These release notes contain important information available at the time of the release of iPlanet Application Server, Enterprise Pro Edition, Version 6.0, SP3 (iAS EPE). New features and enhancements, known problems, and other information are addressed here. Read this document before you begin using iAS EPE.
An electronic version of these release notes can be found at the iPlanet documentation web site: http://docs.iplanet.com/docs/manuals/
These release notes contain the following sections:
iPlanet Process Manager 6.0, SP3 and Unified Integration Framework 6.0, SP2 are certified to run on top of iPlanet Application Server 6.0, SP4. For information about how to set up your environment and upgrade to iPlanet Application Server 6.0, SP4, refer to the iPlanet Knowledge Base article #7830 titled, "iPM and UIF issues when upgrading from iAS EPE 6.0 SP3 to iAS 6.0 EE SP4." The article is located at the following url: http://knowledgebase.iplanet.com/ikb/kb/articles/7830.html
iPlanet Application Server, Enterprise Pro Edition, Version 6.0, SP3 contains four bundled iPlanet products:
You may find it useful to subscribe to the following interest groups, where iPlanet Application Server topics are discussed.
Newsgroup topics for iPlanet Application Server include:
General: snews://secnews.netscape.com/iplanet.ias.general
Installation: snews://secnews.netscape.com/iplanet.ias.install
Performance: snews://secnews.netscape.com/iplanet.ias.perf
Clustering: snews://secnews.netscape.com/iplanet.ias.cluster
iPlanet Process Manager has its own newsgroup. Please post questions to:
The following operating systems and software are supported with this release of iAS EPE. If you are running non-supported versions of these products, you must upgrade to a supported version.
Oracle 8.1.6, 8.1.7, 9i Servers, Oracle 8.1.5, 8.1.6 and 8.1.7 Clients
Oracle8i 8.1.6.0.1: Type 4 and Type 2
The following enhancements are new to this release of iPlanet Application Server, Enterprise Pro Edition:
These release notes cover enhancements specific to iPlanet Process Manager 6.0, SP3. For enhancements to the other products bundled with iAS EPE, SP3, please consult each product's release notes.
https access in iPlanet Process Manager comes into play in three different areas:
Support for this feature is available in this release. Currently, there is no proxy or client certificate support in iPM.
In iPM 6.0, SP3, Process Builder and the Command Line Deploy Tool (pmdeploy) support the deployment of process applications to the iPM cluster over a web server that uses the https protocol. The https protocol uses a digital certificate to encrypt and send the document securely. Depending on the way the handshake is processed between the server (web server) and the client (Process Builder or Command Line Deploy Tool), there are three options available.
iPM 6.0, SP3 supports only the first option.
During the deployment step, the client (Builder/pmdeploy) is presented with a server certificate that must be accepted by the client. This step ensures the client deploys to the correct server. During this step, the client consults its certificate store for an acceptable certificate match. If the certificate presented is not in the store, the client does not allow the communication to go through.
The following sections describe how to set up your development environment to support deployment of iPM applications using https.
Installing the JSSE 1.0.2 Libraries.
To enable https functionality in iPM, you must download the Java Secure Socket Extension (JSSE 1.0.2) package available as a free download from Sun's Java web site: http://java.sun.com/products/jsse/index-102.html.
You can install the JSSE libraries in Builder in one of the two ways. Installation instructions depend on your usage of SSL within the product.
To Install the JSSE 1.0.2 Libraries, choose one of the following procedures:
JAVA_HOME refers to the Java installation used by Builder and the Deploy Tool. The default location is <ipm-install-dir>/ias/usr/java.
Configuring the Server (iWS and iPM).
This involves setting up a web server instance to run in https mode. Refer to the iPlanet Web Server documentation on docs.iplanet.com for instructions on how to do this.
http://docs.iplanet.com/docs/manuals/enterprise/50/ag/esecurty.htm#1011961
http://docs.iplanet.com/docs/manuals/enterprise/41/ag/esecurty.htm#1068714
When you receive a certificate from the issuing authority, it is in the X.509 format. It should look like this:
Save this certificate to a file, myservercert.cer somewhere on the disk. You will later need to import this certificate file into the local trust database on the machine running Builder/pmdeploy.
Configuring the Client-side (Builder/Deploy Tool) Trust Database.
To enable the https feature in Builder, complete the following steps:
For the Builder/Deploy Tool to successfully communicate with the server over https, it is necessary to find the server certificate in the local trust database. For this to happen, you must import the server certificate into the trust database using a utility called keytool.
Keytool is part of the standard JDK installation. The default trust database that keytool uses is called cacerts. It is located in the <java-install-dir>/jre/lib/security directory.
<java-install-dir> in the normal installation is <ipm-install-dir>/ias/usr/java.
Note
For more information on cacerts and keytool, refer to Java documentation.
The following commands assume the Server Certificate was saved to a file called /servercert/myservercert.cer
To import the saved certificate into the trust database, type the following command into the command prompt.
<IAS_INSTALL-DIR>/usr/javabin/keytool -import -file /servercert/myservercert.cer -keystore <java-install-dir>/jre/lib/security/cacerts -storepass "changeit"
To verify that the certificate has been added to the store, type the following command into the command prompt.
<IAS_INSTALL-DIR>/usr/javabin/keytool -list -keystore <java-install-dir>/jre/lib/security/cacerts -storepass "changeit"
The default password for the cacerts trust database is "changeit". This may be different if your Administrator decides to set a different password on it.
Note
If you or your administrator decide not to use the default trust database, the command to import the certificate into this store is:
<IAS_INSTALL-DIR>/usr/javabin/keytool -import -file /servercert/myservercert.cer -keystore <java-install-dir>/jre/lib/security/<name of trust db file> -storepass "<password_of_trust_db>"
security.provider.1=sun.security.provider.Sun
# Keep above line intact
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
If you are using a non-default trust store, you must make changes to batch files (on NT), shell scripts (on Solaris) and the preferences.ini file (for Builder.exe on NT).
Uncomment the lines that contains the SSLOPTS and specify the path of the trust store. Comment out the line that invokes the java executable but does not contain SSLOPTS.
SET SSLOPTS=-Djavax.net.ssl.trustStore=<full path name of the trust store>
%JAVA_HOME%\bin\java.exe %SSLOPTS% -ms16M -mx128M -classpath %CPATH% WFDesignerApp
REM %JAVA_HOME%\bin\java.exe -ms16M -mx128M -classpath %CPATH% WFDesignerApp
Comment out the classpath line that does not contain the trust store option. Uncomment the next line and provide the path to the trust store.
#classpath=-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -ms16M -mx128M -classpath "classes;lib\jsse.jar;lib\jnet.jar;lib\jcert.jar"
classpath=-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Djavax.net.ssl.trustStore=<full path name of the trust store> -ms16M -mx128M -classpath "classes;lib\jsse.jar;lib\jnet.jar;lib\jcert.jar"
Enabling Content Store over https.
The Content Store helps iPM users upload and download file attachments. The file attachment Java applet communicates to the server via http and https. (The https protocol works only on Netscape browsers.)
Once a file is uploaded to the web server, the process application may require access to it. In this case, the process application needs to use the https protocol to get to the uploaded file if the web server instance is https enabled.
To configure the Application Server environment to make https handshake possible:
This section describes Internationalization Support in iAS EPE.
You can configure this service pack of iPM 6.0 to display non-ASCII characters on Builder. To enable non-ASCII character display you must modify the preferences.ini file located in the <iPM install directory>/builder directory.
#NormalTextFont=sansserif:plain:12
#SmallTextFont=sansserif:plain:10
#NormalBoldTextFont=serif:bold:14
#HeadingTextFont=serif:bold:16
#FixedFont=monospaced:plain:14
#TitleTextFont=sansserif:bold:12
The non-ASCII character InputMethodEditor is enabled for certain components in this service pack release. The components that support non-ASCII character input method are:
If the Builder is running on an OS with the English locale, the InputMethodEditor is disabled by default; however, you can enable the InputMethodEditor by uncommenting the following line at the end of the preferences.ini file:
If a non-English locale is set for the OS, the InputMethodEditor is enabled by default; however, you can disable the InputMethodEditor by uncommenting the following line at the end of the preferences.ini file:
The operating character set for iPM has been changed. This service pack of iPM uses UTF-8. All previous versions and service packs used ISO_8859-1.
While using Builder, please note the following:
All new forms created by the form wizard will include the following meta tag:
Before deploying an application, please make sure the character encoding of the forms (html files) matches the character set of the OS where the web server is running.
If an application is developed on NT using the Japanese character set, then deployed to Solaris Japanese operating in a ja locale, you must convert all html files in the application from Shift_JIS (OS character set of NT Japanese) to EUC-JP (OS character set of Solaris Japanese for ja locale).
Some tool applications support character set conversion of files. The JDK also provides the command line tool native2ascii.
To run the iPM application using the new character set, the following items must be set for the iPlanet Application Server, Database Server, and Database Client.
When forms (html files) contain multibyte characters, the locale for both the development system where Builder is used to develop an application and the target system where the iPlanet Application Server is running must have the same locale setting. The character set used in forms must also match the character set of the locale of the target server system.
The following combinations are valid for a Japanese application:
Before deployment, you must convert all forms to EUC-JP. You must declare the UTF-8 character set in the meta tag.
Windows 2000 Professional and Windows 2000 Server SP2 platforms are now supported in production and development environments.
Note that only iPlanet Application Server is supported on Windows 2000 platforms. iPlanet Directory and Web Server are not supported by iPlanet Support on Windows 2000 platforms.
iPlanet Web Server, Enterprise Edition 6.0 is now supported.
The iAS EPE Sample Application provides an example of how an iPM application can interact with an Enterprise Information System (EIS) using a custom activity. A Stubbed Connector is shipped with this sample application. The Stubbed Connector simulates a real connector and implements the protocol required by Unified Integration Framework (UIF). It returns hard-coded values for queries made from an iPM application custom activity. This Stubbed Connector is used to demonstrate how you can implement a custom activity that interacts with an EIS. This sample application can be downloaded from the following location: http://developer.iplanet.com/appserver/samples
The file GetEmployeeDetails.java, discussed in the documentation that ships with iAS EPE, is placed in the following location when you unzip the VacationRequest application:
on NT: EPE/sampleApp/src/com/iplanet/epe/sample/GetEmployeeDetails.java
on Solaris: EPE/sampleapp/src/com/iplanet/epe/sample/GetEmployeeDetails.java
Below is a short description of the most important bugs fixed in iAS EPE, Version 6.0, SP3.
Bug Number
Description
Dynamic Group Assignments using IWorkItem.addAssignee(IRole) does not work as expected
552407
545396
541914
552971
518274
This section contains a listing of the more important bugs known at the time of the iAS EPE, Version 6.0, SP3 release. For known problems related to specific iAS EPE bundled products, please read the release notes for each product.
If you have problems with iAS EPE, contact iPlanet customer support using one of the following mechanisms:
So that we can best assist you in resolving problems, please have the following information available when you contact support:
Useful iPlanet information can be found at the following Internet locations:
Last Updated May 28, 2002