Sun Java System Application Server Platform Edition 8.1 2005Q1 Administration Guide |
Chapter 12
Configuring the HTTP ServiceThis chapter describes how to configure virtual servers and HTTP listeners for the HTTP service component of the Application Server.
About the HTTP ServiceWhat Is the HTTP Service?
The HTTP service is the component of the Application Server that provides facilities for deploying web applications and for making deployed web applications accessible by HTTP clients. (See "Deploying a Web Application".) These facilities are provided by means of two kinds of related objects, virtual servers and HTTP listeners.
Virtual Servers
A virtual server, sometimes called a virtual host, is an object that allows the same physical server to host multiple Internet domain names. All virtual servers hosted on the same physical server share the Internet Protocol (IP) address of that physical server. A virtual server associates a domain name for a server (such as
www.aaa.com
) with the particular server on which the Application Server is running.Note: Do not confuse an Internet domain with the administrative domain of the Application Server.
For instance, assume you want to host these domains on your physical server:
www.aaa.com
www.bbb.com
www.ccc.comAssume also that www.aaa.com,
www.bbb.com
, andwww.ccc.com
have web modulesweb1
,web2
, andweb3
, respectively, associated with them.This means that all of these URLs are handled by your physical server:
http://www.aaa.com:8080/web1
http://www.bbb.com:8080/web2
http://www.ccc.com:8080/web3The first URL is mapped to virtual host
www.aaa.com
, the second URL is mapped to virtual hostwww.bbb.com
, and the third is mapped to virtual hostwww.ccc.com
.On the other hand, the following URL results in a 404 return code, because
web3
isn’t registered withwww.bbb.com
:http://www.bbb.com:8080/web3
For this mapping to work, make sure that
www.aaa.com
,www.bbb.com
, andwww.ccc.com
all resolve to your physical server’s IP address. They need to be registered with the DNS server for your network. In addition, on a UNIX system, add these domains to your/etc/hosts
file (if the setting forhosts
in your/etc/nsswitch.conf
file includesfiles
).When the Application Server is started, it starts the following virtual servers automatically:
For development, testing, and deployment of web services in a non-production environment,
server
is often the only virtual server required. In a production environment, additional virtual servers provide hosting facilities for users and customers so that each appears to have its own web server, even though there is only one physical server.HTTP Listeners
Each virtual server provides connections between the server and clients through one or more HTTP listeners. Each HTTP listener is a listen socket that has an IP address, a port number, a server name, and a default virtual server.
HTTP listeners must have a unique combination of port number and IP address. For example, an HTTP listener can listen on all configured IP addresses on a given port for a machine by specifying the IP address 0.0.0.0. Alternatively, the HTTP listener can specify a unique IP address for each listener, but use the same port.
Since an HTTP listener is a combination of IP address and port number, you can have multiple HTTP listeners with the same IP address and different port numbers (for example, 1.1.1.1:8081 and 1.1.1.1:8082), or with different IP addresses and the same port number (for example, 1.1.1.1:8081 and 1.2.3.4:8081, if your machine was configured to respond to both these addresses).
However, if an HTTP listener uses the 0.0.0.0 IP address, which listens on all IP addresses on a port, you cannot create HTTP listeners for additional IP addresses that listen on the same port for a specific IP address. For example, if an HTTP listener uses 0.0.0.0:8080 (all IP addresses on port 8080), another HTTP listener cannot use 1.2.3.4:8080.
Because the system running the Application Server typically has access to only one IP address, HTTP listeners typically use the 0.0.0.0 IP address and different port numbers, with each port number serving a different purpose. If the system does have access to more than one IP address, each address can serve a different purpose.
By default, when the Application Server starts, it has the following HTTP listeners:
- Two HTTP listeners named
http-listener-1
andhttp-listener-2
, associated with the virtual server namedserver
. The listener namedhttp-listener-1
does not have security enabled;http-listener-2
has security enabled.- An HTTP listener named
admin-listener
, associated with the virtual server named__asadmin
. This listener does not have security enabled.All these listeners use the IP address 0.0.0.0 and the port numbers specified as the HTTP server port numbers during installation of the Application Server. If the Application Server uses the default port number values,
http-listener-1
uses port 8080,http-listener-2
uses port 8181, andadmin-listener
uses port 4848.Each HTTP listener has a default virtual server. The default virtual server is the server to which the HTTP listener routes all request URLs whose host component does not match any of the virtual servers that are associated with the HTTP listener (a virtual server is associated with an HTTP listener by listing the HTTP listener in its
http-listeners
attribute).In addition, specify the number of acceptor threads in the HTTP listener. Acceptor threads are threads that wait for connections. The threads accept connections and put them in a queue, where they are then picked up by worker threads. Configure enough acceptor threads so that there is always one available when a new request comes in, but few enough so that they do not provide too much of a burden on the system. In the Application Server, there is no distinction between acceptor and request processing (worker) threads: each HTTP listener thread is responsible for accepting and processing requests. For this reason, the HTTP listeners in the Application Server’s default configuration use 50 acceptor threads.
The HTTP listener’s server name is the host name that appears in the URLs the server sends to the client as part of a redirect. This attribute affects URLs the server automatically generates; it does not affect the URLs for directories and files stored in the server. This name is normally the alias name if the server uses an alias. If a client sends a
Host:
header, that host name supersedes the HTTP listener’s server name value in redirects.Specify a redirect port to use a different port number from that specified in the original request. A redirect occurs in one of these situations:
- If a client tries to access a resource that no longer exists at the specified URL (that is, the resource has moved to another location), the server redirects the client to the new location (instead of returning a 404), by returning a designated response code and including the new location in the response’s Location header.
- If a client tries to access a resource that is protected (for example, SSL) on the regular HTTP port, the server redirects the request to the SSL-enabled port. In this case, the server returns a new URL in the Location response header, in which the original nonsecure port has been replaced with the SSL-enabled port. The client then connects to this new URL.
Specify also whether security is enabled for an HTTP listener and what kind of security is used (for example, which SSL protocol and which ciphers).
To access a web application deployed on the Application Server, use the URL
http://localhost:8080/
(orhttps://localhost:8181/
if it is a secure application), along with the context root specified for the web application. To access the Admin Console, use the URLhttp://localhost:4848/
orhttp://localhost:4848/asadmin/
(its default context root).Because a virtual server must specify an existing HTTP listener, and because it cannot specify an HTTP listener that is already being used by another virtual server, create at least one HTTP listener before creating a new virtual server.
Admin Console Tasks for the HTTP ServiceConfiguring the HTTP Service
To configure the HTTP service, follow these steps:
- In the tree component, expand the Configuration node.
- Select the HTTP Service node.
- On the HTTP Service page, you can set properties that apply to all of the service’s HTTP listeners.
The following table lists these properties.
- Click the Access Log tab to configure access log rotation.
- Click Save.
- Stop and restart the Application Server.
Configuring the HTTP Service Access Log
Use this page to enable and configure rotation for the access logs for the virtual servers. These logs are in the domain_root_dir
/
domain_dir/logs/access
directory and are named as follows:virtual_server_name_access_log.yyyy-mm-dd.txt
Click Load Defaults to load the default values. To change the rotation properties for these logs, do the following:
- Check the File Rotation box to turn on file rotation. By default, file rotation is enabled.
- From the Rotation Policy drop-down list, choose a policy. (The only policy available is
time
.)- In the Rotation Interval field, type a numeric value to specify the number of minutes between rotations of the access log. This field is valid only if the Rotation Policy is
time
. The default is 1440 minutes.- In the Rotation Suffix field, type a string value to specify the suffix to be added to the log file name after rotation. The default is
%YYYY;%MM;%DD;-%hh;h%mm;m%ss;s
.- In the Format field, enter a string value to specify the format of the access log. Use the formats shown in the following table. The default format is
%client.name% %auth-user-name% %datetime% %request% %status% %response.length%
.- Click Save to save the changes, or Load Defaults to return to the default settings.
Admin Console Tasks for Virtual ServersCreating a Virtual Server
To create a virtual server, follow these steps:
- In the tree component, expand the Configuration node.
- Expand the HTTP Service node.
- Select the Virtual Servers node.
- On the Virtual Servers page, click New. The Create Virtual Server page appears.
- In the ID field, type a unique name for the virtual server. This value is used to identify the virtual server internally. It is not exposed to HTTP clients. The host names that are exposed to HTTP clients must be specified in the Hosts field.
- In the Hosts field, type the host name or names for the machine on which the server is running. Use either actual or virtual host names that are registered with the DNS server for your network (and, on a UNIX system, in your
/etc/hosts
file).- In the area opposite State, select either On, Off, or Disabled. The default is On.
- Leave the HTTP Listeners field empty. It is filled in automatically when you create an HTTP listener and associate it with this server.
(Use of this field requires that you specify an existing HTTP listener. You must not, however, specify a listener that is used by another virtual server; if you do, an error appears in the server log when you restart the server. Since a listener must be associated with an existing virtual server when it is created, all existing listeners are used by another virtual server.)
- From the Default Web Module drop-down list, choose the deployed web module (if any) that is to respond to all requests that cannot be mapped to other web modules deployed to the virtual server.
If a Default Web Module is not specified, the web module that has an empty context root is used. If there is no web module with an empty context root, a system default web module is created and used.
- In the Log File field, type the path name of the file where logging messages from this virtual server will appear. Leave this field empty to send logging messages to the default server log, domain_root_dir
/
domain_dir/logs/server.log
.- In the Additional Properties area, click Add Property to add a property for the virtual server. Whether you specify properties or not, the new server has the default properties
docroot
andaccesslog
, set to default values.- Click OK to save the virtual server.
- Stop and restart the Application Server.
The following table lists the available properties.
Equivalent
asadmin
command:create-virtual-server
Editing a Virtual Server
To edit a virtual server, follow these steps:
Deleting a Virtual Server
To delete a virtual server, follow these steps:
It is possible to delete the
__asadmin
virtual server, but this is not recommended. If you plan to do so, first copy thevirtual-server
elements of the Application Server’sdomain.xml
file to a safe place so that the settings can be restored if needed.Equivalent
asadmin
command:delete-virtual-server
Admin Console Tasks for HTTP ListenersCreating an HTTP Listener
To create an HTTP listener, follow these steps:
- In the tree component, expand the Configuration node.
- Expand the HTTP Service node.
- Select the HTTP Listeners node.
- On the HTTP Listeners page, click New. The Create HTTP Listener page appears.
- In the Name field, type a name for the listener.
- In the Listener field, remove the check from the Enabled box if you do not want to enable the listener when the server restarts.
- In the Network Address field, type 0.0.0.0 if you want the listener to listen on all IP addresses for the server, using a unique port value. Otherwise, type a valid IP address for the server.
- In the Listener Port field, type a unique port value if the Network Address field is 0.0.0.0, or the desired port value if you are using another IP address.
- Choose a virtual server from the Default Virtual Server drop-down list.
- In the Server Name field, type the host name to be used in the URLs the server sends to the client. This name is the alias name if your server uses an alias. If your server does not use an alias, leave this field empty.
- In the Advanced area, perform any of the following tasks:
- To redirect requests to another port, type a value in the Redirect Port field. The Application Server automatically redirects the request if these two conditions exist:
- Change the number of Acceptor Threads.
- Remove the check from the Powered By box to disable the inclusion of the
X-Powered-By: Servlet/2.4
header in servlet-generated HTTP response headers.The Java Servlet 2.4 Specification defines this header, which containers may add to servlet-generated responses. Similarly, the JavaServer Pages (JSP) 2.0 Specification defines an
X-Powered-By: JSP/2.0
header to be added (on an optional basis) to responses that use JSP technology. The inclusion of theX-Powered-By: JSP/2.0
header is enabled by default for web applications. The goal of these headers is to aid web site administrators in gathering statistical data about the use of Servlet and JSP technology.For information on enabling and disabling the
X-Powered-By
header for JSP pages, see the chapter entitled “Deployment Descriptor Files” in the Application Server Developer’s Guide. See "Further Information" for a link to this document.Production environments might decide to omit the generation of
X-Powered-By
headers to hide their underlying technology.- To create a listener that is not secure, click OK.
- Stop and restart the Application Server.
In the SSL section of this page, you can configure the listener to use SSL, TLS, or both SSL and TLS security.
To set up a secure listener, do the following:
- Check the Enabled box in the Security field.
- To force clients to authenticate themselves to the server when using this listener, check the Enabled box in the Client Authentication field.
- Enter the name of an existing server keypair and certificate in the Certificate NickName field. See the Security chapter for more information.
- In the SSL3/TLS section:
- Click OK, then stop and restart the Application Server.
The listener is now listed in the HTTP Listeners field for the virtual server that is specified as the Default Virtual Server.
Equivalent
asadmin
commands:create-http-listener
,create-ssl
Editing an HTTP Listener
To edit an HTTP listener, follow these steps:
Deleting an HTTP Listener
To delete an HTTP listener, follow these steps:
It is possible to delete the
http-listener-1
,http-listener-2
, andadmin-listener
HTTP listeners, but this is not recommended. If you plan to do so, first copy thehttp-listener
elements of the Application Server’sdomain.xml
file to a safe place so that the settings can be restored if needed.Equivalent
asadmin
command:delete-http-listener