NonStop Servlets for JavaServer Pages (NSJSP) 7.0 System Administrator’s Guide Abstract NonStop™ Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs) that are platform-independent server-side programs, which programmatically extend the functionality of web-based applications by providing dynamic content from a web server to a client browser over the HTTP protocol. Product Version For 64-bit support, NonStop Servlets for JavaServer Pages 7.
Document History Part Number Product Version Published 674372-001 NonStop Servlets for JavaServer Pages 7.0 (T1222H70) December 2011 674372-002 NonStop Servlets for JavaServer Pages 7.0 (T1222H70) March 2012 674372-003 NonStop Servlets for JavaServer Pages 7.0 (T1222H71) February 2013 674372-004 NonStop Servlets for JavaServer Pages 7.0 (T1222H71) June 2013 674372-005 NonStop Servlets for JavaServer Pages 7.
Legal Notices Copyright 2014 Hewlett-Packard Development Company L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
NonStop Servlets for JavaServer Pages (NSJSP) 7.0 System Administrator’s Guide Glossary Index Examples Figures Legal Notices What’s New in This Manual xv Manual Information xv New and Changed Information xv About This Manual xvii Who Should Read This Guide xvii Organization of This Guide xviii Related Manuals xix Online Resources xxi Notation Conventions xxii Abbreviations xxvii HP Encourages Your Comments xxx 1.
Contents 3.
Contents 5. Logging in NSJSP Persisting Changes to the server.
Contents 6. Debugging NSJSP 6. Debugging NSJSP Debugging using Java Debugger tool 6-1 Debugging using Eclipse platform 6-2 7. Migrating to NSJSP 7.0 Comparison of NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 7-1 Comparing Installation Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 7-1 Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 7-4 Comparing Management Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 7-11 Comparing Logging Infrastructure in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.
A. MBeans in the NSJSP Container Contents Configuring the Java Security Manager 8-35 Starting NSJSP with the Java Security Manager 8-38 Securing NSJSP Resources Using the permissions Directive Package Protection in NSJSP 8-41 Troubleshooting the Java Security Manager 8-42 Manager Web Application and NSJSP Manager Security 8-42 Using Realms to Implement Security 8-43 Monitoring Server Classes and Hosts 8-43 8-39 A.
Contents Example 3-10. Example 3-11. Example 3-12. Example 3-13. Example 3-14. Example 3-15. Example 3-16. Example 3-17. Example 3-18. Example 3-19. Example 3-20. Example 3-21. Example 3-22. Example 3-23. Example 3-24. Example 3-25. Example 3-26. Example 3-27. Example 3-28. Example 3-29. Example 3-30. Example 3-31. Example 3-32. Example 3-33. Example 3-34. Example 3-35. Example 3-36. Example 3-37. Example 3-38. Example 3-39. Example 3-40. Example 3-41.
Contents Example 3-42. Example 3-43. Example 3-44. Example 3-45. Example 3-46. Example 3-47. Example 3-48. Example 3-49. Example 3-50. Example 3-51. Example 3-52. Example 3-53. Example 3-54. Example 3-55. Example 3-56. Example 3-57. Example 3-58. Example 3-59. Example 3-60. Example 3-61. Example 3-62. Example 3-63. Example 3-64. Example 3-65. Example 3-66. Example 3-67. Example 3-68. Example 3-69. Example 3-70. Example 3-71. Example 3-72. Example 3-73.
Contents Example 3-74. Example 3-75. Example 3-76. Example 3-77. Example 3-78. Example 8-1. Example 8-2. Example 8-3. Example 8-4. Example 8-5. Example 8-6. Example 8-7. Example 8-8. Example 8-9. Example 8-10. Example 8-11. Example 8-12. Example 8-13. Example B-1.
Contents Figure 3-2. Figure 3-3. Figure 3-4. Figure 3-5. Figure 3-6. Figure 4-1. Figure 4-2. Figure 4-3. Figure 4-4. Figure 4-5. Figure 4-6. Figure 4-7. Figure 4-8. Figure 4-9. Figure 4-10. Figure 4-11. Figure 4-12. Figure 4-13. Figure 4-14. Figure 4-15. Figure 4-16. Figure 4-17. Figure 4-18. Figure 4-19. Figure 4-20. Figure 4-21. Figure 4-22. Figure 4-23. Figure 4-24. Figure 4-25. Figure 4-26. Figure 4-27. Figure 4-28. Figure 4-29. Figure 4-30. Figure 4-31.
Figures Contents Figure 4-32. Figure 4-33. Figure 4-34. Figure 4-35. Figure 4-36. Figure 4-37. Figure 4-38. Figure 4-39. Figure 4-40. Figure 4-41. Figure 4-42. Figure 4-43. Figure 4-44. Figure 4-45. Figure 4-46. Figure 4-47. Figure 4-48. Figure 4-49. Figure 4-50. Figure 4-51. Figure 4-52. Figure 4-53. Figure 4-54. Figure 4-55. Figure 4-56. Figure 4-57. Figure 4-58. Figure 4-59. Figure 4-60. Figure 4-61. Figure 4-62. Figure 4-63. Figure 4-64. Figure 4-65. Figure 4-66. Figure 4-67. Figure 4-68. Figure 4-69.
Tables Contents Figure 4-71. Figure 4-72. Figure 4-73. Figure 4-74. Figure 5-1. Figure 7-1. Figure 7-2. Figure 7-3. Figure 8-1. Figure 8-2. Figure 8-3. Figure 8-4. Figure A-1. Figure A-2. Figure A-3. Figure A-4. Figure A-5. Figure A-6. NSJSP Manager Supporting Multiple Hosts 4-137 Multiple NSJSP Installations 4-138 NSJSP in a Pathway Domain 4-139 NSJSP Manager 4-140 Logging Work Flow 5-4 Sample conf Directory Created After NSJSP 6.1 Installation 7-23 Sample conf Directory Contents After NSJSP 7.
Tables Contents Table 3-17. Table 3-18. Table 3-19. Table 3-20. Table 3-21. Table 4-1. Table 4-2. Table 4-3. Table 4-4. Table 4-5. Table 4-6. Table 4-7. Table 4-8. Table 4-9. Table 4-10. Table 4-11. Table 4-12. Table 4-13. Table 4-14. Table 4-15. Table 4-16. Table 4-17. Table 4-18. Table 4-19. Table 4-20. Table 4-21. Table 4-22. Table 4-23. Table 4-24. Table 4-25. Table 4-26. Table 4-27. Table 4-28. Table 4-29. Table 4-30. Table 4-31. Table 4-32.
Tables Contents Table 4-33. Table 4-34. Table 4-35. Table 4-36. Table 4-37. Table 4-38. Table 4-39. Table 4-40. Table 4-41. Table 4-42. Table 4-43. Table 4-44. Table 4-45. Table 4-46. Table 4-47. Table 4-48. Table 5-1. Table 5-2. Table 5-3. Table 5-4. Table 5-5. Table 5-6. Table 5-7. Table 5-8. Table 5-9. Table 7-1. Table 7-2. Table 7-3. Table 7-4. Table 7-5. Table 7-6. Table 7-7. Table 7-8. Table 7-9. Table 7-10. Table 7-11.
Contents Table 7-12. Table 8-1. Table 8-2. Table 8-3. Table 8-4. Table 8-5. Table 8-6. Table 8-7. Table 8-8. Table 8-9. Table 8-10. Table A-1. Table A-2. Table A-3. Table A-4. Table A-5. Prerequisites of NSJSP 6.1 and NSJSP 7.
What’s New in This Manual Manual Information NonStop Servlets for JavaServer Pages (NSJSP) 7.0 System Administrator’s Guide Abstract NonStop™ Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs) that are platform-independent server-side programs, which programmatically extend the functionality of web-based applications by providing dynamic content from a web server to a client browser over the HTTP protocol.
What’s New in This Manual New and Changed Information Changes to 674372-003 Updated the manual with 64-bit information for NonStop platform. NonStop Servlets for JavaServer Pages (NSJSP) 7.
About This Manual This guide describes the architecture of NSJSP 7.0, procedures for installing, updating, and removing NSJSP 7.0 and NSJSP Manager, the management tasks you can perform using the NSJSP Manager, how to configure NSJSP, logging functionality in NSJSP, a comparison of NSJSP 6.0, 6.1 and 7.0, considerations before migrating user applications from NSJSP 6.0 or NSJSP 6.1 to NSJSP 7.0, and application security and considerations for securing data transfer from a web browser to the web server.
Organization of This Guide About This Manual Organization of This Guide Chapter Description 1, Introduction to NSJSP Provides an overview of the NSJSP product. This chapter also describes the NSJSP architecture and its features. 2, Installing NSJSP Provides the procedures to install, verify, and remove NSJSP and the NSJSP Manager. This chapter also lists the modifications made to support multiple NSJSP installations. 3, Configuring NSJSP Describes the files for configuring NSJSP in detail.
Related Manuals About This Manual Related Manuals NonStop Servlets for JavaServer Pages (NSJSP) Manuals For information about the features of the NonStop Servlets for JavaServer Pages (NSJSP) 7.0, see NonStop Servlets for JavaServer Pages (NSJSP) 7.0System Administrator’s Guide. iTP manuals For more information specific to the iTP Secure WebServer environment, see: iTP Secure WebServer System Administrator’s Guide describes how to install, configure, and manage the iTP Secure WebServer.
Open System Services (OSS) Manuals About This Manual Open System Services (OSS) Manuals For information specific to the OSS environment, see: Open System Services User’s Guide describes the Open System Services (OSS) environment: the shell, file-system, and user commands. Open System Services Installation Guide describes how to install and configure the HP NonStop Kernel OSS environment.
NonStop SQL Manuals About This Manual NonStop SQL Manuals For information specific to the NonStop SQL environment, see: SQL/MP Reference Manual describes NonStop SQL/MP, the HP relational database management system that uses SQL to describe and manipulate data in a NonStop SQL/MP database. The manual includes information about SQLCI, the conversational interface to NonStop SQL/MP.
About This Manual Notation Conventions HyperText Transfer Protocol (HTTP) references: http://www.w3.org/Protocols/rfc2616/rfc2616.txt Common Gateway Interface (CGI) references: http://hoohoo.ncsa.uiuc.edu/cgi Tomcat 7.0 Documentation: http://tomcat.apache.org/tomcat-7.0-doc/index.html Java Servlet Specification Version 2.5: http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index2.html JavaServer Pages API Specification Version 2.1: http://jcp.
About This Manual General Syntax Notation [ ] Brackets. Brackets enclose optional syntax items. For example: TERM [\system-name.]$terminal-name INT[ERRUPTS] A group of items enclosed in brackets is a list from which you can choose one item or none. The items in the list can be arranged either vertically, with aligned brackets on each side of the list, or horizontally, enclosed in a pair of brackets and separated by vertical lines. For example: FC [ num ] [ -num ] [ text ] K [ X | D ] address { } Braces.
Notation for Messages About This Manual Item Spacing. Spaces shown between items are required unless one of the items is a punctuation symbol such as a parenthesis or a comma. For example: CALL STEPMOM ( process-id ) ; If there is no space between two items, spaces are not permitted. In this example, no spaces are permitted between the period and any other items: $process-name.#su-name Line Spacing.
Notation for Messages About This Manual Bold Text. Bold text in an example indicates user input typed at the terminal. For example: ENTER RUN CODE ?123 CODE RECEIVED: 123.00 The user must press the Return key after typing the input. Nonitalic text. Nonitalic letters, numbers, and punctuation indicate text that is displayed or returned exactly as shown. For example: Backup Up. lowercase italic letters. Lowercase italic letters indicate variable items whose values are displayed or returned.
About This Manual Notation for Messages % Percent Sign. A percent sign precedes a number that is not in decimal notation. The % notation precedes an octal number. The %B notation precedes a binary number. The %H notation precedes a hexadecimal number. For example: %005400 %B101111 %H2F P=%p-register E=%e-register NonStop Servlets for JavaServer Pages (NSJSP) 7.
About This Manual Notation for Management Programming Interfaces Notation for Management Programming Interfaces This list summarizes the notation conventions used in the boxed descriptions of programmatic commands, event messages, and error lists in this manual. UPPERCASE LETTERS. Uppercase letters indicate names from definition files. Type these names exactly as shown. For example: ZCOM-TKN-SUBJ-SERV lowercase letters.
About This Manual Abbreviations Abbreviations This list defines abbreviations and acronyms used in this guide. Both industry-standard terms and HP terms are included. AWT. Abstract Windowing Toolkit ARPA. Advanced Research Project Agency ATP. Active Transaction Pages BSD. Berkeley Software Distribution C. Country CA. Certificate Authority CBC. Cipher Block Chaining CCITT. Consultative Committee for International Telegraph and Telephone CGI. Common Gateway Interface CN. Common Name CWD.
About This Manual Abbreviations HTML. HyperText Markup Language HTTP. HyperText Transfer Protocol HTTPD. HyperText Transfer Protocol Daemon IEEE. Institute of Electrical and Electronics Engineers IEN. Internet Engineering Note IP. Internet Protocol ISV. installation subvolume J2EE. Java 2 Enterprise Edition JAR. Java Archive Tool JDBC. Java DataBase Connectivity JDK. Java Development Kit JIT. Just-In-Time (Java compiler) JNDI. Java Naming and Directory Interface JNI. Java Native Interface JSP.
About This Manual Abbreviations NCSA. National Center for Supercomputing Applications NSJ. NonStop Java NSJSP. NonStop Servlets for JavaServer Pages O. Organization OLTP. Online Transaction Processing OSS. Open System Services OU. Organizational Unit PAID. Process Accessor ID PCT. Private Communication Technology PDF. Portable Document Format PEM. Privacy Enhanced Message PKS. Public Key Certificate Standard PPP. Point to Point Protocol QIO. Queued Input Output RFC. Request for Comments RLS.
About This Manual HP Encourages Your Comments SSI. Server Side Include SSL. Secure Sockets Layer ST. State TACL. Tandem Advanced Command Language TAL. Transaction Application Language Tcl. Tool Command Language Tcl/CGI. Tool Command Language/Common Gateway Interface TCP/IP. Transmission Control Protocol/Internet Protocol TS/MP. Transaction Services/Massively Parallel URI. Uniform Resource Identifier URL. Uniform Resource Locator WAR. Web Application Archive WID. WebSafe2 Interface Driver WISP.
About This Manual HP Encourages Your Comments NonStop Servlets for JavaServer Pages (NSJSP) 7.
1 Introduction to NSJSP This chapter describes NonStop Servlets for JavaServer Pages (NSJSP), its components, and its architecture. To understand NSJSP, prior knowledge of the following topics is required: Java Servlets and JavaServer Pages (JSP) A Java Servlet is a programming object that runs in a server application. It receives client requests, processes them, and generates responses. For more information on the Java Servlet 3.0 specification, see http://jcp.
Introduction to NSJSP Overview Overview NSJSP is a Java Servlets and JavaServer Pages (JSP) container available on HP NonStop operating systems. A servlet container provides an environment in which you can deploy, execute, and manage web applications based on servlets or JSPs. NSJSP is written in Java, and it offers a standards-based environment to host Java Servlet and JSP applications. NSJSP Product The NSJSP architecture is derived from the Apache Tomcat servlet container.
Introduction to NSJSP Installing NSJSP An implementation of the Java Servlets 3.0 and JSP 2.2 specifications. A platform to host applications developed using the Java Open Source frameworks, including: MyFaces - An Apache implementation of JavaServer Faces (JSF) Hibernate - A popular (Object Relational Mapping) ORM solution for database access. Apache Axis2 - An open source web services engine and framework.
Installing NSJSP Introduction to NSJSP Remove an NSJSP installation and optionally delete the installation directories and files. Repair an NSJSP installation whose files have been accidently modified or deleted. The following section describes the various installation scenarios.
Installing NSJSP Introduction to NSJSP An iTP Secure WebServer Environment Containing Older NSJSP Installations NSJSP 7.0 can coexist with other NSJSP 7.0 installations, and either an NSJSP 6.0 or an NSJSP 6.1 installation. As a result, you can install NSJSP 7.0 in an iTP Secure WebServer environment that includes one or more NSJSP 7.0 installations, and either an NSJSP 6.0 or an NSJSP 6.1 installation. However, you must install each NSJSP installation in a unique directory location. Note.
Installing NSJSP Introduction to NSJSP Figure 1-3. Multiple NSJSP Installations in an iTP Secure WebServer Environment HTTP Requests iTP Secure WebServer HTTPD HTTPD HTTPD $zweb Environment NSJSP 7.0 NSJSP 7.0 NSJSP 6.1/NSJSP 7.0 An iTP Secure WebServer Environment Configured for Online-Upgrade You can install NSJSP 7.0 in an iTP Secure WebServer environment that is configured for online-upgrade. Note. iTP Secure WebServer 7.0 and later versions provide the capability of online-upgrades.
Installing NSJSP Introduction to NSJSP Figure 1-4. NSJSP 7.0 in an iTP Secure WebServer Environment Configured for Online-Upgrade HTTP Requests PATHWAY DOMAIN iTP Secure WebServer HTTPD HTTPD HTTPD $zweb Environment HTTPD HTTPD HTTPD NSJSP 7.0 $yweb Environment You can also create multiple NSJSP 7.0 installations in this iTP Secure WebServer environment. However, each NSJSP installation requires a unique directory location.
Configuring NSJSP Introduction to NSJSP Figure 1-5. Multiple NSJSP Installations in an iTP Secure WebServer Environment Configured for Online-Upgrade HTTP Requests PATHWAY DOMAIN iTP Secure WebServer HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD NSJSP 7.0 $yweb Environment $zweb Environment NSJSP 7.0 NSJSP 7.0 For more information on installing NSJSP, see Chapter 2, Installing NSJSP. Configuring NSJSP An NSJSP installation includes a conf directory, which contains a servlet.config file.
Introduction to NSJSP Management in NSJSP iTP Secure WebServer Online-Upgrade Configuration Considerations for NSJSP In a single PATHMON environment, the iTP Secure WebServer creates the NSJSP Server Class as defined in the conf/servlet.config file within the NSJSP installation directory. However, if the iTP Secure WebServer is configured for onlineupgrade, that is with two PATHMONs in a Pathway domain, the PATHMON configuration is handled differently.
Introduction to NSJSP Securing Web Applications started, or restarted respectively. You can perform these operations on the iTP Secure WebServer by using the scripts located in the iTP Secure Webserver conf directory or by using the iTP Secure WebServer Admin application. You can perform operations on the NSJSP installation server classes by using the NSJSP Manager, PATHCOM, or PDMCOM. Modifying the NSJSP Configuration You can make changes to the NSJSP Server Class processes by using the NSJSP Manager.
Introduction to NSJSP NSJSP Features additional processes and logical processors, to a system. The request throughput rate for NSJSP increases in proportion to the increase in system resources, such as logical processors and the number of cores in multi-core processors. NSJSP is highly scalable because it uses the highly scalable iTP Secure WebServer as a front-end and because it runs as a TS/MP server class, it inherits the scalability features from TS/MP.
Architecture Introduction to NSJSP Figure 1-6. NSJSP in an iTP Secure WebServer Environment Configured for Online-Upgrade HTTP Requests DOMAIN iTP Secure WebServer HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD Pathsend or File system API NSJSP NSJSP NSJSP NSJSP NSJSP Installation $zweb $yweb In Figure 1-6, $zweb and $yweb denote two PATHMONs configured in a Pathway domain. The iTP Secure WebServer and the NSJSP installations are distributed across both PATHMONs.
Introduction to NSJSP Apache Tomcat Components Apache Tomcat Components The connector component of Apache Tomcat provides the capabilities of a web server and the container component provides a servlets and JSP container. The connector and the container components are called Coyote and Catalina respectively. Coyote includes an HTTP connector and an Apache JServ Protocol (AJP) connector. The HTTP connector implements the HTTP/1.1 protocol and the AJP connector implements the AJP 1.3 protocol.
Apache Tomcat Components Introduction to NSJSP Figure 1-7. Standalone Apache Tomcat Using the HTTP Connector HTTP/1.1 Network HTTP/1.1 HTTP Connector Connector threads Apache Tomcat Catalina Container (Servlet/JSP Container) Figure 1-8 illustrates the Apache Tomcat servlet container with the Apache Web Server. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Apache Tomcat Components Introduction to NSJSP Figure 1-8. Apache Tomcat with the Apache Web Server HTTP/1.1 Network HTTP/1.1 AJP 1.3 Apache Web Server AJP Connector Connector threads Catalina Container (Servlet/JSP Container) AJP 1.3 AJP Connector Apache Tomcat Connector threads Apache Tomcat Catalina Container (Servlet/JSP Container) The connector validates an incoming message from the web client or the web server for compliance with the respective protocol, such as, HTTP /1.1 or AJP1.3.
Introduction to NSJSP NSJSP Architecture source of the request, such, the web client or the Apache Web Server. After sending the response, the thread is free to process a new message. NSJSP Architecture This section discusses the NSJSP architecture.
NSJSP Architecture Introduction to NSJSP Figure 1-9. NSJSP Architecture Network TCP/IP v6 CPU 0 1 CPU 1 2 CPU CPU23 CPU CPU 4 3 $zweb HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD HTTPD iTP Secure WebServer TS/MP or File Pathsend or File system system callsAPI NSJSP NSJSP NSJSP NSJSP NSJSP Installation In Figure 1-9, NSJSP architecture shows the following: An iTP Secure WebServer installation in a TS/MP environment with a PATHMON, called $zweb.
Introduction to NSJSP NSJSP Architecture 1. NonStop TCP/IPv6 distributes the HTTP(S) user requests across the HTTPD processes. 2. The HTTPD processes map the HTTP requests into a set of variables with values. This information is passed in a message to the NSJSP Server Class through a Pathsend or the File system API. 3. The NSJSP connector receives the request information from an HTTPD process and extracts the required HTTP request data from the message.
2 Installing NSJSP This chapter discusses the NonStop Servlets for JavaServer Pages (NSJSP) installation script and the prerequisites for NSJSP. This chapter also describes the procedures to install, update, repair and remove NSJSP and the NSJSP Manager. Note. NSJSP operates with both iTP Secure WebServer and iTP WebServer. Although this chapter primarily mentions the iTP Secure WebServer, those references apply to the basic iTP WebServer as well.
Installing NSJSP Installing NSJSP from the CD NonStop Java : T2766H70 NonStop 32-bit Java, and T2866H70 Nonstop 64-bit Java JDBC/MX T2 or T4 driver and T1275R32 SPR for 64-bit support Note. To run the sample Bank application, which is integrated with the NSJSP PAX, you must have the JDBC T2 or JDBC T4 driver installed on your system. Installing NSJSP from the CD This section describes the procedure to run the IPSetup program and the NSJSP 6.1 setup script.
Installing NSJSP Running the IPSetup Program The Welcome screen appears. Note. HP strongly recommends that you exit all Windows applications before running the IPSetup program. 5. Do one of the following: a. Click Cancel to exit the IPSetup program and close any other programs that are running. b. Click Next > to continue with the IPSetup program. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Installing NSJSP Running the IPSetup Program The Software License Agreement screen appears. 6. Review the License Agreement and do one of the following: a. If you do not want to accept the terms of the agreement, select I do not agree to the above conditions and click Cancel to exit the IPSetup program. b. To accept all the terms of the agreement, select I agree to the above conditions and click Next >. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Installing NSJSP Running the IPSetup Program The Placement Options screen appears. 7. Select one of the following as a target platform for your IP software: a. TNS/E for H-series and J-series. b. Workstation to install the IP on your workstation. 8. Do one of the following and click Next >: a. Select the Use DSM/SCM to complete installation on the host check box to launch the DSM/SCM planner interface after completing the IPSetup program. b.
Installing NSJSP Running the IPSetup Program The Product Selection screen appears. 9. From the Available Products: list, select NonStop Servlet for JavaServer Pages as the product you want to install. 10. Click Add->. The selected product moves to the Selected Products list. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Installing NSJSP Running the IPSetup Program 11. Click Next >. The Host Information screen appears. 12. Log on to the Host by performing the following steps: a. From the Host name: list, select the IP address of a host system where you want to place the selected product. Note. If the IP address of a Host system is not available in the Host name: list, type the IP address. b. Enter a user name and password. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Running the IPSetup Program Installing NSJSP c. Select the communication mode. Note. Starting with T0316H01^AAK (version 4.1.00.0), IPSetup supports two modes of communication: Telnet and Secure SHell (SSH). To use the SSH mode of communication, ensure that the SSH server is configured correctly and is running on the NonStop server. If the SSH server is not configured or not running on the NonStop server, you will not be allowed to proceed with this mode of communication.
Installing NSJSP Running the IPSetup Program The Host Target Settings screen appears. 1. Do one of the following: a. Accept the default location for the work subvolume and the subvolume where the existing files will be backed up from the work subvolume. b. Browse the location for a work subvolume and backup of your choice. Note. If you want to back up the existing files in the work subvolume to another subvolume, select the Back up existing host files to: check box. 2.
Installing NSJSP Running the IPSetup Program The Host File Placement screen appears. 3. Verify the location where the product files will be placed on the Host system and click Next >. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Installing NSJSP Running the IPSetup Program The Placement Manifest screen appears. 4. Verify the details displayed on the Placement Manifest screen and click Next >. If you select the Back up existing host files to: check box in the Host Target Settings screen, IPSetup backs up any existing files to the backup subvolume.
Installing NSJSP Running the IPSetup Program IPSetup then transfers the installation files to the work subvolume and creates DSVs and ISVs. It displays the Placement Status screen, which shows the progress throughout the entire placement process. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Installing NSJSP Running the IPSetup Program After transferring the installation files, the Placement Complete screen appears. 5. Complete your IPSetup program: a. Select the View the Readme File check box. b. Click Finish. The IPSetup program completes and opens the readme.txt file. The program saves the contents of the T1222PAX file in the version-specific OSS directory located at /, where: is the /usr/tandem/nsjsp directory.
Running the setup Script Installing NSJSP Note. The /usr/tandem/nsjsp directory is referred to as the directory throughout this chapter. After the NSJSP files are transferred to a NonStop system using the IPSetup program, complete the Running the setup Script on page 2-14 procedure to install NSJSP 7.0. Running the setup Script Run the setup script to complete the NSJSP 7.0 installation. By default, the script is located in the directory: / Note.
Running the setup Script Installing NSJSP in a Pathway domain that includes one or both of the following types of installations: one or more NSJSP 6.1 installations an NSJSP 6.0 installation or an NSJSP 6.1 installation For more information on these environments, see Installing NSJSP in Different Environments Using the setup Script on page 1-4. For more information on installing NSJSP, see Creating an NSJSP Installation on page 2-16.
Installing NSJSP Creating an NSJSP Installation Creating an NSJSP Installation After running the setup script at the OSS prompt, you must select the Create an NSJSP installation option to install NSJSP 7.0. Starting with the NSJSP 6.1 release, the setup script can be used to create multiple NSJSP installations. To create an NSJSP installation, complete the following steps: 1. Run the setup script, as described in Running the setup Script on page 2-14. 2. To install NSJSP 7.
Installing NSJSP Creating an NSJSP Installation 8. Enter the NSJSP server class name for this installation or press Enter to use the displayed default. Note. The NSJSP server class name must start with a letter and must contain 1 to 11 alphanumeric or hyphen characters. 9. Enter the uniform resource identifier (URI) name for mapping requests to this installation or press Enter to use the displayed default.
Installing NSJSP Verifying the NSJSP Installation After you install NSJSP 7.0, the setup script prompts you to install the NSJSP Manager application, if it is not installed in the iTP Secure WebServer. If you have already installed the NSJSP Manager application, the script exits. To create an NSJSP Manager installation, complete the steps described in Creating an NSJSP Manager Installation on page 2-20. Verifying the NSJSP Installation After you have installed NSJSP 7.
NSJSP Installation Directory Structure Installing NSJSP Figure 2-1 shows the NSJSP home page for a successful NSJSP 7.0 installation. Figure 2-1. The NSJSP 7.0 Home Page NSJSP Installation Directory Structure Table 2-1 describes the NSJSP 7.0 installation directories located in the NSJSP home directory. Table 2-1. NSJSP 7.0 Installation Directories and Files Directory Description README Contains information that will help you to set up an NSJSP environment.
Installing NSJSP Creating an NSJSP Manager Installation Creating an NSJSP Manager Installation NSJSP 7.0 introduces a new management application, called the NSJSP Manager. The NSJSP Manager application can be used to manage NSJSP server classes running under an iTP Secure WebServer environment. For more information on the NSJSP Manager application, see NSJSP Manager Application on page 4-1. Note. You can install only one NSJSP Manager application per iTP Secure WebServer environment.
Installing NSJSP Creating an NSJSP Manager Installation The script then displays the following message: The initial user name for the NSJSP Manager application is ‘admin Enter the password for the ‘admin’ user. Note. If you continue to install the NSJSP Manager application after the NSJSP 7.0 installation is complete, the setup script uses the same iTP Secure WebServer installation, JDBC/MX library, and NSJ directories that you specified during the NSJSP 7.0 installation. 8.
Installing NSJSP Verifying the NSJSP Manager Application Installation The script will then display the URL that can be used to access the NSJSP Manager. Verifying the NSJSP Manager Application Installation After you have installed the NSJSP Manager application, the iTP Secure WebServer must be cold started for the changes to take effect. You can verify the installation by accessing the NSJSP Manager application login page.
Installing NSJSP Updating an NSJSP Installation Figure 2-2. The NSJSP Manager Application Login Page Updating an NSJSP Installation The setup script includes an option to update an NSJSP installation with a later NSJSP version. Note. You must copy the new version of NSJSP to the directory. To update an existing NSJSP 7.0 installation, complete the following steps: 1. Run the setup script, as described in Running the setup Script on page 2-14. 2.
Installing NSJSP Removing an NSJSP Configuration Update successful. The iTP Secure Webserver needs to be restarted for the upgrade to take effect. Removing an NSJSP Configuration The setup script enables you to remove an NSJSP 7.0 configuration or an NSJSP Manager configuration from the iTP Secure WebServer installation using the Remove an NSJSP Configuration option. The setup script also provides the option to delete the NSJSP installation files and directories.
Installing NSJSP Repairing an NSJSP Installation The script then displays the following message: Before deleting ensure that this installation was not linked to another webserver. Do you want to delete the directory and its contents : 6. To remove the NSJSP 7.0 installation directory or the NSJSP Manager installation directory, and its contents, type y and press Enter. The NSJSP 7.
Batch/Silent NSJSP Installations Installing NSJSP The repair option works for the following configuration files: Table 2-2. Repairing Configuration Files File Name Description /conf/servlet.config Repairing this file ensures that the webserver recognizes the current NSJSP installation. Repairing this file ensures correct configuration of the server class for this NSJSP installation. /conf/servlet.confi g /conf/server.xml catalina.properties context.
Installing NSJSP Batch/Silent NSJSP Installations As a user you need to provide inputs in the setup.properties file which serves as input for the setup script. A sample setup.
Installing NSJSP Support for Multiple NSJSP Installations in a Single iTP Secure WebServer Environment SERVERCLASS_NAME, URI_NAME, and OPER for all the BEGIN-END blocks. The value of OPER must be set to NEW for all the BEGIN-END blocks. The generic parameters specified before BEGIN-END blocks provide parameter values to the blocks following it untill a new set of generic parameters are encountered. You must provide values to ITPWEBSERVER_INSTALL_DIR and NSJ_INSTALL_DIR parameters.
Installing NSJSP Support for Multiple NSJSP Installations in a Single iTP Secure WebServer Environment filemaps.config Starting with the NSJSP 7.0 release, each NSJSP 7.0 installation includes its own set of the listed configuration files. The configuration files for NSJSP 7.0 installations are no longer present in the iTP Secure WebServer conf directory. Instead, the files are present in the conf directory within each NSJSP installation. The location of these NSJSP 7.
Installing NSJSP Support for Multiple NSJSP Installations in a Single iTP Secure WebServer Environment NonStop Servlets for JavaServer Pages (NSJSP) 7.
3 Configuring NSJSP This chapter describes how to configure NSJSP. This chapter assumes that you have installed NSJSP 7.0. For more information on Installing NSJSP, see Chapter 2, Installing NSJSP. This chapter discusses the following topics: Overview Configuration Files for the Server Class Configuration Files for the Servlet Container Virtual Hosts Session Management Table 3-1 lists the terms and definitions used in this chapter. Table 3-1.
Overview Configuring NSJSP Table 3-1. Terms and Definition (page 2 of 2) Term Definition Session A session, also called an HTTP session, provides the means to associate an HTTP Client and an HTTP Server. This association or session, persists over multiple connections and/or requests during a given time period. Sessions are used to maintain the state and identity a user across multiple requests and connections.
Overview Configuring NSJSP Table 3-3. Configuration Files for the NSJSP Servlet Container and All Web Applications hosted by an NSJSP Installation Configuration File Description server.xml Contains the configuration information for the NSJSP servlet container. context.xml The default context loaded by all applications. Each web application can create an application-specific context. web.
Configuring NSJSP Configuration Files for the Server Class Figure 3-1 shows two NSJSP 7.0 installations NSJSP 7.0 A and NSJSP 7.0 B along with their configuration files. It also shows an older NSJSP installation that may be an NSJSP 6.1 installation. The httpd.config file in the iTP Secure WebServer references the generic servlet.config file. The generic servlet.config file has links to each installation-specific servlet.config file of each NSJSP installation. Each installation-specific servlet.
The Generic servlet.config File Configuring NSJSP The Generic servlet.config File Table 3-4 provides an overview of the generic servlet.config file. Table 3-4. The Generic servlet.config File Location /conf Description Contains references to all the active NSJSP installations in an iTP Secure WebServer environment. A source directive is included for each active NSJSP installation in the iTP Secure WebServer environment.
The Installation-Specific servlet.config File Configuring NSJSP installation that was removed using the setup script may still be present, including its servlet.config file. However, the source directive for the installation would have been removed from the generic servlet.config file. That would be an example of an inactive NSJSP installation. The httpd.config file uses the source directive to access the generic servlet.config file as shown in the following example. Note.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-3 shows the default content of the installation-specific servlet.config file. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Configuring NSJSP The Installation-Specific servlet.config File NonStop Servlets for JavaServer Pages (NSJSP) 7.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File # # VERSION=7.0.0 # # # The server_objectcode represents a SYMBOLIC LINK to your installed # copy of the JVM (default /usr/tandem/java/bin/java) # set server_objectcode $root/bin/serv1.ssc # # The NSJSP installation directory.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File # # By default, the JVM is run without a JAAS configuration file. # set NSJSP_JAAS_CONFIG -Dnsjsp.jaas.login.config=none # # If you wish to use the NSJSP JAAS NonStopLoginModule, uncomment the next # statement ("set NSJSP_JAAS_CONFIG ...").
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File # # This trims off the rightmost colon char. # set JVCP [string trimright $JVCP ":"] # # Set the default value of the User ClassPath blank # set USRCP "" ################################################################# # # Related to the BankDemo example application provided with NSJSP # # The value of SERVLET_BANK should be ..
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File set NSJSP_DLL_PATH $env(NSJSP_HOME)/lib:$jdbcMx_LIB_PATH } } elseif {[info exists jdbcMp_LIB_PATH]} { set NSJSP_DLL_PATH $env(NSJSP_HOME)/lib:$jdbcMp_LIB_PATH } # # Any custom classpaths can be added by uncommenting and modifying # the next statement ("append USRCP ...").
Configuring NSJSP The Installation-Specific servlet.config File Example 3-3. An Installation-Specific servlet.config File # #-DmaxWaitTimeSecs= #Specifies the Max time to wait for a requestin Seconds. #Default value is ScriptTimeout default in iTPWebServer--300Secs # #-Xmx64m #Specifies the maximum Java Heap size. #See the JVM documentation for more info. # #-Xms64m #Specifies the initial Java Heap size. #See the JVM documentation for more info. # #-Xss128k #Specifies the maximum thread #stack size.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-3. An Installation-Specific servlet.config File #configuration property and LoginModule configuration file. #-Djava.security.auth.login.config== #[ $env(NSJSP_HOME)/conf/iTP_jaas.config ] #OR #[-Dnsjsp.jaas.login.config=none] # # # #-DSessionBasedLoadBalancing=true|false #Turns on/off Session Based load balancing support.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File # each NSJSP serverclass instance. # The values of Maxlinks and Linkdepth have to be determined # based on the application needs. # The value of 25 will allow every NSJSP serverclass instance # to process 25 requests simultaneously.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-3. An Installation-Specific servlet.config File #if { [file source exists $env(NSJSP_HOME)/conf/filemaps.config] } { $env(NSJSP_HOME)/conf/filemaps.config } # # The filemap directive should always map to wherever you have installed # the NonStop(tm) Servlets For JavaServer Pages(tm) server object code. # Filemap /serv1 $server_objectcode The contents of the installation-specific servlet.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-4 shows a sample configuration of the server_objectcode variable. Example 3-4. A Sample Configuration of the server_objectcode Variable # # The server_objectcode represents a SYMBOLIC LINK to your installed # copy of the JVM (default /usr/tandem/java/bin/java) # set server_objectcode $root/bin/instA.ssc NSJSP_HOME The NSJSP_HOME variable is used to set the full path of the directory where NSJSP is installed. Note.
The Installation-Specific servlet.config File Configuring NSJSP -Djava.security.policy==$env(JVM_POLICY_FILE). The == sign is intentional and indicates to the JVM that it must only use the mentioned policy file. Example 3-7 shows the default value of the NSJSP_SECMGR_POLICY variable. Example 3-7. The Default Value of the NSJSP_SECMGR_POLICY Variable set NSJSP_SECMGR_POLICY -Djava.security.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-9 shows the default value of the JAAS_CONFIG_FILE variable. Example 3-9. The Default Value of the JAAS_CONFIG_FILE Variable # # NSJSP JAAS NonStopLoginModule configuration file. # set env(JAAS_CONFIG_FILE) $env(NSJSP_HOME)/conf/iTP_jaas.config NSJSP_JAAS_CONFIG The value of the NSJSP_JAAS_CONFIG variable is the Java command-line argument that is used to turn on the JAAS module.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-11 shows the default value of the JAVA_HOME variable. Example 3-11. The Default Value of the JAVA_HOME Variable ################################################################# # # Set the JAVA_HOME and GUARDIAN_SUBVOL # set env(JAVA_HOME) /nsjsp/software/java6.
The Installation-Specific servlet.config File Configuring NSJSP Example 3-13 shows the default value of the USRCP variable. Example 3-13. The Default Value of the USRCP Variable # # # set Set the default value of the User ClassPath blank USRCP "" SERVLET_BANK The SERVLET_BANK variable is used to specify the name of the required database table in the format .. used in example bank application distributed with NSJSP.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-14 shows the default value of the SERVLET_BANK variable. Example 3-14. Default Value of the SERVLET_BANK Variable ################################################################# # # Related to the BankDemo example application provided with NSJSP # # The value of SERVLET_BANK should be .. # Catalog and schema should have been created.
Configuring NSJSP The Installation-Specific servlet.config File JAVA_HOME The JAVA_HOME variable is mandatory and specifies the directory where NonStop Server for Java (NSJ) is installed. Example 3-17 shows the default value of the JAVA_HOME variable. Example 3-17. The Default Value of the JAVA_HOME Variable Env JAVA_HOME=$env(JAVA_HOME) JREHOME The JREHOME variable is mandatory and specifies the location of the Java Runtime Environment (JRE). Note. This variable is not mandatory in NSJ 6.
Configuring NSJSP The Installation-Specific servlet.config File BANK_CATALOG The BANK_CATALOG variable is set to the value of the $SERVLET_BANK variable. For more information, see SERVLET_BANK on page 3-21. Example 3-21 shows the default value of the BANK_CATALOG variable. Example 3-21. The Default Value of the BANK_CATALOG Variable Env BANK_CATALOG=$SERVLET_BANK NSJSP_CONFIG_FILE Specifies the NSJSP configuration file that is used by the NSJSP Manager.
Configuring NSJSP The Installation-Specific servlet.config File Xms Specifies the initial memory allocation pool (also called the heap) size that is allocated when NSJSP starts up. This value is set to the same value as Xmx. Xss Specifies the stack size. The default value is 128k.This value should be sufficient for most applications hosted on NSJSP. If you experience stack overflow exceptions in your application, consider increasing this value. Xnoclassgc Disables the class garbage collection.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-25 shows the default value of the java.util.logging.manager variable. Example 3-25. The Default Value of the java.util.logging.manager Variable -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager java.util.logging.config.file Specifies the configuration file used by the LogManager. For more information about the logging configuration file, see Chapter 5, Logging in NSJSP.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-28 shows the default value of the java.io.tmpdir variable. Example 3-28. The Default Value of the java.io.tmpdir Variable -Djava.io.tmpdir=$env(NSJSP_HOME)/temp catalina.home and catalina.base The catalina.home and catalina.base arguments are mandatory and specify the installation directory for NSJSP. The values for these variables must be the same. The catalina.
Configuring NSJSP The Installation-Specific servlet.config File browser as long as the browser is open. If sessions are configured to be persistent and to expire with short durations, then setting this property to true might improve performance. When setting this value to true, it is important that the date and time on the browser workstation match or is very close to that of the NonStop server where NSJSP is running.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-31 shows an example of a new Filemap definition being added when DiscardFileMapHistory is true. Note. HP recommends that you retain the default value of false to preserve the Filemap history. Example 3-31. New Filemap Information # # 2010-04-08 14:47:10.765 - Added Filemap '/bank'. Filemap /bank /usr/tandem/webserver/bin/dev.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-33. Configuration for JMXProxyServlet in the web.xml file …. …. JMXProxy org.apache.catalina.manager.JMXProxyServlet …. …. JMXProxy /jmxproxy/* …. ….
Configuring NSJSP The Installation-Specific servlet.config File Note. NSJSP 6.1 JMX Proxy did not provide an option to run a JMX operation on a specific NSJSP Process. JMX Proxy URL workls only of / is provided before ? in the URL name. The following is an example of a correct URL: http://15.146.232.231/manager/jmxproxy/?serverclass=SERVLETS . Tomcat also exhibits the same behaviour. Caution.
Configuring NSJSP The Installation-Specific servlet.config File Example 3-34 shows the default value of the SaveSessionOnCreation variable. Example 3-34. The Default Value of the SaveSessionOnCreation Variable -DSaveSessionOnCreation=false com.tandem.servlet.CONTEXT_PREFIXES This is the URI name that is specified during installation when you run the setup script. The value must begin with / followed by the URI name, which is made up of alphanumeric characters.
The Installation-Specific servlet.config File Configuring NSJSP Note. HP recommends that you set this value to a value greater than or equal to the ScriptTimeout value specified in the iTP Secure WebServer configuration. For more information about ScriptTimeout see the iTP Secure WebServer Administrator's Guide.
Configuring NSJSP The Installation-Specific servlet.config File The following are the configuration parameters defined by TS/MP for server classes. For more information on these parameters, see the NonStop TS/MP System Management Manual. The following descriptions are applicable to NSJSP only. NUMSTATIC and MAXSERVERS In the default configuration, both these parameters have the same value. This means there are no dynamic servers configured for NSJSP.
The filemaps.config File Configuring NSJSP Example 3-35 shows the default configuration of the Region directive. Example 3-35. The Default Configuration of the Region Directive # # Add region commands to deny access to internal Catalina Servlets. # Region */servlet/org.apache.catalina.servlets.* { DenyHost * } Region */servlet/jsp/* DenyHost * } { The Filemap Directive The Filemap directive at the end of the servlet.
Configuring NSJSP The filemaps.config File Example 3-38 shows the installation-specific servlet.config file checking for the presence of the filemaps.config file and sourcing the filemaps.config file, if available. Example 3-38. Checking for the presence of the filemaps.config file and sourcing the filemaps.config file in the servlet.config file ################################################################# # # Do an existence check on the filemaps configuration # file (filemaps.config).
Configuring NSJSP The filemaps.config File Example 3-39 illustrates the usage of the filemaps.config file for specific user application Filemap definitions. Example 3-39. Specific User Application Filemap Definitions Consider an installation with a URI name of /dev running an application foo.war. By default, the application can be accessed over the URL http:///dev/foo and the full application context path will be /dev/foo.
The jdbc.config File Configuring NSJSP The jdbc.config File Table 3-7 provides an overview of the jdbc.config file. Table 3-7. The jdbc.config File Location /conf Description The file is source in, if present, by the servlet.config file and is used to configure certain variables to include the JDBC/MX and/or JDBC/MP configuration. One variable that is modified in the jdbc.config file is USRCP. For more information on USRCP, see The Installation-Specific servlet.config File on page 3-6).
Configuring NSJSP The jdbc.config File Example 3-40. The jdbc.config File # # VERSION=6.1.0 # ####################################################################### # # This file contains the JDBC/MP and JDBC/MX configuration. # # # # If the CLASSPATH contains sqlmp.jar and/or jdbcMx.jar, then first # add those to the User ClassPath TCL variable USRCP. # if { [info exists env(CLASSPATH)] } { foreach i [split $env(CLASSPATH) ":"] { if {[string first "sqlmp.
Configuration Files for the Servlet Container Configuring NSJSP Configuration Files for the Servlet Container This section describes the following configuration files: The server.xml File The context.xml File The web.xml File The server.xml File This section discusses only the elements that are used in the default server.xml file. Although the behavior of some of these components is the same as in Apache Tomcat, some components behave differently in NSJSP.
The server.xml File Configuring NSJSP Figure 3-3. The Element Hierarchy and Relationships in the server.
The server.xml File Configuring NSJSP Example 3-41 shows the default server.xml file. Example 3-41. The server.xml File (page 1 of 3) Ensure that the port is always set to -1. NSJSP does not support "shutdown" command. It is only possible to shutdown the server using the freeze;stop command of pathway. --> PAGE 127The server.xml File Configuring NSJSP Example 3-41. The server.xml File (page 2 of 3)
The server.xml File Configuring NSJSP Example 3-41. The server.xml File (page 3 of 3) Refer to the Administrator's Guide for more details about the usage of this valve. --> -->--> PAGE 129The server.xml File Configuring NSJSP Table 3-9. Property List for the Server element Property Description Default value className Java class name for the implementation to use. This class must implement the org.apache.catalina.Server interface. If no class name is specified, the standard implementation will be used. org.apache.catalin a.core.StandardSer ver HP recommends that you do not change the value of this property. Specifies the port number on which the server receives the shutdown command.
The server.xml File Configuring NSJSP Table 3-10. Descriptions of Listeners configured as child elements of the Server element Listener Description Jasper Listener The Jasper Listener initializes the Jasper2 JSP engine before loading any web applications. The Jasper2 JSP engine is an implementation of the Java Server Pages 2.1 specification. The class name of the listener is org.apache.catalina.core.JasperListener.
The server.xml File Configuring NSJSP Table 3-10. Descriptions of Listeners configured as child elements of the Server element Listener Description NSJSP Lifecycle Listener This Listener is used to instantiate the NSJSP-specific MBeans. These MBeans are mainly used by the admin feature. The class name of this Listener is com.tandem.servlet.NSJSPLifeCycleListener. Security Lifecycle Listener Security Lifecycle Listener is not supported by NSJSP.
The server.xml File Configuring NSJSP requests. One or more Service elements may be nested inside a Server element. Note. Although it is possible to add more than one Service element, HP recommends only one Service element. This is because of the following reasons. Each Service element requires a Connector element and NSJSP provides only one Connector implementation that processes messages from the $RECEIVE file.
The server.xml File Configuring NSJSP Table 3-11. Property List of the Service Element Property Description className The Java class name of the implementation to use. This class must Implement the org.apache.catalina.Service interface. If no class name is specified, the standard implementation will be used. Default value org.apache .catalina. core.Stand ardService HP recommends that this property not be modified.
The server.xml File Configuring NSJSP The NSJSP Connector element communicates with the HTTPD component of the iTP Secure WebServer and receives all the input request data through the $RECEIVE file. The HTTPD component acts as the front-end web server and handles all the protocol validation and translation. After the protocol is validated, HTTPD extracts the necessary information and converts the information to a set of name value pairs.
The server.xml File Configuring NSJSP Table 3-12. Property List for the Connector Element in NSJSP (page 1 of 5) Property Description Default Value allowTrace A Boolean value that can be used to enable or disable the TRACE HTTP method. If this property is not specified, it is set to false. asyncTimeout Indicates the default timeout for asynchronous requests in milliseconds. 10000 enableLookups Set to true if you want calls to request.
The server.xml File Configuring NSJSP Table 3-12. Property List for the Connector Element in NSJSP (page 2 of 5) Property Description useBodyEncodingFo rURI This properties indicates if the encoding specified in the contentType of the message is to be used for decoding the URI. Default Value The default value is false and it is suggested that the default value be retained. Hence, using the URIEncoding property for decoding the URI.
The server.xml File Configuring NSJSP Table 3-12. Property List for the Connector Element in NSJSP (page 3 of 5) Property Description Default Value maxPostSize Indicates the maximum size in bytes of the POST which is handled by the container FORM URL parameter parsing. The limit can be disabled by setting this property to a value less than or equal to 0.
The server.xml File Configuring NSJSP Table 3-12. Property List for the Connector Element in NSJSP (page 4 of 5) Property Description Default Value server Overrides the Server header for the http response. If set, the value for this property overrides the Tomcat default and any Server header set by a web application. If not set, any value specified by the application is used. If the application does not specify a value, ApacheCoyote/1.1 is used.
The server.xml File Configuring NSJSP Table 3-12. Property List for the Connector Element in NSJSP (page 5 of 5) Property Description noCompressionUser Agents The value is a regular expression (using java.util.regex) matching the useragent header of HTTP clients for which compression should not be used, because these clients, although they do advertise support for the feature, have a broken implementation. processorCache The protocol handler caches Processor objects to speed up performance.
The server.xml File Configuring NSJSP keepAliveTimeout maxKeepAliveRequests maxConnections socketBuffer tcpNoDelay For more information on these properties, see http://tomcat.apache.org/tomcat-7.0doc/config/http.html. Child Element Nested in the Connector Element JMX Connection Listener The com.tandem.servlet.JMXConnectionListener (JMX Connection Listener) has to be configured to accept JMX requests (over NonStop IPC) from the NSJSP manager application.
The server.xml File Configuring NSJSP Example 3-46 shows the default values for the Engine element. Example 3-46. The Default Values for the Engine Element PAGE 142The server.xml File Configuring NSJSP Table 3-13. Property List for the Engine Element Property Description backgroundPro cessorDelay Represents the delay in seconds between the invocation of the backgroundProcess method on this engine and on its child containers, including all the hosts and contexts. Child containers methods will not be invoked if their delay value is not negative. This means that the child containers are using their own processing thread.
The server.xml File Configuring NSJSP The Context container backgroundProcess is invoked to perform session expiration and class monitoring. The backgroundProcess method for a container is invoked in a separate thread called the background processing thread. It is possible to have a separate thread for each of the containers. A backgroundProcessor thread is spawned if the container's backgroundProcessorDelay property has a positive value.
The server.xml File Configuring NSJSP Host The Host element represents a virtual host. One or more Host elements are nested inside an Engine element. One of the Host elements under an Engine must have a name matching the defaultHost property of that Engine. In the default server.xml file the value of the defaultHost property of the Engine element is localhost and there is only one Host configured with the name localhost. For more information on virtual hosts, see Virtual Hosts on page 3-83.
The server.xml File Configuring NSJSP Table 3-14 shows the property list for the Host element. Table 3-14. Property List for the Host Element (page 1 of 4) Property Description Default Value appBase The Application Base directory for this virtual host. This is the pathname of a directory that might contain web applications to be deployed on this virtual host. You may specify an absolute pathname for this directory, or a pathname that is relative to the directory.
The server.xml File Configuring NSJSP Table 3-14. Property List for the Host Element (page 2 of 4) Property Description className The Java class name of the implementation to use. This class must implement the org.apache.catalina.Host interface. If this property is not specified, the standard host implementation org.apache.catalina.core.StandardHost will be used. Default Value HP recommends you to not modify this value.
The server.xml File Configuring NSJSP Table 3-14. Property List for the Host Element (page 3 of 4) Property Description errorReportVa lveClass The Java class name of the error reporting valve, which will be used by this Host. This valve provides error reports. Setting this property enables you to customize the format of the error pages, which will be generated by NSJSP. If not specified, the default value for this class will be org.apache.catalina.valves.ErrorReport Valve.
The server.xml File Configuring NSJSP Table 3-14. Property List for the Host Element (page 4 of 4) Property Description workDir The pathname to a scratch directory to be used by applications for this Host. Each application will have its own subdirectory with temporary read-write use. Configuring a context workDir will override the use of the Host workDir configuration. This directory can be made visible to servlets in a web application by configuring a servlet context property (of type java.io.
Configuring NSJSP The server.xml File NSJSP Manager application, no changes should be made to an already running application. The autoDeploy property does not have any effect on the Manager application. This means that irrespective of the value of the autoDeploy property the Manager application can deploy/undeploy applications.
Configuring NSJSP The server.xml File Setting this property to true will allow the NSJSP container to deploy the application using the context.xml file in the application’s META-INF directory. This means that the application can define its own context. There are certain parameters in the context definition that could allow a rogue application to gain access to the NSJSP servlet container's internal resources and also to other applications running alongside the rogue application.
Configuring NSJSP The server.xml File Example 3-49 shows the default values for the RequestTrackerValve. Example 3-49. The Default Values for the RequestTrackerValve Request Dumper Filter The class name of this filter is com.hp.tandem.nsjsp.valves.NSJSPRequestDumperFilter.
The server.xml File Configuring NSJSP Example 3-50. A Sample of the Executor element Table 3-15 shows the property list for the Executor element. Table 3-15.
The context.xml File Configuring NSJSP The context.xml File Before discussing the content of the context.xml file, it is important to understand a context. A context in NSJSP means a web application. To configure a context within NSJSP, a Context Descriptor is required. A Context Descriptor is simply an XML file that contains NSJSP related configuration information for a context. It could include, for example, naming resources or the session manager configuration.
Configuring NSJSP The context.xml File Example 3-51 shows the default context.xml file. Example 3-51. The default context.xml File WEB-INF/web.xml PAGE 155The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 1 of 6) Property Description backgroundProcessor Delay Represents the delay in seconds between the invocation of the backgroundProcess method on this context and its child containers, including all wrappers. Setting this to a positive value causes a thread to spawn. After waiting the specified amount of time, the thread invokes the backgroundProcess method on this context.
The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 2 of 6) Property Description docBase The Document Base (also known as the Context Root) directory for this web application, or the pathname to the web application archive file (if this web application is being executed directly from the WAR file). You may specify an absolute pathname for this directory or the WAR file, or a pathname that is relative to the appBase directory of the owning Host.
The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 3 of 6) Property Description path The value of this field must not be set except when statically defining a Context in server.xml, as it will be inferred from the filenames used for either the.xml context file or the docBase. Note. HP recommends that contexts should not be specified in the server.
The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 4 of 6) Property Description useHttpOnly Indicates if the HttpOnly flag is included in the HTTP response header. If the HttpOnly flag is included in the HTTP response header, a cookie cannot be accessed through a client side script when the browser supports this flag.
The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 5 of 6) Property Description antiResourceLocking The default value is set to false and it is suggested that it be kept set to false. If set to true, the NSJSP servlet container copies each application into a separate directory in the temp folder. This is meant for those platforms that lock file resources when accessing them. Setting this to true will result in significant startup times.
The context.xml File Configuring NSJSP Table 3-17. Property List for the Context Element (page 6 of 6) Property Description tldNamespaceAware If the value of this flag is true, the TLD files XML validation will be namespace-aware. If you turn this flag on, you should probably also turn tldValidation on. The default value for this flag is false, and setting it to true will have a negative impact on performance.
Configuring NSJSP The web.xml File The Manager element configures the session manager. By default, the NSJSPStandardManager is configured. The NSJSPStandardManager is an inmemory session manager. The pathname property is ignored by the manager. For more information about the NSJSPStandardManager, see Session Management on page 3-85. Note. The context.xml file also contains a persistent manager configuration which is commented out.
Configuring NSJSP The web.xml File Default Servlet As the name implies, it is generally configured as the default servlet for a web application, by being mapped to the URL pattern /. For more information, see http://tomcat.apache.org/tomcat-7.0-doc/funcspecs/fs-default.html. Example 3-52 shows the configuration of the default Servlet. Example 3-52. Configuration of the Default Servlet default org.apache.catalina.servlets.
Configuring NSJSP The web.xml File Example 3-53 shows the configuration of the JSP page compiler and execution Servlet. Example 3-53. Configuration of the JSP Page Compiler and Execution Servlet jsp org.apache.jasper.servlet.
Configuring NSJSP The web.xml File Example 3-54. Configuration of the SSI Servlet ssi org.apache.catalina.ssi.
Configuring NSJSP The web.xml File Example 3-55. Configuration of the CGI processing Servlet cgi org.apache.catalina.servlets.CGIServlet debug 0 cgiPathPrefix WEB-INF/cgi 5 --> . . .
Configuring NSJSP The web.xml File not perform the database operations on the session object thus eliminating unnecessary database operation. HP recommends that all the static content of an application be served directly by the iTP Secure WebServer. Example 3-56 shows the configuration of the static content filter. Example 3-56. Configuration of the Static Content Filter StaticContentFilter com.hp.tandem.nsjsp.filters.
Virtual Hosts Configuring NSJSP Virtual Hosts Assume that a NonStop server has two network names, hp.com, and internal.hp.com and that NSJSP is required to run applications which use both of these network names. The applications for both these network names could be configured to run with the default configuration of NSJSP, which has only one Host element. However, such a configuration is not flexible enough to separate the two sets of applications.
Configuring NSJSP Configuring Virtual Hosts Configuring Virtual Hosts To configure virtual hosts, you must configure multiple Host elements nested as child elements in the Engine element. The value of the name property of each Host is used by the Engine element to identify where requests should be routed. When configuring multiple Host elements, it is necessary to have a different appBase for each Host element and to configure the RequestTrackerValve for each Host. Note.
Configuring NSJSP Session Management Session Management This section describes the different strategies for session management and the related manager configuration details and also explains how to configure any manager element.
In-Memory Sessions (SessionBasedLoadBalancing = true) Configuring NSJSP Figure 3-5.
Configuring NSJSP In-Memory Sessions (SessionBasedLoadBalancing = true) Example 3-59. Arglist from a servlet.config file with SessionBasedLoadBalancing Enabled Arglist -Xmx64m -Xss128k -Xnoclassgc \ -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ -Djava.util.logging.config.file=$env(NSJSP_HOME)/conf/logging.properties \ Djavax.management.builder.initial=com.tandem.servlet.jmx.NSJSPMBeanServerB iilder \ $NSJSP_SECMGR \ $NSJSP_SECMGR_POLICY \ $NSJSP_JAAS_CONFIG \ -Dcom.tandem.servlet.
In-Memory Sessions (SessionBasedLoadBalancing = true) Configuring NSJSP Table 3-18. Property List for the NSJSPStandardManager (page 1 of 2) Property Description Default value className Java class name of the implementation to use. This class must implement the org.apache.catalina.Manager interface. The value must be com.tandem.servlet.catalina.session. NSJSPStandardManager. com.tandem. servlet. catalina. session.
In-Memory Sessions (SessionBasedLoadBalancing = true) Configuring NSJSP Table 3-18. Property List for the NSJSPStandardManager (page 2 of 2) Property Description maxInactiveInt erval The maximum time interval, in seconds, between client requests before a session is invalidated. Default value This property provides the initial value whenever a new session is created, but the interval may be dynamically altered by a servlet via the setMaxInactiveInterval method of the HttpSession object.
Configuring NSJSP Persistent Manager Sessions (SessionBasedLoadBalancing = false) This variable is used to set the maximum time interval, in seconds, between client requests before a session is invalidated. However, it should be noted that in the current version of NSJSP, during a context start or restart this variable is always overridden by the value specified in the session-timeout element in the application’s deployment descriptor (web.xml).
Persistent Manager Sessions (SessionBasedLoadBalancing = false) Configuring NSJSP configured. Figure 3-6.
Configuring NSJSP Persistent Manager Sessions (SessionBasedLoadBalancing = false) 2. Configure the Manager Element 3. Create the Persistent Store 4. Configure the Persistent Store Set SessionBasedLoadBalancing to false Set the SessionBasedLoadBalancing parameter in the installation-specific servlet.config file in /conf directory to false. Example 3-62 shows an Arglist from an installation-specific servlet.config file with SessionBasedLoadBalancing set to false. Example 3-62.
Persistent Manager Sessions (SessionBasedLoadBalancing = false) Configuring NSJSP Table 3-19. Property List for the Manager element (page 1 of 2) Property Description algorithm Name of the Message Digest algorithm used to calculate session identifiers produced by this Manager. This value must be supported by the java.security.MessageDigest class. If the algorithm property is not specified, the default value is MD5. className Java class name of the implementation to use.
Persistent Manager Sessions (SessionBasedLoadBalancing = false) Configuring NSJSP Table 3-19. Property List for the Manager element (page 2 of 2) Property Description randomClass Java class name of the java.util.Random implementation class to use. If randomClass property is not specified, the default value is java.security.SecureRandom. saveOnRestart Sessions are not kept in memory, so this property has no significance for the Persistent Manager.
Configuring NSJSP Persistent Manager Sessions (SessionBasedLoadBalancing = false) To create the NonStop SQL database for storing the persistent session data, perform the task for the database product that will be used to create and access the persistent store table: For the NonStop SQL/MP database: Make a copy of the nsjsp_createSessionStore_mp.sql file and replace all occurrences of =TheT1222SessionCatalog with the Guardian location (of the form $Volume.
Configuring NSJSP Persistent Manager Sessions (SessionBasedLoadBalancing = false) Example 3-66. SQL/MX script to create a Persistent Store create catalog nsjspcat; set catalog nsjspcat; create schema nsjspsch; set schema nsjspsch; --- Create the NonStop(tm) SQL Table in the above catalog for storing the -- NonStop(tm) Servlets for JavaServer Pages(tm) persistent session data.
Persistent Manager Sessions (SessionBasedLoadBalancing = false) Configuring NSJSP Table 3-20 lists the properties for the Store element. Table 3-20. Property List for the Store Element (page 1 of 2) Property Description Default value checkInterval Not applicable to NSJSP. className Java class name of the implementation to use. This class must implement the org.apache.catalina.Store interface. This must be com.tandem.servlet.catalina.sessi on.NonStopSQLJDBCStore. com.tandem.serv let.catalina.
Mixed-Mode Sessions Configuring NSJSP Table 3-20. Property List for the Store Element (page 2 of 2) Property Description Default value sessionValidCol Name of the database column, contained in the specified session table, that contains a flag indicating whether this swapped out session is still valid or not. valid sessionMaxInact iveCol Name of the database column, contained in the specified session table, that contains the maxInactiveInterval property of this session.
Configuring NSJSP Mixed-Mode Sessions session is persisted, it is removed from process memory. Sessions are persisted till the number of active sessions is less than maxActiveSessions. For more information on maxActiveSessions and minIdleSwap, see Table 3-21. 3. All the remaining in-memory sessions are checked to see if the time since they were last accessed is greater than maxIdleBackup. If so, the session is written to the persistent store, but is not removed from process memory.
Configuring NSJSP Mixed-Mode Sessions Example 3-69 shows the sample configuration of the Manager Element. Example 3-69. The Sample Configuration of the Manager Element PAGE 185Mixed-Mode Sessions Configuring NSJSP Table 3-21. Property List of the Manager Element. Property Description maxActiveSess ions Maximum number sessions that can be kept in-memory. If this property is not specified, it is set to -1. maxIdleBackup The time interval (in seconds) since the last access to a session before it is eligible for being persisted to the session store, or -1 to disable this feature. By default, this feature is disabled.
Configuring NSJSP Determining the Storage Capacity of the Persistent Store It is possible to set the value of this variable at run time using the modify MBeans feature of the NSJSP Manager. The value set at run time will take effect immediately but will not be persisted and will not be available across web application context restarts.
Configuring NSJSP Determining the Storage Capacity of the Persistent Store shows the sample output of a showddl command. Example 3-71. The Sample Output of a showddl Command >>showddl nsjspcat.nsjspsch.sessdata; CREATE TABLE NSJSPCAT.NSJSPSCH.
Configuring NSJSP Determining the Storage Capacity of the Persistent Store Example 3-72. The Sample Output of a fup info ,detail Command 3> fup info $DATA00.ZSDG8WWM.X8BXVN00 ,detail $DATA00.ZSDG8WWM.X8BXVN00 26 Apr 2010, 10:44 SQL ANSI TABLE ANSI NAME NSJSPCAT.NSJSPSCH.SESSDATA RESOURCE FORK \POS02.$DATA00.ZSDG8WWM.X8BXVN01 SYSTEM METADATA \POS02.$OSS03.
Configuring NSJSP Determining the Storage Capacity of the Persistent Store Example 3-73 shows the SQL session data cleanup script. Example 3-73. SQL Session Data Cleanup Script Usage: nsjsp_cleanSessionData nDays where nDays: Number of days for which session data is to be preserved/saved. Sessions that have expired more than 'nDays' ago will be deleted. A value of zero (0) will delete all the expired sessions. Example 3-74 shows an invocation of the nsjsp_cleanSessionData script. Example 3-74.
Configuring NSJSP Configuring the Manager Element Example 3-75.
Configuring NSJSP Configuring the Manager Element Example 3-76. Sample Context Configured with a Persistent Manager PAGE 192Configuring NSJSP Configuring the Manager Element Example 3-77. Default Configuration of the Manager Element WEB-INF/web.xml PAGE 1934 Managing NSJSP This chapter describes the tools which are used to manage NSJSP installations and the web applications deployed in those NSJSP installations.
NSJSP Manager Features Managing NSJSP The NSJSP Manager also enables you to deploy and manage web applications running in the default localhost or in any additional virtual Hosts specified within the server.xml file in an NSJSP 7.0 installation directory. The NSJSP Manager can also be used to modify and update the configuration files at runtime . It can also be used to examine and modify the elements of configuration files and NSJSP servlet container components, such as, Service and Host.
Managing NSJSP NSJSP Manager Security List the MBean tree structure Select and view MBean attributes Compare MBean attributes across processes Modify MBean attributes Managing Admin Operations Modify the configuration files Create new NSJSP servlet container components. Delete existing NSJSP servlet container components. Create users, groups, and assigning roles for the users. Delete existing users, groups, and roles.
Managing NSJSP NSJSP Manager Security Figure 4-1. Various Users for NSJSP Manager and NSJSP Installations Note. The Manager and Admin roles of the NSJSP 7.0 installation are different from the Manager and Admin roles for NSJSP Manager. The Manager and Admin roles for the NSJSP 7.0 installation are retained from previous releases to facilitate any user application using any previous configuration. To log in to the NSJSP Manager, you require a user name and password.
Managing NSJSP NSJSP Manager Security New users can be added by editing the /conf/nsjsp-users.xml file and map the roles. The following is a sample nsjsp-users.xml:
NSJSP Manager Security Managing NSJSP Table 4-1.
Managing NSJSP NSJSP Manager Security Server Class Start, stop, thaw, or freeze a server class. Mbeans Modify an Mbean. Deploy Deploy a web application. Admin Create, modify, and delete configuration elements. Create, modify, and delete users in default user database. Admin User Role This role has Read Write access to only the Admin feature in the NSJSP Manager. The other features are disabled for this role. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Managing NSJSP NSJSP Manager Security Figure 4-3. Detailed Access Privileges for Various Roles Manager User Role This role has Read Write access to all the features except the Admin. Observer User Role This role has Read Only access to all the features. NonStop Servlets for JavaServer Pages (NSJSP) 7.
NSJSP Manager Security Managing NSJSP Figure 4-4. Sample Image Showing Available Resources for Appobserver Role Appobserver User Role This role has Read Only access to the Applications feature. The NSJSP Manager defines the following access privileges called rights which are mapped to the various user roles: Table 4-2. Definition of different access privileges Rights Description App_view View any web application information. App_update Change the state of any web application.
Managing NSJSP NSJSP Manager Security default mapping file which contains the roles and the associated rights. The following is the content of a rights-controller.properties file: super=* admin=admin_view,admin_update manager=app_view,app_update,cluster_view,cluster_update,mbeans_view,mbeans_update ,deploy_view,deploy_update observer=app_view,cluster_view,mbeans_view,admin_view appobserver=app_view The rights-controller.
NSJSP Manager Security Managing NSJSP Manager. The following is a sample web.xml file which displays the URIs for super and appobserver user roles: All NSJSP Manager URLs *.
NSJSP Manager Security Managing NSJSP appobserver Various NSJSP Manager features map to their own unique URI patterns. For instance, all the requests for the Admin feature map to an URI “/admin”. All operations in the Admin feature which changes the configuration, such as the Save Changes button, maps to the URI “/admin/update”.
Managing NSJSP NSJSP Manager Security access.properties file, see Monitoring Server Classes and Hosts on page 8-42. Note. The default admin user has both admin and the manager roles assigned. All users must be assigned a role. Roles must be defined in /conf/nsjsp-users.xml file. The new roles and their definitions only apply to NSJSP Manager application.
NSJSP Manager Security Managing NSJSP 2. Add the corresponding security rule for the role in the web.xml file. The snapshot of a modified web.xml file appears as follows: Server-Mbeans-Read-Only URLs /scope/* /cluster/* /mbeans/* *.html *.jsp *.
Managing NSJSP NSJSP Manager Operations For more information on how to create new roles and users, see How to Use the Tool to Manage the Users of NSJSP Manager on page A-2. For more information on the NSJSP security, see Security Considerations on page 8-1. NSJSP Manager Operations This section describes how to use the NSJSP Manager application to perform management and administration tasks.
Managing NSJSP NSJSP Manager Operations Figure 4-5. NSJSP Manager Application Login Page 2. Enter the user name and password. Note. The default user name is admin. Use the password that you provided while running the setup script. 3. Click Sign In. The NSJSP Manager Scope page appears. By default, the Scope tab is enabled. To enable all the NSJSP Manager functions for a specific server class, you must select and set the server class and the Host. Note.
Managing NSJSP NSJSP Manager Operations Hosts. Selecting a Host enables the NSJSP Manager application to manage all the web applications that are deployed on that Host. Note. If a server class is not started, the list of Hosts cannot be fetched. To start the server class, you need to select a server class from the Scope tab and then start the server class using the Server Class tab. After the server class is successfully started, the list of Hosts is populated.
Managing NSJSP NSJSP Manager Operations The Applications, MBeans, Deployment and Admin tabs are now enabled. Note. When you select the server class, the Server Class tab that manages the server class and the Admin tabs are enabled. All other tabs, such as, Applications, Mbeans and Deployment and disabled. The following scenario explains why the Server Class tab is enabled immediately after selecting the server class.
Managing NSJSP NSJSP Manager Operations For information on how to perform tasks on the server class, see Performing Server Class Operations on page 4-50. MBeans – Enables viewing all the NSJSP and Tomcat MBeans in NSJSP processes, comparing MBean attributes across processes, and modifying selected MBean attribute values in all or selected processes. For information on how to view MBeans attributes, see Viewing MBeans on page 4-56.
Managing NSJSP NSJSP Manager Operations 6 23:07:20 represents the time elapsed since the last reset (6 = # of days, 23 = # hours, 07=mins, 20 seconds). Help – Includes brief information about the displayed page. Note. The Refresh Stats, Reset Stats, and Help are displayed on each screen. Note. You can sort the order of contents displayed in many tables by clicking the column heading for the column that will be sorted. The headings of columns that can be sorted are underlined.
Managing NSJSP NSJSP Manager Operations Details of the applications for each NSJSP process, such as, name of the NSJSP process on which the application is running and rate at which requests are received by the application. Session details, such as its ID, the duration for which the session is idle. URI statistics, such as, the URI of an application and the time taken to process the URI.
NSJSP Manager Operations Managing NSJSP Click the request count value of an application to view the distribution of requests based on the URI. Click the session count value of an application to view all the in-memory sessions for the application across the processes in the selected server class. Click Reset Stats to reset the values of the Request Count column in the table. Table 4-3 lists the attributes displayed in the Applications page. Table 4-3.
Managing NSJSP NSJSP Manager Operations Figure 4-8 shows a sample Application Summary page for the application, /sca6url/examples. Figure 4-8. Application Summary Page You can perform the following operations on the Application Summary page: Stop an application on all the processes in the selected server class using the Stop Application option. For more information on stopping the application, see Stopping a Web Application on page 4-39.
NSJSP Manager Operations Managing NSJSP Click the value corresponding to the Servlet Count: field to view the list of servlet mappings configured for an application. Note. A servlet can have multiple servlet mappings configured for it. Click a value from the In Memory Sessions column of the table to view all the sessions currently in memory for an application. Click Reset Stats to reset the value of the Requests, Request Arrival Rate, Average Service Time, Min. Time, and Max.
NSJSP Manager Operations Managing NSJSP Table 4-5. Attributes in the Application Summary Page Attribute Description Application Information Application Name: The context name of the application. Servlet Count: Number of servlets configured for the application. Doc. base: The root directory that contains all the application resources. It is relative to the application base (appBase) of the Host in which this application is deployed. Session Timeout: Maximum idle time allowed for a session.
NSJSP Manager Operations Managing NSJSP Table 4-6. Submenu Items Under the Applications Tab (page 2 of 2) Submenu Item Description URI Statistics Uniform Resource Identifier (URI) access statistics for the application, such as, the list of application URIs accessed by users and the number of user requests received by the application. For more information, see Viewing the URI Statistics for an Application on page 4-30.
Managing NSJSP NSJSP Manager Operations The details of the application for each NSJSP process are displayed on the Process View page. You can perform the following operations on the Process View page: Click the value corresponding to the Servlet Count: field to view the list of servlet mappings configured for an application. Note. A servlet can have multiple servlet mappings configured for it.
NSJSP Manager Operations Managing NSJSP Table 4-7 lists the attributes displayed in the Process View page. Table 4-7. Attributes in the Process View Page Attribute Description Application Information Application Name: The context name of the application. Servlet Count: Number of servlets configured in the application. Doc. base: The root directory that contains all the application resources. It is relative to the application base (appBase) of the Host in which this application is deployed.
Managing NSJSP NSJSP Manager Operations The In-Memory Sessions page for the selected application appears. Figure 4-10 shows a sample In-Memory Sessions page for the application, /sca6url/examples. Figure 4-10. In-Memory Sessions Page You can perform the following operations using the In-Memory Sessions page: Select or clear the check box corresponding to a session by clicking Toggle.
NSJSP Manager Operations Managing NSJSP Age (sec): It is similar to the Idle Time except that this option filters the sessions based on the age. The age of a session indicates how long ago the session was created. You can also use the Apply search option to search the sessions. This option appears only when you search for a session. Use the Clear search option to clear the search screen and return to the session list screen.
NSJSP Manager Operations Managing NSJSP To view the URI statistics for the application, complete the following steps: 1. Complete the steps described in Viewing Application Summary on page 4-22. 2. Click URI Statistics. The URI Statistics page appears. It displays access statistics of the application resources. Note. The reset operation on the URI Statistics page resets the value of all the columns in the table. Figure 4-11 shows a sample URI Statistics page. Figure 4-11.
NSJSP Manager Operations Managing NSJSP Table 4-10. Attributes in the URI Statistics Page (page 2 of 2) Attribute Description Average Service Time (in ms) Average time taken (in milliseconds) to process user requests for a URI. Min. Time (in ms) Minimum time taken (in milliseconds) to process a user request for a URI. Max. Time (in ms) Maximum time taken (in milliseconds) to process a user request for a URI.
NSJSP Manager Operations Managing NSJSP Table 4-11. Attributes in the HTTP Method Statistics Page Attribute Description HTTP Method Name of the HTTP method. Request Count Number of requests processed for the HTTP method. Request Arrival Rate (in last min.) Number of requests processed for the HTTP method in the last minute. Average Service Time (in ms) Average time taken to process user requests for the HTTP method of the application. Min.
Managing NSJSP NSJSP Manager Operations Figure 4-13. Context Descriptor Page You can use the download option to download the context definition file. Viewing Deployment Descriptor Details The Deployment Descriptor page displays the deployment descriptor for the selected application. The deployment descriptor is always in the web.xml file in the WEB-INF directory of the application. Note. There cannot be any application without a deployment descriptor.
Managing NSJSP NSJSP Manager Operations Figure 4-14. Deployment Descriptor Page You can use the download option to download the deployment descriptor file. Viewing Servlet Mappings The deployment descriptor contains elements that define which servlet must process a request URL. The mapping between the URL and the servlet (configured to process the requests matching that URL) is called servlet mapping. To view servlet mapping details for the applications, complete the following steps: 1.
NSJSP Manager Operations Managing NSJSP Figure 4-15. Servlet Mappings Page Table 4-12 lists the attributes displayed in the Servlet Mappings page. Table 4-12. Attributes in the Servlet Mappings Page Attribute Description URL Pattern Pattern of the Uniform Resource Locators (URLs), which will be serviced by the servlet. Servlet Name Logical name associated with the servlet. Servlet Class Fully qualified class name of the servlet. Startup Order The order in which the servlet initializes.
NSJSP Manager Operations Managing NSJSP sent to the application and the responses received from the application to perform tasks, such as, logging and auditing. Note. Filters are defined in the deployment descriptor (web.xml) of an application. You can also define the filters in the common deployment descriptor located in the /conf directory. To view details of the filters for the applications, complete the following steps: 1.
NSJSP Manager Operations Managing NSJSP 1. Complete the steps described in Viewing Application Summary on page 4-22. 2. Click Initialization Parameters. The Initialization Parameters page for the selected application appears. Figure 4-17 shows a sample Initialization Parameters page for an application. Figure 4-17. Initialization Parameters Page Table 4-14 lists the context initialization parameters. Table 4-14.
Managing NSJSP NSJSP Manager Operations Undeploying a Web Application Stopping a Web Application To restrict users from accessing an application, you can stop the application using the Stop Application option in the NSJSP Manager application interface. To stop the web application, complete the following steps: 1. Complete the steps described in Viewing Application Summary on page 4-22. 2. Click the application name that you want to stop. 3. Click Stop Application. The application is stopped.
Managing NSJSP NSJSP Manager Operations 1. Complete the steps described in Viewing Application Summary on page 4-22. 2. Click the application name that you want to start. 3. Click Start Application. The application is started. Figure 4-19 shows the messages that are displayed after an application is started. Figure 4-19. Application Summary Page Showing the Running Status If you click the Applications tab again, the status of the application is displayed as All NSJSPs. You can now access the application.
Managing NSJSP NSJSP Manager Operations 2. Click the application name that you want to reload. 3. Click Reload Application. The application restarts. Figure 4-20 shows the messages that are displayed after an application is reloaded. Figure 4-20. Application Summary Page Showing the Reloaded Status Undeploying a Web Application The Undeploy Application option of the NSJSP Manager application interface removes the context and deletes all the application-related resources from the file system.
Managing NSJSP NSJSP Manager Operations Viewing Server Class Information To view the details of an NSJSP Server Class, select the Server Class tab in the NSJSP Manager application. You can view the following information under the Server Class tab: NSJSP information Server class processes NSJSP connector statistics Configuration parameters Server class statistics Sever class operations To view information about a server class, click the Server Class tab. The NSJSP Information page appears.
NSJSP Manager Operations Managing NSJSP 4 anaging NSJSP The NSJSP Information page displays static information about the environment in which NSJSP is running. Table 4-15 lists attributes displayed in the NSJSP Information page. Table 4-15. Attributes in the NSJSP Information Page Attribute Description NSJSP Information Version: NSJSP version installed on the system. NSJSP Home: Open System Services (OSS) path where the NSJSP installation is created.
NSJSP Manager Operations Managing NSJSP Table 4-16. Submenu Items Under the Server Class (page 2 of 2) Submenu Item Description Configuration Parameters TS/MP parameters that are used to deploy NSJSP processes. For more information, see Viewing Configuration Parameters on page 4-47. Server Class Statistics Aggregate Linkmon Statistics for the NSJSP Server Class. You can use the values displayed in this page for performance analysis and troubleshooting.
NSJSP Manager Operations Managing NSJSP Table 4-17 lists the attributes displayed in the Server Class Processes page. Table 4-17. Attributes in the Server Class Processes Page Attribute Description Pathmon Name Identifies in which PATHMON a particular NSJSP process is running. Process Name Name of the NSJSP process. CPU, PIN CPU and PIN of the process. Request Not Read Number of requests that are yet to be read. These requests are currently in the $RECEIVE queue.
NSJSP Manager Operations Managing NSJSP Figure 4-23. NSJSP Connector Stats Page This page displays the activities of the NSJSP connector component. The connector activities indicate the incoming request workload for individual NSJSP processes. Note. The start time for the request is clocked from the moment a request is read from $Receive. The end time is clocked from the time the response is sent back.
Managing NSJSP NSJSP Manager Operations Viewing Configuration Parameters The server class configuration parameters are used during initialization. The parameters that are displayed using the NSJSP Manager Application are defined in the servlet.config file. However, some of the parameters are displayed with their default values and are not required to be explicitly set. For example, the AUTORESTART parameter is shown with the default value of 3 and is not mentioned in the servlet.config file.
NSJSP Manager Operations Managing NSJSP Table 4-19. Server Class Configuration Parameters Attribute Description Server Class Configuration Parameters Lists the configuration parameters. Environment Variables Name Name of the environment variable set for the NSJSP process. Value Value of the environment variable set for the NSJSP process. Viewing Server Class Statistics The TS/MP subsystem provides the link manager statistics for the server class under consideration.
NSJSP Manager Operations Managing NSJSP The Server Class Statistics page provides the following information: Server class link wait queue (Queue Info) The link manager sends requests to the server class process through links. A request is placed in a link queue if it is not possible to immediately send the request to a server class process due to unavailability of a link.
NSJSP Manager Operations Managing NSJSP Table 4-20. Server Class Statistics (page 2 of 2) Attribute Description Dynamic Links Percentage of outstanding link requests that were serviced by dynamic links. IO Info Send Request Count Total number of requests sent to servers within the server class. Send Maximum Size Size, in bytes, of the largest amount of data transferred in a send. Send Average Size Size, in bytes, of the average amount of data transferred in a send.
Managing NSJSP NSJSP Manager Operations Thaw the NSJSP Server Class Note. If an NSJSP Server Class is configured for online upgrade, the NSJSP Manager application enables you to select a PATHMON on which you want to stop, start, freeze, or thaw the server class. Each server class operation has an equivalent PATHCOM or PDMCOM command, as follows: The stop operation is equivalent to the FREEZE and STOP commands.
NSJSP Manager Operations Managing NSJSP The following message is displayed: The operation will make the server class unavailable for the user. Do you still want to stop the server class? 3. Click OK. The following message is displayed for Steps 3a and 3b: Stop Initiated. The operation may take a few minutes to complete. The server class stops and you can no longer access any application running on the server class.
Managing NSJSP NSJSP Manager Operations 3. Perform one of the following steps depending on the number of PATHMONs configured: a. If the server class is configured on only one PATHMON, click Start. b. If the server class is configured in a TS/MP Pathway domain, complete the following steps: 1. Select the Pathmon Name, which has the server class to be started. 2. Click Start. The following message is displayed for Steps 3a and 3b: Start Initiated. The operation may take a few minutes to complete.
NSJSP Manager Operations Managing NSJSP 3. Perform one of the following steps depending on the number of PATHMONs configured: a. If the server class is configured in one PATHMON, click Freeze. The following message is displayed: The operation will make the server class unavailable for the user. Do you still want to freeze the server class? Click OK. b. If the server class is configured in a TS/MP Pathway domain, complete the following steps: 1.
Managing NSJSP NSJSP Manager Operations Thaw the NSJSP Server Class Using the NSJSP Manager application, you can thaw an NSJSP Server Class that is in the FROZEN or STOPPED state. To thaw the NSJSP Server Class, complete the following steps: 1. Click the Server Class tab. The System Information page appears. 2. Click the Server Class Operations. 3. Perform one of the following steps depending on the number of PATHMONs configured: a. If the server class is configured in one PATHMON, click Thaw.
Managing NSJSP NSJSP Manager Operations Viewing MBeans The NSJSP resources, such as, server, connector, and engine are instrumented by MBeans. For more information on MBeans, see Appendix A, MBeans in the NSJSP Container. You can view the list of MBeans running in each NSJSP process within an NSJSP Server Class. To view MBeans, complete the following tasks: 1. Click the MBeans tab. The NSJSP MBeans page appears. The NSJSP Process list is displayed from which you must select the NSJSP process name. 2.
NSJSP Manager Operations Managing NSJSP You can perform the following operations using the NSJSP MBeans page: List the MBeans tree by selecting an NSJSP process from the list and clicking Load. List the attributes of an MBean by clicking a leaf node from the MBean tree. Compare the attributes of the MBean across NSJSP processes by clicking the Compare across Processes link. After clicking the link, the Compare - NSJSP MBeans page appears.
Managing NSJSP NSJSP Manager Operations Managing MBeans The MBeans tree displays the NSJSP MBeans and MBeans registered by the applications. You can compare MBean attribute values across NSJSP processes and you can modify some MBean attribute values. You can modify some of the attributes of the NSJSP, Catalina, and Users MBeans. You can also modify MBeans that are registered by the applications using the same procedure.
Managing NSJSP NSJSP Manager Operations Figure 4-31. List of MBeans 4. Click the MBean name that you want to compare. After selecting an MBean, a list of all the attributes for that MBean across all the NSJSP processes is displayed, as shown in Figure 4-32. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Managing NSJSP NSJSP Manager Operations Figure 4-32. Compare - NSJSP MBeans Page If you only want to compare a few attributes across all the NSJSP processes, select the attribute names from the MBean Attribute Names: field and click Compare. Figure 4-33 shows the comparison result for the modelerType attribute across all the NSJSP processes. Figure 4-33. Comparison Result for the modelerType Attribute Note.
NSJSP Manager Operations Managing NSJSP Compare all the attribute values of a selected MBean across processes by specifying the object name of an MBean in the MBean Object Name: field and clicking Compare All Attributes. List the MBeans. MBean object names can be entered with wild card characters to search for all MBeans that match a domain and set of key-properties. The keyproperties are the property-value pairs, which are represented as name=value in an object name.
Managing NSJSP NSJSP Manager Operations the running state. After modification, the NSJSP process behaves as per the modified value of the MBean attribute. To modify a value of the MBean attribute, complete the following steps: 1. Click the MBeans tab. The NSJSP MBeans page appears. 2. Click Modify MBean. The Modify MBean page appears. 3. In the MBean Object Name: field, type the object name of the MBean whose attribute values you want to modify. 4. Click Load Attribute list.
NSJSP Manager Operations Managing NSJSP Figure 4-34. Modify MBean Page Table 4-23 lists the parameters displayed in the Modify MBean page. Table 4-23. Parameters in the Modify MBean Page Parameter Description MBean Object Name: Name of the MBean with the attribute that you want to modify. NSJSP Process Name: A list of NSJSP processes to which you may apply the new attribute value. You can select one or more NSJSP processes to have the selected attribute modified.
NSJSP Manager Operations Managing NSJSP Deployment from a desktop Note. NSJSP does not support context names, such as, /my/context, that include multiple ‘/’ characters. Deploying Web Applications from the Server If an application resource already exists on the server in which NSJSP is running, use the server deployment option. To deploy an application from the server, complete the following steps: 1. Click the Deployment tab. The Application Deployment page appears. 2.
NSJSP Manager Operations Managing NSJSP Figure 4-35. Web Application Deployment from Server Table 4-24 lists the attributes displayed under Web Application Deployment from Server on the Application Deployment page. Table 4-24. Attributes on the Web Application Deployment from Server Page (page 1 of 2) Attribute Description Context name The context name to use for the application. Context Configuration File Location Absolute path of the application context file.
NSJSP Manager Operations Managing NSJSP Table 4-24. Attributes on the Web Application Deployment from Server Page (page 2 of 2) Attribute Description Automatically Add Filemap Check box to enable the creation of a Filemap file entry for the application. The entries in the filemaps.config file are used by the Servlet Server Class during startup to determine the path to the application. Applications require a Filemap file entry.
NSJSP Manager Operations Managing NSJSP Figure 4-36 shows the Web Application Deployment from Desktop window. Figure 4-36. Web Application Deployment from Desktop Table 4-25 lists the attributes displayed under Web Application Deployment from Desktop on the Application Deployment page. Table 4-25. Attributes on the Web Application Deployment from Desktop Page Attribute Description Select a .war file to upload The Browse... button by this field must be used to select the .
Managing NSJSP NSJSP Manager Operations configuration in application specific context files. The Admin UI provides a tree view of the Servlet container and context components, also enables the modification of the relevant properties for them. This section describes the following topics: Admin Features Performing Admin Operations Admin Features The Admin tab enables you to examine and modify the elements of configuration files and NSJSP servlet container components, such as, Service and Host.
Managing NSJSP NSJSP Manager Operations The NSJSP Server element contains child components. Click + to expand the tree view and click - to collapse the tree view. The right pane displays the details of the selected component on the left pane. It typically displays the attributes and default values of the selected components on the left pane. For some specific components like Engine, the right pane provides options to perform actions like creating a host, creating a valve, and so on.
Managing NSJSP NSJSP Manager Operations Administration of User Databases Note. Please refer the Configuration Files for the Servlet Container section in Chapter 3 Configuring NSJSP on page 3-1 for the explicit description of the properties of the elements described in each of the following sections. If a property for an element has its default value defined, then it is not defined in the server.xml file.
NSJSP Manager Operations Managing NSJSP Table 4-26 lists the properties for Server. Table 4-26. Property list for NSJSP Server Property Description Modifiable Default Value port Specifies the port number on which the server receives the shutdown command. No -1 No SHUTDOW N NSJSP does not receive the shutdown commands on a TCP port. Shutdown depends on the number of openers for each NSJSP process.
Managing NSJSP NSJSP Manager Operations Figure 4-39. NSJSP Service To administer a Service, click Service in the left pane. The default Service, Service (NSJSP) is displayed. The name of the Service is displayed in parantheses. The following are the child components nested in the Service element: Engine Connector Administration of Engine The Engine element represents the entire request processing machinery associated with a particular service element.
NSJSP Manager Operations Managing NSJSP Figure 4-40. Engine Properties Table 4-27 list the properties for Engine. Table 4-27. Property list for Engine Element Property Description Modifiable Default Value Engine Name The logical name of this Engine, used in log and error messages. No NSJSP JVM Route Indicates the identifier which must be used in load balancing scenarios to enable session affinity. Yes NonStop Servlets for JavaServer Pages (NSJSP) 7.
NSJSP Manager Operations Managing NSJSP Table 4-27. Property list for Engine Element Property Description Modifiable Default Value Default Host Represents the default host name, which identifies the Host that will process requests directed to host names on this server, but which are not defined in the server.xml configuration file. Yes localhost No org.apach e.catalin a.core.
NSJSP Manager Operations Managing NSJSP Administration of Connectors A Connector represents a communication end point on which requests are received from a client. NSJSP uses a NonStop specific connector which works with the iTP Secure WebServer to process requests. To administer a Connector, click the Connector under the appropriate Service name displayed on the left pane. Figure 4-41 shows a screen of the Connector Properties window. Figure 4-41.
NSJSP Manager Operations Managing NSJSP Table 4-28. Property list for Connector Element Property Description Modifiable Default Value Secure Sets attribute to True if you want to have calls to request.isSecure() to return true for requests received by this Connector. You will want this on an SSL Connector or a non SSL connector which receives data from a SSL accelerator, like a crypto card, an SSL appliance or even a webserver.
NSJSP Manager Operations Managing NSJSP Table 4-28. Property list for Connector Element Property Description Modifiable Default Value Enable Lookups Disables DNS lookups if this value is set to true but rather fetches the remote host information provided by the HTTPD component. Yes False Protocol Specifies the version of the protocol to be used. No HTTP/1.
NSJSP Manager Operations Managing NSJSP Table 4-28. Property list for Connector Element Property Description Modifiable Default Value Thread Priority The priority of the request processing threads within the JVM. If not set, the thread priority will be NORMAL. For more information about this priority, see the JavaDoc for the java.lang.Thread class. Yes 5 Compressi on Indicates that the Connector may use HTTP/1.1 GZIP compression in an attempt to save server bandwidth.
NSJSP Manager Operations Managing NSJSP Table 4-29 lists the properties for Host. Table 4-29. Property list for Host Element Property Description Modifiable Default Value Host Name The network name for this virtual host. Regardless of the case used to specify the hostname, NSJSP converts it to lower case internally. No localhost One of the Hosts nested within an Engine must have a name that matches the defaultHost setting for that Engine.
Managing NSJSP NSJSP Manager Operations To administer a Host, select Host in the appropriate Engine displayed in the left pane. The following are the child components nested in the Host element: Context Realm Valves Listeners For more information on the Host element, see Host on page 3-60.
NSJSP Manager Operations Managing NSJSP Figure 4-43. Context Properties Table 4-30 lists the properties for Context. Table 4-30. Property list for Context Element Default Value Property Description Modifiable Name Indicates the name of the selected context. No Backgroun d Processor Delay Represents the delay in seconds between the invocation of the backgroundProcess method on this context and its child containers, including all wrappers. Setting this to a positive value causes a thread to spawn.
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Cookies Enables or disables cookies for session identifier communication. Yes True Yes False No ROOT Set to true if you want cookies to be used for session identifier communication if supported by the client (this is the default).
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Override Overrides the setting of either the global or Host default contexts. Yes False Yes False Set to true to have explicit settings in this Context element override any corresponding settings in either the global or Host default contexts. By default, settings from a default context are used.
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Reloadabl e Set to true if you want Catalina to monitor classes in /WEB-INF/classes/ and /WEBINF/lib for changes, and automatically reload the web application if a change is detected.
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Allow Linking If the value of this flag is true, symlinks will be allowed inside the web application, pointing to resources outside the web application base path. Yes False It is suggested that the value of this property be set to false. Setting this to false instructs the NSJSP servlet container to check if the resource belongs to the application base.
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Cache TTL Amount of time in milliseconds between revalidation of cache entries. Yes 5 seconds Yes True Yes False Note. It is suggested that web application static resources be serviced by the iTP Secure WebServer. Caching Allowed If the value of this flag is true, the cache for static resources will be used. Note.
NSJSP Manager Operations Managing NSJSP Table 4-30. Property list for Context Element Property Description Modifiable Default Value Unpack WAR If true, NSJSP unpacks all compressed web applications before running them. No True Use Naming Set to true (the default) to have Catalina enable a JNDI InitialContext for this web application that is compatible with Java2 Enterprise Edition (J2EE) platform conventions. Yes True Work Dir Represents the pathname to a scratch directory.
Managing NSJSP NSJSP Manager Operations Figure 4-44. Loader and Manager Elements The Loader element represents the web application class loader that will be used to load Java classes and resources for a web application. NSJSP provides its own loader class com.tandem.servlet.catalina.loader.NSJSPWebappLoader. The Manager element configures the session manager. By default, the NSJSPStandardManager is configured. The NSJSPStandardManager is an inmemory session manager.
Managing NSJSP NSJSP Manager Operations Remote Address Valve Remote Host Valve Single Sign On Valve You can create or delete valves by clicking one of the following components on the left pane, and then select Create New Valve or Delete a Valve from the label on the right pane: Engine – A valve created at the Engine level will be applicable to all the hosts in the Engine. Host – A valve created at the Host level will be applicable to all the applications under that Host.
NSJSP Manager Operations Managing NSJSP Catalina container (Context, Host, or Engine), and will record ALL requests processed by that container. Table 4-31 lists the properties for Access Log Valve. Table 4-31. Property list for Access Log Valve Property Description Modifiable Default Value Directory Indicates the absolute or relative pathname of a directory in which log files created by this valve will be placed. If a relative path is specified, it is interpreted as relative to $CATALINA_HOME.
NSJSP Manager Operations Managing NSJSP Figure 4-46. Properties of Remote Address Valve Table 4-32 lists the properties for Remote Address Valve. Table 4-32. Property list for Remote Address Valve Property Description Modifiable Allow Addresses Indicates a comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this property is specified, the remote address MUST match for this request to be accepted.
Managing NSJSP NSJSP Manager Operations A Remote Address Valve can be associated with any Catalina container (Engine, Host, or Context), and must accept any request presented to this container for processing before it will be passed on. Remote Host Valve The Remote Host Valve allows you to compare the hostname of the client that submitted this request against one or more regular expressions, and either allow the request to continue or refuse to process the request from this client.
NSJSP Manager Operations Managing NSJSP Table 4-33. Property list for Remote Host Valve Property Description Modifiable Allow Hosts Indicates a comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this property is specified, the remote hostname MUST match for this request to be accepted. If this property is not specified, all requests will be accepted UNLESS the remote hostname matches a deny pattern.
NSJSP Manager Operations Managing NSJSP Figure 4-48. Single Sign On Valve Table 4-34 lists the properties for Single Sign On Valve. Table 4-34. Property list for Single Sign On Valve Property Description Modifiable Default Value Reauthent ication Flag to determine whether each request needs to be reauthenticated to the security Realm. If true, this Valve uses cached security credentials (user name and password) to reauthenticate to the Realm each request associated with an SSO session.
Managing NSJSP NSJSP Manager Operations NSJSP supports the following types of Realms: UserDatabaseRealm JNDIRealm MemoryRealm JDBCRealm DataSourceRealm User Database Realm The UserDatabase Realm is a realm implementation that is based on an implementation of the UserDatabase interface that is made available through the global JNDI resources configured for this Tomcat instance. Figure 4-49 shows a screen of User Database Realm. Figure 4-49.
NSJSP Manager Operations Managing NSJSP Table 4-35. Property list for User Database Realm Property Description Modifiable Resource Name Indicates the global JNDI name of the UserDatabase resource used by this Realm. Yes Default Value JNDI Realm The JNDI Directory Realm connects Catalina to an LDAP Directory, accessed through an appropriate JNDI driver, that stores user names, passwords, and their associated roles.
NSJSP Manager Operations Managing NSJSP Table 4-36. Property list for JNDI Realm Property Description Modifiable Connectio n Name Indicates the directory user name to use when establishing a connection to the directory for LDAP search operations. If not specified an anonymous connection is made, which is often sufficient unless you specify the userPassword property.
NSJSP Manager Operations Managing NSJSP Table 4-36. Property list for JNDI Realm Property Description Modifiable Role Name Indicates the name of the property that contains role names in the directory entries found by a role search. In addition you can use the userRoleName property to specify the name of an property, in the user's entry, containing additional role names. If roleName is not specified, a role search does not take place, and roles are taken only from the user's entry.
NSJSP Manager Operations Managing NSJSP Table 4-36. Property list for JNDI Realm Property Description Modifiable User Password Indicates the name of the property in the user's entry containing the user's password. If you specify this value, JNDIRealm will bind to the directory using the values specified by connectionName and connectionPassword properties, and retrieve the corresponding property for comparison to the value specified by the user being authenticated.
NSJSP Manager Operations Managing NSJSP Figure 4-51. Memory Realm Table 4-37 lists the properties for Memory Realm. Table 4-37. Property list for Memory Realm Property Description Modifiable Path Name Indicates the absolute or relative (to $CATALINA_HOME) pathname to the XML file containing the user information. Yes Default Value conf/NSJS Pusers.
NSJSP Manager Operations Managing NSJSP Figure 4-52. JDBC Realm Table 4-38 lists the properties for JDBC Realm. Table 4-38. Property list for JDBC Realm Property Description Modifiable Database Driver Name Indicates the fully qualified Java class name of the JDBC driver to be used to connect to the authentication database. Consult the documentation for your JDBC driver for the appropriate value.
NSJSP Manager Operations Managing NSJSP Table 4-38. Property list for JDBC Realm Property Description Modifiable User Name Column Indicates the name of the column, in the users and user roles table, that contains the user's user name. Yes User Password Column Indicates the name of the column, in the users table, which contains the user's credentials (that is password).
NSJSP Manager Operations Managing NSJSP Figure 4-53. Data Source Realm Table 4-39 lists the properties for Data Source Realm. Table 4-39. Property list for Data Source Realm Property Description Modifiable DataSourc e Name Represents the name of the JNDI JDBC DataSource for this Realm. Yes Local DataSourc e When the realm is nested inside a Context element, this allows the realm to use a DataSource defined for the Context rather than a global DataSource.
NSJSP Manager Operations Managing NSJSP Table 4-39. Property list for Data Source Realm Property Description Modifiable Digest Algorithm Indicates the name of the MessageDigest algorithm used to encode user passwords stored in the database. If not specified, user passwords are assumed to be stored in cleartext. Yes Role Name Table Represents the name of the user roles table, which must contain columns named by the userNameCol and roleNameCol properties.
Managing NSJSP NSJSP Manager Operations Administration of Global Naming Resources The Global Naming Resources element defines the global JNDI resources for the Server. The resources defined here are listed in the server's global JNDI resource context. The server's global JNDI resource context is different from the JNDI resources defined in each web application. The global JNDI resources are not, by default, available to individual web applications.
NSJSP Manager Operations Managing NSJSP Delete Data Sources. Figure 4-56 shows a screen of the Data Source properties in the right pane after selecting Create a new Data Source from the Data Sources window. Figure 4-56. Create a New Data Source Table 4-40 lists the properties for Data Sources. Table 4-40. Property list for Data Sources Property Description Modifiable JNDI Name Indicates the default name of the Data Source. Yes URL Indicates the connection URL to be passed to the JDBC driver.
NSJSP Manager Operations Managing NSJSP Table 4-40. Property list for Data Sources Property Description Modifiable Default Value Max Idle Connectio ns Indicates the maximum number of connections that can sit idle in this pool at the same time. Yes 5000 Max Wait for Connectio ns Indicates the maximum number of milliseconds that the pool will wait (when there are no available connections) for a connection to be returned before throwing an exception.
Managing NSJSP NSJSP Manager Operations Create a new Environment Entry. Modify Environment Entry properties. Delete Environment Entries. Figure 4-58 shows a screen of the properties of Environment Entries after selecting Create a new Env Entry from the Environment Entries window. Figure 4-58. Create a new Env Entry NonStop Servlets for JavaServer Pages (NSJSP) 7.
NSJSP Manager Operations Managing NSJSP Table 4-41 lists the properties for Environment Entry. Table 4-41. Property list for Environment Entry Property Description Modifiable Name Indicates the name of the environment entry to be created, relative to the java:comp/env context. Yes Type Indicates the fully qualified Java class name expected by the web application for this environment entry. Must be one of the legal values for in the web application deployment descriptor: java.lang.
Managing NSJSP NSJSP Manager Operations Figure 4-59. Mail Sessions You can perform the following operations using the Mail Sessions window: Create a new Mail Session. Modify Mail Sessions. Delete Mail Sessions. Figure 4-60 shows a screen of the properties of Mail Session after you select Create a New Mail Session from the Mail Sessions window. NonStop Servlets for JavaServer Pages (NSJSP) 7.
NSJSP Manager Operations Managing NSJSP Figure 4-60. Add a New Mail Session Table 4-42 lists the properties for Mail Session.User Databases Table 4-42. Property list for Mail Session Property Description Modifiable Name Indicates the name of the mail session. Yes SMTP Host Indicates the name of the SMTP host. Yes Default Value Note. If you have configured a javax.mail.Session from the Admin tab or server.
Managing NSJSP NSJSP Manager Operations Figure 4-61. User Databases You can perform the following actions on the User Databases window: Create a new User Database. Modify an existing User Database. Delete User Database. Figure 4-62 shows a screen of the properties of a new User Database after you select Create a New User Database from the User Databases window. NonStop Servlets for JavaServer Pages (NSJSP) 7.
NSJSP Manager Operations Managing NSJSP Figure 4-62. Create a New User Database Table 4-43 lists the properties for User Database. Table 4-43. Property list for User Database Property Description Modifiable Database Name Indicates the name of the database. Yes Pathname Indicates the path of the nsjp-users.xml file. Yes Factory Indicates the factory name for the user database. No Description Indicates the description about the user database. Yes Default Value org.apach e.catalin a.users.
Managing NSJSP NSJSP Manager Operations Groups Roles Users Users are entities which can be used to log in to user applications. A user can be assigned multiple roles. Figure 4-63 shows a screen of the User list Window. Figure 4-63. User List You can perform the following operations in the User list Window: Create a new User. Modify User details. Delete Users. When the Users element is selected in the left pane, the Users List is displayed in the right pane.
NSJSP Manager Operations Managing NSJSP Figure 4-64. Create a new User Table 4-44 lists the properties for User. Table 4-44. Property list for User Property Description Modifiable User Name Indicates the name of the user. Yes Password Displays the encrypted password. Yes Algorithm Indicates the algorithm used to encrypt the password. Yes Full Name Indicates the full name of the user. Yes Groups Indicates the groups to which the user is mapped.
Managing NSJSP NSJSP Manager Operations However, you can perform the following modifications simultaneously in the User Details window: Modify Password Modify Roles To modify the password for an existing user from the User Details window, perform the following steps: 1. Select a user from the User List. 2. Enter the new password in the Password field. 3. Select an algorithm from the Algorithm list to encrypt your password. 4. Click Apply Changes. 5. Click Save Changes. Note.
Managing NSJSP NSJSP Manager Operations Figure 4-65. Groups You can perform the following operations in the Groups Window: Create a new Group. Modify the Group details. Delete Groups. When the Groups element is selected in the left pane, the Groups window is displayed in the right pane. To display or modify the properties of a group, click the Group Name in the Groups table. The selected group's properties are displayed.
NSJSP Manager Operations Managing NSJSP Figure 4-66. Create a New Group Table 4-45 lists the properties for Group. Table 4-45. Property list for Group Property Description Modifiable Group Name Indicates the name of the group. Yes Description Describes the group. Yes Roles Indicates the roles mapped to the group. Yes Default Value Roles Roles are used to control access for applications and resources. They may be directly assigned to users or can be assigned to groups.
Managing NSJSP NSJSP Manager Operations Figure 4-67. Roles You can perform the following operations in the Roles Window: Create a new Role. Modify the Role details. Delete Roles. When the Roles element is selected on the left pane, the Role window is displayed on the right pane. To display or modify the properties of a role, click the Role Name in the Roles table. Figure 4-68 shows a screen of the properties of a new Role after you select Create a new Role from the Roles window.
Persisting Changes to the server.xml File and Context Files Managing NSJSP Figure 4-68. Create a New Role Table 4-46 lists the properties for Role. Table 4-46. Property list for Role Property Description Modifiable Role Name Indicates the name of the role. No Description Describes the role. Yes Default Value Persisting Changes to the server.xml File and Context Files When the Save Changes operation is invoked, the NSJSP Manager Server Class saves the existing server.
Managing NSJSP Persisting Changes to the server.xml File and Context Files For example, server.xml.2004-06-21.14-43-39 is created to preserve the configuration file before the Save Change operation is performed at 2:43:39 PM on June 21st, 2004. The preserved server.xml file is located in the /conf/directory. The preserved context configuration file (with the naming convention .xml.yyyy-mm-dd.hh-mm-ss) is located in the /conf/[enginename]/[hostname]/[webappname].
Managing NSJSP Operations Using the Command-line Interface 5. Start the server class that is in the STOPPED state. Note. After each save operation, the web applications that define an explicit context will be restarted because the context file is updated. This happens irrespective of whether the application’s context was modified or not.
Managing NSJSP Server Class Operations If the iTP Secure WebServer is configured for online-upgrade (that is, two PATHMONs are defined in a Pathway domain), two TS/MP configurations will be defined by the iTP Secure WebServer—one for each PATHMON. Each NSJSP Server Class will be defined for two PATHMONs. Because there is only one servlet.config file in the /conf directory, the iTP Secure WebServer will divide the value of the configuration parameters into two halves.
Server Class Operations Managing NSJSP If the correct PATHMON is not opened or another PATHMON needs to be opened, issue the PATHCOM command as follows: = OPEN $ After executing the OPEN command, enter the following commands: = FREEZE SERVER = STOP SERVER = STATUS SERVER = EXIT In the following example, the PATHMON name is $zweb and the NSJSP Server Class name is SCP1.
Server Class Operations Managing NSJSP The following output is displayed: PATHMON : \POS02.$ZWEB SERVER SCP1 #RUNNING ERROR INFO ERROR INFO 2 PATHMON : \POS02.$YWEB SERVER SCP1 #RUNNING 2 To stop the SCP1 Server Class running under the $zweb PATHMON, enter the following commands: PDMI 3>> OPEN $zweb = FREEZE SERVER SCP1 = STOP SERVER SCP1 After you enter the STOP SERVER command, the SCP1 Server Class’s processes running under the $zweb PATHMON are stopped.
Server Class Operations Managing NSJSP Forced Shutdown To stop the NSJSP Server Class immediately, run the iTP Secure WebServer stop script: OSS: cd /conf OSS: ./stop Running the stop script does not allow NSJSP processes to perform shutdown operations before shutting down. One such shutdown operation is to persist all the inmemory sessions to a persistent store, if configured.
Manual Deployment and Undeployment of Web Applications Managing NSJSP After running the START SERVER command, the system displays the following message indicating that the server is started: $YY66S: SERVER server_name, STARTED Note. By default, an NSJSP Server Class includes four processes. You can use either PATHCOM or PDMCOM to execute server class operations such as stop, start, thaw and freeze. Check the ..
Managing NSJSP Deploying Applications on a Running NSJSP Server /conf// directory contains a context element (and its associated subelements) for a single web application. The value of the docBase attribute of the context element will be the absolute path to a web application directory, or the absolute path of a .war file. Note.
Managing NSJSP Comparison of the Management Applications Directory update – Updating a directory causes the application to undeploy, and any associated context file and work directory are removed. Current user sessions will not be persisted. The application will be redeployed when the auto deployer checks for changes. Context file update – Updating a context file causes the application to undeploy, and any associated work directory is removed. Current user sessions will not be persisted.
Comparison of Architectures Managing NSJSP Figure 4-69. Architecture of the Old Manager Application HTTP Requests iTP Secure WebServer HTTPD HTTPD HTTPD $zweb Environment NSJSPADMIN Old Manager Old Manager localhost www.foo.com www.foo.com localhost NSJSP Servlet Container User applications running on the Hosts In Figure 4-69, the NSJSP servlet container includes two Hosts: localhost and www.foo.com. To manage web applications on each Host, the old Manager application is installed on both Hosts.
Comparison of Architectures Managing NSJSP Management of web applications running on multiple Hosts within a server class. Management of multiple NSJSP 7.0 installations within an iTP Secure WebServer environment. Management of NSJSP installations that are configured in a Pathway domain. The use of a Pathway domain implies that the iTP Secure WebServer was installed in an online-upgrade configuration, which has two PATHMONs.
Managing NSJSP Comparison of Architectures For more information on the architecture of the NSJSP Manager application, see the NSJSP Manager Application on page 4-1. Differences in Architectures The differences in the architectures of the three applications are as follows: Using the old Manager application, you can manage web applications running on only one Host. Using the NSJSP Manager application, you can manage multiple NSJSP 7.0 installations.
Comparison of Features Managing NSJSP Comparison of Features Table 4-47 compares the features of the NSJSP Manager, the Old Manager, and the Admin Web applications. Table 4-47. Comparison of Features of NSJSP Manager, Old Manager, and Admin Web Applications (page 1 of 2) NSJSP Manager Application Old Manager Application Admin Web Application Category Feature Application Management Displays the current applications running on the selected server class and Host.
Comparison of Features Managing NSJSP Table 4-47. Comparison of Features of NSJSP Manager, Old Manager, and Admin Web Applications (page 2 of 2) NSJSP Manager Application Old Manager Application Admin Web Application Category Feature Server Class Information Displays NSJSP processes and their status, such as, the processor on which the application is running and the amount of memory used. Yes No No Displays the configuration parameters for the selected server class.
Comparison of Management Application Access Roles Managing NSJSP Comparison of Management Application Access Roles Table 4-48 compares the roles that must be assigned to users to authorize them to access the management applications. Table 4-48. Comparing Roles Management Application Role Required to Access the Management Application Admin Web Application admin – role for users who need to configure NSJSP.
Single Point of Management Using the NSJSP Manager Managing NSJSP Figure 4-71. NSJSP Manager Supporting Multiple Hosts HTTP Requests iTP Secure WebServer HTTPD HTTPD HTTPD $zweb Environment Manager NSJSP Manager www.foo.com www.doo.com localhost NSJSP Servlet Container User applications running on the Hosts In Figure 4-71, using a single instance of the NSJSP Manager, you can manage all the web applications running on the three Hosts: localhost, www.foo.com, and www.doo.
Single Point of Management Using the NSJSP Manager Managing NSJSP Figure 4-72. Multiple NSJSP Installations HTTP Requests iTP Secure WebServer HTTPD HTTPD HTTPD $zweb Environment Manager NSJSP Manager NSJSP 7.0 NSJSP 7.0 NSJSP 6.0/NSJSP 6.1 In Figure 4-72, a single instance of the NSJSP Manager application enables the management of all NSJSP 7.0 installations within an iTP Secure WebServer environment, as indicated by the green arrows.
Single Point of Management Using the NSJSP Manager Managing NSJSP domain configuration. You can configure an NSJSP installation in a Pathway domain for online upgrades of web applications and servlet containers. For more information on Pathway domain configuration, see the TS/MP Release Supplement Manual. For more information on configuring for online-upgrade, see the iTP Secure WebServer System Administrator’s Guide. Figure 4-73 illustrates NSJSP installations configured in a Pathway domain. Figure 4-73.
The Architecture of the NSJSP Manager Managing NSJSP You can install the NSJSP Manager by selecting Create an NSJSP Manager installation when running the NSJSP setup script. Each iTP Secure WebServer environment can include one instance of the NSJSP Manager. The Architecture of the NSJSP Manager Upon successful installation of the NSJSP Manager, the NSJSP Manager runs in its own server class in the iTP Secure WebServer environment. You can use the NSJSP Manager application to manage all the NSJSP 7.
Managing NSJSP The Architecture of the NSJSP Manager manage the two NSJSP 7.0 installations and the web applications running in their respective Hosts, as indicated by the green arrows. However, you can manage only one NSJSP Server Class at a time. You cannot manage the NSJSP 6.1 installation with the NSJSP Manager, as indicated by the red arrows. NonStop Servlets for JavaServer Pages (NSJSP) 7.
5 Logging in NSJSP This chapter addresses the following topics: Logging Architecture Apache Tomcat Enhancements to the Logging Architecture NSJSP Enhancements to the Logging Architecture Logging Configuration Log Files Related to NSJSP Programming Considerations for Logging Commons Logging Logging Architecture The logging architecture of NSJSP is based on the Java Platform, Standard Edition logging architecture.
Handlers Logging in NSJSP Additionally, com.foo.bar1 and com.foo.bar2 are also child loggers of com.foo, and are peer loggers of com.foo.bar. Each log message is associated with a log level, which denotes the severity of the log. Similar to the log messages, a logger is associated with a log level. If no log level is associated with a logger, the logger inherits the log level from its nearest parent that is associated with a log level. Each logger can be configured with a set of handlers.
Logging in NSJSP Log Manager Log Manager The Log Manager tracks the global logging information. The Log Manager manages the following: The hierarchical namespace of logger objects. All named loggers are stored in this namespace. The logging control properties, which are simple key-value pairs that can be used by handlers and other logging objects. The following is the sequence of events that occur when an application attempts to write a log message: 1.
Apache Tomcat Enhancements to the Logging Architecture Logging in NSJSP Figure 5-1.
Logging in NSJSP NSJSP Enhancements to the Logging Architecture To overcome these inabilities, Tomcat replaces the java.util.logging implementation with a container-friendly implementation, called JULI. JULI allows a logging configuration file for each class loader. Because each web application hosted on the servlet container has its own class loader, allowing a configuration file per class loader leads to each web application having its own logging configuration file.
Logging in NSJSP Log Rollover NSJSPLogHandler. This class is an extension of the java.util.logging.Handler class. In addition, the NSJSP Log Handler class offers a logging feature, called Log Rollover. For information on configuring the NSJSP Log Handler, see Configuring Handlers on page 5-10. Log Rollover The log rollover feature enables you to archive log files based on predefined criteria. The log rollover feature is introduced in the T1222^AAL SPR of the NSJSP 6.0 release.
Logging in NSJSP Log Rollover datePattern Log rollover based on the datePattern attribute is called timestamp-based rollover. The datePattern attribute enables you to configure the timestampbased rollover. You can set the log files to roll over at regular recurring intervals, such as, after an hour, after a day, and after a week. Note. The end of an hour is marked by the change in hour of the clock and not at the completion of 60 minutes.
Logging in NSJSP Log Rollover Log Rollover Based on File Size Log Rollover Based on Timestamp The archiveDirectory Attribute Log Rollover Based on File Size The maxFileSize attribute governs the size-based rollover of log files. You can configure a threshold file size for log rollover. This value must be greater than zero. If the file size exceeds the specified threshold, the log file rolls over. The base threshold, which is the lower limit to archive the log files, is 10 MB.
Logging in NSJSP Logging Configuration Using the datePattern attribute in the logging.properties file, if you configure the log file to roll over on a daily basis, nsjsp.log.2008.08.30 rolls over to the specified directory when the date changes to August 31st 2008. Subsequently, a new log file is created, called nsjsp.log.2008.08.31, and the logs are written in this file.
Configuring Handlers Logging in NSJSP Configuring Handlers You can configure each handler using the configuration properties that are specific to the handler. NSJSP supports the following implementation classes: FileHandler NSJSPLogHandler FileHandler Table 5-2 lists the FileHandler configuration properties. Table 5-2. Configuration Properties of FileHandler Configuration Property level Description Default Value Specifies the log level.
Configuring Handlers Logging in NSJSP prefix Following is an example of the FileHandler: #4admin.org.apache.juli.FileHandler.level = INFO #4admin.org.apache.juli.FileHandler.directory = ${catalina.base}/logs #4admin.org.apache.juli.FileHandler.prefix = admin. NSJSPLogHandler Table 5-3 lists the configuration properties that can be specified for the NSJSPLogHandler. Table 5-3.
Configuring Handlers Logging in NSJSP Table 5-3. Configuration Properties of NSJSPLogHandler (page 2 of 2) Configuration Property datePattern Description Default Value Specifies the time interval at which the log file must roll over. '.'yyyy-MM-dd For the complete list of options to enable rollover, see Configuring for Log Rollover Based on Timestamp on page 5-17. archiveDirect ory Specifies the directory location where the rolled over log files reside. You can assign any directory location.
Logging in NSJSP Configuring Loggers In the given example, ${catalina.base}/logs/abc is the destination of the log messages where, abc is the name of the server class. The name of the log file will be abc..log. Multiple Handler Definitions Using the same Handler Class JULI allows multiple handler definitions using the same handler class. You must configure multiple handlers as follows: The handler name must begin with a number and a prefix string. The prefix string must end with ".".
Logging in NSJSP Configuring the NSJSP Formatter Class where, sample.bank - is the logger. level - is the log level property. INFO - is the log level value. - are the associated handlers. The following is an example of a child logger configuration whose parent logger is sample.bank: sample.bank.servlet.level = INFO sample.bank.servlet.useParentHandlers=true sample.bank.servlet.handlers = 1bankapp.com.tandem.servlet.logging.NSJSPLogHandler where, sample.bank.
Configuring for Log Rollover Logging in NSJSP Table 5-4. Literals in the Format Attribute Literal Data Type Description MESSAGE String The text message to be published. LEVEL String The message severity as indicated by the application. PROCESSNAME String The name of the JVM process. PIN Short The PIN of the JVM process. CPU Short The CPU in which the JVM process is running. SOURCE String The class and method from where the message originates.
Configuring for Log Rollover Logging in NSJSP Configuring the archiveDirectory Attribute Configuring for Log Rollover Based on File Size This section includes the syntax and examples that describe how to configure for rollover based on file size. The following is the syntax to configure maxFileSize-based rollover: com.tandem.servlet.logging.NSJSPLogHandler.maxFileSize = file size where, file size is the threshold size of the log file that triggers the rollover.
Configuring for Log Rollover Logging in NSJSP Configuring for Log Rollover Based on Timestamp This section includes the syntax and examples that describe how to configure for rollover based on timestamp. The following is the syntax to configure the datePattern-based rollover: com.tandem.servlet.logging.NSJSPLogHandler.datePattern = '.'datePattern value where, datePattern value is the time interval at which the rollover occurs and '.' improves the readability of the file name.
Configuring for Log Rollover Logging in NSJSP Table 5-7 describes the different time intervals at which rollover occurs. Table 5-7. Time Intervals for Rollover Attribute Description "yyyy" Rollover occurs after every year from the time the log file is created. The change in the value of yyyy triggers the rollover. "yyyy.MM" Rollover occurs after every month from the time the log file is created. The change in the value of MM triggers the rollover. "yyyy.MM.
Configuring for Log Rollover Logging in NSJSP Table 5-8. Behavior of Log Files in datepattern-based Rollover Log File Destination Complete Path of Log File archiveDi rectory New Location After Rollover abc.log (Default location) / abc.log.
Logging in NSJSP Configuring the logging.properties File Configuring the logging.properties File This section describes the contents of the logging.properties file. You can use the logging.properties file to configure log-related settings, such as, which logs must be written, where the logs must be written, and when the logs must rollover. The file contains java.util.logging elements, such as loggers and handlers, and various attributes to which you can assign values to control the logs.
Logging in NSJSP Configuring the logging.properties File The following list describes the settings of 1nsjsp.com.tandem.servlet.logging.NSJSPLogHandler: Destination - ${catalina.base}/logs/nsjsp Log level - INFO Rollover interval - '.'yyyy-MM-dd Archive directory for the logs that rollover - ${catalina.base}/logs/archive The following lines denote the configuration settings of the handler, called 1catalina.org.apache.juli.FileHandler: 1catalina.org.apache.juli.FileHandler.
Logging in NSJSP Configuring the logging.properties File The following lines denote the configuration settings of the handler, called 3manager.org.apache.juli.FileHandler: 3manager.org.apache.juli.FileHandler.level = INFO 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 3manager.org.apache.juli.FileHandler.prefix = manager The following list describes the settings of 3manager.org.apache.juli.FileHandler: Log level - INFO Log directory - ${catalina.
Logging in NSJSP Configuring the logging.properties File The following lines denote the configuration settings of the handler, called 2console.com.tandem.servlet.logging.NSJSPLogHandler: 2console.com.tandem.servlet.logging.NSJSPLogHandler.level = INFO 2console.com.tandem.servlet.logging.NSJSPLogHandler.destination = STDOUT The following list describes the settings of 2console.com.tandem.servlet.logging.
Logging in NSJSP Configuring Logging for the NSJSP Container and Web Applications The logger writes log messages about the context component, /servletsj/admin. The context component, which refers to the Admin Web application, is located within the Host component, localhost. The localhost component, in turn, is located within the engine component, NSJSP. The following lines denote the log level and handler properties of the logger, called org.apache.catalina.core.ContainerBase.[NSJSP].[localhost].
Logging in NSJSP Configuring Logging for the NSJSP Container and Web Applications settings in the generic logging.properties file, located in /conf apply. The settings in the web application-specific logging.properties file override the settings in the generic logging.properties file, which is located in /conf. Configuring Logging for Web Applications This section describes the procedure to configure logging for web applications. To configure the logging.
Logging in NSJSP Configuring Logging for the NSJSP Container and Web Applications The following example illustrates logging configuration for a web application: handlers = 1bankapp.com.tandem.servlet.logging.NSJSPLogHandler #This is the default handler .handlers = 1bankapp.com.tandem.servlet.logging.NSJSPLogHandler ############################################################ # Handler specific properties. # Describes specific configuration info for Handlers.
Logging in NSJSP Log Files Related to NSJSP sample.bank.servlet.level = INFO sample.bank.servlet.handler = 1bankapp.com.tandem.servlet.logging.NSJSPLogHandler sample.bank.util.level = SEVERE sample.bank.util.handler = 1bankapp.com.tandem.servlet.logging.NSJSPLogHandler Log Files Related to NSJSP This section describes the log files related to NSJSP. The default configuration of NSJSP creates two log files in the /logs directory for each NSJSP installation.
Logging in NSJSP Programming Considerations for Logging For information on log file configuration, see Configuring the logging.properties File on page 5-20. The name of the log file is derived from the Servlet Server Class name. For example, if the name of the Servlet Server Class is ABC, the name of the log file is ..log where, - is the name of the Servlet Server Class. - is the date when NSJSP starts.
Log Logging in NSJSP The following is an example of the Log interface implementation for the MyTestClass.class from the logging configuration file, logging.properties: Log logger = LogFactory.getLog(MyTestClass.class) The Log interface of Commons Logging defines methods such as error, fatal, trace, and so on. The underlying logging implementation, java.util.logging, defines its own logging levels. Table 5-9 shows the mapping between Commons Logging methods and java.util.logging levels. Table 5-9.
Commons Logging Logging in NSJSP // Compose the message _logger.debug(message); } _logger.error(error message); } } Commons Logging The applications use different logging implementations, such as, log4j and java.util.logging. The logging implementations do not follow any particular standard. The applications written using one logging implementation must be modified to switch to any other logging implementation.
6 Debugging NSJSP This chapter discusses the various ways of debugging applications deployed in NSJSP. Debugging using Java Debugger tool and Eclipse platform have been described elaborately in this chapter. This chapter discusses the following topics: Debugging using Java Debugger tool Debugging using Eclipse platform Debugging using Java Debugger tool Use the jdb command to start the Java Debugger tool and communicate with the web application to be debugged.
Debugging using Eclipse platform Debugging NSJSP 218431829 is the process ID (PID) of the NSJSP process to be debugged. Note: 1. You can open multiple jdb sessions and connect to any NSJSP processes in separate jdb sessions. 2. There is no limit for the Numstatic value for this option. 3. jdb provides all debug options like setting breakpoints, watch a field value, continue, step in, step out and so on.
Debugging using Eclipse platform Debugging NSJSP Add the following arguments in the Arglist of servlet.config file: -Xdebug -Xnoagent -Djava.compiler=none -Xrunjdwp:server=y,transport=dt_socket,suspend=n Set the Numstatic and Maxservers values to greater than or equal to 1 During NSJSP startup, when the port number is not specified in the servlet.config file, the debug ports are dynamically allocated to individual NSJSP processes. These allocated ports are captured in .
Debugging using Eclipse platform Debugging NSJSP 1. Go to Guardian shell and execute the following commands: scf assume $zztcp listopen mon * This lists all the NSJSP processes and their respective debug port numbers. For example: 2122 is the debug port for nsjsp process $Y1BX: \HEMAN.$Y1BX 0,732 8 2 TCP 2122 4. In Eclipse, set the necessary breakpoints. For more info, see the Eclipse website http://www.eclipse.org/ for more details. 5. Open the web application from the browser.
7 Migrating to NSJSP 7.0 This chapter compares the migration-related characteristics of NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0. This chapter also provides the considerations before migrating user applications from NSJSP 6.0 or NSJSP 6.1 to NSJSP 7.0. You can migrate your applications after you have installed and configured NSJSP 7.0. This chapter addresses the following topics: Comparison of NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.
Comparing Installation Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-1. Comparison of Installation Properties of NSJSP Versions (page 1 of 3) Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 NSJSP installation directory By default, NSJSP is installed in the /servlet_jsp directory. You can install NSJSP in a directory location of your choice. Same as NSJSP 6.1. A default URI name is not available. You can specify the URI name during installation.
Comparing Installation Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-1. Comparison of Installation Properties of NSJSP Versions (page 2 of 3) Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 Ability to contain multiple NSJSP installations in an iTP Secure WebServer environment No Yes Same as NSJSP 6.1. Allows a single installation of NSJSP 6.0. Allows multiple installations of NSJSP 6.1 in an iTP Secure WebServer environment. NSJSP 7.0 can coexist with either NSJSP 6.
Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-1. Comparison of Installation Properties of NSJSP Versions (page 3 of 3) Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 REPAIR an NSJSP Installation NA NA New in NSJSP 7.0. Batch/Silent Installation NA Option to install a management application Same as in NSJSP 5.0 Allows you to repair an NSJSP installation from which files have been accidentaly deleted. NA New in NSJSP 7.0.
Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-4 discusses the differences in the NSJSP 7.0 and NSJSP 6.1 servlet.config files. Table 7-4 discusses the differences in the NSJSP 6.0 and NSJSP 6.1 servlet.config files. The Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 section discusses the conf/context.xml file. Table 7-2 lists the differences in the NSJSP 6.1 and NSJSP 7.0 server.xml files. Table 7-2.
Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-2. Differences in the NSJSP 6.1 and NSJSP 7.0 server.xml Files Element/Attribute Default Value in NSJSP 6.1 Default Value in NSJSP 7.0 name name="NSJSP” Same as NSJSP 6.1. Connector protocol="HTTP/1.1" maxThreads="75" Same as NSJSP 6.1. Listeners within the Connector com.tandem.servlet.JMXCon nectionListener Same as NSJSP 6.1.
Migrating to NSJSP 7.0 Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Table 7-3 lists the differences in the NSJSP 6.0 and NSJSP 6.1 server.xml files. Table 7-3. Differences in the NSJSP 6.0 and NSJSP 6.1 server.xml Files (page 1 of 2) Element/Attribute Default Value in NSJSP 6.0 Default Value in NSJSP 6.1 PAGE 374Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-3. Differences in the NSJSP 6.0 and NSJSP 6.1 server.xml Files (page 2 of 2) Element/Attribute Default Value in NSJSP 6.0 Default Value in NSJSP 6.1 Connector protocol="HTTP/1.1" connectionTimeout="0" acceptCount="25" maxThreads="75" protocol="HTTP/1.1" maxThreads="75" Note: The acceptCount property has no relevance in NSJSP 6.1 as the messages are obtained through the $RECEIVE file.
Comparing Configuration Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Note. Valve className is a new attribute introduced in NSJSP 6.1. Differences in the NSJSP 6.1 and NSJSP 7.0 servlet.config Files The servlet.config files in NSJSP 6.1 and NSJSP 7.0 are similar. Note. For more information on the servlet.config file, see Chapter 3, Configuring NSJSP. Table 7-4 lists the differences in the NSJSP 6.0 and NSJSP 6.1 servlet.config files. Table 7-4. Differences in the NSJSP 6.
Comparing Management Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-4. Differences in the NSJSP 6.0 and NSJSP 6.1 servlet.config Files NSJSP 6.0 NSJSP 6.1 -Xmx64m -Xss128k -Xnoclassgc -Xmx64m -Xss128k -Xnoclassgc -Xms64m Effect For more information on Xms64m, see The InstallationSpecific servlet.config File on page 3-6. java.compiler =none \ Not applicable. For more information on why the attribute is removed, see The InstallationSpecific servlet.
Comparing Management Properties in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-5. Differences and Similarities in Management Properties of NSJSP Versions Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 Server classes related to management in NSJSP NSJSPADMIN NSJSPADMIN and MANAGER NSJSP Manager Management application Admin Web and Manager Web Each installation of NSJSP contains the NSJSPADMIN server class and only one MANAGER server class in an iTP Secure WebServer environment.
Comparing Logging Infrastructure in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-5. Differences and Similarities in Management Properties of NSJSP Versions Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 Support for deploying web applications from a remote desktop using the commandline interface (CLI) Yes Same as NSJSP 6.0. Same as NSJSP 6.0. NSJSP Manager Roles 2 roles in NSJSP 6.0. Same as NSJSP 6.0. 5 roles in NSJSP 7.0.
Comparing Logging Infrastructure in NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0 Migrating to NSJSP 7.0 Table 7-6. Differences and Similarities in NSJSP Versions Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 How is Logging achieved? Uses the JULI logging framework with log rollover feature. Same as in NSJSP 6.0. Same as in NSJSP 6.0. Starting from NSJSP 6.0, the elements are not supported. Default directory location of log files /logs Same as in NSJSP 6.0. Same as in NSJSP 6.0.
Comparing Miscellaneous Properties Migrating to NSJSP 7.0 Comparing Miscellaneous Properties Table 7-7 compares the miscellaneous properties of NSJSP 6.0, NSJSP 6.1, and NSJSP 7.0. Table 7-7. Miscellaneous Properties of NSJSP Versions Factors NSJSP 6.0 NSJSP 6.1 NSJSP 7.0 Supported specifications Java Servlets 2.5 Java Servlets 2.5 Java Servlets 3.0 JavaServer Pages (JSP) 2.1 JavaServer Pages (JSP) 2.1 JavaServer Pages (JSP) 2.2 NonStop Servlets for JavaServer Pages (NSJSP) 7.
Considerations for Migrating Web Applications from NSJSP 6.1 to NSJSP 7.0 Migrating to NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.1 to NSJSP 7.0 Table 7-8 lists the prerequisites of NSJSP 6.1 and NSJSP 7.0. Table 7-8. Prerequisites of NSJSP 6.1 and NSJSP 7.0 Operating System/Product NSJSP 6.1 NSJSP 7.0 NonStop operating system J06.04 or later J-series, or H06.15 or later H-seriesr J06.05 or later J-series, or H06.
Migrating to NSJSP 7.0 Container-Specific Resources HP recommends that all application-specific resources be bundled with the application and not be placed in the shared folder. This is to ensure that the application resources are independent of the container. Container-Specific Resources The /lib folder includes the common and the container-specific libraries. Although NSJSP 7.0 introduces a few more libraries , they are used internally by the container. Compiling the Application NSJSP7.
Migrating to NSJSP 7.0 Application Deployed Using a .war File Application Deployed Using a .war File Deploying a .war file can be achieved without using the NSJSP Manager. Copy the .war file to the folder defined by the appBase of the Host element in which the application must be deployed. In the default configuration, appBase of the only Host element is the webapps folder in the directory. A .war file can also be deployed using the NSJSP Manager. You can also provide the context path.
Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 Migrating to NSJSP 7.0 Table 7-9. Prerequisites of NSJSP 6.0 and NSJSP 6.1 Operating System/Product NSJSP 6.0 NSJSP 6.1 NonStop operating system H06.04 or later J06.04 or later J-series, or H06.15 or later H-series iTP Secure WebServer 6.0 SPR ACA or later iTP Secure Webserver 7.0 (T8996H02 or T8997H02) or later NonStop Server for Java (NSJ) 5.0 or later NSJ 5.1 (SPR ABS or later of T2766H51) or NSJ 6.
Migrating to NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 NSJSP_HOME/conf/nsjsp_createSessionStore_mp.sql to create the persistent session store for SQL/MP. NSJSP_HOME/conf/nsjsp_createSessionStore_mx.sql to create the persistent session store for SQL/MX. 2. Run the NSJSP_HOME/conf/nsjsp_migrateSessionStore script to migrate data from NSJSP 5.0 or NSJSP 6.0 to NSJSP 6.1.
Migrating to NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 In releases prior to NSJSP 6.1, during the NSJSP installation, the following iTP Secure WebServer related configuration files were created in /conf: jdbc.config nsjspadmin.config servlet.config filemaps.config Starting with the NSJSP 6.1 release, each NSJSP 6.1 installation includes its own set of configuration files.
Migrating to NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 Figure 7-1. Sample conf Directory Created After NSJSP 6.0 Installation The servlet.config file includes the configuration information for NSJSP 6.0. Figure 7-2 shows the contents of the sample /conf directory after installing NSJSP 6.1. Figure 7-2. Sample conf Directory Contents After NSJSP 6.1 Installation A new servlet.config file is created that is generic to NSJSP 6.
Migrating to NSJSP 7.0 Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 1. The NSJSP 6.0 servlet.config file is modified and renamed to servlet-6.0.13.config, and it continues to exist in the same location. 2. A new file, called servlet.config, is created in the location of /conf directory. The newly created servlet.config file is generic to NSJSP 6.0 and NSJSP 6.1. 3. The NSJSP 6.1 instance-specific servlet.config file is created in the
Considerations for Migrating Web Applications from NSJSP 6.0 to NSJSP 6.1 Migrating to NSJSP 7.0 Figure 7-3. NSJSP 6.0 and NSJSP 6.1 Installation Locations httpd.config NSJSP 6.0 servlet.config NSJSP 6.0 Installation Default NSJSP 6.0 Installation location TS/MP Generic servlet.config httpd.config Webserver Renamed NSJSP 6.0 servlet.config NSJSP 6.0 NSJSP 6.1 servlet.config Environment A TS/MP NSJSP 6.0 Installation location NSJSP 6.0 Webserver NSJSP 6.
Migrating to NSJSP 7.0 NonStop Servlets for JavaServer Pages (NSJSP) 7.
Migrating to NSJSP 7.0 NonStop Servlets for JavaServer Pages (NSJSP) 7.
Migrating to NSJSP 7.0 NonStop Servlets for JavaServer Pages (NSJSP) 7.
8 Security Considerations This chapter discusses security considerations to secure data transfer from a web browser to the web server. The process includes validating a user, verifying whether a user has access to a particular web resource, and preventing malicious code from disrupting the NSJSP servlet container.
Establishing a Secure Link Security Considerations This chapter also discusses how security can be implemented in Web applications (Admin Web, Manager Web, and NSJSP Manager Web applications) that are used for administration and monitoring purposes. For more information on securing these Web applications, see Manager Web Application and NSJSP Manager Security on page 8-41. Figure 8-1 illustrates the security considerations discussed in this section. Figure 8-1.
Security Considerations Authenticating a User Authenticating a User The process of authentication involves obtaining user credentials and validating them against a database of user credentials. In NSJSP, this database is called a Realm. A web application need not always authenticate a user using a password. The user can also be authenticated using a certificate presented by the user. Because iTP Secure WebServer supports X.509 certificates, a user can also be authenticated in NSJSP using the X.
Security Considerations HTTP Digest Authentication where, Realm_Name is the name of the Realm. For more information on Realms, see Realms on page 8-7. When a user attempts to access a web application that is configured for the HTTP basic authentication, a logon page as shown in Figure 8-2 appears and the user is prompted to enter the username and password. Figure 8-2.
Security Considerations Form-Based Authentication where, Realm_Name is the name of the Realm. For more information on Realms, see Realms on page 8-7. When a user attempts to access a web application that is configured for the HTTP digest authentication, the logon page as shown in Figure 8-3 appears and the user is prompted to enter the username and password. Figure 8-3.
Security Considerations Form-Based Authentication The login form must contain HTML fields for entering a username and a password, and these fields must be named as j_username and j_password, respectively. For the form-based authentication to function properly, you must always set the action attribute in the login form to j_security_check.
Security Considerations HTTPS Client Authentication Figure 8-4. Logon Page for a Form-Based Authentication HTTPS Client Authentication The end user authentication using HTTPS (HTTP over SSL) requires the client to possess a Public Key Certificate (PKC). Both NSJSP and the iTP Secure WebServer support X.509 version 3 certificates. A web application can be configured for HTTPS client authentication by setting the type of authentication in the web.xml file to CLIENT-CERT.
Security Considerations Realms application resources is granted to all users possessing a particular role. There can be any number of roles associated with a username. Note. The Java Servlet specification defines declarative elements, such as securityconstraint, auth-constraint, user-data-constraint as part of the deployment descriptor to define an application's security requirements.
Security Considerations Realms contexts (web applications) configured in the Host. Any Realm definition in the Context overrides the Host definition. The Context element: Realms can be defined as child elements of a context (web application) in the context.xml file. The context.xml file for each application is located in the META-INF folder of the web application base directory, which will be located in the /webapps directory.
Security Considerations Realms Connecting to the Directory The connectionURL configuration attribute in the JNDIRealm defines the Realm’s connection to the directory server and the JNDI provider defines the format for this URL. Usually, an LDAP URL specifies the domain name of the directory server to connect, and optionally the port number and distinguished name (DN) of the required root naming context.
Security Considerations Realms By default, the Realm authenticates a user by binding to the directory with the DN of the entry for a user and the password provided by the user. If this bind succeeds, the user is considered to be authenticated For security reasons, a directory may store a digest of the user's password rather than the plain text version.
Realms Security Considerations roleSearch - Specifies the LDAP search filter for selecting role entries. It optionally includes pattern replacements for either the distinguished name ({0}) or the username ({1}) of the authenticated user, or both of them. roleName - Specifies the attribute in a role entry containing the name of that role. Roles as an attribute of the user entry You can specify role names as the values of an attribute in the user's directory entry.
Realms Security Considerations Table 8-1. Attributes in the JNDIRealm (page 2 of 3) Attribute Description connectionURL Specifies the connection URL that is passed to the JNDI driver while establishing a connection to the directory. contextFactory Specifies the fully qualified Java class name of the factory class that is used to acquire the JNDI InitialContext. By default, JNDIRealm considers that the standard JNDI LDAP provider is utilized.
Realms Security Considerations Table 8-1. Attributes in the JNDIRealm (page 3 of 3) Attribute Description roleSubtree Specifies whether multiple levels under the node specified by roleBase must be searched. You can set this attribute to true to search the entire subtree of the element specified by the roleBase property, for role entries associated with the user. The default value (false) results in searches of the top level subtree.
Realms Security Considerations MemoryRealm The MemoryRealm is a simple demonstration implementation of the Realm interface and is not intended for production use. During startup, the MemoryRealm loads information about all users, and their corresponding roles, from an XML document (by default, this document is loaded from /conf/nsjsp-users.xml). Changes made to the /conf/nsjsp-users.xml file will be effective only after NSJSP is restarted.
Realms Security Considerations JDBCRealm provides substantial configuration flexibility to adapt to existing table and column names, if your database structure conforms to the following requirements: Users table: There must be a table that contains one row for every user that the JDBCRealm must validate. The users table must contain at least the following two columns (it might contain more if applications require them): Username: The username to be validated by NSJSP when the user logs in.
Realms Security Considerations Table 8-3. JDBCRealm Attributes (page 2 of 2) Attribute Description digest Specifies the name of the MessageDigest algorithm used to encrypt user passwords stored in the database. If this attribute is not specified, user passwords are by default stored in plain text. For more information on digest passwords, see Digested Passwords on page 8-28. digestEncoding Specifies the character set for encoding digests.
Security Considerations Realms Example 8-1.
Security Considerations Realms Example 8-2. Sample Realm Configuration PAGE 412Realms Security Considerations Example 8-3 shows the UserDatabase resource definition in the GlobalNamingResources section. It also shows a UserDatabaseRealm definition that uses the UserDatabase resource in the Engine element. Example 8-3. Sample UserDataBase Definition … … PAGE 413Realms Security Considerations more information on JAAS, see http://java.sun.com/javase/7/docs/technotes/guides/security/jaas/JAASRefGuide.html NSJSP provides the required JAAS infrastructure to accept NonStop usernames and to authenticate users in the Safeguard subsystem. This means NonStop usernames and passwords can be used to authenticate users and groups in the Safeguard subsystem that can be used as user roles to authorize access to application resources.
Realms Security Considerations Attributes in the JAASRealm Table 8-5 lists the attributes that can be used in the JAASRealm. Table 8-5. JAASRealm Attributes Attribute Description appName Specifies the name of the application as configured in your login configuration file. userClassNames Specifies a comma-separated list of the names of classes that you have created for your user Principals.
Security Considerations Realms NonStop groups.
Realms Security Considerations The DataSourceRealm queries the database each time it attempts to authenticate a user. Therefore, changes made to the database will be immediately reflected in the information used to authenticate users. After a user has been authenticated, the user (and the user's associated roles) information is cached within NSJSP for the duration of a user login session.
Security Considerations Realms Example 8-4 shows how to define a JNDI datasource to connect to SQL/MX using the JDBC Type 2 driver. The JNDI resource can either be configured in server.xml or in the application-specific context.xml file. For more information on configuring JNDI resources, see http://tomcat.apache.org/tomcat-7.0-doc/jndi-resources-howto.html. Example 8-4. Defining a Global JNDI Datasource PAGE 418Security Considerations Realms The CombinedRealm provides the ability to combine multiple Realms of the same or different types. The CombinedRealm can be used to authenticate against different sources, provide fallback in case one Realm fails or for any other purpose that requires multiple Realms. Sub-Realms are defined by nesting Realm elements inside the Realm element that defines the CombinedRealm. Authentication will be attempted against each Realm in the order they are listed.
Realms Security Considerations even users that do not exist could result in a large number of user records getting cached, especially when the authentication of invalid users is deliberate, such as in a denial of service attack. To prevent unlimited growth of the cache, use the cacheSize attribute to indicate the maximum number of user records that may be cached. Sub-Realms are defined by nesting the Realm elements inside the Realm element that defines the LockOutRealm.
Security Considerations Digested Passwords Digested Passwords For each standard Realm implementation, the user's password (by default) is stored in plain text. In most environments, this situation is not acceptable because casual observers of the authentication data can collect enough information to log on successfully and impersonate other users. To avoid this problem, the standard Realm implementations support the concept of digesting user passwords.
Security Considerations Authorizing a User surrounding Engine element), but not inside a Context element for one of the involved web applications. If users access only unprotected resources in any of the web applications on this virtual host, they will not be challenged to authenticate themselves.
Web Resource Collection Security Considerations The security constraint, which is represented by the security-constraint element in a deployment descriptor, consists of the following elements that are used to secure a resource: web-resource-collection auth-constraint user-data-constraint While the web-resource-collection is a required element, auth-constraint and user-data-constraint elements are optional elements.
Security Considerations Authorization Constraint ... ... ... Authorization Constraint An authorization constraint establishes a requirement for authentication and specifies the authorization roles permitted to perform constrained requests. A user must be a member of at least one of the specified roles to be permitted to perform the constrained requests. The special role name * specifies all the role names defined in the deployment descriptor. Note.
User Data Constraint Security Considerations the strength of the transport layer protection. By default, the transport-guarantee element is not defined in the web.xml file. Table 8-8 lists the types of transport guarantee that can be defined in the web.xml file. Table 8-8. Types of Transport Guarantee Type Description INTEGRAL CONFIDENTIAL NONE Establishes a requirement for content integrity. Establishes a requirement for confidentiality.
Security Considerations Validating the Sender Validating the Sender While NSJSP uses the user’s credentials to authenticate and authorize a user, it also provides valve elements to validate the origin of a client request before the request is serviced. The valve element allows or denies requests originating from certain client’s hosts based on the client’s host name or IP address.
Remote Address Filter Security Considerations Table 8-9. Remote Host Filter Attributes Attribute Description classname Specifies the Java class name for this valve. You must set this attribute to org.apache.catalina.valves.RemoteHostValve. allow Specifies a comma-separated list of regular expression patterns with which the remote hostname is compared. If you specify this attribute, the hostname from an incoming request must match an expression for the request to be accepted.
Security Considerations Java Security Manager Java Security Manager The Java security manager can be used to restrict access to system resources, such as Java Virtual Machine (JVM) properties, methods, and sockets, thus safeguarding application data and services, and ensuring the security and reliability of NSJSP. This section explains some of the features of the Java security manager that are used in NSJSP. Note. The complete details of the Java security manager are beyond the scope of this section.
Security Considerations Configuring the Java Security Manager Example 8-9. Policy File Entry for the NSJSP Container (page 1 of 2) // These permissions apply to the nsjsp-logging code grant codeBase "file:${catalina.home}/bin/nsjsp-logging.jar" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.home}/bin/nsjsp_bootstrap.jar" { permission java.security.AllPermission; }; ...
Security Considerations Starting NSJSP with the Java Security Manager Example 8-9. Policy File Entry for the NSJSP Container (page 2 of 2) // These permissions are granted to the NSJSP balancer web // application. grant codeBase "file:${catalina.home}/webapps/balancer/WEBINF/lib/catalina-balancer.jar" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }; // These permissions are granted by default to all web // applications.
Securing NSJSP Resources Using the permissions Directive Security Considerations Example 8-10. Starting NSJSP with the Java Security Manager # # NSJSP Java2 System policy file and Java2 VM option. # # Note: the "double" equalto signs "==" is not a typo!! This informs the JVM # to use this file exclusively and that all others are to be ignored. # set env(JVM_POLICY_FILE) $env(NSJSP_HOME)/conf/iTP_catalina.policy set NSJSP_SECMGR_POLICY -Djava.security.
Security Considerations Securing NSJSP Resources Using the permissions Directive By default, all web applications are granted read permission to all the file resources under the web application’s base directory. This enables the application to read the static resources. Permissions are granted to access the resources either through JNDI or through classes in the java.io package. The following sample iTP_catalina.
Security Considerations Package Protection in NSJSP permission java.lang.RuntimePermission "accessDeclaredMembers"; You must be careful before granting the accessDeclaredMembers permission to any codeBase. Note. HP recommends that you understand the impact of providing certain security permissions. You can find a list of all security permissions provided by Java at http://docs.oracle.com/javase/7/docs/technotes/guides/security/permissions.html.
Security Considerations Troubleshooting the Java Security Manager Troubleshooting the Java Security Manager The security manager can be configured to write debug logs by using the java.security.debug property. This can be useful in identifying the call and permission that caused a security exception from being thrown. All logs are written to the STDOUT file. By default, the file referenced by the STDOUT server class attribute is located in the /logs directory. For more information on the java.
Security Considerations Using Realms to Implement Security The Admin and Manager Web Applications are security-sensitive applications and proper security constraints must be implemented so that only authorized users are allowed access to these Web Applications. For more information on the Admin and Manager Web Applications, see Chapter 4, Managing NSJSP.
Security Considerations Monitoring Server Classes and Hosts Example 8-13.
Security Considerations Monitoring Server Classes and Hosts NonStop Servlets for JavaServer Pages (NSJSP) 7.
A MBeans in the NSJSP Container This appendix describes NSJSP MBeans, how the MBeans are represented in the NSJSP Manager application, and lists the MBeans that are commonly used in NSJSP.
MBeans in the NSJSP Container Object Names and Attributes of MBeans The following are typical uses of MBeans in NSJSP: You can use MBeans to obtain the state of the component it instruments. The information obtained using MBeans can be of the following types: Information that is constant and does not change with time. For example, the MBean that instruments the Host component has the appBase attribute, which represents the directory where the web applications are placed.
MBeans in the NSJSP Container Object Names and Attributes of MBeans type=Manager, path=/sca6url/examples, and host=localhost represent the property-value pairs. Catalina:type=NamingResources,resourcetype=Context,path=/sca6ur l,host=localhost where, Catalina represents the domain. type=NamingResources, resourcetype=Context, path=/sca6url, and host=localhost represent the property-value pairs. JMImplementation:type=MBeanServerDelegate where, JMImplementation represents the domain.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager MBeans Representation in NSJSP Manager For ease of navigation, MBeans are organized in a tree structure comprising multiple tree nodes. A tree structure begins with a root node and ends with a leaf node. The root node of the tree denotes the process name and the first level child nodes denote the different domains registered with the MBean server. Each domain can contain multiple tree nodes.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager same domain, the properties (j2eeType for Servlet and type for Valve) of the key-properties list are not the same. Figure A-2 shows a tree view of the following MBean under the Servlet node: NSJSP:j2eeType=Servlet,name=HTMLManager,WebModule=//localhost/sc a6url/manager,J2EEApplication=none,J2EEServer=none where, NSJSP is the domain.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager Figure A-2. Tree View of an MBean Under the Servlet Node Figure A-3 shows a tree view of the following MBean under the Valve node: NSJSP:type=Valve,name=RequestTrackerValve,host=localhost where, NSJSP is the domain. type=Valve, name=RequestTrackerValve, and host=localhost are the property-value pairs. NonStop Servlets for JavaServer Pages (NSJSP) 7.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager Figure A-3. Tree View of an MBean Under the Valve Node As an exception, some MBeans might have properties with value none.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager Figure A-4. Node with Value none The leaf node is a hyperlink. Clicking the leaf node displays the values of the MBean attributes. Figure A-5 displays the MBean attributes and their associated values. NonStop Servlets for JavaServer Pages (NSJSP) 7.
MBeans in the NSJSP Container MBeans Representation in NSJSP Manager Figure A-5. Values of the MBean Attributes To view the description of the attributes, click Display Attribute Description link. Figure A-6 shows the description of the MBean attributes. NonStop Servlets for JavaServer Pages (NSJSP) 7.
Commonly Used MBeans in NSJSP MBeans in the NSJSP Container Figure A-6. Description of the MBean Attributes Commonly Used MBeans in NSJSP This section lists the important MBeans and their attributes. You can use the following MBeans to manage the Java resources that are deployed on a JVM: Thread Pool - Represents the connector thread pool. The object name is: NSJSP:name=http-0,type=ThreadPool Table A-1 lists only the important attributes associated with Thread Pool.
Commonly Used MBeans in NSJSP MBeans in the NSJSP Container Note. The NSJSP Manager application does not display the contents in the columns Type and Writable as shown in Table A-1. The values for the writable parameter are true or false. The default value is true. The attributes, which can be changed, do not have the writable parameter included. Host - Represents the configuration parameters of a Host called localhost.
Commonly Used MBeans in NSJSP MBeans in the NSJSP Container The object name is: NSJSP:J2EEApplication=none,J2EEServer=none,j2eeType=WebModule ,name=//localhost/first (application name) Table A-4 lists only the important attributes associated Application Context. For more information about the Application Context attributes, see Table 3-17, Property List for the Context Element, on page 3-71. Table A-4.
B Tool to Manage the Users of NSJSP Manager This appendix describes the command line tool to manage the NSJSP Manager application users. It also describes how the new roles are defined, users are created and digest algorithms are used to encrypt the passwords using this tool. This appendix addresses the following topics: Overview How to Use the Tool to Manage the Users of NSJSP Manager Overview The purpose of this tool is to allow you to manage the users logging in to the NSJSP Manager application.
Tool to Manage the Users of NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager Figure B-1. Mechanism to Create Roles and Users for NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager Perform the following steps to list the users present in the /conf/nsjsp-users.xml file, modify roles, and modify users in the NSJSP Manager application: 1.
Tool to Manage the Users of NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager The following list of operations is displayed: ----------1) List contents of the file 2) Add a new role 3) Add a new user 4) Delete a role 5) Delete a user 6) Exit 2. Select an operation from the list and enter the numerical choice in the following prompt: Please enter your choice: The following section describes the different operations you can perform: 1.
Tool to Manage the Users of NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager If the role you specified already exists, then the following message is displayed, else the role is successfully created and a confirmatory message is displayed: The role observer already exists in the document. 3. Add a new user a. Select this option to add a new user to the /conf/nsjsp-users.xml file and generate an encrypted password for the same.
Tool to Manage the Users of NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager If the role you have specified for the user does not exists, then the following message is displayed: The role role. appobserver does not exist. Please first add the Once you specify valid roles for the user, the user gets added successfully with the new roles. 4. Delete a role a. Select this option to delete an existing role from the /conf/nsjsp-users.xml file. b.
Tool to Manage the Users of NSJSP Manager How to Use the Tool to Manage the Users of NSJSP Manager NonStop Servlets for JavaServer Pages (NSJSP) 7.
C Client Deployer in NSJSP 7.0 The Client Deployer is a package in NSJSP 7.0 that is used to validate, compile, compress to .WAR, and deploy web applications to NSJSP. You can use the Client Deployer package to build applications on operating systems other than NonStop, and deploy applications on NSJSP 7.0 running on NonStop operating system. Prerequisites To understand the concept of Client Deployer, you must have a good understanding of: Apache Ant For information on Apache Ant, refer http://ant.
Client Deployer in NSJSP 7.0 Setting up an environment in Windows OS Setting up an environment in Windows OS This subsection describes the procedure to set up a Client Deployer environment in the Windows OS. As a result, the applications can be built on Windows OS and can be deployed on the NSJSP server running on NonStop server. It is assumed that Apache Ant is installed at the location where the deployer is being installed. To install the deployer environment: 1. Create a deployer directory. 2.
Client Deployer in NSJSP 7.0 Configuring NSJSP-specific attributes for Client Deployer will be deployed under the context path /first and a filemap entry must be made for the application /first. The Client Deployer does not change the filemaps.config file. If appendContext is set to false, the application must have an equivalent entry in the filemaps.config file, for it to be accessible by you. Note. For more information on Client Deployer, refer http://tomcat.apache.org/tomcat-7.0doc/deployer-howto.html.
Client Deployer in NSJSP 7.0 Configuring NSJSP-specific attributes for Client Deployer Example C-1. Sample Ant Script for the Client Deployer PAGE 459Glossary This glossary defines terms used both in this manual and in other HP manuals. Both industry-standard terms and HP-specific terms are included. Admin Server Class. Refers to one of the server classes configured with an installation of NSJSP. Each installation of NSJSP results in 2 server classes. One server class will host and process requests for user application and the other is used by the Admin application.
Glossary Common Gateway Interface (CGI) Common Gateway Interface (CGI). A standard protocol used as the interface between web servers and the programs these servers use to process requests from web clients. Commons Logging. A component of Apache Commons project that provides a layer of abstraction over many popular logging implementations. connection. The path between two protocol modules that provides reliable stream delivery service.
Glossary EJB EJB. ISee Enterprise JavaBeans (EJB) Enterprise JavaBeans (EJB). Enterprise JavaBeans (EJB) is a Java API developed by Sun Microsystems that defines a component architecture for multi-tier client/server systems. EJB systems allow developers to focus on the actual business architecture of the model, rather than worry about endless amounts of programming and coding needed to connect all the working parts. This task is left to EJB server vendors.
Gigabit Ethernet ServerNet Adapter (GESA) Glossary Gigabit Ethernet ServerNet Adapter (GESA). A A single-port ServerNet adapter that provides 1000 megabits/second (Mbps) data transfer rates between HP NonStop™ systems and Ethernet LANs. A GESA can be directly installed in slots 51 through 54 of an I/O enclosure and slots 53 and 54 of a processor enclosure. Two versions of the GESA are available: 3865 GESA-C (T523572): a single-port copper version compliant with the 1000 Base-T standard (802.
Glossary interoperability network. When written in uppercase, INTERNET refers specifically to the DARPA Internet and the TCP/IP protocols it uses. interoperability. The ability of software and hardware on multiple machines from multiple vendors to communicate meaningfully. IP. See Internet Protocol (IP). IPSetup. It is the Windows application that enables you to transfer IP software from the CD-ROM or other IP delivery medium (DVD) to a NonStop system. iTP Secure WebServer.
Glossary Java Management Extensions (JMX) Java Management Extensions (JMX). Java technology that offers tools to manage and monitor different types of resources such as an application. JNDI. See Java Naming and Directory Interface (JNDI). Joint Photographic Expert Group (JPEG). An image format used to transmit graphics on the World Wide Web (WWW). JPEG. See Joint Photographic Expert Group (JPEG). JSP. See JavaServer Page (JSP) JULI. The logging mechanism in NSJSP, which is inherited from Tomcat.
Glossary MBean attributes MBean attributes. A pattern in which an MBean provides the state and details of the managed resource. MBean object name. It is a unique identifier of an MBean. MBean server. A repository that stores all the MBeans in a JVM. Migration. Transitioning the web applications from one NSJSP version to another NSJSP version. Netscape. See browser. NonStop Kernel. The HP operating system, which consists of core and system services.
Glossary OSS OSS. See Open System Services (OSS). packet. The unit of data sent across a packet-switching network. While some Internet literature uses it to refer specifically to data sent across a physical network, other literature views the Internet as a packet-switching network and describes IP datagrams as packets. PATHMON process. The central controlling process for a NonStop TS/MP application. Pathway.
Glossary scalability scalability. The ability to increase the size and processing power of an online transaction processing system by adding processors and devices to a system, systems to a network, and so on. Secure Sockets Layer (SSL). A protocol for private communication on the World Wide Web and authentication of a web server by a web client. servlet mapping. It is the mapping between the URL and the servlet (configured to process the requests matching that URL). server.
Glossary Simple Mail Transfer Protocol (SMTP) Simple Mail Transfer Protocol (SMTP). The Internet standard protocol for transferring e-mail messages from one machine to another. SMTP specifies how two mail systems interact, and specifies the format of control messages the two mail systems exchange to transfer mail. Single Point Management. Ability to manage multiple NSJSP server classes and user applications using a single management application. SSL. See Secure Sockets Layer (SSL). STDERR.
TLD Glossary TLD. See Top-Level Domain (TLD) Top-Level Domain (TLD). Refers to the suffix attached to Internet domain names. There are a limited number of predefined suffixes, and each one represent a top-level domain. Current top-level domains include: com – Commercial businesses; this is the most common TLD gov – U.S. government agencies edu – Educational institutions, such as universities org – Organizations (mostly nonprofit) mil – Military net – Network organizations Unicode.
Glossary WWW hardware-independent documents that not only contained ASCII text but that also contained pictures, graphics, and voice and video elements. In addition to accessing documents, the WWW protocols can also be used to provide document searching facilities and also interaction with user-written or vendor-provided servers. WWW. See World Wide Web (WWW) protocols. XML. Short for Extensible Markup Language, a specification developed by the W3C.
Index A Access Log Valve 4-89 accessDeclaredMembers permission 8-39 access,failure value 8-41 Admin Web Application features of 4-68 Administering a Connector 4-72 Apache Axis2 1-3 Apache Tomcat 1-2, 1-12 archiveDirectory 5-7 Attributes of Server element 3-44 Coyote 1-13 Creating an NSJSP installation 2-16/2-18 D BANK_CATALOG 3-24 base64 8-4 base64 encoding format 8-3 data theft 8-1 datePattern 5-7 Debugging Using Eclipse Platform 6-2 Debugging Using Java Debugger Tool 6-1 deploying applications at star
I Index How to use the tool A-2 HTTP/1.0 specification 8-3 I Installation directories 2-19 Installation-Specific servlet.config 3-6 Installing NSJSP iTP Secure WebServer environment for 2-14 prerequisites for 2-1 Introduction 1-1 iTP Secure Webserver configuration files required by 2-28 iTP Secure WebServer operations 4-122 iTP_catalina.
N Index object name A-2 parameters in the NSJSP MBeans page 4-57 Multiple NSJSP installations 2-28 MyFaces 1-3 N NonStop SQL database 3-94 NSJSP 1-2 NSJSP Formatter 5-5 NSJSP installation directory structure of 2-19 NSJSP Log Handler 5-5 NSJSP Manager architecture of 4-139 features of 4-2, 4-18 installtion of 2-20/2-22 removing installation directory 2-24 server class of including multiple Hosts 4-135 supporting multiple NSJSP installations 4-136 NSJSP Manager Application comparing MBean attribute values
O Index using the In-Memory Sessions page 4-30 operations using the Application Summary page 4-23 using the Applications page 4-21 using the Compare - NSJSP MBean page 4-60 using the In-Memory Sessions page 4-29 using the Process View page 4-27 parameters in the Compare - NSJSP MBean page 4-61 in the Modify MBean page 4-63 in the NSJSP MBeans page 4-57 NSJSP Manager Web Application security 8-41 NSJSP Servlet Container 3-1 NSJSPLockoutRealm 8-8 NSJSPLogHandler 5-11 NSJSP_CONFIG_FILE 3-24 NSJSP_DLL_PATH 3-
U Index TS/MP Server Class operations stop 4-123 U Updating NSJSP installation 2-23 User Application-Specific Filemap Definitions 3-37 user credential 8-3 V Verifying NSJSP Manager installation 2-22 W web.xml 7-11 X Xms 3-25 Xmx 3-24 Xnoclassgc 3-25 Xss 3-25 X.509 certificate 8-2 Special Characters ${catalina.home} property 8-35 ${java.home} property 8-35 -Djava.security.manager option 8-35 _RLD_LIB_PATH 3-23 NonStop Servlets for JavaServer Pages (NSJSP) 7.
