Chapter 2
Configuration Files
Configuration files control how iPlanet Web Server operates. This appendix summarizes the Purpose, Location, and Contents or Syntax of each configuration file, then briefly describes all directives or parameters allowed in the file (if any) in a table. Cross references are listed after See Also headings when other manuals describe some of the directives or parameters in more detail.
For information about configuration file changes since iPlanet Web Server 4.x, see Appendix A "Configuration Changes Between iWS 4.x and 6.0."
The following configuration files are described in alphabetical order:
backups.conf
Purpose
Tracks backups of configuration files.
Location
server_root/https-admserv/conf_bk
server_root/https-server_id/conf_bk
Syntax
file:path_to_backup:version:timestamp:original_path
...
backup_version_history
...
Contents
backups.conf:Version 4.0
https-admserv.acl:httpacl/genwork.https-admserv.acl:2:952103058:httpacl/genwork.https-admserv.acl
magnus.conf:https-admserv/conf_bk/magnus.conf:2:952103070:https-admserv/config/magnus.conf
obj.conf:https-admserv/conf_bk/obj.conf:2:952103060:https-admserv/config/obj.conf
mime.types:https-admserv/conf_bk/mime.types:2:952103060:https-admserv/config/mime.types
jvm12.conf:https-admserv/conf_bk/jvm12.conf:2:952103068:https-admserv/config/jvm12.conf
servlets.properties:https-admserv/conf_bk/servlets.properties:2:952103068:https-admserv/config/servlets.properties
contexts.properties:https-admserv/conf_bk/contexts.properties:2:952103068:https-admserv/config/contexts.properties
rules.properties:https-admserv/conf_bk/rules.properties:2:952103068:https-admserv/config/rules.properties
952103058:https-admserv.acl/1::
952103060:https-admserv.acl/1:magnus.conf/1::
952103060:https-admserv.acl/1:magnus.conf/1:obj.conf/1::
952103060:https-admserv.acl/1:magnus.conf/1:obj.conf/1:mime.types/1::
952103068:https-admserv.acl/1:magnus.conf/1:obj.conf/1:mime.types/1:jvm12.conf/1::
952103068:https-admserv.acl/1:magnus.conf/1:obj.conf/1:mime.types/1:jvm12.conf/1:servlets.properties/1::
952103068:https-admserv.acl/1:magnus.conf/1:obj.conf/1:mime.types/1:jvm12.conf/1:servlets.properties/1:
contexts.properties/1::
952103068:https-admserv.acl/1:magnus.conf/1:obj.conf/1:mime.types/1:jvm12.conf/1:servlets.properties/1:
contexts.properties/1:rules.properties/1::
952103068:https-admserv.acl/2:magnus.conf/2:obj.conf/2:mime.types/2:jvm12.conf/2:servlets.properties/2:
contexts.properties/2:rules.properties/2::Added ExtraPath for Java.--EOF--
Table 2-1 backup.conf
|
Item
|
Description
|
|
file
|
The name of the file for which backups are made. Examples are server.xml, obj.conf, and so on.
|
|
path_to_backup
|
The path to the backup of the file.
|
|
version
|
The version of the file.
|
|
timestamp
|
The timestamp of the backup.
|
|
original_path
|
The path to the file that is backed up.
|
|
backup_version_history
|
A version history listing for the files.
|
certmap.conf
Purpose
Configures how a certificate, designated by name, is mapped to an LDAP entry, designated by issuerDN.
Location
server_root/bin/https/install/misc
server_root/userdb
Syntax
certmap name issuerDN
name:property1 [value1]
name:property2 [value2]
...
The default certificate is named default, and the default issuerDN is also named default. Therefore, the first certmap defined in the file must be as follows:
certmap default default
You can use # at the beginning of a line to indicate a comment.
See Also
iPlanet Web Server Administrator's Guide
Table 2-2 certmap.conf
|
Property
|
Allowed Values
|
Default Value
|
Description
|
|
DNComps
|
See
Description
|
Commented out
|
Used to form the base DN for performing an LDAP search while mapping the cert to a user entry. Values are as follows:
Commented out: takes the user's DN from the cert as is.
Empty: searches the entire LDAP tree (DN == suffix).
Comma separated attributes: forms the DN.
|
|
FilterComps
|
See Description
|
Commented out
|
Used to form the filter for performing an LDAP search while mapping the cert to a user entry. Values are as follows:
|
|
verifycert
|
on or off
|
off
(commented out)
|
Specifies whether certificates are verified.
|
|
CmapLdapAttr
|
LDAP attribute name
|
certSubjectDN
(commented out)
|
Specifies the name of the attribute in the LDAP database that contains the DN of the certificate.
|
|
library
|
Path to shared lib or dll
|
None
|
Specifies the library path for custom certificate mapping code.
|
|
InitFn
|
Name of initialization function
|
None
|
Specifies the initialization function in the certificate mapping code referenced by library.
|
cjava.properties
Purpose
Defines servlet and JVM error messages.
Location
server_root/bin/https/res
Syntax
error = message
Errors are not listed here because you should not edit them. You can edit the messages, but this is not recommended.
cluster.xml
Purpose
Defines a cluster of servers for backups and failover in a server farm. This file is present only if at least one cluster has been defined.
Location
server_root/https-admserv/config
Syntax
Most of the file has the following basic XML syntax, with nested elements:
<ELEMENT attribute="value" attribute="value" ... >
<SUBELEMENT attribute="value" attribute="value" ... />
</ELEMENT>
In Table 2-3, elements are in bold to distinguish them from attributes.
See Also
iPlanet Web Server Administrator's Guide
Table 2-3 cluster.xml
|
Element/Attribute
|
Allowed Subelements or Values
|
Description
|
|
CLUSTER
|
MASTER
|
Defines a cluster of web servers.
|
|
id
|
A text string
|
The ID of the cluster.
|
|
MASTER
|
SLAVE
|
Defines the master server in the cluster.
|
|
id
|
A text string
|
The ID of the master.
|
|
hostname
|
Usually the server_id
|
The host name of the master.
|
|
adminport
|
|
The administration port of the master.
|
|
instance
|
https-server_id
|
The name of the server instance on the master.
|
|
SLAVE
|
(none)
|
Defines a slave server in the cluster.
|
|
id
|
A text string
|
The ID of the slave.
|
|
hostname
|
Usually the server_id
|
The host name of the slave.
|
|
adminport
|
|
The administration port of the slave.
|
|
instance
|
https-server_id
|
The name of the server instance on the slave.
|
|
protocol
|
http, https
|
The protocol used for communication with the client.
|
|
substitute
|
A master or slave id or null
|
The ID of a substitute server if this server is down.
|
contexts.properties
Purpose
Provided for backward compatibility with iPlanet Web Server 4.x. Using web-apps.xml instead to configure servlets is recommended.
Defines contexts, which allow multiple servlets to exchange data and access each other's fields. Contexts are useful for defining virtual servers or for code isolation. The default context is global. In iPlanet Web Server 6.0, supported for the default virtual server only.
Location
server_root/https-admserv/config
server_root/https-admserv/conf_bk
server_root/https-server_id/config
server_root/https-server_id/conf_bk
Syntax
context.context_name.property=value
Table 2-4 lists the properties and their possible values.
See Also
Programmer's Guide to Servlets for iPlanet Web Server
The server.xml and web-apps.xml files
Appendix A "Configuration Changes Between iWS 4.x and 6.0"
The Servlet 2.2 API specification at:
http://java.sun.com/products/servlet/index.html
Table 2-4 contexts.properties
|
Property
|
Allowed Value(s)
|
Default Value
|
Description
|
|
sessionmgr
|
A session manager object
|
com.iplanet.
server.http.
session.
IWSSessionMan-ager
(all on one line, no dash)
|
The name of the session manager for the context. Some session managers, such as MMapSessionManager, can only be instantiated once within the server.
|
|
sessionmgr.initArgs
|
Comma separated name=value pairs
|
Depends on session manager
|
A list of parameters specific to the session manager. For more information, see the Programmer's Guide to Servlets for iPlanet Web Server.
|
|
initArgs
|
Comma separated name=value pairs
|
initial=0
|
A list of additional context attributes.
|
|
respondCookieVersion
|
A cookie version number
|
0
|
Tells the server whether to respond with a specific cookie version.
|
|
tempDir
|
A path
|
/tmp
|
Sets up the Servlet API 2.2 property for the temporary directory. Use forward slashes only.
|
|
reloadInterval
|
Number of seconds
|
5
|
The time interval within which the server checks for JSP and servlet files being modified. Applies to the global context only.
|
|
bufferSize
|
Number of bytes
|
4096
|
The initial HTTP output stream buffer size.
|
|
docRoot
|
A path with forward slashes
|
Web server's document root
|
The document root for the context. If docRoot is not specified, the web server's document root is used.
|
|
inputStreamLengthCheck
|
true, false
|
true
|
Tells a ServletInputStream to stop reading data when Content-Length number of bytes are read.
|
|
outputStreamFlushTimer
|
Number of seconds
|
0
|
Forces the stream to flush the data if the specified number of seconds has elapsed since the last flush. If set to 0, this property is ignored.
|
|
uri
|
A URI
|
/
|
An additional URI prefix which serves as a context base.
|
|
authdb
|
A database name
|
default
|
The name of the authentication database. This database must also be defined in the server.xml file in the database attribute of a USERDB element, and in the dbswitch.conf file.
|
|
classpath
|
A path
|
|
The global classpath for this context.
|
|
singleClassLoader
|
true, false
|
false
|
Tells the servlet engine whether to use a single class loader for all servlets in the context.
|
|
serverName
|
A server instance name
|
|
Used to specify the server instance that runs the servlets in the context.
|
|
contentTypeIgnoreFromSSI
|
true, false
|
true
|
Ignores setContentType when invoked from SSI if true.
|
|
parameterEncoding
|
none, auto, responseCT, or a specific encoding such as utf8 or Shift_JIS
|
auto
|
Advises the web server on how to decode parameters from forms:
encoding: uses the specified encoding.
none: uses the system default encoding.
auto: tries to figure out the encoding from, in order, 1) the charset , 2) the parameterEncoding attribute, then 3) a hidden form field, such as j_encoding. Otherwise same as none.
responseCT: tries to figure out the encoding from the response content type if it is available, otherwise, same as none.
|
|
isModifiedCheckAggressive
|
true, false
|
false
|
Determines whether the servlet loader aggressively checks dependencies to reload modified servlets.
|
cron.conf
Purpose
Allows you to program the server to perform maintenance activities at regular intervals, such as back up log files. The ns-cron.conf file controls whether or not the cron.conf file is activated.
Location
server_root/https-admserv/config
Syntax
<Object name=name>
Command "command"
User user
Time nn:nn
Days day day ...
</Object>
The following is an example of a cron.conf file that manages log rotation.
<Object name=https-server_id_rotatelg0>
Command "server_root/bin/https/httpadmin/bin/rotlog https-server_id"
User LocalSystem
Time 03:00
Days Sun Mon Tue Wed Thu Fri Sat
</Object>
Table 2-5 cron.conf
|
Directive
|
Allowed Values
|
Description
|
|
name
|
|
An object name for the maintenance activity.
|
|
Command
|
|
The command or script that performs the maintenance activity. This can be any command or executable file.
|
|
User
|
|
The name of the system user.
|
|
Time
|
A 24-hour time
|
The time of day at which the activity takes place.
|
|
Days
|
Sun, Mon, Tue, Wed, Thu, Fri, Sat
|
The days of the week on which the activity takes place.
|
dbswitch.conf
Purpose
Specifies the LDAP directory that iPlanet Web Server uses.
Location
server_root/userdb
Syntax
directory name LDAP_URL
name:property1 [value1]
name:property2 [value2]
...
The default contents of this file are as follows:
directory default null:///none
Edit the file as follows for anonymous binding over SSL:
directory default ldaps://directory.netscape.com:636:/dc%3Dcom
Edit the file as follows for anonymous binding not over SSL:
directory default ldap://directory.netscape.com:389:/dc%3Dcom
See Also
NSAPI Programmer's Guide for iPlanet Web Server, Chapter 8
Table 2-6 dbswitch.conf
|
Property
|
Allowed Values
|
Default Value
|
Description
|
|
nsessions
|
A positive integer
|
8
|
The number of LDAP connections for the database.
|
|
dyngroups
|
off, on, recursive
|
on
|
Determines how dynamic groups are handled. If off, dynamic groups are not supported. If on, dynamic groups are supported. If recursive, dynamic groups can contain other groups.
|
|
binddn
|
A valid DN
|
|
The DN used for connecting to the database. If both binddn and bindpw are not present, binding is anonymous.
|
|
bindpw
|
|
|
The password used for connecting to the database. If both binddn and bindpw are not present, binding is anonymous.
|
|
dcsuffix
|
A valid DN (relative to the LDAP URL)
|
(none)
|
If present, the default value of the base DN for the request's virtual server is determined by a DC tree search of the connection group's servername attribute, starting at the dcsuffix DN. Otherwise, the default value of the base DN is the base DN value in the LDAP URL.
The basedn attribute of a USERDB element in the server.xml file overrides this value.
|
|
digestauth
|
off, on
|
off
|
Specifies whether the database can do digest authentication. If on, a special Directory Server plugin is required. For information about how to install this plugin, see the iPlanet Web Server Administrator's Guide.
|
iwsstats.xml
Purpose
Reports server performance statistics. Configured via the stats-xml SAF in obj.conf, and present only if this SAF is used. This file is intended to be read but not modified.
Location
Located here, dynamically generated:
server_root/https-server_id/stats-xml/iwsstats.xml
You can view it here:
http://server_id:port/stats-xml/iwsstats.xml
Syntax
The file has the following basic XML syntax, with nested elements:
<ELEMENT attribute="value" attribute="value" ... >
<SUBELEMENT attribute="value" attribute="value" ... />
</ELEMENT>
In Table 2-7, elements are in bold to distinguish them from attributes.
See Also
NSAPI Programmer's Guide for iPlanet Web Server, Chapter 3
Table 2-7 iwsstats.xml
|
Element/Attribute
|
Subelements or Values
|
Description
|
|
stats
|
server
|
The top-level statistics element. All stats-xml statistics information is contained within this element.
|
|
enabled
|
0 (off), 1 (on)
|
Indicates whether statistics collection is enabled (on).
|
|
versionMajor
|
|
The major version of the statistics format. In this version of iPlanet Web Server, the value is frozen at 1.
|
|
versionMinor
|
|
The minor version of the statistics format.
|
|
server
|
connection-queue, thread-pool, profile, process, virtual-server
|
Describes a server instance.
|
|
id
|
|
The server instance ID (for example https-www.iplanet.com).
|
|
versionServer
|
|
A string describing the iPlanet Web Server version (for example iPlanet-WebServer-Enterprise/6.0 B1-12/20/2000 13:56 (SunOS DOMESTIC)).
|
|
timeStarted
|
A number of seconds after 00:00:00 1/1/1970
|
The time this server instance was started.
|
|
secondsRunning
|
|
The number of seconds since this server instance started.
|
|
ticksPerSecond
|
|
The number of ticks in a second. This value is system-dependent.
|
|
maxProcs
|
|
The maximum number of processes.
|
|
maxThreads
|
|
The maximum number of request processing threads.
|
|
maxVirtualServers
|
|
The maximum number of virtual servers tracked.
|
|
flagProfilingEnabled
|
0 (off), 1 (on)
|
Indicates whether NSAPI performance profiling is enabled (on).
|
|
flagVirtualServer
Overflow
|
0 (no), 1 (yes)
|
Indicates whether more than maxVirtualServers are configured (yes). If this attribute is set to 1, statistics are not being tracked for all virtual servers.
|
|
connection-queue
|
(none)
|
Describes a connection queue (the queue in which requests are enqueued prior to being serviced). There is only one connection queue in iPlanet Web Server 6.0. Subsequent versions may introduce multiple connection queues.
|
|
id
|
|
The connection queue ID.
|
|
thread-pool
|
(none)
|
Describes a thread pool as defined in the magnus.conf file.
|
|
id
|
|
The thread pool ID.
|
|
name
|
|
The symbolic name of the thread pool.
|
|
profile
|
(none)
|
Describes an NSAPI performance profile bucket as defined in the magnus.conf file.
|
|
id
|
|
The NSAPI performance profile bucket ID.
|
|
name
|
|
The symbolic name of the NSAPI performance profile bucket.
|
|
description
|
|
The description of the NSAPI performance profile bucket.
|
|
process
|
connection-queue-
bucket, thread-pool-bucket, dns-bucket, keepalive-bucket, cache-bucket, thread
|
Describes a single server process within a server instance.
|
|
pid
|
|
The operating system process identifier that uniquely identifies this process.
|
|
mode
|
unknown, active
|
Displays active when this process is active.
|
|
timeStarted
|
A number of seconds after 00:00:00 1/1/1970
|
The time this process was started.
|
|
countConfigurations
|
|
The number of times a configuration has been loaded, or 0 if this information is not available.
|
|
connection-queue-bucket
|
(none)
|
Tracks statistics pertaining to a specific connection-queue.
|
|
connection-queue
|
|
The ID of a connection-queue element.
|
|
countTotalConnections
|
|
The total number of new connections that have been accepted.
|
|
countQueued
|
|
The number of connections currently enqueued.
|
|
peakQueued
|
|
The largest number of connections that have been in the queue simultaneously.
|
|
maxQueued
|
|
The maximum number of connections that can be in the queue.
|
|
countOverflows
|
|
The number of times the queue has been too full to accommodate a connection.
|
|
countTotalQueued
|
|
The total number of connections that have been queued. A given connection may be queued multiple times, so countTotalQueued may be greater than or equal to countTotalConnections.
|
|
ticksTotalQueued
|
A tick is a system-dependent unit of time; see ticksPerSecond
|
The total number of ticks connections have spent in the queue.
|
|
thread-pool-bucket
|
(none)
|
Tracks statistics pertaining to a specific thread-pool.
|
|
thread-pool
|
|
The ID of a thread-pool element.
|
|
countThreadsIdle
|
|
The number of request processing threads currently idle.
|
|
countThreads
|
|
The number of request processing threads.
|
|
maxThreads
|
|
The maximum number of request processing threads that can exist concurrently.
|
|
countQueued
|
|
The number of requests queued for processing by this thread pool.
|
|
peakQueued
|
|
The largest number of requests that have been in the queue simultaneously.
|
|
maxQueued
|
|
The maximum number of requests that can be in the queue.
|
|
dns-bucket
|
(none)
|
Tracks DNS (Domain Name System) statistics.
|
|
flagCacheEnabled
|
0 (off), 1 (on)
|
Indicates whether the DNS cache is enabled (on).
|
|
countCacheEntries
|
|
The number of DNS entries presently in the cache.
|
|
maxCacheEntries
|
|
The maximum number of DNS entries the cache can accommodate.
|
|
countCacheHits
|
|
The number of times a DNS cache lookup has succeeded.
|
|
countCacheMisses
|
|
The number of times a DNS cache lookup has failed.
|
|
flagAsyncEnabled
|
0 (off), 1 (on)
|
Indicates whether asynchronous DNS lookups are enabled (on).
|
|
countAsyncNameLookups
|
|
The total number of asynchronous DNS name lookups performed.
|
|
countAsyncAddrLookups
|
|
The total number of asynchronous DNS address lookups performed.
|
|
countAsyncLookups
InProgress
|
|
The number of asynchronous DNS lookups currently in progress.
|
|
keepalive-bucket
|
(none)
|
Tracks keepalive (persistent connection) statistics.
|
|
countConnections
|
|
The number of connections currently in keepalive mode.
|
|
maxConnections
|
|
The maximum number of simultaneous keepalive connections.
|
|
countHits
|
|
The total number of times connections in keepalive mode have subsequently made a valid request.
|
|
countFlushes
|
|
The number of times keepalive connections have been closed by the server.
|
|
secondsTimeout
|
|
The number of seconds before the server closes an idle keepalive connection.
|
|
cache-bucket
|
(none)
|
Tracks file cache (NSFC) statistics.
|
|
flagEnabled
|
0 (off), 1 (on)
|
Indicates whether the file cache is enabled (on).
|
|
secondsMaxAge
|
Number of seconds
|
The maximum age of a file cache entry.
|
|
countEntries
|
|
The number of entries currently in the file cache.
|
|
maxEntries
|
|
The maximum number of cache entries the file cache can accommodate simultaneously.
|
|
countOpenEntries
|
|
The number of entries associated with an open file.
|
|
maxOpenEntries
|
|
The maximum number of cache entries associated with an open file that the file cache can accommodate simultaneously.
|
|
sizeHeapCache
|
Number of bytes
|
The amount of heap used by cached file content.
|
|
maxHeapCacheSize
|
Number of bytes
|
The maximum amount of heap the file cache uses for cached file content.
|
|
sizeMmapCache
|
Number of bytes
|
The amount of address space used by memory mapped file content.
|
|
maxMmapCacheSize
|
Number of bytes
|
The maximum amount of address space that the file cache uses for memory mapped file content.
|
|
countHits
|
|
The number of times a cache entry lookup has succeeded.
|
|
countMisses
|
|
The number of times a cache entry lookup has failed.
|
|
countInfoHits
|
|
|
Previous
Contents
Index
DocHome
Next