.
RqThrottleMin. Specifies the number of request processing threads that are created when the server is started. As the load on the server increases, more request processing threads are created (upto a maximum of RqThrottle threads).
HeaderBufferSize. The size (in bytes) of the buffer used by each of the request processing threads for reading the request data from the client. The maximum number of request processing threads is controlled by the RqThrottle setting.
TerminateTimeout. Specifies the time that the server waits for all existing connections to terminate before it shuts down.
IOTimeout. Specifies the number of seconds the server waits for data to arrive from the client. If data does not arrive before the timeout expires then the connection is closed.
RqThrottle. Specifies the maximum number of simultaneous request processing threads that the server can handle simultaneously per socket. Each request runs in its own thread.
ChunkedRequestTimeout. The ChunkedRequestTimeout directive determines the default timeout for "un-chunking" request data.
SndBufSize. Specifies the size (in bytes) of the send buffer used by sockets.
MaxRqHeaders. Specifies the maximum number of header lines in a request. Values range from 0 to 32.
ConnQueueSize. Specifies the number of outstanding (yet to be serviced) connections that the webserver can have.
MaxProcs. Specifies the maximum number of processes that the server can have running simultaneously.
KernelThreads. Set kernelThreads to ON(or a value of 1) to ensure that the server uses only kernel-level threads, not user-level threads. Set KernelThreads to OFF (or a value of 0) to ensure that the server uses only user-level threads, which may improve performance.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The CGI Settings Page
The CGI Settings page allows edit the values of the directives in magnus.conf that affect requests for CGI programs.Enter a numeric value in the Value field corresponding to the directive to edit and click OK to save your changes.
MinCGIStubs. Controls the number of processes that are started by default. Note that if you have an init-cgi directive in the magnus.conf file, the minimum number of CGIStub processes are spawned at startup. The value must be less than the MaxCGIStubs value.
CGIExpirationTimeout. Specifies the maximum time in seconds that CGI processes are allowed to run before being killed.
CGIStubIdleTimeout. Causes the server to kill any CGIStub processes that have been idle for the number of seconds set by this directive. Once the number of processes is at MinCGIStubs, the server does not kill any more processes.
MaxCGIStubs. Controls the maximum number of CGIStub processes the server can spawn. This is the maximum concurrent CGIStub processes in execution, not the maximum number of pending requests.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The KeepAlive Settings Page
The KeepAlive Settings page allows you edit the values of the directives in magnus.conf that affect threads, processes and connections for your web server.Enter a numeric value in the Value field corresponding to the directive to edit or choose On/Off from the drop-down list. Click OK to save your changes.
KeepAliveThreads. Determines the number of threads in the keep-alive subsystem. It is recommended that this number be a small multiple of the number of processors on the system.
KeepAliveTimeout. Determines the maximum time that the server holds open an HTTP Keep-Alive connection or a persistent connection between the client and the server.
MaxKeepAliveConnections. Specifies the maximum number of Keep-Alive and persistent connections that the server can have open simultaneously. Values range from 0 to 32768.
UseNativePoll. OFF (or a value of 0) uses a platform-specific poll interface. ON (or a value of 1) uses the NSPR poll interface in the KeepAlive subsystem.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Logging Settings Page
The Logging Settings page allows you to edit the directives that affect the error log and access log.The following elements are displayed:
LogFlushInterval. Determines the log flush interval, in seconds, of the log flush thread.
LogVerbose. Determines whether verbose logging occurs or not. If the value is ON, the server logs all server messages including those that are not logged by default (such as WAI initialization messages).
LogVsId. Enables virtual server ID logging.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Previous Contents Index DocHome Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated May 10, 2001