This section lists the most important issues fixed in the following releases:
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP9.
Table 4 Issues Resolved in Sun Java System Web Server 6.1 SP9
Problem ID |
Description |
---|---|
6295325 |
The Web Server should implement a timeout parameter for it's LDAP connections pool. When using LDAP Authentication, the Web Server does not respond, if the LDAP server is unresponsive when performing ldapsession bind and ldap search. Setting the timeout value in seconds in server_root/userdb/dbswitch.conf file will stop the Web Server being unresponsive and also stops waiting for the LDAP server. By default there is no timeout. Sample dbswitch.conf: default:binddn cn=Directory Manager default:encoded bindpw YWRtaW5hZG1pbg== default:timeout 60 |
6370259 |
FastCGI does not shutdown properly. |
6442778 |
The setContentLength(0) in a servlet/JSP does not work when value is greater than 0. |
6471213 |
Improper error messages are displayed at time out. |
6504581 |
Memory leak in LDAP Session due to ldap_result(). |
6509590 |
Log level does not display the appropriate message. |
6510001 |
The session-timeout value in web.xml is not getting precedence over sun-web.xml's timeout value. |
6540788 |
Unable to install SSL server certificate with 99 years of validity. |
6540817 |
Web Server 6.1 is not supported for Windows 2003 SP2 and R2, |
6542731 |
Unable to run Web Server 6.1 scheduler in Java ES 4. |
6553963 |
A particular PDF files are not recognized by the search engine. |
6563615 |
Web Server uses anonymous bind to a Secure LDAP Server when setting up distributed Admin. |
6579852 |
Web Server installation contains optimized and debug binaries of JDK. |
6581407 |
The Restricting Access to a File Type feature does not change the appropriate obj.conf file. |
6590893 |
Web Server stand alone bits should recognize if it is being used for an upgrade from a Java ES installed Web Server and should provide a warning message to the user. |
6591471 |
Server shutdown message is missing in errorlog file when Java is disabled globally. |
6592886 |
Negative number is displayed in QueueSize of JDBC pool monitor. |
6598092 |
Forwarding through RequestDispatcher fails for the first time when using the invoker servlet. |
6603070 |
Incorrect handling of cookie value with single or double quote string. |
6603088 |
Crash in LDAP search . |
6609457 |
Post install script of Web Server does not handle the ABE case properly. |
6620677 |
The start script does not calculate the right value for libmtmalloc to load in Solaris 9 |
6628376 |
The scheduler.pid file should be removed when the scheduler is stopped. |
6628914 |
Removal of Sun Studio 10 from the /usr/dist/share directory causes build failure on Solaris Sparc 8,9 and 10. |
6630037 |
The Cron log rotation creates invalid log archives with an instance name and sub string of another instance name. |
6638185 |
Cross-site scripting vulnerability in search. |
6643558 |
Need to provide the correct description and example for the client-ip tag. |
6647151 |
Cross-site scripting vulnerability in advance search. |
6619655 |
Reverse Proxy Plug-in documentation should state that Application Server is supported. |
6514004 |
Steps to disable HTTP PUT and DELETE is not documented. |
6582644 |
Description on to use the new timeout parameter for LDAP Authentication should be put into the release notes. |
6663921 |
Web Server start script does not return the prompt mode after starting the server on AIX. For more information, see AIX 5.3 Technology Level 6 SP5 and AIX 5.3 Technology Level 7 SP2. |
6667638 |
Provide correct JDK version in the installation guide, which is bundled with the product. |
6435723 |
High CPU usage in Reverse Proxy Plugin - DaemonChannel::unchunk() |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP8.
Table 5 Issues Resolved in Sun Java System Web Server 6.1 SP8
Problem ID |
Description |
---|---|
4737204 |
The wdeploy delete command follows symbolic links and deletes directories and its contents pointed by the symbolic link. |
6152655 |
form-based authentication in a web application causes users to be logged out unexpectedly although the session should still be active. |
6235473 |
Need the ability to change the permissions of a directory, which is created using WebDAV. |
6319312 |
Fastcgistub dumps core when an instance is stopped after sending request for FastCGI Authorizer application. |
6343584 |
Web server hangs with threads in a deadlock condition waiting for a lock owned by a NSS thread. |
6379347 |
If Access Manager is deployed on the web server, all versions of Web Server 6.1 crash on load. |
6497690 |
Need an option to have full URL or relative URL/URI in web server search web application. |
6508015 |
getParameterNames() does not return non-parameterized names in query string. |
6509623 |
(Windows XP and Windows 2003): Unable to open the Web Server 6.1 SP7 release notes by clicking the Start->Programs->Sun ONE Web Server->Release Notes link. |
6513358 |
Web server Reverse Proxy Plug-in is not handling chunked data. |
6519021 |
The obj.conf file of a new virtual server class generated by the Admin Server contain errors. |
6519551 |
Issue in the JDBC Connection Pool feature. |
6519839 |
Vulnerability with Web Server redirect functionality. |
6520528 |
response.sendRedirect() error if the redirect URL does not begin with a slash (/). |
6526460 |
LDAP connection failure errors with WS6.1 SP7. |
6531111 |
htaccess AuthGroupFile should support empty files as equivalent to not specifying the directive. |
6532218 |
Web server 6.1 SP7 crashes in libxerces-c.so on T2000 systems. |
6534216 |
Update README, version string and license file for Web server 6.1 SP8. |
6540248 |
Web server 6.1 SP8 to be integrated with NSS 3.11.6 and NSPR 4.6.6. |
6546233 |
RPM specification and pkginfo file to be updated with the SP8 release and version number. |
6566204 |
UTF-7 cross site scripting vulnerability. |
6567841 |
Form authentication bypass and JSP source code disclosure vulnerability. |
6574379 |
Web Server 6.1 browser support should include Internet Explorer 7. |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP7.
Table 6 Issues Resolved in Sun Java System Web Server 6.1 SP7
Problem ID |
Description |
---|---|
4856895 |
On UNIX: The watch dog process crashes on multiple CPUs machine during server shut down. |
6158040 |
While migrating from 4.1 to 6.1, the JAVA parameters are missing in the server.xml file. |
6206179 |
Internal log rotation rotates the files twice if the system time is changed between two scheduled rotations. |
6213097 |
While migrating from 4.1 to 6.0, ktsearch.jar does not get migrated correctly on JES3. |
6276594 |
A PUT request sent with the Transfer-encoding:chunked header along with a request body fails. |
6292582 |
SNMP MIB's "Fraction of process memory in system memory" which is part of iws.mib, gives the wrong results when queried by the SNMP Manager. |
6315783 |
In the French locale, Online Help links on the Search page lead to English pages. |
6348395 |
When IWSSessionManager is used, invalidating a session does not call the sessionDestroyed() of HttpSessionListener. |
6350502 |
Pragma and cache-control headers cause interoperability problems. |
6358858 |
zlib library throws an internal error. |
6367672 |
The restart script fails when MaxProcs is greater than 1(one). |
6376035 |
Unable to configure the Web Server to successfully run a JSP file that contains a jstl tag. |
6376082 |
Need to support JNDI simple names for lookup in web applications for compatibility with the Application Server product. |
6380777 |
Cannot add pl file suffix for magnus-internal/cgi through the Administration GUI. |
6381747 |
If a session attribute implements HttpSessionBindingListener, the session expires after the session time-out period regardless of whether the session object is accessed. |
6382704 |
Administration server monitors the server statistics even if the Monitor Web Server Statistics option is disabled. |
6384456 |
When a web application attempts to use an object inappropriately, it crashes the web server. |
6384640 |
Concurrent restart requests kill the Web Server processes. |
6388092 |
Images stored in the /ns-icons directory are not displayed properly in Internet Explorer. |
6388766 |
On Windows: treatment of "\", the Japanese backslash mark (Yen) is different when a new CGI shell directory is created or edited. |
6392159 |
The restart script fails to restart the Web Server intermittently, causing the Web Server to hang. |
6392644 |
Incorrect URL in Web Server 6.0 SP10 and Web Server 6.1 SP5 Readme files. |
6400307 |
The cluster control functionality of Admin GUI hangs when a variable is added. |
6418529 |
The search page content has a mix of both English and other languages. |
6421617 |
Problem having server-parsed HTML and .htaccess with the restricted group option. |
6426382 |
If the value of net_write SAF is three times more that the fragment size of the HTTP compression, a net_flush call does not flush all the data. |
6428199 |
Search filter fails if the userid of a member belonging to a user group contains "," (comma). |
6428403 |
When a Servlet filter appends additional data to a response body generated by core, the server might crash if the size of the additional data is larger than the original response body. |
6429293 |
Security vulnerability in Web Server 6.1 sample applications. |
6433752 |
The ssl-check function does not work with NSAPI-based plug-in. |
6436535 |
Server hangs on stop or restart when a connection is in the connection queue. |
6437635 |
Issues with revoked client certificates and CRL files under certain conditions. |
6438408 |
SNMP process leaks memory with each connection request. |
6439519 |
If the ObjectType fn="force-type" directive is removed from the obj.conf file, the server may crash when a request is made for multiple byte ranges. |
6441402 |
LDAP server configuration fails with Web Server 6.1 SP5 64–bit version. |
6442651 |
If the URL to a web application contains URI parameters, it causes recursive redirection. |
6448255 |
On Windows: File handle is not released by the webservd process under certain conditions. |
6451182 |
Web Server 6.1SP6 experiences high CPU in parseParameters(). |
6455812 |
Thread safety problems in the handling of some magnus.conf directives cause certain configurations to crash on startup. |
6458771 |
watchdog can crash when ./start is executed before ./stop completes. |
6465691 |
Display error with HTML page in <jsp:include> with tiles. |
6471388 |
On Windows: Using hidden shared network drives as document directories results in Not Found error. |
6473494 |
Signature DigestInfo parsing problems in NSS. |
6477953 |
On Windows: Web Server (stand-alone) modifies the NSPR/NSS bits thereby breaking the FIPS mode. |
6477981 |
FIPS140 mode is broken in Web Server (stand-alone) due to missing .chk files. |
6478972 |
The JDK shipped with Web Server 6.1SP6 is not compatible with 2007 Daylight Saving Time (DST) changes. |
6480026 |
Some keep-alive connections do not get closed after the specified time. |
6482272 |
SNMP master agent does not send traps when the Web Server instance's operational status changes. |
6482560 |
On HP-UX: Web Server crashes with 1.4.2.09 + and 1.5.0.3+ JVMs. |
6488468 |
On HP-UX: Remove the packaged JDK for Web Server. |
6489275 |
Web Server 6.1 should be integrated with the latest NSS version for FIPS 140-2 compliancy. |
6494886 |
Low-latency/high concurrency mode sometimes does not get switched dynamically. |
6496892 |
On AIX: Remove the packaged JDK for Web Server. |
6507264 |
When the default log level is set to info, finer log messages are still being printed at server startup. |
6508092 |
Server startup fails in Web Server 6.1 SP7 on the HP-UX platform when installed through express silent mode. |
6510957 |
The pkginfo file in the Solaris and RPM specification files points to the old service pack(SP5). |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP6.
Table 7 Issues Resolved in Sun Java System Web Server 6.1 SP6
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP5.
Table 8 Issues Resolved in Sun Java System Web Server 6.1 SP5
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP4.
Table 9 Issues Resolved in Sun Java System Web Server 6.1 SP4
Problem ID |
Description |
---|---|
6021153 |
Required patch ID 112396-03 does not exist. The patch #112396-03 listed as required in earlier release notes was incorrect. The correct patch number is 112396-02. Solaris users must have the Sun recommended patch cluster installed, available in the Recommended and Security Patches section at http://sunsolve.sun.com. Solaris 8 (SPARC)
Solaris 9 (SPARC and x86)
|
6066252 |
Client certificates with AKI extension causes SEC_ERROR_UNKNOWN_ISSUER error. |
6092498 |
Web Server 6.1 fails to validate a client certificate with LDAP if the certificate contains Czech characters. |
6171311 |
Frequent errors encountered when running Web Server with JDK 1.5. |
6171784 |
Web Server performance issue with certain error logging configuration. |
4925875 |
For Korean HTML collection, Korean word search with asterisk does not return any result. |
6171950 |
Precompiled JSP files do not work as expected with reload-interval parameter in sun-web.xml. Workaround: Use the property use-precompiled (set to true under jsp-config in sun-web.xml) to specify that the JSP files are precompiled and should never need to be compiled at runtime. A sample sun-web.xml is as follows: <sun-web-app> <session-config> <session-manager> </session-config> <jsp-config> <property name="use-precompiled" value="true" > </jsp-config> </sun-web-app> |
5048940 |
Superuser Access Control page in Administration GUI not accessible after upgrade from SP1. |
6177544 |
libpassthrough.so not present after RPM installation of plug-in. |
6176231 |
Sun Java System Web Server 6.1 SP4 — Using the Delete certificate Administration GUI (bin/https/admin/security) core dumps with NSS 3.9.3 beta. |
6173365 |
Multiple package installers for the same build of Web Server of the Solaris SPARC/x86 platform. |
5039633 |
Update NSS to 3.9 series. |
5063134 |
Java Enterprise System symbolic link not used for J2SE location. |
6067407 |
Problems using ACL_LDAPSessionFree(). |
6173293 |
Web Server always sets content type to text/html when Servlet filter is set. |
6176264 |
Web Server 6.1 SP4 Solaris x86 unable to start the SSL instance through the Administration GUI. |
6180677 |
Web Server SP4 for JES3 is unable to upgrade on top of Web Server SP2 for JES2. |
6066139 |
Tests fail while running Web Server with JDK1.5_beta2 release. |
6088595 |
Administration console throws exception with JDK 1.5.0_beta2 while creating and editing classes. |
4904913 |
I18N search: `?' wildcard search in Japanese causes wrong match. |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP3.
Table 10 Issues Resolved in Sun Java System Web Server 6.1 SP3
Problem ID |
Description |
---|---|
4798461 |
GUI does not correctly reflect when `Transmit File' is turned off. |
4904896 |
I18N search: Sort encoding list of Default Encoding on search Administration GUI. |
4905412 |
GUI does not permit to manage users in the keyfile database. |
4991338 |
Web Server Administration console does not show all the tabs (in Mozilla browser). |
5001819 |
Web Server 6.1: Nova Search Engine sometimes does not pick up document. |
5014693 |
Java filters, HTTP compression, and SHTML fail to interoperate. |
5021077 |
A java.lang.NullPointerException is thrown if you click on the OK button without selecting the Directory Server. |
5025617 |
Web Server's JNDI needs to map resource-env-reffrom sun-web.xml. |
5042676 |
Request flow problem with Client tag code=302. |
5056989 |
Enable prefixing of hostname in session ID. You can enable prefixing hostname in session ID for the web application by setting the value of the property prefixSessionIDWithHostname under manager-properties to yes, true, or on, in the web application sun-web.xml. In the following example, prefixing host name in session ID is enabled for the web application by setting the parameter value to true. <session-config> <session-manager> <manager-properties> <property name="prefixSessionIDWithHostname" value="true"> </manager-properties> </session-manager> </session-config> |
5057749 |
Web Server 6.1 SP2: Plug-in defined in certmap.conf does not load. |
6041356 |
Memory leaks when AdminLanguage and/or DefaultLanguage is specified in magnus.conf. |
6057426 |
The load balancer plug-in (formerly Resonate plug-in) loadbal.so does not work on the Solaris SPARC platform. The location of the loadbal.so plug-in is server-root/plugins/loadbal.so. |
5065017 |
Servlet session data problem. |
5048051 |
Create collection fails on Linux with RPM install. |
5029954 |
Stack size is ignored when ConnQueueSize/RqThrottle is 0. |
4898077 |
Inconsistent behavior between HttpServerAdmin and iWS console. |
5013100 |
Two ports (for example, 2500 and 02500) are added in server.xml as different ports. |
5046634 |
2–byte character in HTTP header and plug-in programs. You can enable response header encoding at the web application level by setting the value of the configuration parameter use-responseCT-for-headers to yes, true, or on, in the web application's sun-web.xml. In the following example, response header encoding is enabled for the web application setting the parameter value to true. A sample sun-web.xml is as follows: <sun-web-app> <parameter-encoding form-hint-field="j_encoding"> <property name="use-responseCT-for-headers" value="true" > <session-config> <session-manager> </session-config> <jsp-config> </sun-web-app> |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP2.
Table 11 Issues Resolved in Sun Java System Web Server 6.1 SP2
Problem ID |
Description |
---|---|
4536102 |
I18N: SNMP community name does not show up on Solaris Netscape. |
4536194 |
CGI subsystem makes blocking calls from NSPR user threads. |
4536739 |
Administration ACL and Superuser AC: The `Allow only from host' option does not work. |
4615933 |
CORE SHTML: Cannot set Content-encoding for .shtml files. |
4629796 |
French Thread pool name displaying garbage characters on JA-NT (Internet Explorer and Netscape). |
4651056 |
Web Server returns 404 for files starting with `..'. |
4651206 |
After adding a new mime type file, there is no way of verifying addition from the GUI. |
4651207 |
Document preference web page should provide a file to use for error responses. |
4652009 |
Customized access log file is not reflected in the GUI in the View Access Log tab. |
4657465 |
Need to disable cookie-encoding. By default, the Sun Java System Web Server URL encodes the cookies before sending them to the client. If you do not want the cookies to be encoded, add the following line to sun-web.xml: <property name="encodeCookies" value="false"> For the above example, add the line directly under the sun-web-app tag. Do not embed this line in any other tag. |
4664945 |
Internal Error from URL forwarding form. |
4666409 |
Clearing the ErrorResponse CGI file name. |
4676934 |
Distributed -Administration: Overrides default ACI in Web Server 6.0 SP2. |
4676946 |
No validation of virtual server settings form. |
4676950 |
Internal error on removing http:// from URL forwarding form. |
4682434 |
CGI that has scripts to grab environment variables fails to execute. |
4682894 |
Cluster management - Selection of source server deselects target servers. |
4684775 |
Asynchronous DNS is disabled by default. |
4707989 |
Web-application/JSP: load-on-startup not working on JSP files. |
4704385 |
Cluster: Null message in modify cluster when OK is clicked soon after reset. |
4705181 |
User and group is not validating for the users and accepting blank spaces in CGI. |
4705204 |
Newly added ACL files are not getting deleted after selecting delete. |
4706063 |
chroot and directory are not validating correctly. |
4711353 |
Administration: Global|SNMP Master Trap Warning displays Form Element Missing:manager?. |
4718914 |
Turn the security ON for any instance server without installing a certificate. |
4724503 |
After enabling IPv6 on GUI Edit listen socket, server will not start. |
4727597 |
Administration GUI gets cluttered when a new server is added with a duplicate port. |
4721021 |
Unable to access absolute URI on SSL enabled server. |
4727444 |
Access Log reports incorrect data. |
4732877 |
Urlhosts field does not accept more than one hostname. |
4745314 |
$id variable in VSCLASS docroot is not working on Windows. |
4749239 |
ACLI: Incorrect processing of ACL. |
4753601 |
MaxRqHeader directive in magnus.conf is not working as desired. |
4754934 |
Vignette NSAPI plug-in on Web Server 6.0 not functioning correctly when HTTP1.1 is used. |
4761188 |
LDAP: Improve LDAP dynamic group performance for ACLs. For performance reason, a new LDAP configuration parameter, dyngroups fast is introduced for SP2. With this parameter, Web Server will make an assertion about group membership bypassing nested individuals among dynamic groups. For example, assuming that user alpha belongs to group A, group A is a member of group B by group B memberURL definition (dynamic group), and your ACL only grants group B access. In such case, web server will deny access from alpha because alpha is not regarded as member of group B. If you want to support a nested group, do not define this new config for LDAP authentication service. You will not get performance gain consequently. A sample configuration directory is as follows: ldapregular ldap://localhost:389/o=TestCentral ldapregular: dyngroups fast |
4763653 |
Validation required for the form elements in document preferences page. |
4764307 |
Magnus.conf: Performance setting: accepting negative numbers. |
4765709 |
Administration: Configure Directory Service not validating binddn/password. |
4770294 |
Web Server 6.1 on Windows should add CR character to the end of the line in the access log. |
4786612 |
Web Server treats `:' (colon) as a separator between hostname/IP and port in several places. This code needs to be updated to recognize when the `:' is actually part of an IPv6 address. |
4787310 |
Eviction fails in NSFC when SmallFileSpace is set to a low value. |
4788075 |
Setting the PATH variable in magnus.conf for Web Server 6.0 SP5 does not work. |
4800173 |
Performance issue with large ACL file in conjunction with many virtual servers. |
4808402 |
Native authenticator support. |
4814097 |
Unable to select none as a program item under the program groups in GUI. |
4822720 |
Keep-alive subsystem should be dynamically tuned. The keep-alive subsystem requires tuning for optimal performance. In Web Server 6.0 this subsystem was tuned for heavy load and performs poorly when only a handful of concurrent keep-alive connections exist. The keep-alive subsystem was modified for Web Server 6.1 SP2 so it performs some dynamic tuning to accommodate the actual load. |
4849907 |
shtml is parsed when execute permission is not set and configured. |
4855807 |
AIX: Web Server hangs after being restarted by watchdog. |
4858152 |
Access log entries in the server.xml file of the migrated instance point to an invalid path. |
4869527 |
SNMP: Test fails for RH Linux 6.2/7.2/Adv Server 2.1, and Sun Linux 5. |
4862498 |
New directory Service Screen not connected to interface. |
4870613 |
Back button not working for frames in Netscape Navigator 7. |
4873766 |
The upload-file SAF does not work correctly with chunked requests. |
4882838 |
Unable to specify protocol for URL in generated redirects. The server generates a self-referencing URL whenever it sends a redirect to a client. As of Web Server 6.1 SP1, the servername attribute of the LS element in server.xml can be used to configure the scheme used in server-generated self-referencing URLs. For example, if an SSL offloader sits between the Internet and the Web Server instance, decrypting SSL-encrypted traffic for http://www.sun.com and relaying it to the Web Server on port 8080, an LS element such as the following could appear in server.xml: <LS remap="ls1" port="8080" security="disabled"...servername="https://www.sun.com"> The https:// prefix in the servername value instructs the server to use the HTTPS scheme in self-referencing URLs even though the LS is not configured to handle SSL traffic. |
4889081 |
Internal log rotation creates empty logs. |
4894033 |
Distributed-administration: Functioning of Administration ACL `Allow only from host/IP' is not as per documentation. |
4896881 |
While using untar to expand the Web Server bits, the ownership and group information is not correct. |
4897074 |
On Linux only: When you create a collection, PDF files will not be indexed and added to the collection. |
4899105 |
The highlighting of the connection value in the Edit Virtual Server page is not correct. |
4905175 |
WebDAV ACL settings are inherited into new Virtual Servers. |
4909378 |
The Help button in the Edit WebDAV page is not pointing to the correct help page. |
4903449 |
Performance affected with multiprocess mode and one thread. |
4905681 |
The AsyncDNS setting is ignored in Sun Java System Web Server 6.1 SP1. The Web Server never performs asynchronous DNS lookups. Note that even when the magnus.conf has AsyncDNS on, Asynchronous DNS is still turned off. |
4908631 |
An error message status is returned when you try to stop the server when it is not running. |
4907288 |
Cluster Management file transfer not working on Windows. |
4909678 |
Web Server 6.1 Digest authentication is not working for flat files. |
4910266 |
Web Server 6.1: Creating Digest file users through the GUI duplicates users in exponential order. |
4904088 |
Migration final page needs to encode the `<' and `>' characters HTML. |
4908986 |
JDBC: Servlet code UploadServlet mishandles SQL exceptions. |
4904896 |
I18N search: sort encoding list of Default Encoding on search Administration GUI. |
4908010 |
Unable to remove search collection for a newly created virtual server. |
4908401 |
I18N: Un-localized timestamp for each search-returned documents. |
4910222 |
Error on Windows when trying to create a collection with a document root that has back slashes. Workaround: This behavior occurs when you specify a document root that has back slashes or mixed slashes. Use forward slashes. |
4911548 |
Server returns ConfigException while creating the duplicate search collection. |
4911656 |
I18N: Can not go to `sort by date' link while searching multibyte characters. |
4913909 |
i18n: error adding file with Korean filename - skipping since no read permission. |
4913228 |
Missing quote in Oracle script for jdbcRealm sample application. |
4910869 |
NSFC enhancement needed. Add the ReplaceFiles nsfc.conf directive. When ReplaceFiles=true (default), the existing file cache behavior is preserved. ReplaceFiles=false indicates that once a file is cached, its file cache entry should never be discarded to make room for another file. This setting is useful in benchmark scenarios because eliminates contention on the hit list lock. |
4910272 |
Server should not accept mixed slashes for the doc root while adding a new server. |
4912254 |
Web Server installation fails due to set -o noclobber in .env. |
4911070 |
Web Server 6.1: Add listen socket protocol family field is missing for IPv6 address. |
4911630 |
Many of the fields in the magnus editor do not have validations because they are accepting negative integer values. |
4911550 |
Getting ServletException while trying to access the server with additional doc. |
4911633 |
Change Password for the user is not working. |
4913566 |
The URL Forwarding Editing Page is not consistent. |
4919473 |
Updating Security Realm properties from Administration GUI is not reflected in server.xml. |
4913289 |
Help on `Edit Virtual Class' does not give complete criteria for VS class deletion. |
4916331 |
Keep-alive connections can hang under light load. |
4925475 |
The server.xml createconsole attribute is ignored. |
4925938 |
Null Pointer exception thrown if the user mistakenly edits the VS Administration URL. |
4929848 |
Performance: Web Server polls kstat once per second. |
4926414 |
I18N-korean: Re-indexing collection hangs when missing one or more existing docs. |
4935797 |
certmap.conf file location misrepresented. |
4930327 |
Destination headers are not URL decoded in MOVE/COPY requests. |
4933483 |
SIGCHLD signals are reported on startup. |
4935582 |
TCP_NODELAY need not be set for AF_NCA. |
4930642 |
Source returned when the file's mime.types entry does not end with a carriage return. |
4930329 |
Default values of maxpropdepth is poorly chosen. |
4932995 |
The leading `/' is being removed when deleting web application through Administration GUI. |
4935420 |
Resource picker for restrict access fails for migrated instance of 6.1. |
4944850 |
Address directive not properly migrated when migrating from Web Server 4.1 to 6.1. |
4946829 |
Administration: Creating a new virtual server after migration causes $user: unable to find value. |
4941027 |
Cross-site scripting in Web Server administration interface. |
4948397 |
Web Server 6.1 SP1 SNMP is not working. |
4946187 |
Distributed-Administration: After enabling distributed administration, if an ACL is set to allow authenticated users only, the server still allows access to other users in the Administration group. |
4947005 |
Add server instance is not working on the Solaris x86 platform. |
4940040 |
Administrator's Configuration File Reference defines non-existent TYPE element. |
4942750 |
Search example is incorrect. |
4943631 |
Wrong documentation on the thread pool configuration file. |
4941741 |
Web Server 6.1 SP1 server on Solaris 8 SPARC fails to start due to libCld.so. |
4945994 |
fc_net_write should result in a single system call. |
4940418 |
Third-party profiler support for bytecode instrumentation. |
4943329 |
IWSSessionManager does not work as expected with Web Server 6.1. |
4947065 |
The search web application shows only a maximum of 11 collections. |
4947624 |
Ineffective alert message displayed while re-indexing on Windows. |
4950552 |
Wrong number of results for particular output results (11, 21, 31...). |
4954789 |
Web Server deployment fails with ClassCastException. |
4956415 |
Web Server 6.1 Search: Requesting an ability to display the meta tag description. |
4950644 |
Ineffective alert message displayed while creating a duplicate collection on Linux. |
4951860 |
httpagt depends on NETSITE_ROOT variable. |
4957158 |
fc_open fails when running specweb99 on x86 build. |
4952492 |
MOVE method should rename files when possible. |
4958571 |
PR_NetAddrToString performance is less than expected. |
4951264 |
Web Server crashes during Java-triggered reconfiguration and server shutdown. |
4958755 |
ServletContext.getContext(String) does not return other contexts when called from root context. It returns the root context. |
4950653 |
`Null' is displayed for QoS vsclass values. |
4951982 |
Invalid error message is displayed while configuring LDAP with wrong credentials. |
4953147 |
Cron-based log rotation fails when Administration user is root, and instance is non-root. Workaround: Change the user to match the Administration server user in the scheduler.conf file. |
4961864 |
Web Server hangs when using rotate-callback. |
4962059 |
Administration password stored as plain text in file setup.inf. |
4969637 |
Minor coding error in send-error SAF. |
4961999 |
After adding a virtual server, the top frame does not show the virtual server in the dropdown box. |
4962624 |
Administration: No Validation for protocol value in Edit Listen socket. |
4963483 |
The GUI gets cluttered if an ACL file path contains a forward slash. |
4968422 |
Showing up invalid ACL file on the browser in the WebDAV screen. |
4966497 |
Perf Dump data for Average Queueing Delay is not correct. |
4970955 |
Cross-site security issue with Apache sample (\plugins\java\samples\webapps\simple). |
4972573 |
Incorrect behavior in web-apps-sample sample application in Web Server 6.1 SP1. |
4972587 |
Incorrect instructions in index.html of the internationalization sample application. |
4976454 |
Samples shipped with Web Server 6.1. |
4970273 |
FastCGI beta libraries are in RTM Web Server packages. |
4976953 |
AIX 6.0 SP6: forbidden error to a GET for a file with correct group permissions. |
4976490 |
Log messages are truncated. |
4975675 |
Dynamic reconfiguration fails when server is under load. |
4976910 |
NSFC_GetEntryPrivateData() calls NSFC_ExitCacheMonitor() when no entry exists. |
4973079 |
The GUI retains dismissed invalid port entries and populates it when servername field validation fails. |
4975788 |
classpath edited using Internet Explorer is broken; server JVMTM can't start. |
4975798 |
Cannot add path to classpath suffix using web-admin. |
4975782 |
Cannot delete external JNDI reference. |
4970188 |
RPM can't locate system umask. |
4971298 |
pkgchk -n fails for Web Server package in Java ES. |
4986761 |
Web Server 6.0 migration fails. |
4989231 |
Server fails to start up on Linux platform. Wrong JDK path during build. |
4988104 |
Edit Virtual Servers page should update the connections value correctly. |
4986700 |
Last-modified and Etag are suppressed when Servlet filters are used. |
4991888 |
The wrong file name is stored for key file configuration. |
4992739 |
Cannot start Web Server instance, after modifying its classpath suffix. |
4995447 |
Web Server 6.1 SP2 RH Linux unable to access Administration GUI; throws error message after login. |
4995489 |
Solaris x86: Distributed Administration cannot be enabled. |
4991775 |
Validation of cookie name in cookie example Servlet. |
5002905 |
Superuser Access Control cannot be set even when Distributed Administration is not enabled. |
5012107 |
POST request body consumed twice when using bad plug-in. |
4962659 |
Search criteria is truncated to 100 characters. |
4967580 |
Search displays wrong links for the SSL enabled instance. |
4970181 |
Stellent filters need to be added to the Linux and Solaris x86 builds. |
4975327 |
indexMetatags of the nova search should be set automatically. |
4975367 |
Indexing for the meta tag should be case-insensitive. |
4997149 |
Removing documents with a *.* pattern is not removing all the files when the excludeExtensions property is set. |
4997178 |
Server returns null pointer exception while indexing .sxg file when excludeExtensions is set. |
4997697 |
Page numbers are not displayed properly on the search results page. |
4844616 |
Misconfiguration of bswitch causes crash. |
4854698 |
Plug-in crashes with malformed request. |
4866965 |
ACLI: Failed authentication is logged twice in the server errors log file. |
4880864 |
ACL: Web Server returns “404 Not found” errors when ACLs deny access. |
4915326 |
WEBC: granting signedBy permissions to Jar files does not work. |
4918754 |
Web Server 6.1 cannot process HTTP URL GET parameter that is in 8-bit charset. |
4924921 |
Cannot set 800 MB of JVM maximum heap size on Windows 2000 using JDK 1.3.1. |
4926336 |
Using % in the value of the JSP parameter corrupts the query string. |
4927770 |
Server aborts with SIGABRT from within libjvm. |
4928358 |
JSP errors are wrongly reported as “Not Found” errors. |
4930374 |
extra-class-path attribute in class-loader element in sun-web.xml does not work as expected. |
4932893 |
Dynamic reloading does not work for web application descriptor files, for example, web.xml. |
4939370 |
Web container thread names are not unique. |
4934083 |
LDAP: Crash during LDAP authentication. |
4934562 |
WEBC: getRemoteUser() does not work for stand-alone JSP files. |
4935669 |
WEBC: Request may not always contain client certificate data. |
4935570 |
Certificate data not always present even when available. |
4932547 |
Tomcat AuthenticatorBase returns 500 instead of 403. |
4946762 |
Out–of-box default realm should be native. |
4948123 |
Web Server 6.1 incorrectly reports client key size in certain situations. |
4949842 |
WEBC: isUserInRole() does not match when using core authentication. |
4957829 |
LDAP: User can enter wildcard `*' for UID in basic authentication. |
4960013 |
Cannot have more than one LDAP realm. |
4968857 |
htconvert not converting .nsconfig wildcard patterns correctly. |
4968882 |
htconvert does not work on 6.1 style server.xml. |
4960873 |
NPE encountered when a session is expired simultaneously by two (2) threads. |
4973927 |
EPIPE signal not caught as an IOException from OutputStream.write(). |
4976277 |
Using JDK 1.4.1 provided JNDI connection pool for LDAP pooling. |
4983707 |
Changing the log level to Security causes NullPointerException upon start. |
4981028 |
Distributable semantics in web.xml is not honored by the web container. |
4993468 |
getResourcePaths returns paths that contain `//'. |
4996219 |
webservd leaks memory on RedHat Linux Advance Server 3.0. |
4997593 |
Poor integration between NSAPI srvhdrs and HttpServletResponse headers. |
4997756 |
LOCK-UNLOCK is not working properly and the GUI does not show lock information properly. |
4997838 |
Web Server does not start on RedHat Linux AS 3.0 with Security turned On. |
5003531 |
500 error when accessing a web application with transport-guarantee=CONFIDENTIAL from a non-SSL port. |
5004542 |
ASN.1 parsing bugs/brute forcer program can cause Web Server crash. |
5016494 |
NSS: Crash in DER_UTCTimeToTime with corrupt certificate. |
The following table lists the issues resolved in Sun Java System Web Server 6.1 SP1.
Table 12 Issues Resolved in Sun Java System Web Server 6.1 SP1
Problem ID |
Description |
---|---|
4642650 |
Option needed to disable appending of absolute URL in a Servlet or JSP container. Fix details: New property added to sun-web.xml: relativeRedirectAllowed Default value: false Description: If true, allows the web application to send a relative URL to the client using the HttpServletResponse.sendRedirect() API. That is, it suppresses the container from translating a relative URL to a fully qualified URL. |
4793938 |
Enabling Remote File Manipulation from the Server Manager GUI allows any remote user to obtain a listing of any directory in the server's URI space. |
4904201 |
javahome path wrongly set when adding a server with no bundled JDK. |
4911580 |
Adding a new server instance might fail with a Server Error message. |
4928794 |
Server restarts when trying to create null resource by PUT. |
4929913 |
Search engine does not extract and index FTS information from PDF files. Fix details: This fix applies to all supported platforms except Linux. The Author, Subject, and Keywords meta tags are always indexed. Functionality has been added that now enable arbitrary meta tags to be indexed, including those tags produced when converting the FTS_* attributes from PDF files. Manual configuration of a new setting in server.xml is required, as described below.
Note – See issue 4956415 for details about displaying custom meta tag information in search results. |
4933935 |
On Solaris 9 release: reconfig does not work in package-based installs. |
4945089 |
ASN.1 parsing issue in SSL. A problem has been identified in the implementation of the SSL protocols used by the Web Server that may be exploited as a Denial of Service attack. Sun Java System Web Server 6.1 SP1 fixes this problem. If you use the Web Server to host sites that utilize SSL version 3 or TLS, you are strongly encouraged to install this service pack. |
4950388 |
The reconfig command does not work on Windows XP. |
4964069 |
The commit.exe utility crashes on Windows platforms. |
The following table lists the issues resolved in Sun Java System Web Server 6.1.
Table 13 Issues Resolved in Sun Java System Web Server 6.1
Problem ID |
Description |
---|---|
4869693 |
On Windows, the Web Server installation overwrites SunONE Directory Server .dll files due to cohabitation issues with Directory Server 5.x. |
4540254 |
Rotating log files shouldn't require server restart on UNIX. |
4727146 |
Logs filling with `connection reset' entries. |
4786735 |
Installer does not set proper JDK CLASSPATH/LIBPATH when the external JDK is used. |
4792721 |
Incorrect error messages when LDAP server is offline. |
4799452 |
sun.tools.javac.Main has been deprecated. Its exception stops valid JSP files. |
4801874 |
ACL_LDAPSessionAllocate always returns LAS_EVAL_FAIL. |
4811418 |
Digest authentication crashes. |
4819405 |
Memory leak of the slapd process with the digestauth plug-in. |
4820513 |
digestauth plug-in code is not thread safe. |
4839875 |
When using cachefs or nfs as ClassCache and document-root, Sun Java System Web Server does not always pick up the new JSP. |
4842190 |
Web Server crashes when receiving Accept-Language header larger than 15 languages. |
4842574 |
Server crash with malformed request. |
4842601 |
Accept-Language header security issue. |
4846832 |
CRL corrupts database. |
4848896 |
digestauth plug-in crashes for a particular type of request. |
4849914 |
Memory leak in digestauth plug-in for a particular type of request. |
4855546 |
Log analyzer vulnerability. |
4858026 |
JSP: crash in getParameter when posting large amounts of data. |
4867887 |
Basic authentication fails for users with user IDs that have spaces. |
4903319 |
When you create a collection, not all documents will be indexed and added to the collection. |
The following table lists the issues resolved in the English language version of Sun Java System Web Server 6.1 SP6 and later documentation.
The following issues exist in the localized version of Sun Java System Web Server 6.1 documentation.
Problem ID |
Description |
---|---|
6507454 |
Current documentation gives incorrect instructions on how to log cookie information. |
6528670 |
Administrator's Guide should document the steps to restart, start, or stop the schedulerd control daemon from command line. |
6528678 |
Release Notes and Installation and Migration Guide have different Support Platform description for Web Server 6.1 SP7. |
6528682 |
Two Server Instances Bind to Same Port on Windows. |
6543821 |
Server does not close the old listen sockets on restart or reconfigure. |
6559753 |
The release notes for the reverse proxy plug-in should include a Resolved Issues section. |
6570039 |
Administrator's Guide needs correction: the -P option in the Exporting with pk12util section should contain a hyphen (-) after https-test-host. |
6367812 |
Online help does not document steps to restart the schedulerd. |
4957123 |
Administrator's Guide does not document the Search Query operators. |
6493741 |
Provide steps on "How to Stop the schedulerd from a command line". |
6384436 |
Reverse proxy plug-in is missing some important documents. |
6401395 |
6.1 Passthrough/Fastcgi plug-ins startup messages create confusion. |
6170766 |
Upgrade procedure of Java ES does not use the JES installer. |
6418693 |
Description about netbuf_getbytes() is not available in the 6.1 NSAPI guide. |
6472668 |
Web Server 6.1 Windows installation should use -Xrs JVM option by default. |
6503463 |
Web Server 6.1 release notes has Sun internal URL. |
6378473 |
Release Notes for Sun Java System Web Server 6.1 Add-Ons Reverse Proxy Plugin has an incorrect default value for the validate-server-cert SAF. |
6391505 |
Installation and Migration Guide should document configuration file writability, root security risks, and Solaris net_privaddr privilege. |
6359385 |
Administrator's Configuration File Reference should document the magnus.conf variable MaxKeepAliveConnections value range for 64–bit server. |
6358849 |
Administrator's Configuration File Reference should document the MaxOpenFiles attribute in the nsfc.conf configuration file. |
5065188 6173274 |
Administrator's Guide incorrectly describes a Find menu Passage Search option in the Advanced Search section. This menu option is not available. |
6155266 |
Administrator's Guide describes the configuration log level incorrectly. |
6206074 |
Administrator's Configuration File Reference describes an incorrect default value for the ChildRestartCallback directive. |
6170766 |
Installation and Migration Guide describes an incorrect method of upgrading a new version of Web Server in the Before You Install Sun ONE Web Server section. |
6170769 |
Administrator's Configuration File Reference has incorrect information about the AdminLanguage directive. |
6173273 |
Administrator's Guide has a typographical error under section Choosing MIME Types. |
6173133 |
NSAPI Programmer's Guide describes an incorrect example of a NSAPI Function Reference. |
6173272 |
Administrator's Guide incorrectly documents the supported version of Java as `1.4.1_03'. |
5029460 |
Administrator's Guide documents an incorrect certmap.conf configuration. |
4975161 |
Administrator's Configuration File Reference does not document the optional parameter `block-size' for pool-init. |
5002190 |
Administrator's Guide does not contain information about the htpasswd command utility. |
5002192 |
Administrator's Configuration File Reference has incorrect information about the loglevel attribute. |
5038534 |
Administrator's Configuration File Reference has incorrect default value for the LogFlushInterval directive. |
4781137 |
Administrator's Guide has the following incorrect information:
|
4823362 |
Administrator's Guide needs to be updated with additional information regarding ACL. |
5046588 |
Installation and Migration Guide incorrectly documents the supported version of Sun accelerator hardware. |
5052605 |
NSAPI Programmer's Guide does not clearly specify that content-type needs to be in lower case. |
5062560 |
Installation and Migration Guide does not document the method of disabling the start-on-boot option. |
6285234 |
Administrator's Configuration File Reference incorrectly describes the default value of the StrictHttpHeaders directive as on. |
6067318 |
Administrator's Configuration File Reference has insufficient information about the set-variable error parameter. |
6230379 |
Administrator's Configuration File Reference incorrectly describes a remove-file() SAF. |
6208955 |
NSAPI Programmer's Guide incorrectly documents the description of SERVER_SOFTWARE as MAGNUS_VERSION_STRING. |
6320016 |
Administrator's Configuration File Reference does not clearly define the default value of listenQ on Windows. |
6354681 |
Administrator's Configuration File Reference needs more information about DNS. |