This section describes the new and deprecated features in Oracle HTTP Server.
Topics
The following topics introduce the new and changed features, and other significant changes for the current release of Oracle HTTP Server.
For information about the enhancements, bug fixes, and functional differences between Weblogic Server Proxy Plug-in versions 12.1.1, 12.1.2, and 12.1.3, see My Oracle Support Knowledge Database Doc ID 1111903.1 at http://support.oracle.com.
This section contains the following information:
The Oracle WebLogic Server Proxy Plug-In now supports the Websocket protocol. This support adds a new optional directive for the plug-in, WLMaxWebSocketClients. This directive indicates the maximum number of active websocket connections. A connection for regular requests is upgraded to a websocket connection upon client request and is dedicated to websocket processing until the connection is closed. By default, this value is half the total number of configured connections for Oracle HTTP Server.
This section describes features that have been significantly updated from earlier versions of Oracle HTTP Server.
In Oracle HTTP Server 12c (12.1.3), you can configure SSL FIPS mode with a SSLFIPS directive, just like Apache open source. For more information on Oracle HTTP Server support for the SSL FIPS mode, see OHS Release 12c (12.1.2) Supports FIPS 140 and Section F.3.6, SSLFIPS.
Note:
For more information on the SSL FIPS 140-2 standard for Oracle HTTP Server 12.1.3, visit https://support.oracle.com and search for Doc ID 2160983.1.
This section contains the following information:
This section describes new features in this version of Oracle HTTP Server.
This version of Oracle HTTP Server introduces the WebLogic Management Framework, a set of tools that leverage Oracle WebLogic Release 12c (12.1.2) interfaces to provide a simple, consistent and distributed framework for managing Oracle. For more information on the WebLogic Management Framework, see What is the WebLogic Management Framework in Understanding Oracle Fusion Middleware.
The following changes are a result of the new framework:
Configuration is a post-installation task that begins with creating a domain, primarily by using Configuration Wizard. For more information, see Installing and Configuring Oracle HTTP Server.
Support for remote management of OHS instances cannot be added after creation. The necessary domain type (WebLogic Server or standalone) should be chosen before installation (see Section 1.4, Domain Types). This is different from Oracle HTTP Server 11g where you could register an Oracle instance with a WebLogic domain at a later time to manage it by using the non-J2EE management tool.
Configuration files for instances that are part of a WebLogic Server domain are maintained on the administration server node, not on the managed server.
Changes made to configuration files on the managed server are not preserved when updates are made on the administration server, for example, by using Fusion Middleware Control.
Command support for managing Oracle HTTP Server is provided primarily within WLST, instead of from the operating system shell. Existing WLST commands and new commands added in this release are applicable to Oracle HTTP Server (see Section 3.6, Using the WebLogic Scripting Tool).
Server-specific configuration previously maintained in opmn.xml is now configured in ohs.plugins.nodemanager.properties within the Oracle HTTP Server configuration directory.
When starting or stopping Oracle HTTP Server, console output is now written to the log instead a special console log file.
Server configuration directories no longer include product code, such as Apache HTTP Server documentation, FastCGI programming libraries, or icon files used by content generated by Oracle HTTP Server. This code resides only in the product directory.
The administration port, previously referred to as the Proxy MBean or Admin Port, is now used whether the instance is managed as part of a WebLogic Server domain. The port should now be limited to the loopback interface. In the previous release, the administration server would connect to the port.
The Oracle HTTP Server MBeans, which might be visible in Fusion Middleware Control or WLST, are provided for the use of Oracle management tools. The interfaces are not supported for other use and are subject to change without notice.
Oracle HTTP Server Release 12c (12.1.2) now complies with the Federal Information Processing Standard publication 140 (FIPS 140). Although the modules used in this version of Oracle HTTP Server are still undergoing their FIPS 140 validation, it uses a version of the underlying SSL libraries that has gone through formal FIPS certification.
As part of Oracle HTTP Server's FIPS 140 compliance, the mod_ossl plug-in now includes the SSLFIPS directive. This directive enables FIPS from Oracle HTTP Server configuration files by toggling the SSL library FIPS_mode flag on or off. SSLFIPS must be set in the global server context and cannot be configured with conflicting settings (for example, SSLFIPS on followed by SSLFIPS off or similar). The mode applies to all SSL library operations.
Note:
Note the following restrictions on SSLFIPS:
Enabling SSLFIPS mode in Oracle HTTP Server requires a wallet created with AES encrypted (compat_v12) headers. To create a new wallet or to convert an existing wallet with AES encryption, see these sections in orapki in Administering Oracle Fusion Middleware:
For more information on SSLFIPS, see Section F.3.6, SSLFIPS.
When configuring mod_wl_ohs by using Fusion Middleware Control, you can see a list of clusters or servers available to the selected Oracle HTTP Server instance by clicking the Search icon.
Selecting this tool displays a selection dialog box, from which you can select the cluster or server you want to use.
You can now easily add valid WebLogic Server and endpoint locations for a specified Base URL to the Locations table on the mod_wl_ohs Configuration screen by clicking the AutoFill button. Data for any location of the same name will be updated and any new locations will be added to the table.
This section describes features that have been significantly updated from earlier versions of Oracle HTTP Server.
The WebLogic Server plug-in logs are now part of the Oracle HTTP Server error log and are prefixed with weblogic: to easily identify them. Hence the directives WLLogFile and Debug are deprecated. If the configuration still uses any of these directives, the following note will appear in the console log file:
The WLLogFile directive is ignored. The web server log file is used instead. The Debug directive is ignored. The web server log level is used instead.
Oracle HTTP Server no longer supports the sqlnet.ora NZ trace logging mechanism. As of version Release 12c (12.1.2), you should use the new SSLNZTraceLogLevel directive to enable NZ trace logging using ssl.conf file. For more information, see Section F.3.9, SSLTraceLogLevel.
Support for listening on privileged ports on UNIX has a different implementation that does not require running any Oracle HTTP Server code as root. The User and Group directives no longer have to be configured.
The following features were removed from Release 12c 12.1.3 and 12.1.2.
The following features were removed from Release 12c (12.1.3).
The following plug-in modules have been deprecated:
mod_perl: Allows administrators to run Perl scripts within Oracle HTTP Server.
mod_fastcgi: Allows administrators to efficiently execute traditional CGI scripts within Oracle HTTP Server.
Oracle is deprecating only the current implementation, the Oracle HTTP Server module (mod_fastcgi) of the FastCGI protocol. Oracle HTTP Server 12.x continues to support the FastCGI protocol by using an alternate implementation, and customers can continue to execute CGI and FastCGI scripts in Oracle HTTP Server 12.x.
mod_plsql: This module allows administrators to create dynamic web pages from PL/SQL packages and stored procedures.
For more information, visit http://support.oracle.com and search for Oracle Web Tier - Statement of Direction (Doc ID 1576588.1).
Support for SSL Protocol Version 3 has been removed. Its use is no longer recommended for secure communication.
The shmht value in SSLSessionCache is deprecated.
shmht: /path/to/datafile[bytes]: Uses a high-performance hash table ( bytes specifies approximate size) inside a shared memory segment in RAM, which is established by the /path/to/datafile . This hash table synchronizes the local SSL memory caches of the server processes. Note: in this shm setting, no log files are created under /path/to/datafile on local disk.
The following features were removed from Release 12c (12.1.2).
Oracle Web Cache is no longer included in Fusion Middleware 12c. Oracle HTTP Server support for integration with Oracle Web Cache has been removed.
The mod_oradav module is no longer included with Oracle HTTP Server. Customers who require DAV support in Oracle HTTP Server must use a third-party solution, such as the open source module mod_dav.
The mod_osso module is no longer included with Oracle HTTP Server. Oracle WebGate is the recommended replacement. WebGate is now installed with Oracle HTTP Server.
The OracleAS Single Sign-On (SSO) plug-ins for IIS and iPlanet are no longer included with Oracle HTTP Server. Oracle WebGate is the recommended replacement.