The listener elements are as follows:
Defines an HTTP listen socket.
When you create a secure listen socket through the Server Manager, security is automatically turned on globally in magnus.conf. When you create a secure listen socket manually in server.xml, security must be turned on by editing magnus.conf.
The CONNECTIONGROUP element from the schema file for server.xml in version 6.0 of Web Server is no longer supported. Its attributes and the subelement SSLPARAMS are added to the LS element in Sun Java System Web Server 6.1.
The following table describes subelements for the LS element.
Table 2–6 LS Subelements
Element |
Required |
Description |
---|---|---|
zero or one |
Contains a text description of the listen socket. |
|
zero or one |
Defines Secure Socket Layer (SSL) parameters. |
The following table describes attributes for the LS element.
Table 2–7 LS Attributes
Attribute |
Default |
Description |
---|---|---|
none |
(Optional) The socket family type. A socket family type cannot begin with a number. When you create a secure listen socket in the server.xml file, security must be turned on in magnus.conf. When you create a secure listen socket in the Server Manager, security is automatically turned on globally in magnus.conf. |
|
any |
Specifies the IP address of the listen socket. Can be in dotted-pair or IPv6 notation. Can also be any for INADDR_ANY. |
|
port |
none |
Port number to create the listen socket on. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listen socket to listen on port 443 is recommended. Two different IP addresses can’t use the same port. |
security |
false |
(Optional) Determines whether the listen socket runs SSL. Legal values are on, off, yes, no, 1, 0, true, false. You can turn SSL2 or SSL3 on or off and set ciphers using an SSLPARAMS subelement for this listen socket. The Security setting in the magnus.conf file globally enables or disables SSL by making certificates available to the server instance. Therefore, Security in magnus.conf must be on or security in server.xml does not work. For more information, see Chapter 3, Syntax and Use of magnus.conf |
acceptorthreads |
1 |
(Optional) Number of acceptor threads for the listener. The recommended value is the number of processors in the machine. Legal values are 1 - 1024. |
family |
none |
(Optional) The socket family type. Legal values are inet, inet6, and nca. Use the value inet6 for IPv6 listen sockets. When using the value of inet6, IPv4 addresses are prefixed with ::ffff: in the log file. Specify nca to use the Solaris Network Cache and Accelerator. |
blocking |
false |
(Optional) Determines whether the listen socket and the accepted socket are put in to blocking mode. Use of blocking mode may improve benchmark scores. Legal values are on, off, yes, no, 1, 0, true, false. |
defaultvs |
none |
The id attribute of the default virtual server for this particular listen socket. |
servername |
none |
Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates. it does not affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias. If you append a colon and port number, that port will be used in URLs the server sends to the client. |
Defines SSL (Secure Socket Layer) parameters.
None
The following table describes attributes for the SSLPARAMS element.
Table 2–8 SSLPARAMS Attributes
Attribute |
Default |
Description |
---|---|---|
Server-Cert |
The nickname of the server certificate in the certificate database or the PKCS#11 token. In the certificate, the name format is tokenname:nickname. Including the tokenname: part of the name in this attribute is optional. |
|
false |
(Optional) Determines whether SSL2 is enabled. Legal values are on, off, yes, no, 1, 0, true, and false. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption. |
|
none |
(Optional) A space-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable. For example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3. |
|
true |
(optional) Determines whether SSL3 is enabled. Legal values are on, off, yes, no, 1, 0, true and false. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption. |
|
none |
(optional) A space-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +rsa_des_sha. Allowed SSL3 values are rsa_rc4_128_md5, rsa_3des_sha, rsa_des_sha, rsa_rc4_40_md5, rsa_rc2_40_md5, rsa_null_md5. Allowed TLS values are rsa_des_56_sha, rsa_rc4_56_sha. |
|
true |
(optional) Determines whether TLS is enabled. Legal values are on, off, yes, no, 1, 0, true, and false. |
|
true |
(optional) Determines whether TLS rollback is enabled. Legal values are on, off, yes, no, 1, 0, true, and false. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. |
|
false |
(optional) Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control. Legal values are on, off, yes, no, 1, 0, true, and false. |
Defines MIME types.
The most common way that the server determines the MIME type of a requested resource is by invoking the type-by-extension directive in the ObjectType section of the obj.conf file. The type-by-extension function does not work if no mime element has been defined in the SERVER element.
The following table describes attributes for the MIME element.
Table 2–9 MIME Attributes
Attribute |
Default |
Description |
---|---|---|
id |
none |
Internal name for the MIME types listing. Used in a VS element to define the MIME types used by the virtual server. The MIME types name cannot begin with a number. |
file |
none |
The name of a MIME types file. For more information, see Chapter 5, MIME Types. |
References one or more ACL files
The following table describes subelements for the ACLFILE element.
Table 2–10 ACLFILE Subelements
Element |
Required |
Description |
---|---|---|
Zero or one |
Contains a text description of the ACLFILE element |
The following table describes attributes for the ACLFILE element.
Table 2–11 ACLFILE Attributes
Attribute |
Default |
Description |
---|---|---|
id |
none |
Internal name for the ACL file listing. Used in a VS element to define the ACL file used by the virtual server. An ACL file listing name cannot begin with a number. |
file |
none |
A space-separated list of ACL files. Each ACL file must have a unique name. For information about the format of an ACL file, see the Sun Java System Web Server 6.1 SP9 Administrator’s Guide. The name of the default ACL file is generated.https-server_id.acl, and the file resides in the server_root/server_id/httpacl directory. To use this file, you must reference it in server.xml. |
Defines a virtual server class.
The following table describes subelements for the VSCLASS element.
Table 2–12 VSCLASS Subelements
Element |
Required |
Description |
---|---|---|
zero or one |
Contains a text description of the VSCLASS. |
|
zero or one |
Specifies a property of the VSCLASS. |
|
zero or more |
Specifies a property of the VSCLASS. |
|
zero or more |
Defines a virtual server. |
|
zero or one |
Defines quality of service parameters. |
The following table describes attributes for the VSCLASS element.
Table 2–13 VSCLASS Attributes
Attribute |
Default |
Description |
---|---|---|
none |
Virtual server class ID. This is a unique ID that allows lookup of a specific virtual server class. A virtual server class ID cannot begin with a number. |
|
obj.conf |
The obj.conf file for this class of virtual servers. Cannot be overridden in a VS element. |
|
default |
(Optional) Tells the server which object loaded from an obj.conf file is the default. The default object is expected to have all the name translation (NameTrans) directives for the virtual server, any server behavior that is configured in the default object affects the entire server. If you specify an object that doesn’t exist, the server does not report an error until a client tries to retrieve a document. The Server Manager assumes the default to be the object named default. Do not deviate from this convention if you use (or plan to use) the Server Manager. |
|
false |
(Optional) If true, the server parses the Accept-Language header and sends an appropriate language version based on which language the client can accept. You should set this value to on only if the server supports multiple languages. Can be overridden in a VS element. Legal values are on, off, yes, no, 1, 0, true, and false. |
Defines a virtual server. A virtual server, also called a virtual host, is a virtual web server that serves content targeted for a specific URL. Multiple virtual servers may serve content using the same or different host names, port numbers, or IP addresses. The HTTP service can direct incoming web requests to different virtual servers based on the URL.
The following table describes subelements for the VS element.
Table 2–14 VS Subelements
Element |
Required |
Description |
---|---|---|
zero or one |
Contains a text description of this element. |
|
zero or one |
Specifies a property or a variable of the VS. |
|
zero or more |
Specifies a property or a variable of the VS. |
|
zero or one |
Defines quality of service parameters. |
|
zero or more |
Defines the user database for the virtual server. |
|
zero or one |
Defines the WebDAV configuration for the virtual server. |
|
zero or one |
Defines the search configuration for the virtual server. |
|
zero or more |
Specifies a web application. |
The following table describes attributes for the VS element.
Table 2–15 VS Attributes
Attribute |
Default |
Description |
---|---|---|
id |
none |
Virtual server ID. This is a unique ID that allows lookup of a specific virtual server. Can also be referred to as the variable $id in an obj.conf file. A virtual server ID cannot begin with a number. |
connections |
none |
(optional) A space-separated list of LS ids that specify the connection(s) the virtual server uses. Required only for a VS that is not the defaultvs of a listen socket. |
urlhosts |
none |
A space-separated list of values allowed in the Host request header to select the current virtual server. Each VS that is configured to the same listen socket must have a unique urlhosts value for that group. |
objectfile |
objectfile of the enclosing VSCLASS |
(optional) The file name of the obj.conf file for this virtual server. |
rootobject |
default |
(optional) Tells the server which object loaded from an obj.conf file is the default. Tells the server which object loaded from an obj.conf file is the default. The default object is expected to have all the name translation (NameTrans) directives for the virtual server; any server behavior that is configured in the default object affects the entire server. If you specify an object that doesn't exist, the server doesn't report an error until a client tries to retrieve a document. |
mime |
none |
The id of the MIME element used by the virtual server. |
aclids |
none |
(optional) One or more id attributes of ACLFILE elements, separated by commas. Specifies the ACL file(s) used by the virtual server. |
errorlog |
none |
(optional) Specifies a log file for virtual-server-specific error messages. See the LOG description for details about logs. |
acceptlanguage |
off |
(optional) If true, the server parses the Accept-Language header and sends an appropriate language version based on which language the client can accept. You should set this value to on only if the server supports multiple languages. Legal values are on, off, yes, no, 1, 0, true, false. |
state |
on |
(optional) Determines whether a virtual-server is active (on) or inactive (off, disabled). The default is on (active). When inactive, a virtual server does not service requests. If a virtual server is disabled, only the global server administrator can turn it on. |
Defines quality of service parameters of an SERVER, VSCLASS, or VS element.
none
The following table describes attributes for the QOSPARAMS element.
Table 2–16 QOSPARAMS Attributes
Attribute |
Default |
Description |
---|---|---|
maxbps |
none |
(required if enforcebandwidth is yes) The maximum bandwidth limit for the server, vsclass, or vs in bytes per second. |
enforcebandwidth |
false |
(optional) Specifies whether the bandwidth limit should be enforced or not. Allowed values are yes, no, true, false, on, off, 1, 0. |
maxconn |
none |
(required if enforceconnections is yes) The maximum number of concurrent connections for the SERVER, VSCLASS, or VS. |
enforceconnections |
false |
(optional) Specifies whether the connection limit should be enforced or not. Allowed values are yes, no, true, false, on, off, 1, 0. |
Defines the user database used by the VS element.
The following table describes subelements for the USERDB element.
Table 2–17 USERDB Subelements
Element |
Required |
Description |
---|---|---|
zero or one |
Contains a text description of this element. |
The following table describes attributes for the USERDB element.
Table 2–18 USERDB Attributes
Attribute |
Default |
Description |
---|---|---|
id |
none |
The user database name in the virtual server's ACL file. A user database name cannot begin with a number. |
database |
none |
The user database name in the dbswitch.conf file. |
basedn |
none |
(optional) Overrides the base DN lookup in the dbswitch.conf file. However, the basedn value is still relative to the base DN value from the dbswitch.conf entry. |
certmaps |
none |
(optional) Specifies which certificate mapped to LDAP entry mappings (defined in certmap.conf) to use. If not present, all mappings are used. All lookups based on mappings in certmap.conf are relative to the final base DN of the VS. |