| Sun ONE Web Server 6.1 Administrator's Guide |
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Index
Symbols
!= (not equal to) 1
$TOKENNAME 1
%vsid%, adding to log file format string 1
.acl
file extension for files storing access control settings 1
.htaccess
converting from .nsconfig files 1
dynamic configuration files 1
enabling via magnus.conf 1
enabling via user interface 1
example of 1
security considerations 1
supported directives 1
.nsconfig files
converting to .htaccess files 1
= (equals) 1
= greater than or equal to 1
Numerics
200 - 500 status codes 1
A
about this guide
contents 1
accelerators, hardware
certificates and keys stored in secmod.db 1
Accept 1
Accept Language Header
using 1
acceptor threads
virtual servers 1
access
delete 1
execute 1
info 1
list 1
read 1
to web site, restricting (global and single-instance) 1
write 1
access control
"administrators" group 1
databases and 1
date restrictions 1
distributed administration and 1
files 1
for WebDAV 1
hostnames 1
hostnames and IP addresses 1
introduction to 1
IP addresses 1
LDAP directories and 1
methods (Basic, SSL) 1
my_stuff directory 1
overview 1
programs 1
public information directories, using configuration styles to control 1
redirection 1
response when denied 1
restricting access on webDAV-enabled resources 1
Securing access control with distributed administration 1
time restrictions 1
turning off 1
using virtual servers 1
writing custom expressions 1
access control entries (ACEs) 1
access control files (ACL)
location stored 1
access control list (ACL) 1
access log 1
location 1
configuring 1
viewing 1
access log preferences
setting 1
access log rotation 1
access logs
virtual servers, configuring 1
access, restricting
Web Server, procedure 1
access, server
access-control entries (ACEs) 1, 2
access-control list (ACL) 1, 2
account, user
changing 1
ACL
actions, setting 1
attribute expressions 1
authentication statements 1
authorization statements 1
changing access denied message 1
deactivating 1
default file 1
distributed administration and 1
editing settings for virtual servers 1
files, syntax 1
obj.conf, referencing 1
restricting access based on security 1
restricting access based on time of day 1
restricting access for virtual servers 1
restricting access to a directory 1
restricting access to a file type 1
restricting access to a URI 1
restricting access to entire server 1
server digest authentication procedure 1
specifying users and groups 1
virtual servers 1
virtual servers, configuring settings 1
ACL user cache
server stores user and group authentication results 1
ACLCacheLifetime 1
ACLFILE 1
-aclid 1
aclname 1
ACLUserCacheSize 1
additional document directories 1
admin/logs
log file location 1
administration group
creating 1
Administration interface
more information about 1
Administration Server
accessing 1
activating and deactivating the cron daemon 1
enabling SSL 1
how to remove the old full name or uid values when renaming a user’s entry 1
instance of Web Server 1
introduction 1
main top-level page tabs 1
removing a server 1
security and 1
starting services applet from the Control Panel 1
starting the SNMP master agent 1
stopping 1
UI overview 1
URL navigation to 1
administration, distributed
enabling 1
administrator’s userid (superuser) 1
administrators
distributed administration 1
admpw 1
superuser’s username and password file 1
agents
SNMP 1
AIX
SNMP issues 1
allow 1
analyzer, log
running (archive server logs prior to use) 1
and 1
ansi_x3.4-1968 1
ansi_x3.4-1986 1
API reference
JSP 1
servlets 1
application environment entries 1
applications
client-side 1
server-side 1
applications, server-side
how they are installed on Web Server 1
types that run on Web Server 1
archiving
ascii 1
attribute
Distinguished Name (DN) 1
attribute expressions
ACL, attribute 1
operators 1
attribute, search options
list of 1
attributes
x509v3 certificates 1
Authentication
When to use the J2EE/Servlet Model 1
authentication
client certificate 1
hostnames 1
SSL 1
users and groups 1
Authentication Database 1
authentication methods
types 1
using htaccess-register to create your own 1
authentication statements, ACL syntax 1
authentication, basic
most effective when combined with SSL encryption, Host-IP authentication, or both 1
authentication, client
steps to require 1
authentication, client, server
definition 1
authentication, digest 1
authentication, Host-IP 1
authentication, User-Group 1, 2
AuthName 1
Authorization 1
Defining access control by roles 1
Group mapping 1
Mapping Roles to Restricted Areas 1
Principal mapping 1
Role-based Authorization 1
authorization statements, ACL 1
AuthTrans qos-handler 1
AuthType 1
AuthUserFile 1
automatic restart utility (NT) 1
B
Basic authentication method 1
bong-file 1
C
c 1
CA
approval process (one day to two months) 1
definition (Certificate Authority) 1
trusting 1
types 1
cache control directives
setting 1
cache directories 1
cache, defined 1
caching files 1
Certificate Authority
definition 1
obtaining list of available 1
VeriSign 1
certificate chain
definition 1
certificate mapping file
location of certmap.conf 1
syntax for certmap.conf 1
certificate request, information needed 1
certificate revocation lists (CRLs)
installing and managing 1
certificate, client
authentication 1
certificates
certmap.conf and 1
client mapping
examples 1
client, mapping to LDAP 1
exporting with pk12util 1
importing with pk12util 1
introduction 1
managing 1
migrating from iPlanet Web Server 4.1 1
migrating from iPlanet Web Server 6.0 1
other server, installing 1
requesting other server certificates 1
root, removing 1
root, restoring 1
selecting name for a listen socket 1
single, trust database per web server instance 1
trusting 1
types 1
using the built-in root certificate module 1
virtual servers 1
x509v3, attributes 1
default properties 1
LDAP searches 1
sample mappings 1
using 1
certSubjectDN 1
CGI 1
defined (Common Gateway Interface) 1
downloading executable files 1
file extensions 1
file type, specifying shell for Windows NT 1
file types 1
installing 1
installing programs 1
installing shell programs for Windows NT 1
overview 1
programs, how to install on server 1
programs, how to store on server 1
removing directories 1
shell 1
specifying a directory 1
specifying a Windows NT directory 1
specifying as a file type 1
specifying directories 1
specifying shell directory, Windows NT 1
specifying Windows NT file type 1
using virtual servers 1
virtual servers, configuring unique attributes 1
Windows 1
Windows NT programs, overview 1
CGIStub
processes to aid in CGI execution 1
character set
changing 1
iso_8859-1 1
us-ascii 1
check-acl 1
chroot 1
specifying directory for virtual server 1
specifying directory for virtual server class 1
ciphers
definition 1
setting options 1
TLS and SSL3 for Netscape Navigator 6.0 1
CKLs (compromised key lists)
installing and managing 1
Class Manager
accessing 1
introduction 1
list of additional tabs 1
UI overview 1
classpath
ignoring classpath 1
classpathsuffix 1
client authentication
definition 1
steps to require 1
client certificate API
creating custom properties 1
client certificates
authentication 1
mapping to LDAP 1
clients
lists of accesses 1
client-side applications 1
clusters
adding a server to 1
adding variables 1
configuring 1
definition and potential tasks for using 1
guidelines for configuring servers into 1
guidelines for using 1
managing 1
modifying information 1
removing servers 1
setting up 1
collections
defined 1
command line
using flexanlg to analyze access log files 1
Common Gateway Interface (CGI)
overview 1
Common Logfile Format
definition 1
example 1
server access logs 1
common-log 1
community string
a text string that an SNMP agent uses for authorization 1
compromised key lists (CKLs)
installing and managing 1
concurrent connections
virtual servers, quality of service 1
master agent, editing 1
CONFIG file 1
configuration file
SSL, setting values 1
configuration files
backup copies via Restore Configuration page 1
dynamic, working with 1
obj.conf 1
configuration styles 1
assigning 1
creating 1
editing 1
listing assignments 1
removing 1
using virtual servers 1
Configuring WebDAV 1
connection factory 1
connection groups
one set of SSL parameters for all virtual servers in a 1
contains
search type option 1
content compression
activate 1
compressing content on demand 1
compression level 1
configuring for content compression 1
fragment size 1
inserting a Vary header 1
serving precompressed content 1
Content-length 1
Content-type 1
Control Panel (Windows NT)
using to shut down the Administration Server 1
control, access
overview 1
cookies
logging, easy 1
must enable to run CGI programs 1
COPY 1
cp367 1
cp819 1
creating a new JDBC connection pool 1
Creating a WebDAV collection 1
CRLs (certificate revocation lists)
installing and managing 1
cron-based log rotation 1
cryptographic modules, external
methods of using 1
custom resource 1
Customizing search 1
customizing form and results in separate pages 1
customizing the search results page 1
D
daemon
native SNMP, reconfiguring 1
native SNMP, restarting 1
SNMP
restarting 1
data, request 1
data, response 1
database
accessing via virtual servers 1
database entries
adding using LDIF 1
database, trust
creating 1
password, changing 1
databases, ACLs and 1
Date 1
dayofweek 1
dbswitch.conf 1
dbswitch.conf file 1
dcsuffix 1
debugging dialog box
disabling 1
Declarative security 1
decryption
definition 1
default listen socket (ls1) 1
defaultclass
virtual server class 1
DELETE 1
delete access 1
deleting
web applications 1
deleting users 1
deny 1
deploying web applications 1
deployment descriptor 1
DES algorithm
Directory Server settings 1
DES cipher 1
dialog box
debugging
disabling 1
digest authentication 1
server procedure for ACLs 1
Digest authentication method 1
Digest Authentication plug-in
installing 1
digestauth 1
DigestStaleTimeout 1
directives
SSL3SessionTimeout (SSL) 1
SSLCacheEntries (SSL) 1
SSLSessionTimeout (SSL) 1
directories
additional document 1
Directory Server
DES algorithm settings 1
ldapmodify command line utility 1
managing users and groups 1
required for distributed administration 1
user entries 1
directory services
configuring 1
directory services preferences
distinguished name
for users, form of 1
Distinguished Name (DN) attribute
definition 1
distinguished names
mapping certificates to LDAP entries 1
distributed administration
Directory Server, required for 1
enabling 1
groups
ACLs and 1
required for access control 1
DN
string representation for the name of an entry in a directory server 1
DNComps 1
DNS
reducing effects of look-ups on server performance 1
-docroot 1
document directories
additional 1
primary 1
primary (document root) 1
restricting content publication 1
document footer
setting 1
document preferences
default MIME type, specifying a 1
directory indexing 1
index filenames 1
server home page 1
virtual servers, setting 1
document root 1
setting 1
document root directory
redirecting using chroot 1
documents
lists of those accessed 1
Domain Name System
alias, defined 1
defined 1
drop words 1
dynamic configuration files
working with 1
dynamic reconfiguration 1
E
e 1
Editing a WebDAV collection 1
Enabling WebDAV 1
encryption
definition 1
encryption, two-way 1
ends with
search type option 1
error log
example 1
viewing 1
location 1
error logs 1
virtual servers, configuring 1
Error qos-error 1
error responses, customizing 1
errors
customizing responses 1
event variables
traps 1
Event Viewer 1
events, viewing (NT) 1
Exclusive locks 1
executable files, downloading 1
execute access 1
Expires 1
Expires header, defined 1
expressions, attribute
operators 1
expressions, custom 1
extranet, defined 1
F
FAT file systems
security (directories and files are not protected by access restrictions) 1
Federal Information Processing Standards (FIPS)-140 1
Figure showing the genwork file. 1
file cache
serves static information faster, and speeds up server-parsed HTML processing 1
file extensions
CGI 1
defined 1
file manipulation, remote
enabling 1
file types
defined 1
files
access control 1
certmap.conf 1
filter
memberURL 1
FilterComps 1
FIPS 1
FIPS-140
enabling 1
flex_anlg 1
flexanlg
use and syntax 1
flex-init 1
flex-log 1
forms, restricting access to 1
G
SNMP message 1
GIF, defined 1
givenName 1
global security parameters 1
greater than 1
group
an object that describes a set of objects in an LDAP database 1
groups
adding members to 1
adding to group members list 1
authentication 1
authentication, users 1
deleting 1
deleting entries 1
editing 1
finding 1
managing 1
renaming 1
restricting access 1
groups, static
definition 1
guidelines for creating 1
groups, users
about 1
groups-with-users 1
guidelines
creating difficult passwords 1
H
Handler, Query
using 1
hard links, definition 1
hardware accelerators
certificates and keys stored in secmod.db 1
header, response 1
headers, request
list of 1
hierarchy, ACL authorization statements 1
home.html 1
Host 1
host names and IP addresses
specifying 1
Host-IP authentication 1
hostnames
authentication 1
defined 1
restricting access 1
HP OpenView network management software
use with SNMP 1
htaccess-register
function for creating your own authentication methods 1
htconvert 1
HTML
defined 1
server-parsed, setting up 1
HTML, server-parsed
file cache 1
HTTP
compliance with 1.1 1
defined 1
requests 1
responses 1
status codes 1
HTTP (HyperText Transfer Protocol)
overview 1
http_head 1
httpacl 1
HTTPD 1
HTTPS
defined 1
HttpServerAdmin 1
control command 1
create command 1
delete command 1
list command 1
setting up virtual serves 1
syntax 1
HyperText Transfer Protocol (HTTP)
overview 1
Hypertext Transfer Protocol HTTP/1.1 spec
URL reference 1
I
ibm367 1
ibm819 1
INDEX 1
index.html 1
inetOrgPerson, object class 1
info access 1
INIT 1
init-clf 1
InitFn 1
initial naming context 1
defined 1
editing 1
restarting servers 1
starting the server with 1
installation
CGI programs 1
multiple servers 1
internal daemon log rotation 1
Internal member URI 1
international considerations
LDAP users and groups 1
IP addresses
defined 1
restricting access 1
IP addresses and host names
specifying 1
IP-Address-Based virtual servers 1
iplanetReversiblePassword 1
iplanetReversiblePasswordobject 1
is
search type option 1
ISINDEX 1
isn’t
search type option 1
iso_646.irv
1991 1
iso_8859-1 1
1987 1
iso-2022-jp 1
iso646-us 1
iso-8859-1 1
iso-ir-100 1
iso-ir-6 1
issuerDN 1
IWS_SERVER_HOME
environment variable 1
running HttpServerAdmin 1
iwsCpuId 1
iwsCpuIdleTime 1
iwsCpuIndex 1
iwsCpuUserTime 1
iwsInstanceContact 1
iwsInstanceCount2xx - 5xx 1
iwsInstanceCountOther 1
iwsInstanceDeathCount 1
iwsInstanceDescription 1
iwsInstanceEntry 1
iwsInstanceId 1
iwsInstanceIndex 1
iwsInstanceInOctets 1
iwsInstanceLoad15MinuteAverage 1
iwsInstanceLoad1MinuteAverage 1
iwsInstanceLoad5MinuteAverage 1
iwsInstanceLocation 1
iwsInstanceNetworkInOctets 1
iwsInstanceNetworkOutOctets 1
iwsInstanceOrganization 1
iwsInstanceOutOctets 1
iwsInstanceRequests 1
iwsInstanceStatus 1
iwsInstanceStatusChange 1
iwsInstanceTable 1
iwsInstanceUptime 1
iwsInstanceVersion 1
iwsKernelTime 1
iwsListenAddress 1
iwsListenEntry 1
iwsListenId 1
iwsListenIndex 1
iwsListenPort 1
iwsListenSecurity 1
iwsListenTable 1
iwsProcessConnectionQueueCount 1
iwsProcessConnectionQueueMax 1
iwsProcessConnectionQueueOverflows 1
iwsProcessConnectionQueuePeak 1
iwsProcessConnectionQueueTotal 1
iwsProcessEntry 1
iwsProcessFractionSystemMemoryUsage 1
iwsProcessId 1
iwsProcessIndex 1
iwsProcessKeepaliveCount 1
iwsProcessKeepaliveMax 1
iwsProcessSizeResident 1
iwsProcessSizeVirtual 1
iwsProcessTable 1
iwsProcessThreadCount 1
iwsProcessThreadIdle 1
iwsThreadPoolIndex 1
iwsThreadPoolTable 1
iwsVsCount200 1
iwsVsCount2xx - 5xx 1
iwsVsCount302 1
iwsVsCount304 1
iwsVsCount400 1
iwsVsCount401 1
iwsVsCount403 1
iwsVsCount404 1
iwsVsCount503 1
iwsVsCountOther 1
iwsVsEntry 1
iwsVsId 1
iwsVsIndex 1
iwsVsInOctets 1
iwsVsOutOctets 1
iwsVsRequests 1
iwsVsTable 1
J
J2EE
application environment entries 1
factory,resource factory 1
initial naming context 1
Java mail sessions 1
JNDI naming services 1
managing resources 1
naming services and resources 1
resources 1
J2EE/Servlet-based Access Control
overview 1
When to use 1
Java
Enabling and disabling Java 1
enabling Java for a particular virtual server 1
Java mail sessions 1
Java Authentication and Authorization Service (JAAS) 1
Java Servlet API 1
JavaServer Pages
overview, how to install 1
JDBC
configuring JDBC resources 1
connection pool 1
connection validation 1
connection validation required 1
table name 1
fail all connections 1
validation method 1
autocommit 1
meta-data 1
table 1
creating a custom resource 1
creating a JDBC resource 1
creating a new JDBC connection pool 1
creating an external resource 1
custom resource 1
data source name 1
datasource 1
guarantee isolation level 1
JDBC API 1
pool name 1
pool settings 1
poolsettings
idle timeout 1
max pool size 1
max wait time 1
pool resize quantity 1
steady pool size 1
translation isolation 1
dirty read 1
read-committed 1
read-uncommitted 1
repeatable-read 1
serializable 1
JDBC connection pool 1
JNDI
about JNDI 1
connection factories 1
JNDI lookups and associated references 1
JNDI naming context 1
naming reference 1
naming references and binding information 1
naming services 1
resource reference name 1
JSP tag specifications 1
JSPs
API reference 1
cache directory 1
deleting version files 1
overview, how to install 1
Web Server requirements for running 1
JVM
configuring Java Virtual Machine settings 1
configuring JVM options 1
configuring JVM path settings 1
configuring the JVM profiler 1
debug options 1
native library path 1
K
keepOldValueWhenRenaming parameter 1
key
definition 1
key database password 1
key pair file
changing password 1
key size restriction (based on PathCheck directive in obj.conf) 1
key-pair file
introduction 1
securing 1
keys
exporting with pk12util 1
importing with pk12util 1
L
l 1
language
default, user entries 1
Language Header, Accept
using 1
Last-modified 1
latin1 1
LDAP
configuring directory services 1
managing users and groups 1
mapping client certificates 1
search results, table of 1
specifying databases in the user interface 1
username and password authentication 1, 2
LDAP directories, and access control 1
LDAP search filter 1
LDAP searches
using certmap.conf 1
ldapmodify
Directory Server command line utility 1
Directory Server utility 1
using to change an attribute value that is not displayed by the group edit form 1
LDIF
adding database entries 1
import and export functions, about 1
libdigest-plugin.ldif 1
libdigest-plugin.lib 1
libnssckbi.sl 1
libnssckbi.so 1
Library 1
licenses
managing 1
Lightweight Directory Access Protocol (LDAP)
managing users and groups 1
Limit 1
LimitExcept 1
list access 1
listen socket
creating via HttpServerAdmin create command 1
enabling security 1
ls1 (the default listen socket) 1
settings, editing 1
table 1
virtual servers 1
listen sockets
selecting the certificate name 1
load-modules 1
LOCK 1
Locking resources
example 1
exclusive locking 1
How Sun ONE Web Server handles locking requests 1
lock management 1
minimum lock timeout 1
shared locking 1
log analyzer
flexanlg, use and syntax 1
running (archive server logs prior to use) 1
running from command line 1
log file location
admin/logs 1
log file, access
viewing 1
log files
2GB size limitation with Linux OS 1
common format for 1
configuring 1
flexible format 1
setting preferences for 1
specifying options 1
log rotation
cron-based 1
internal daemon 1
log, access
location 1
log, error
location 1
log_anly 1
logging
cookie, easy 1
logs
access 1
logs, error
viewing 1
Look Within directory
to display all user entries contained within 1
M
magnus.conf 1
ACLCacheLifetime directive 1
enabling .htaccess 1
global variable settings at start-up 1
security issues 1
tuning thread limit 1
Manage Servers
Server Manager, list of preferences 1
Management Information Base (MIB)
location, Netscape/iPlanet 1
management information base (MIB)
defines managed objects 1
master agent
CONFIG file, editing 1
SNMP 1
SNMP, enabling and starting 1
SNMP, manually configuring 1
SNMP, starting 1
starting on a nonstandard port 1
master agent, SNMP
installing 1
starting 1
MaxProcs 1
MaxThreads 1
MD5, defined 1
member URI 1
memberCertDescriptions 1
memberURL filter 1
memberURLs 1
metric interval 1
MIB
location, Netscape, iPlanet 1
migrating a 4.x server to 6.0 1
MIME
charset parameter 1
octet-stream 1
virtual server settings, configuring 1
-mime 1
MIME (Multi-purpose Internet Mail Extension) types
definition and accessing page 1
MIME types
specifying a default 1
MIME, defined 1
Minimum Lock Timeout 1
MinThreads 1
MKCOL 1
MKDIR 1
MMappedSessionManager 1
modules
PKCS#11, adding 1
modutil
installing PKCS#11 modules 1
MortalityTimeSecs 1
MTA
defined 1
multi-byte data 1
my_stuff
access control 1
N
native SNMP daemon
reconfiguring 1
restarting 1
NativePool 1
navigation
access to Administration Server via URL 1
ndex_page 1
netscape-http.mib
managed objects and descriptions 1
network management station (NMS) 1
NIS, defined 1
NMS-initiated communication 1
NNTP
defined 1
nobody user account 1
nonce 1
not 1
nsfc.conf
file cache settings 1
nssckbi.dll 1
NTFS file system
password protection 1
O
o 1
default authentication 1
referencing ACL files 1
removing styles 1
set up SAFs for using quality of service 1
virtual servers 1
octet-stream 1
OpenView, HP network management software
user with SNMP 1
operators
attribute expressions 1
or 1
order 1
organizational units
creating 1
deleting 1
editing 1
finding 1
renaming 1
organizationalPerson, object class 1
ou 1
owners
managing 1
P
password file 1
loading on startup 1
password protection
NTFS file system 1
password, user
to change or create 1
passwords
guidelines for creating 1
key size restriction 1
performance
using quality of service 1
person, object class 1
pk12util
exporting certificates and keys 1
importing certificates and keys 1
PKCS#11
exporting certificates and keys with pk12util 1
importing certificates and keys with pk12util 1
installing using modutil 1
module, adding 1
pool parameter 1
ports
security and 1
ports (under 1024)
no need to specify server user 1
PR_Recv()/net_read 1
PR_Send()/net_write 1
PR_TransmitFile 1
pragma no-cache 1
preferences, log
setting 1
primary document directory, setting 1
primary document directory, setting (document root) 1
Programmatic login 1
server.policy file 1
Programmatic security 1
programs
access control 1
CGI
how to store on server 1
properties
custom, creating 1
PROPFIND 1
PROPPATCH 1
protocol data units (PDUs) 1
PROTOCOL_FORBIDDEN 1
proxy agent, SNMP 1
installing 1
starting 1
proxy SNMP agent 1
installing 1
starting 1
public directories
configuring 1
public directories (Unix)
customizing 1
public information directories
using configuration styles to control access 1
Public Key Cryptography Standard (PKCS)#11
module, adding 1
