Resolved Issues

6322443 

NSFC buffer size should be configurable (64-Bit). 

Additional Information: Use the new BufferSize nsfc.conf directive to configure the size of the buffer used to transmit file contents on cache misses. The following directive can be added to nsfc.conf to increase the buffer size from its default of 8192 bytes to 16384 bytes: BufferSize=16384

Larger buffer sizes may result in improved throughput at the cost of increased latency and memory utilization. 

6234284 

JES3 Web Server installation fails and/or core dumps if the Admin password contain shell meta-characters such as ;, $, &, ^, *. (. ), |, <, >, ', `,”, and \, etc in Admin password. 

6232465 

Include -N linker option for HPUX Web Server builds. 

6171389 

Input filter is called only for the first HTTP request when using Keep-Alive. All subsequent requests of the TCP connection are not being processed by the filter. 

6195820 

Global resources are not available to load-on-startup servlets. 

5042600 

Unable to migrate 6.0 SP7 Web Server instance to 6.1 SP2. 

6244615 

Web Server migration should correctly update RootCerts. 

6219618 

JES Web Server 6.1 SP2 failed to index PDF version 1.5 (Acrobat 6.x) doc for Search Collection Creation. 

6239342 

Cross-site scripting vulnerability in a default error page. 

4879994 

SSL: Data larger than 8k is lot when the request triggers new SSL handshake. 

Additional Information: By default Web Server can upload file of size up to 1MB (when client cert authentication is optional). To upload file larger than 1MB, increase the SSLClientAuthDataLimit limit in the magnus.conf file. In case of simultaneous uploading of very large files Web Server will use large chunk of memory. To minimize memory utilization do any of the followings:

• If authentication is not required, turn off the authentication.

• If authentication is required, make it mandatory by setting require=1 in the obj.conf.

PathCheck fn="get-client-cert" dorequest="1" require="1"

6229472 

.htaccess Require directive broken. 

6170938 

acceptlanguage does not work for User Document Directories. 

6180991 

Internal-Daemon Log Rotation does not work for files greater than 2GB. 

6254121 

.htaccess silently fails to protect resources which do not have a corresponding file. 

6185904 

New NSS error codes are not being handled properly (unknown error – 8048). 

6262885 

Switching from HTTPS to HTTP causes generation of new session. 

Additional Information: Set the isSecure attribute of the session cookie for the Web application under cookie-properties to either true or false in the webapp's sun-web.xml. The default value is true. In the following example, isSecure is set to false for the web-app by setting the parameter value to false. The sun-web.xml will look like:

<session-config>
         <cookie-properties>
           <property name="isSecure" value="false"/>
         </cookie-properties>
      </session-config>

6222728 

SNMP services fail in Web Server 6.1 SP2/SP3 on Windows 2000 platform. 

6273472 

Web Server 6.1 SP4 uninstall script displays an error message – `No such file or directory'. 

6259257 

Some PDF files fail to be indexed by the search engine. 

6253489 

ClassCastException thrown when nested includes are present in JSPs. 

6285847 

Requests with double `Content-Length' header should get rejected (HRS vulnerability). 

Workaround: Add the StrictHttpHeaders directive in magnus.conf and set its value to on.

6275413 

Incorrectly configured home-page SAF crashes server. 

6021153 

Required patch id 112396-03 does not exist. 

The patch #112396-03 listed as `required' in earlier release notes was incorrect. There is only #112396-02 patch, which fixes the BugId #4498984 (*fgrep* fails with `wordlist too large' for some older version of OS patchadd command). 

The correct patch number is: 112396-02. 

Solaris users must have the Sun recommended patch cluster installed, available in the Recommended and Security Patches section at: http://sunsolve.sun.com

Solaris 8 (SPARC)

• Solaris 8 Update 7

• Sun recommended latest Security and Recommended patch cluster.

Solaris 9 (SPARC and x86)

• Solaris 9 Update 4 or above.

• Sun recommended latest Security and Recommended patch cluster.

6066252 

client certs with AKI extension causes SEC_ERROR_UNKNOWN_ISSUER error. 

6092498 

SJWS 6.1 fails to validate a client cert with LDAP if the cert contains Czech characters. 

6171311 

Frequent errors encountered when running Web Server with JDK 1.5. 

6171784 

Web Server performance issue with certain error logging configuration. 

4925875 

i18-ko: no asterix search result with Korean word. 

6171950 

Precompiled JSPs do not work as expected with reload-interval param in sun-web.xml. 

Workaround: Use the property `use-precompiled' (set to `true' under JSP-config in sun-web.xml) to specify that the JSPs are precompiled and should never need to be compiled at runtime.

Sample sun-web.xml 

<sun-web-app>
<session-config>
<session-manager/>
</session-config>
<jsp-config>
<property name="use-precompiled" value="true" />
</jsp-config>
</sun-web-app>

5048940 

Superuser Access Control page in Admin GUI not accessible after upgrade from SP1. 

6177544 

libpassthrough.so not present after RPM installation of plug-in. 

6176231 

Sun Java System Web Server 6.1 SP4 Admin delete certificate (bin/https/admin/security) core dumps with NSS 3.9.3 beta. 

6173365 

Multiple package installers for same build of Web Server of Solaris SPARC/x86. 

5039633 

Update NSS to 3.9 series. 

5063134 

Java ES symlink not used for J2SE location. 

6067407 

Problems using ACL_LDAPSessionFree(). 

6173293 

Web Server always sets content type to text/html when servlet filter is set. 

6176264 

Web Server 6.1 SP4 Solaris x86 unable to start the SSL instance through the Admin GUI. 

6180677 

Web Server SP4 for JES3 is unable to upgrade on top of Web Server SP2 for JES2. 

6066139 

JSTLTCK - 16 tests fail while running Web Server with JDK1.5_beta2 release. 

6088595 

Admin throws exception with JDK 1.5.0_beta2 while creating/editing classes. 

4904913 

I18N search: `?' wildcard search with Japanese causes wrong match. 

4798461 

GUI does not correctly reflect when `Transmit File' is turned off. 

4904896 

I18N search: sort encoding list of Default Encoding on search Admin GUI. 

4905412 

GUI doesn't seem to permit manage users in keyfile database. 

4991338 

Web Server Admin console does not show all the tabs (in Mozilla browser). 

5001819 

Web Server 6.1 Nova Search Engine sometimes misses to pick up document. 

5014693 

Java filters, HTTP compression, and SHTML fail to interoperate. 

5021077 

Encountering java.lang.NullPointerException if you click on OK button without selecting the Directory Server. 

5025617 

Web Server's JNDI needs to map resource-env-ref's from sun-web.xml. 

5042676 

Request flow problem with Client tag code=302. 

5056989 

Enable prefixing of hostname in session ID. 

Note: you can enable prefixing hostname in session ID (as in 6.0SPx) for the web-app by setting the value of the property prefixSessionIDWithHostname under manager-properties to any of the values, yes, true, or on, in the web-app's sun-web.xml.

In the following example, prefixing hostname in session ID is enabled for the web-app by setting the parameter value to true. The sun-web.xml looks like: 

<session-config>
<session-manager>
<manager-properties>
<property name="prefixSessionIDWithHostname" value="true"/>
</manager-properties>
</session-manager>
</session-config>

5057749 

Web Server 6.1 SP2: plug-in defined in certmap.conf does not load. 

6041356 

Memory leak when AdminLanguage and/or DefaultLanguage is specified in magnus.conf. 

6057426 

The load balancer plug-in (formerly Resonate plug-in), loadbal.so, does not work on SPARC Solaris. 

Note that the location of the loadbal.so plug-in is: <server_root>/plugins/loadbal.so

5065017 

Servlet session data problem. 

5048051 

Create collection fails on Linux with RPM install. 

5029954 

StackSize is ignored when ConnQueueSize/RqThrottle is 0. 

4898077 

Inconsistent behavior between HttpServerAdmin and iWS console. 

5013100 

Two ports like 2500 and 02500 are added in server.xml as different ports. 

5046634 

2 byte character in http header and plug-in programs. 

You can enable response header encoding at either at the web-app level by setting the value of the configuration parameter use-responseCT-for-headers to any of the values, yes, true, or on, in the web-app's sun-web.xml. In the following example, response header encoding is enabled for the web-app setting the parameter value to true. The sun-web.xml looks like: 

<sun-web-app> 
<parameter-encoding form-hint-field="j_encoding"/> 
<property name="use-responseCT-for-headers" value="true" /> 
<session-config> 
<session-manager/> 
</session-config> 
<jsp-config/> 
</sun-web-app>

4536102 

ADM:i18n: SNMP community name doesn't show up on Solaris Netscape. 

4536194 

CGI subsystem makes blocking calls from NSPR user threads. 

4536739 

Admin ACL and Superuser AC: Allow only `from host' does not work. 

4615933 

CORE:SHTML: can't set Content-encoding for .shtml files. 

4629796 

ADM:i18n: French Thread pool name displaying garbage on JA-NT (Internet Explorer and Netscape). 

4651056 

Web Server returns 404 for files starting with `..'. 

4651206 

After adding new mime type file, there is no way of verifying addition from the GUI. 

4651207 

On Document preference Web page, file to use for error responses needs to be provided. 

4652009 

Customized access log file is not reflected in GUI in View Access Log tab. 

4657465 

Need to disable cookie-encoding. 

By default, the Sun Java System Web Server URL encodes the cookies before sending them to the client. If you do not want the cookies to be encoded, add the following line to sun-web.xml: 

<property name="encodeCookies" value="false"/>

For the above example, put the line directly under the <sun-web-app> tag; do not embed them in any other tag. 

4664945 

Internal Error from URL forwarding form. 

4666409 

Clearing the ErrorResponse CGI files name. 

4676934 

dist-admin: Override default ACI in Web Server 6.0 SP2. 

4676946 

No validation of virtual server settings form. 

4676950 

Internal Error on removing http:// from URL forwarding form.

4682434 

CGI script fails that grabs environment variables fails to execute. 

4682894 

Cluster management - Selection of source server deselects target servers. 

4684775 

Async DNS is disabled by default. 

4707989 

Web-app/JSP: load-on-startup not working on JSP files. 

4704385 

Cluster: Null message in modify cluster when `OK' is clicked soon after reset. 

4705181 

User and group is not validating for the users and accepting blank spaces in CGI. 

4705204 

Newly added ACL files are not getting deleted after selecting delete. 

4706063 

Chroot and Directory are not validating correctly. 

4711353 

Admin: Global|SNMP Master Trap Warning displays `Form Element Missing:manager?'. 

4718914 

Turn the security ON for any instance server without installing certificate. 

4724503 

After enabling IPv6 on GUI Edit listen socket, server will not start. 

4727597 

Admin GUI gets cluttered when a new server is added with a duplicate Port. 

4721021 

Unable to access absolute URI on SSL enabled server. 

4727444 

Access Log reports incorrect data. 

4732877 

Urlhosts field does not accept more that one hostname. 

4745314 

$id variable in Docroot in a VSCLASS is not working on Windows.

4749239 

ACLI: Incorrect processing of ACL. 

4753601 

MaxRqHeader directive in magnus.conf is not working as desired. 

4754934 

Vignette NSAPI plug-in on Web Server 6.0 not functioning correctly when using HTTP1.1. 

4761188 

LDAP: Improve LDAP dynamic group performance for ACL's. 

For performance reason, a new LDAP config parameter, `dyngroups fast' is introduced for SP2. With this config, Web Server will make assertion about group membership bypassing nested individuals among dynamic groups. 

For example, assuming that user `alpha' belongs to group `a', group `a' is a member of group `b' by group `b' memberURL definition (dynamic group), and your ACL only grants group `b' access. In such case, Web Server will deny access from `alpha' because `alpha' is not regarded as member of group `b'. 

If you want to support nested group in such case, don't define this new config for LDAP authentication service (you won't get performance gain consequently.) Sample config: directory: 

ldapregular ldap://localhost:389/o=TestCentral

ldapregular: dyngroups fast 

4763653 

Validation required for the form elements in document preferences page. 

4764307 

Magnus.conf: Performance settings: accepting -ve numbers.

4765709 

Admin: Configure Directory Service not validating binddn/password. 

4770294 

Web Server 6 on Windows should add CR character to the end of line in access log. 

4786612 

The Web Server treats `:' as a separator between hostname/IP and port in several places. This code needs to be updated to recognize when the `:' is actually part of an IPv6 address. 

4787310 

Eviction fails in NSFC when SmallFileSpace is set to low value. 

4788075 

Setting the PATH variable in magnus.conf for Web Server 6.0 SP5 does not work. 

4800173 

Performance issue with large ACL file in conjunction with many virtual servers. 

4808402 

Native authenticator support. 

4814097 

Unable to select `none' as program item under program groups in GUI. 

4822720 

Keep-alive subsystem should be dynamically tuned. 

The keep-alive subsystem requires tuning for optimal performance. In Web Server 6.0, this subsystem was tuned for heavy load and performs poorly when there are only a handful of concurrent keep-alive connections. The keep-alive subsystem was modified for Web Server 6.1 SP2 so it performs some dynamic tuning to accommodate the actual load. 

4849907 

shtml is parsed when execute permission is not set and configured. 

4855807 

AIX: Web Server hangs after restarted by watchdog. 

4858152 

Access log entries in server.xml of the migrated instance points to invalid path. 

4869527 

SNMP: protos test no. 3 fails for RH Linux 6.2/7.2/Adv Server 2.1 & Sun Linux 5. 

4862498 

New directory Service Screen not connected to interface. 

4870613 

Back button not working for frames in Netscape 7. 

4873766 

upload-file does not work correctly with chunked requests. 

4882838 

Unable to specify protocol for URL in generated redirects. 

The server generates a self-referencing URL whenever it sends a redirect to a client. As of Web Server 6.1 SP1, the servername attribute of the LS element in server.xml can be used to configure the scheme used in server-generated self-referencing URLs. 

For example, if an SSL offloader sits between the Internet and the Web Server instance, decrypting SSL-encrypted traffic for www.sun.com and relaying it to the Web Server on port 8080, an LS element such as the following could appear in server.xml: 

<LS remap="ls1" port="8080" security="disabled"...servername="https://www.sun.com"/>

The `https://' prefix in the servername value instructs the server to use the https scheme in self-referencing URLs even though the LS is not configured to handle SSL traffic. 

4889081 

Internal log rota creates empty logs. 

4894033 

dist-admin: Functioning of Admin ACL `Allow only from host/ip' is not as per doc. 

4896881 

While untaring the Web Server bits, the ownership and group information is not correct. 

4897074 

On Linux only: When you create a collection, PDF files will not be indexed and added to the collection. 

4899105 

The highlighting of the connection value in edit virtual server is not correct. 

4905175 

WebDAV ACL settings are inherited into new Virtual Servers. 

4909378 

Help Button for edit webdav is not pointing to the correct help page. 

4903449 

Performance affected with multi-process mode and one thread. 

4905681 

The AsyncDNS setting is ignored in Sun Java System Web Server 6.1 SP1. The Web Server never performs asynchronous DNS lookups.

Note that even when the magnus.conf contains AsyncDNS on, that Asyncronous DNS is still turned off. 

4908631 

An error message status is returned when user tries to stop the server when it is not running. 

4907288 

Cluster Management file transfer not working on Windows. 

4909678 

Web Server 6.1 Digest authentication is not working for flat files. 

4910266 

Web Server 6.1: Creating Digest file users via GUI duplicates users in exponential order. 

4904088 

Migration final page needs to HTML encode the `<' and `>' characters. 

4908986 

JDBC: blob sample: Servlet code UploadServlet mishandles SQL exceptions. 

4904896 

i18n search: sort encoding list of Default Encoding on search Admin GUI. 

4908010 

Unable to remove search collection for a newly created VS before doing an apply. 

4908401 

i18n: unlocalized timestamp for each search returned documents. 

4910222 

Error on Windows when trying to create a collection with a docroot with backslashes. 

Workaround:  This behavior occurs when you specify a docroot that has backslashes or mixed slashes. Use forward slashes.

4911548 

Server returns ConfigException while creating the duplicate search collection. 

4911656 

I18N: Can not go to `sort by date' link while searching multibyte characters. 

4913909 

i18n: error adding file with Korean filename - skipping since no read permission. 

4913228 

Missing quote in oracle script for jdbcRealm sample application. 

4910869 

NSFC enhancement needed. 

Add the ReplaceFiles nsfc.conf directive.

When ReplaceFiles=true (default), the existing file cache behavior is preserved. 

ReplaceFiles=false indicates that once a file is cached, its file cache entry should never be discarded to make room for another file; this is useful in benchmark scenarios because it allows us to eliminate contention on the hit list lock. 

4910272 

Server should not accept mixed slashes for the doc root while adding a new server. 

4912254 

Web Server installation failed due to `set -o noclobber' in .env. 

4911070 

Web Server 6.1: Add listen socket protocol family field is missing for IPv6 address. 

4911630 

Many of the fields in the magnus editor doesn't have validations as they are accepting negative integer values. 

4911550 

Getting ServletException while trying to access the server with additional doc. 

4911633 

Change Password for the user is not working. 

4913566 

The URL Forwarding Editing Page is not consistent. 

4919473 

Updating Security Realm properties from Admin GUI not reflected in server.xml.

4913289 

Help on `Edit Virtual Class' doesn't give complete criteria for VS class deletion. 

4916331 

Keep-alive connections can hang under light load. 

4925475 

The server.xml createconsole attribute is ignored. 

4925938 

Getting Null Pointer exception if user mistakenly edits the VS Admin URL. 

4929848 

Performance: Web Server polls kstat once per second. 

4926414 

i18n-ko: reindexing collection hangs when missing 1 or more existing docs. 

4935797 

certmap.conf file location mis-represented. 

4930327 

Destination headers are not URL decoded in MOVE/COPY requests. 

4933483 

SIGCHLD signals are reported on startup. 

4935582 

TCP_NODELAY need not be set for AF_NCA. 

4930642 

Source returned when the file's mime.types entry does not end with a carriage return. 

4930329 

Default values of maxpropdepth is poorly chosen. 

4932995 

The leading `/' is being removed when deleting Web application through Admin GUI. 

4935420 

Resource picker for restrict access fails for migrated instance of 6.1. 

4944850 

Address directive not properly migrated when migrating from Web Server 4.1 to 6.1. 

4946829 

Admin: Creating a new virtual server after migration causes $user: unable to find value. 

4941027 

Cross site scripting in Sun Web server Webadmin interface. 

4948397 

Web Server 6.1 SP1 SNMP is not working. 

4946187 

dist-admin: `Allow Authenticated Users': after enabling dist-admin, if an ACL is set to allow authenticated users only, the server still allows access to other users in the Admin group. 

4947005 

Add server instance is not working on Solaris x86. 

4940040 

Administrator's Configuration File Reference defines nonexistent TYPE element. 

4942750 

Search example is incorrect. 

4943631 

Wrong documentation on Thread pool config file. 

4941741 

Web Server 6.1 SP1 server on Solaris 8 SPARC fails to start due to libCld.so. 

4945994 

fc_net_write should result in a single system call. 

4940418 

Third-party profiler support for bytecode instrumentation. 

4943329 

IWSSessionManager doesn't work as expected with Web Server 6.1. 

4947065 

The search web-app shows only a maximum of 11 collections. 

4947624 

Ineffective alert message displayed while reindexing on Windows. 

4950552 

Wrong no of results for particular output results (11, 21, 31...). 

4954789 

Web Server deployment fails with ClassCastException. 

4956415 

Web Server 6.1 Search: requesting an ability to display the meta tag description. 

4950644 

Ineffective alert message displayed while creating a duplicate collection on Lin. 

4951860 

httpagt depends on NETSITE_ROOT variable. 

4957158 

fc_open fails when running specweb99 on x86 build. 

4952492 

MOVE method should `rename' files when possible. 

4958571 

PR_NetAddrToString performance is less than expected. 

4951264 

Server crash during Java-triggered reconfiguration and server shutdown. 

4958755 

ServletContext.getContext(String) does not return other contexts when called from root context. It simply returns the root context. 

4950653 

`Null' is displayed for QoS vsclass values. 

4951982 

Invalid error message is displayed while configuring LDAP with wrong credentials. 

4953147 

Cron-based log rotation fails when Admin user is root, and instance is non-root. 

Workaround: Change the user to be same as Admin server user in the scheduler.conf file.

4961864 

Web Server hangs when using rotate-callback. 

4962059 

Admin passwd stored as plain text in file setup.inf. 

4969637 

Minor coding error in send-error SAF. 

4961999 

After adding a VS, the top frame does not show the VS in the drop down box. 

4962624 

Admin: No Validation for protocol value in Edit Listen socket. 

4963483 

The GUI gets cluttered if one tries to create an ACL file path with forward slash. 

4968422 

Showing up invalid ACL file on the browser in the webdav screen. 

4966497 

Perf Dump data for Average Queueing Delay is not correct. 

4970955 

Cross-site security issue with Apache sample(\plugins\java\samples\webapps\simple). 

4972573 

Incorrect behavior in web-apps-Simple sample application in Web Server 6.1 SP1. 

4972587 

Incorrect instructions in index.html of i18n Sample Application. 

4976454 

Samples shipped with Web Server 6.1. 

4970273 

FastCGI beta libraries are in RTM Web Server packages. 

4976953 

AIX 6.0 SP6: forbidden error to a GET for a file with correct group permissions. 

4976490 

Log messages truncated. 

4975675 

Dynamic reconfiguration fails when server is under load. 

4976910 

NSFC_GetEntryPrivateData() calls NSFC_ExitCacheMonitor() when no entry exists. 

4973079 

The GUI retains dismissed invalid port entries and populates it when servername field validation fails. 

4975788 

classpath edited using IExplorer is broken; server JVM can't start. 

4975798 

Can't add path to classpath suffix using web-admin. 

4975782 

Can't delete external JNDI reference. 

4970188 

RPM can't locate system umask. 

4971298 

pkgchk -n fails for Web Server package in JES. 

4986761 

Web Server 6.0 migration fails. 

4989231 

Server fails to start up on Linux platform. Wrong JDK path during build. 

4988104 

Edit virtual servers page should update the connections value correctly. 

4986700 

Last-modified and Etag are suppressed when Servlet filters are used. 

4991888 

Storing the wrong file name for key file configuration. 

4992739 

Cannot start Web Server instance, after modifying its classpath suffix. 

4995447 

Web Server 6.1 SP2 RHlinux unable to access Admin GUI; throws error message after login. 

4995489 

Solaris x86: distributed Admin cannot be enabled. 

4991775 

Validation of cookie name in cookie example servlet. 

5002905 

Super User Access Control cannot be set even when Distributed Admin is not enabled. 

5012107 

POST request body consumed twice when using bad plug-in. 

4962659 

Search criteria is getting truncated to 100 characters. 

4967580 

Search displays wrong hyperlinks for the SSL enabled instance. 

4970181 

Stellent filters need to be added to the Linux and Solaris x86 builds. 

4975327 

indexMetatags of the nova search should be set automatically. 

4975367 

Indexing for the meta tag should be case-insensitive. 

4997149 

Remove documents with *.* pattern is not removing all the files when the excludeExtensions property is set. 

4997178 

Server returns null pointer exception while indexing .sxg file when excludeExtensions is set. 

4997697 

Page numbers are not displayed properly on the search results page. 

4844616 

dbswitch misconfiguration causes crash. 

4854698 

Plug-in crashes with malformed request. 

4866965 

ACLI: Failed authentication will be logged twice in the server errors log file. 

4880864 

ACL: Web Server returns 404 Not found errors when ACLs deny access. 

4915326 

WEBC: granting signedBy permissions to jar files does not work. 

4918754 

Web Server 6.1 cannot process HTTP URL GET parameter that is in 8-bit charset. 

4924921 

Cannot set 800 MB of JVM max heap size on Win2k using JDK 1.3.1. 

4926336 

Using % in the value of JSP:param corrupts the query string. 

4927770 

Server aborts with SIGABRT from within libjvm. 

4928358 

JSP errors are wrongly reported as Not Found errors. 

4930374 

extra-class-path attribute in class-loader element in sun-web.xml doesn't work as expected.

4932893 

Dynamic reloading doesn't work for Web application descriptor files, for example web.xml. 

4939370 

Web container thread names are not unique. 

4934083 

LDAP: Crash during LDAP authentication. 

4934562 

WEBC: getRemoteUser() does not work for standalone JSPs. 

4935669 

WEBC: request may not always contain client cert data. 

4935570 

Cert data not always present even when available. 

4932547 

Tomcat AuthenticatorBase returning 500 instead of 403. 

4946762 

Out of box default realm should be native. 

4948123 

Web Server 6.1 incorrectly reports client key size in certain situations. 

4949842 

WEBC: isUserInRole() will not match when using core authentication. 

4957829 

LDAP: user can enter wildcard `*' for UID in basic authentication. 

4960013 

Cannot have more than one LDAP realm. 

4968857 

htconvert not converting .nsconfig wildcard patterns correctly. 

4968882 

htconvert does not work on 6.1 style server.xml. 

4960873 

NPE encountered when a session is expired simultaneously by two (2) threads. 

4973927 

EPIPE signal not caught as an IOException from OutputStream.write(). 

4976277 

Using JDK 1.4.1 provided JNDI connection pool for LDAP pooling. 

4983707 

Changing the log level to Security causes NullPointerException upon st. 

4981028 

`distributable' semantics in web.xml is not honoured by the Web container. 

4993468 

getResourcePaths returns paths that contain `//'. 

4996219 

Webservd leaks memory on RedHat Linux Advance Server 3.0. 

4997593 

Poor integration between NSAPI srvhdrs and HttpServletResponse headers. 

4997756 

LOCK-UNLOCK is not working properly and GUI does not show up lock info properly. 

4997838 

Web Server does not start on RHL AS 3.0 with Security turned On. 

5003531 

500 error when accessing web-app with transport-guarantee=CONFIDENTIAL in non-SS. 

5004542 

ASN.1 parsing bugs/brute forcer program can cause Web Server crash. 

5016494 

NSS: Crash in DER_UTCTimeToTime with corrupt certificate. 

5060906 

Authorization dialog pops up for an unprotected directory without index file. 

Additional information: As for 6.1 SP1, if a directory does not have an index file such as index.html, index.jsp, home.html, etc, then while turning on ACL authentication anyone with read and write permission are denied the list access even though this directory is unprotected.

Workaround: To revert back to the previous behavior of 6.1, change the default ACL so that anonymous users are allowed list privileges. Make the changes as follows:

allow (read, execute, info, list) user = "anyone"

4642650 

Option needed to disable appending of absolute URL in servlet/JSP container. 

Fix details: New property added to sun-web.xml: relativeRedirectAllowed

Default value: false

Description: If true, allows the Web application to send a relative URL to the client using the HttpServletResponse.sendRedirect() API (that is, it suppresses the container from translating a relative URL to a fully qualified URL).

4793938 

Enabling Remote File Manipulation from the Server Manager GUI allows any remote user to obtain a listing of any directory in the server's URI space. 

4904201 

javahome path wrongly set when adding a server with no bundled JDK.

4911580 

Adding a new server instance may fail with a Server Error message. 

4928794 

Server restarts when trying to create null resource by PUT. 

4929913 

Search engine does not extract and index FTS information from PDF files. 

Fix details: This fix applies to all supported platforms except Linux.

The Author, Subject, and Keywords meta tags are always indexed. Functionality has been added that now allows arbitrary meta tags to be indexed, including those produced when converting the FTS_* attributes from PDF files. Manual configuration of a new setting in server.xml is required, as described below.

• In the SEARCH section of server.xml, add a PROPERTY with name="indexMetatags". The value should be a comma-delimited list of meta tag names (note that the Author , Subject, and Keywords meta tags are always indexed, regardless of this setting).

• To index the meta tags resulting from the conversion of PDFs and other types of documents, this configuration must use the name of the meta tag, rather than the name of the “field” in the particular document type. For example, to index the FTS_Title contents from PDF files, "Title" must be a component of the "indexMetatags" setting:

  <PROPERTY name="indexMetatags" value="Title"/>

See issue 4956415 in the Search section for details about displaying custom meta tag information in search results.

4933935 

On Solaris 9: reconfig does not work in package-based installs.

4945089 

ASN.1 parsing issue in SSL. 

A problem has been identified in the implementation of the SSL protocols used by the Web Server that may be exploited as a Denial of Service attack. Sun Java System Web Server 6.1 SP1 fixes this problem. If you use the Web Server to host sites that utilize SSL version 3 or TLS, you are strongly encouraged to install this service pack. 

4950388 

The reconfig command does not work on Windows XP.

4964069 

The commit.exe utility crashes on Windows platforms.

4869693 

On Windows, the Web Server installation overwrites SunONE Directory Server .dll files due to cohabitation issues with Directory Server 5.x.

4540254 

Rotating log files shouldn't require server restart on UNIX. 

4727146 

Logs filling with `connection reset' entries. 

4786735 

Installer doesn't set proper JDK CLASSPATH/LIBPATH when the external JDK is used. 

4792721 

Incorrect error messages when LDAP server is offline. 

4799452 

sun.tools.javac.Main has been deprecated, exception stops valid JSPs.

4801874 

ACL_LDAPSessionAllocate always returns LAS_EVAL_FAIL.

4811418 

Digest authentication crashes. 

4819405 

Memory growth/leak of slapd process with digestauth plug-in.

4820513 

digestauth plug-in code is not thread safe.

4839875 

When using cachefs/nfs as ClassCache and document-root, Sun Java System Web Server doesn’t always pick up the new JSP. 

4842190 

Web Server crashes when receiving Accept-Language header larger than 15 languages.

4842574 

Server crash with malformed request. 

4842601 

Accept-Language header security issue.

4846832 

CRL corrupts database. 

4848896 

digestauth plug-in crashes for a particular type of request.

4849914 

Memory leak in digestauth plug-in for a particular type of request.

4855546 

Log analyser vulnerability. 

4858026 

JSP: crash in getParameter when posting large amounts of data.

4867887 

Basic authentication fails for users with user IDs that have spaces. 

4903319 

When you create a collection, not all documents will be indexed and added to the collection.