NonStop Servlets for JavaServer Pages (NSJSP) 5.0 System Administrator's Guide

Manuals Brands HP Manuals Server HP Integrity NonStop J-Series

NonStop Servlets for

JavaServer Pages

(NSJSP) System

Administrator’s Guide

Abstract

NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets

and JavaServer Pages (JSPs), which are platform-independent server-side programs

that programmatically extend the functionality of web-based applications by providing

dynamic content from a webserver to a client browser over the HTTP protocol.

Product Version

NonStop Servlets for JavaServer Pages 5.0

Supported Release Version Updates (RVUs)

This publication supports H06.03 and all subsequent H-series RVUs until otherwise

indicated by its replacement publication.

Part Number Published

525644-003 April 2006

Summary of content (248 pages)

PAGE 1

NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Abstract NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent server-side programs that programmatically extend the functionality of web-based applications by providing dynamic content from a webserver to a client browser over the HTTP protocol. Product Version NonStop Servlets for JavaServer Pages 5.
PAGE 2

Document History Part Number Product Version Published 525644-001 NonStop Servlets for JavaServer Pages 2.0 March 2003 525644-002 NonStop Servlets for JavaServer Pages 5.0 December 2005 525644-003 NonStop Servlets for JavaServer Pages 5.
PAGE 3

NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Glossary Index Examples What’s New in This Manual xi Manual Information xi New and Changed Information Figures Tables xi About This Manual xiii Who Should Read This Guide xiii Organization of This Guide xiv Related Manuals xv Reference Information on the Internet Notation Conventions xix Abbreviations xxiv xviii 1.
PAGE 4

1. Overview and Architecture (continued) Contents 1. Overview and Architecture (continued) JMX Based Administration Feature 1-15 admin Web Application 1-15 manager Web Application 1-16 Enhanced NSJSPCoyoteConnector 1-18 Session Clustering (not supported) 1-18 Invoker Servlet Availability 1-18 2.
PAGE 5

Contents 3. Configuring NSJSP (continued) 3.
PAGE 6

4. Programming and Management Features (continued) Contents 4.
PAGE 7

Contents 6. Logs and Error Conditions (continued) 6. Logs and Error Conditions (continued) Switching From a Single Log File to Multiple Log Files Status Information 6-4 Log Files Rollover 6-4 Log Files Cleanup Script 6-4 nsjsp_cleanlogs Syntax 6-5 nsjsp_cleanlogs Options 6-5 Recovery Procedure for Broadcast Error 6-5 Broadcast 6-5 Broadcast Error 6-6 Broadcast Failure 6-6 Causes of Broadcast Error/Failure 6-7 EMS Message Format 6-7 6-3 7. Migrating to NSJSP 5.
PAGE 8

. Security Considerations Contents 8. Security Considerations Virtual Hosts 8-1 Roles 8-1 Single Sign-On 8-1 A. JMXProxy Servlet JMX Query command A-1 JMX Set command A-1 B. Sample Ant Script for the Client Deployer C.
PAGE 9

Examples (continued) Contents Examples (continued) Example 3-3. Example 3-4. Example 3-5. Example 3-6. Example 3-7. Example 3-8. Example 3-9. Example 3-10. Example 3-11. Example 3-12. Example 3-13. Example 3-14. Example 3-15. Example 3-16. Example 3-17. Example 3-18. Example 3-19. Example 3-20. Example 3-21. Example 3-22. Example 3-23. Example 3-24. Example 3-25. Example 3-26. Example 3-27. Example 3-28. Example 3-29. Example 3-30. Example 3-31. Example 3-32. Example 3-33. Example 3-34. Example 3-35.
PAGE 10

Examples (continued) Contents Examples (continued) Example 5-4. Example 5-5. Example 5-6. Example 5-7. Example 5-8. Example 5-9. Example 5-10. Example 5-11. Example 5-12. Example 5-13. Example 5-14. Example 5-15. Example 5-16. Example 6-1. Example 7-1. Example B-1.
PAGE 11

Figures (continued) Contents Figures (continued) Figure 4-12. Figure 5-1. Figure 5-2. Figure 5-3. Figure 5-4. Figure 5-5. Figure 5-6. Figure 5-7. Figure 5-8. Figure 7-1. Inconsistent Warning 4-28 Manager Web Application Architecture 5-1 Manager Web Application Login Dialog 5-2 Manager Web Application User Interface 5-3 Manager Area 5-4 Application Area 5-5 Deploy Area 5-5 NSJSP Information Area 5-6 NSJSP Status Summary Page 5-8 New Persistent Session Class Location 7-6 Tables Table 2-1.
PAGE 12

Contents NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-003 x
PAGE 13

What’s New in This Manual Manual Information NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Abstract NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent server-side programs that programmatically extend the functionality of web-based applications by providing dynamic content from a webserver to a client browser over the HTTP protocol.
PAGE 14

What’s New in This Manual Changes to the December 2005 Revision of the Manual environment. For more information, see Deploy Using the Standalone Application Deployer on page 3-15. • • • • • • • • • • • Support for complete server monitoring using JMX and the manager web application. NSJSP allows you to monitor servers in real-time. For more information, see Manager Web Application on page 5-1. Improved taglibs handling.
PAGE 15

About This Manual This guide describes the installation, configuration, and management of the NonStop Servlets for JavaServer Pages (NSJSP) 5.0 component of the iTP Secure WebServer. Who Should Read This Guide The NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide is intended for experienced HP NonStop system administrators and operators who need to install, configure, and manage the iTP Secure WebServer on an HP NonStop system.
PAGE 16

Organization of This Guide About This Manual Organization of This Guide Section Description (page 1 of 2) Section 1, Overview and Architecture gives a general introduction to the Java 2 Enterprise Edition (J2EE) and discusses the architecture of NonStop Servlets for JavaServer Pages (NSJSP). Section 2, Installing NSJSP provides the procedures for installing NSJSP, including what to do before you begin, starting and restarting NSJSP, stopping NSJSP, and uninstalling NSJSP.
PAGE 17

Related Manuals About This Manual Section Description (page 2 of 2) Appendix A, JMXProxy Servlet provides information about the JMX Proxy Servlet, which is a lightweight proxy that gets and sets NSJSP internal objects by using JMX MBeans. Although the admin web application can perform most of the functions, using the JMX Proxy Servlet simplifies writing control scripts (especially, if you are monitoring and performing minor attribute changes).
PAGE 18

TCP/IP Manuals About This Manual The following manuals contain additional information about installing, configuring, and managing HP NonStop systems or other products you can use with NSJSP. TCP/IP Manuals For information specific to managing the TCP/IP subsystem, see: TCP/IP Configuration and Management Manual describes the installation, configuration, and management of the NonStop TCP/IP subsystem.
PAGE 19

NonStop Transaction Services/MP (NonStop TS/MP) Manuals About This Manual NonStop Transaction Services/MP (NonStop TS/MP) Manuals For information specific to managing PATHMON environments, see: The TS/MP System Management Manual describes the PATHCOM and TACL commands used to configure and manage PATHMON environments.
PAGE 20

Reference Information on the Internet About This Manual These manuals contain additional information about NonStop systems: H06.nn Release Version Update Compendium provides a summary for the products that have major changes in the H-series, including the products’ new features, migration issues, and fallback considerations.
PAGE 21

About This Manual Notation Conventions Notation Conventions Hypertext Links Blue underline is used to indicate a hypertext link within text. By clicking a passage of text with a blue underline, you are taken to the location described. For example: This requirement is described in Backup DAM Volumes and Physical Disk Drives on page 3-2. General Syntax Notation This list summarizes the notation conventions for syntax presentation in this manual. UPPERCASE LETTERS.
PAGE 22

About This Manual General Syntax Notation { } Braces. A group of items enclosed in braces is a list from which you are required to choose one item. The items in the list can be arranged either vertically, with aligned braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines. For example: LISTOPENS PROCESS { $appl-mgr-name } { $process-name } ALLOWSU { ON | OFF } | Vertical Line.
PAGE 23

Notation for Messages About This Manual a blank line. This spacing distinguishes items in a continuation line from items in a vertical list of selections. For example: ALTER [ / OUT file-spec / ] LINE [ , attribute-spec ]… !i and !o. In procedure calls, the !i notation follows an input parameter (one that passes data to the called procedure); the !o notation follows an output parameter (one that returns data to the calling program).
PAGE 24

About This Manual Notation for Messages lowercase italic letters. Lowercase italic letters indicate variable items whose values are displayed or returned. For example: p-register process-name [ ] Brackets. Brackets enclose items that are sometimes, but not always, displayed. For example: Event number = number [ Subject = first-subject-value ] A group of items enclosed in brackets is a list of all possible items that can be displayed, of which one or none might actually be displayed.
PAGE 25

About This Manual Notation for Management Programming Interfaces Notation for Management Programming Interfaces This list summarizes the notation conventions used in the boxed descriptions of programmatic commands, event messages, and error lists in this manual. UPPERCASE LETTERS. Uppercase letters indicate names from definition files. Type these names exactly as shown. For example: ZCOM-TKN-SUBJ-SERV lowercase letters.
PAGE 26

About This Manual Abbreviations Abbreviations This list defines abbreviations and acronyms used in this guide. Both industry-standard terms and HP terms are included. AWT. Abstract Windowing Toolkit ARPA. Advanced Research Project Agency ATP. Active Transaction Pages BSD. Berkeley Software Distribution C. Country CA. Certificate Authority CBC. Cipher Block Chaining CCITT. Consultative Committee for International Telegraph and Telephone CGI. Common Gateway Interface CN. Common Name CWD.
PAGE 27

About This Manual Abbreviations HTTPD. HyperText Transfer Protocol Daemon IEEE. Institute of Electrical and Electronics Engineers IEN. Internet Engineering Note IP. Internet Protocol J2EE. Java 2 Enterprise Edition JAR. Java Archive Tool JDBC. Java DataBase Connectivity JDK. Java Development Kit JIT. Just-In-Time (Java compiler) JNDI. Java Naming and Directory Interface JNI. Java Native Interface JSP. JavaServer Pages JVCP. Java Visual Class Package JVM. Java Virtual Machine KEK. Key Exchange Key L.
PAGE 28

About This Manual O. Abbreviations Organization OLTP. Online Transaction Processing OSS. Open System Services OU. Organizational Unit PAID. Process Accessor ID PCT. Private Communication Technology PDF. Portable Document Format PEM. Privacy Enhanced Message PKS. Public Key Certificate Standard PPP. Point to Point Protocol QIO. Queued Input Output RFC. Request for Comments RLS. Resource Locator Service RSA. Rivest, Shamir, and Adelman SCF. Subsystem Control Facility SCT.
PAGE 29

About This Manual Abbreviations TACL. Tandem Advanced Command Language TAL. Transaction Application Language Tcl. Tool Command Language Tcl/CGI. Tool Command Language/Common Gateway Interface TCP/IP. Transmission Control Protocol/Internet Protocol TS/MP. Transaction Services/Massively Parallel URL. Uniform Resource Locator WAR. Web Archive WID. WebSafe2 Interface Driver WISP. WebSafe2 Internet Security Processor X.509. CCITT Recommendation for Security Service XML.
PAGE 30

About This Manual Abbreviations NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 xxviii
PAGE 31

1 Overview and Architecture This section describes: • • • • Java 2 Enterprise Edition (J2EE) Overview on page 1-2 JavaServer Pages (JSP) Architecture on page 1-7 NonStop Servlets for JavaServer Pages (NSJSP) Architecture on page 1-11 New Features in the HP NSJSP Implementation on page 1-13 NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent, server-side programs that programmatically extend the functionality of
PAGE 32

Overview and Architecture Java 2 Enterprise Edition (J2EE) Overview To use this documentation, you should have some familiarity with the Java language and tools and the Java Servlet Application Programming Interface (API) defined by JSR 154: Java 2.4 Specifications. This section does not attempt to teach you how to program servlets or JSPs, although it does offer advice and ideas.
PAGE 33

Overview and Architecture The Web Container Dynamic content was initially supplied by CGI, but now the more powerful and flexible Java Servlet API and JSP programs provide logic for the new web applications.
PAGE 34

JavaServer Pages (JSP) Overview and Architecture Figure 1-1. A J2EE Web Container With Two Applications WEB CONTAINER APPLICATION # 1 DEPLOYMENT DESCRIPTOR APPLICATION # 2 DEPLOYMENT DESCRIPTOR JAVA SERVLETS JAVA SERVLETS JAVA CLASSES JAVA CLASSES JSP PAGES JSP PAGES VST901.vsd JavaServer Pages (JSP) JavaServer Pages (JSP), a presentation-layer technology that sits on top of the Java servlets model, simplifies the creation and management of dynamic HTML.
PAGE 35

The Web Application Overview and Architecture Figure 1-2. JSP Data Flows First Time Use JSP Page Compilation Client Browser iTP WebServer Subsequent Use Component Java Servlet VST902.vsd The Web Application The web application is a collection of servlets, HTML pages, images, JSPs, a deployment descriptor, and other configuration files that together represent all the resources necessary to host a complete application on a J2EE-compliant webserver.
PAGE 36

Overview and Architecture The Deployment Descriptor subdirectory (containing the zip or jar files), and your customized version of the web.xml file – the deployment descriptor. webapps/myapp1/WEB-INF/web.xml webapps/myapp1/WEB-INF/classes/helloworld.class webapps/myapp1/WEB-INF/lib A detailed description of the directory structure can be found in Configuring Web Applications on page 3-13. The Deployment Descriptor A default version of web.
PAGE 37

Overview and Architecture JavaServer Pages (JSP) Architecture JavaServer Pages (JSP) Architecture This subsection discusses • • • The reasons for using distributed servlets How to include one servlet within another How to forward responses between servlets Simple examples of JSP code are annotated. A general introduction to JSP is given in JavaServer Pages (JSP) on page 1-4. This section introduces implementation, models, and syntax basics.
PAGE 38

Model-View-Controller Designs Overview and Architecture Figure 1-3. A Basic NSJSP Model WEB CONTAINER CLIENT BROWSER REQ 1 RES 4 JSP 2 Java Bean or Java Servlet 3 Data Storage VST904.
PAGE 39

Model-View-Controller Designs Overview and Architecture The second approach is to adopt the design, shown in Figure 1-4, A Model-ViewController Design. In this design, processing is divided between the controller and presentation components. The presentation component, or View, consists of JSP pages that generate the HTML or XML response that determines the user interface rendered by the browser.
PAGE 40

Overview and Architecture JSP Syntax Basics 2. Obtain a reference to the request dispatcher object for the servlet in use. Use the getRequestDispatcher(String name) method, which takes in the path and name of the servlet (URI) and returns the request dispatcher object. 3. Invoke the include or forward method of the RequestDispatcher object. Either method takes two arguments; the HttpServletRequest and HttpServletResponse objects.
PAGE 41

Overview and Architecture An Example of JSP Code An Example of JSP Code Example 1-1 on page 1-11 shows the use of templating, a common technique used in web-page development, which uses the services of more than one servlet. In this example, the template is coded as JSP using the include directive to reference some HTML in another file. Example 1-1. JSP Code <%-- Filename: "TemplateDemo.jsp" --%>
Welcome To My WebSite

The time is <% new java.util.Date().
PAGE 42

NonStop Servlets for JavaServer Pages (NSJSP) Architecture Overview and Architecture The iTP Secure WebServer software, which is inherently scalable and reliable, enables the creation of Java servlets that can take advantage of the database and transaction services infrastructure on the HP NonStop server.
PAGE 43

Overview and Architecture New Features in the HP NSJSP Implementation New Features in the HP NSJSP Implementation New features incorporated in the HP NSJSP implementation: J2EE Standards Support NSJSP 5.0 implements the Java Servlet 2.4 and JavaServer Pages 2.0 specifications by porting Tomcat version 5.0.28. For more information about Tomcat version 5.0, see the Apache Jakarta Tomcat 5 Servlet/JSP Container documentation at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/index.html.
PAGE 44

Overview and Architecture JAASRealm Support Jasper engine. In addition to general code improvements, these changes have been made: • • • JSP custom tag pooling. The Java objects instantiated for JSP custom tags can be pooled and reused. This arrangement significantly boosts the performance of JSP pages which use custom tags. Background JSP compilation. If you make a change to a previously compiled JSP page, Jasper 2 can recompile that page in the background.
PAGE 45

Overview and Architecture JMX Based Administration Feature JMX Based Administration Feature NSJSP supports JMX based administration. NSJSP incorporates JMX technology to manage internal objects (for example, Servers, Services, Hosts, Contexts, Loggers, and other resource entities). In prior releases, NSJSP required you to bring down the entire container and change the configuration file iTP_server.xml to modify container objects.
PAGE 46

Overview and Architecture manager Web Application Figure 1-6. Admin User Interface For more information about the admin web application, see admin Web Application on page 4-9. manager Web Application The manager web application provides the management functions for web applications in the NSJSP container. In prior versions, the management functions were provided using the nsjsp_manager (an interactive shell script). The nsjsp_manager is discontinued in NSJSP 5.
PAGE 47

Overview and Architecture manager Web Application Figure 1-7 is an example of the manager user interface. Figure 1-7. Manager User Interface On this page, the manager lists the installed web applications in a table. Each row in the table represents a web application. The management functions supported are listed using hyperlinks. By selecting a specific hyperlink, the operator issues the specified command to the web application. Note.
PAGE 48

Overview and Architecture Enhanced NSJSPCoyoteConnector Enhanced NSJSPCoyoteConnector The NSJSP connector component NSJSPCoyoteConnector has been enhanced so the connector is managed using JMX MBeans. Session Clustering (not supported) NSJSP 5.0 does not support session clustering. Instead, the current session routing mechanism continues to be used in NSJSP 5.0. Session clustering was not implemented because Tomcat 5.
PAGE 49

2 Installing NSJSP This section describes: • • • • • • Before You Begin the Installation on page 2-1 Begin the Installation on page 2-2 Starting or Restarting NSJSP on page 2-5 Stopping NSJSP on page 2-5 Uninstalling NSJSP on page 2-7 NSJSP Directory Structure on page 2-7 The procedure for installing NSJSP software depends on the distribution medium for the product. Check the readme.txt file if you have received the software on a CD. Check the softdoc if you are installing the product from a tape.
PAGE 50

Installing NSJSP • Begin the Installation If TCP/IP and FTP are unavailable, or if you have problems using automatic file placement, use the instructions in the IPSetup User Guide section about Manual Software Placement to manually place NonStop operating system files. Begin the Installation The iTP WebServer installation location is iTPWS_INSTALL_DIR, which defaults to /usr/tandem/webserver.
PAGE 51

setup Installing NSJSP setup The setup script integrates NSJSP 5.0 with a previously installed iTP Secure WebServer. The iTP Secure WebServer version must be 6.0 and SPR version ACA or later. The setup script prompts you for: 1. The location of an installed iTP Secure WebServer to which you wish to add NSJSP support. 2. The logger choices: whether to select multiple log files (the default) or a single log file. For more information about log files, see Section 6, Logs and Error Conditions. 3.
PAGE 52

Installing NSJSP • • • • setup nsjspadmin.config (only if online administration is selected) nsjspadmin.config.sample filemaps.config (only if online administration is selected) filemaps.config.sample The default files located in $NSJSP_HOME/conf are: • • • • • • • iTP_jaas.config iTP_jaas.config.sample nsjsp_cleanConfigBackups nsjsp_digestPassword nsjsp_migrateSessionStore nsjspadmin-users.xml nsjspadmin-users.xml.
PAGE 53

Installing NSJSP Starting or Restarting NSJSP Starting or Restarting NSJSP When the NSJSP software is started, a running TCP/IP process is required. This process is set by the setup script. 1. To start NSJSP, run the start script from the iTPWS_INSTALL_DIR/conf directory in the iTP Secure WebServer environment. The script starts the HTTPD process using the httpd.config configuration file. This script is: OSS: cd iTPWS_INSTALL_DIR/conf OSS: ./start 2.
PAGE 54

Stopping NSJSP Installing NSJSP To save persistent session data and allow your applications to shut down gracefully, use the nsjsp_stop script instead of the iTPWS_INSTALL_DIR/conf/stop script (described in the iTP Secure WebServer System Administrator’s Guide) to shut down the NSJSP and iTP WebServer environments. Note. This script is slower than the iTPWS_INSTALL_DIR/conf/stop script.
PAGE 55

Uninstalling NSJSP Installing NSJSP Uninstalling NSJSP The uninstall script removes the currently installed version of the NSJSP software, the NSJSP files, directories, and web applications that were installed in your iTP WebServer environment. Caution. Back up your web applications before you run the uninstall script. Running uninstall removes all your web applications in the webapps directory. You must run this script using the same user ID that was previously used to install NSJSP.
PAGE 56

NSJSP Directory Structure Installing NSJSP Table 2-1. NSJSP Directory Structure Directory Description conf/ Configuration files, including: iTP_server.xml iTP_jaas.config iTP_catalina.policy web.xml tomcat_users.xml nsjspadmin-users.xml nsjsp_digestPassword nsjsp_cleanConfigBackups nsjsp_migrateSessionStore NSJSP/ Engine specific configuration files and directories (default Engine name in NSJSP).
PAGE 57

Directory Example Installing NSJSP Directory Example Example 2-2 is intended to summarize the answer to the question, “How do you get from a URL to the application and to a servlet?” (See Map Requests to Applications and Servlets on page 3-19.) The example shows the main directories and the configuration necessary to get NSJSP up and running. The example assumes the default location of /usr/tandem/webserver as the root of your directory structure.
PAGE 58

Installing NSJSP Directory Example By default, the /webapps subdirectory contains your server applications. (Use docbase in myappl.xml to set this path, or any other preferred location.) myapp1 is a sample application subdirectory. At this (root) level you can store files such as index.html, or create subdirectories to manage your web application resources, for example /images for graphics files. Every application must have a WEB-INF subdirectory.
PAGE 59

3 Configuring NSJSP This section describes: • • • • • • • Configuring the NSJSP Container on page 3-1 Configuring Web Applications on page 3-13 Configuring the Security Manager on page 3-20 Configuring Virtual Hosting on page 3-27 Configuring Realms on page 3-27 Configuring Single Sign-On Support on page 3-45 Configuring Persistent Sessions on page 3-47 Configuring the NSJSP Container Several configuration files support the NSJSP container environment and web applications.
PAGE 60

Configuring NSJSP servlet.config servlet.config This file contains the configuration information and filemaps required for the SERVLET ServerClass. The file is located (by default) in iTPWS_INSTALL_DIR/conf. For security when you run a new installation (of T1222) for the first time, the setup script automatically makes a backup of any pre-existing servlet.config file. You can then make any changes to the default, such as adding filemaps.
PAGE 61

servlet.config Configuring NSJSP Java Runtime Arguments Consider adding any of the optional Java runtime arguments (listed below) to the Java Arglist parameter. Note that the Arglist arguments for Java precede the NSJSP container class, For example: Arglist -Xbootclasspath/a:$env(JAVA_HOME)/lib/tools.jar \ -Xnoclassgc -Xmx64m -Xss128k -Dbrowserdebug=false \ -Djdbc.drivers=com.tandem.sqlmp.SQLMPDriver \ -Xbootclasspath Sets the classpath of the arguments.
PAGE 62

Configuring NSJSP servlet.config -Djdbc.drivers Identifies the SQL driver to NonStop Server for Java. This option is required for servlets that use SQL/MP or SQL/MX for Java. If present, this option must have the value com.tandem.sqlmp.SQLMPDriver or com.tandem.sqlmx.SQLMXDriver. -Djava.security.manager Sets the Java Security Manager. By default, NSJSP is run without a security manager (-Dnsjsp.security.manager=none). -Djava.security.policy sets the Java Security Manager policy file (-Djava.security.
PAGE 63

Configuring NSJSP servlet.config -DDiscardFileMapHistory=[ true | false ] Preserves or discards the history of all Filemap related changes. The default is false, if the option is not specified. This means that all the history of Filemap related changes is preserved. -DEnableJMXProxyServlet=[ true | false ] Enables or disable the JMXProxyServlet in the manager web application. The default is false, which is disabled.
PAGE 64

Configuring NSJSP nsjspadmin.config nsjspadmin.config The nsjspadmin.config file contains the configuration of the nsjspadmin ServerClass. Although the nsjspadmin ServerClass is in the same TS/MP environment as the SERVLET ServerClass, it still has its own configuration file so that the attributes of the nsjspadmin ServerClass are not changed accidentally. For the nsjspadmin server to perform properly, most of these attributes should be maintained as the installed value.
PAGE 65

nsjspadmin.config Configuring NSJSP Example 3-2. Configuration File nsjspadmin.config set nsjspadmin_objectcode $root/bin/nsjspadmin.ssc Server $nsjspadmin_objectcode { CWD $env(NSJSP_HOME) Env CLASSPATH=$JVCP:$USRCP Env JAVA_HOME=$env(JAVA_HOME) Env JREHOME=$env(JAVA_HOME)/jre Env TANDEM_HTTPD_SC_NAME=HTTPD Env TANDEM_SERVLET_SC_NAME=SERVLET Env TANDEM_SERVLET_SC_PATH=$server_objectcode Env TANDEM_FILEMAPS_CONFIG=$root/conf/filemaps.
PAGE 66

Configuring NSJSP iTP_server.xml In addition, the following Filemaps are also added to the nsjspadmin.config configuration file: Filemap /admin $nsjspadmin_objectcode Filemap /manager $nsjspadmin_objectcode This action directs all requests starting with /admin and /manager to the nsjspadmin ServerClass. iTP_server.xml iTP_server.xml is a version of the standard server.xml file modified to use with the iTP WebServer. iTP_server.xml is an XML file. The file’s default location is $NSJSP_HOME/conf.
PAGE 67

Configuring NSJSP iTP_server.xml A element defines an individual web application. Note that it is no longer recommended that you have the tag in the iTP_server.xml file. These tags should be moved to the Context configuration file (.xml) and placed in the $NSJSP_HOME/conf/NSJSP// directory. The default iTP_server.xml file is well commented, read these comments to become familiar with the contents of this file.
PAGE 68

Configuring NSJSP web.xml The context path shows the context which is the start of the path for any URL attempting to locate and run a servlet. The docbase could be used to create a separate location for the application, instead of the default webapps directory. For convenience, you could name this file as orders.xml so that it is easy to identify later on. The corresponding filemap from filemaps.
PAGE 69

Configuring NSJSP web.xml Preloading Servlets A set of servlets can be automatically loaded on startup time by using the element in the web.xml file, as shown in Example 3-7. The element indicates that this servlet should be loaded on the startup of the web application. The content of this element must be a positive integer indicating the order in which the servlets should be loaded. Lower integers are loaded before higher integers.
PAGE 70

Configuring NSJSP jdbc.config Your Application Version of web.xml Each application can have a copy of web.xml, the deployment descriptor, for example: /webapps/myapp1/WEB-INF/web.xml This file overrides any settings made in the web.xml file at the $NSJSP_HOME/conf level. Initializing Servlets You can initialize servlets in either of the two versions of the web.xml file. If portability is a requirement, you may prefer to put the initialization within the application version of web.
PAGE 71

Configuring NSJSP filemaps.config filemaps.config For each new application (a collection of related servlets, JSP and other resources) you may need to add a corresponding filemap in the filemaps.config file. For example, a new application called orders could be accessed while the default path is /servlet_jsp/orders or by adding this filemap.
PAGE 72

Configuring NSJSP Add a New Web Application In the example myapp1, a public area contains the files that are directly accessible for rendering by the browser, for example, the GIF and HTML files. Although JSP files cannot be directly rendered, the API considers them the same as HTML files and allows them to be located in the public area. For security reasons, in these examples, the Java source files are located in the subdirecory of the WEB-INF subdirectory.
PAGE 73

Configuring NSJSP Deploy Using the Standalone Application Deployer Any subdirectory within the application base directory that appears to be an unpacked web application (that is, contains a /WEB-INF/web.xml file) will receive an automatically generated context element, even if this directory does not have context defined in the $NSJSP_HOME/conf/NSJSP// directory.
PAGE 74

Configuring NSJSP Deploy Using the admin or manager Web Applications [validator] web.xml validated [javac] Compiling 41 source files to C:\java\nsjsp5.0\deployer\build\myapp\WEB-INF\classes [javac] Note: C:\java\nsjsp 5.0\deployer\build\myapp\WEBINF\classes\examples\LogTag.java uses or overrides a deprecated API. [javac] Note: Recompile with -deprecation for details. [jar] Building jar: C:\java\nsjsp 5.0\deployer\build\myapp.war BUILD SUCCESSFUL Total time: 11 seconds C:\java\nsjsp 5.
PAGE 75

Create a New Application Configuring NSJSP Create a New Application If you are creating a new application using the iTP WebServer environment you should: 1. Create the appropriate directory structure under $NSJSP_HOME/webapps. If you prefer to locate elsewhere, use the docbase attribute of the context path. Populate with the required servlets and JSP files. 2. Create a local version of the web.xml file for deployment descriptors. Note that if you write the deployment descriptors in the main default web.
PAGE 76

Configuring NSJSP Deploy a Servlet A fragment of that file is shown in Example 3-11: Example 3-11.
PAGE 77

Configuring NSJSP Map Requests to Applications and Servlets Map Requests to Applications and Servlets Mapping requests to servlets is closely linked to the concept of a context path. The application name and the context path lead to the application subdirectory. The and tags are needed to find a servlet or JSP within that application.
PAGE 78

Configuring NSJSP Configuring the Security Manager Example 3-13. Mapping a URL to the Servlet start startCartRequest start /myapp1/* Path mappings are relative to the context’s URL path. By providing a wildcard (*), any URL containing the path /myapp1 can always be passed to the startCartRequest servlet.
PAGE 79

Configuring NSJSP Configuring the Security Manager The default iTP_catalina.policy file contains all the grant entries in the standard catalina.
PAGE 80

Configuring NSJSP Configuring the Security Manager Example 3-15. Policy File Entry for the NSJSP Container // These permissions apply to the nsjsp-logging code grant codeBase "file:${catalina.home}/bin/nsjsp-logging.jar" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.home}/bin/nsjsp_bootstrap.jar" { permission java.security.AllPermission; }; ...
PAGE 81

Configuring NSJSP Starting NSJSP Through a Security Manager Example 3-15. Policy File Entry for the NSJSP Container // These permissions are granted to the NSJSP balancer web // application. grant codeBase "file:${catalina.home}/webapps/balancer/WEBINF/lib/catalina-balancer.jar" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }; // These permissions are granted by default to all web // applications.
PAGE 82

Configuring NSJSP Troubleshooting the Security Manager Example 3-16. Starting NSJSP With a Security Manager # # NSJSP Java2 System policy file and Java2 VM option. # # Note: the "double" equalto signs "==" is not a typo!! This informs the JVM # to use this file exclusively and that all others are to be ignored. # set env(JVM_POLICY_FILE) $env(NSJSP_HOME)/conf/iTP_catalina.policy set NSJSP_SECMGR_POLICY -Djava.security.policy==$env(JVM_POLICY_FILE) ... set NSJSP_SECMGR -Djava.security.manager ...
PAGE 83

Configuring NSJSP Enhanced Security Manager Example 3-17. Troubleshooting the NSJSP Security Manager Arglist -Xbootclasspath/a:$env(JAVA_HOME)/lib/tools.jar -Xnoclassgc -Xmx64m -Xss128k -Dbrowserdebug=false \ -Djdbc.drivers=com.tandem.sqlmp.SQLMPDriver \ $NSJSP_SECMGR $NSJSP_SECMGR_POLICY $NSJSP_JAAS_CONFIG \ -Djava.security.debug=all \ -DEnableJMXProxyServlet=false \ -Djava.endorsed.dirs=$env(NSJSP_ENDORSED_DIRS) \ -Dcatalina.home=$env(NSJSP_HOME) \ -Djava.io.tmpdir=$env(NSJSP_HOME)/temp \ com.tandem.
PAGE 84

Configuring NSJSP Enhanced Security Manager Example 3-18. Default Security Property File # # # # List of comma-separated packages that start with or equal this string will cause a security exception to be thrown when passed to checkPackageAccess unless the corresponding RuntimePermission ("accessClassInPackage."+package) has been granted. package.access=sun.,com.tandem.servlet.,org.apache.catalina.,org.apache.coyot e.,org.apache.tomcat.,org.apache.jasper.,sun.beans.
PAGE 85

Configuring NSJSP Configuring Virtual Hosting Configuring Virtual Hosting The virtual hosting feature enables you to access web services on multiple IP addresses or hostnames through a single iTP WebServer/NSJSP environment. Each virtual host can have its own servlet context or a set of servlet contexts. Servlet contexts cannot be shared across virtual hosts. In the iTP_server.xml file, the element represents a virtual host. One or more elements are nested inside an element.
PAGE 86

Configuring NSJSP MemoryRealm JDBCRealm Obtains authentication information stored in a relational database, accessed through a Java Database Connectivity (JDBC) driver. JNDIRealm Obtains authentication information stored in an Lightweight Directory Access Protocol (LDAP) based directory server, accessed through a Java Naming and Directory Interface (JNDI) provider. JAASRealm Obtains authentication information through the Java Authentication and Authorization Service (JAAS) framework.
PAGE 87

Configuring NSJSP MemoryRealm document is loaded from the $NSJSP_HOME/conf/tomcat-users.xml file). Changes to the data in this file are not recognized until NSJSP is restarted. Realm Element Attributes To configure MemoryRealm, create a element and nest it in your $NSJSP_HOME/conf/iTP_server.xml file or in the element in the context configuration file, as described in Example 3-20 on page 3-28. These attributes are supported for MemoryRealm: className The value is org.apache.catalina.
PAGE 88

Configuring NSJSP JDBCRealm roles Comma-delimited list of the role names associated with this user. The default contents of the $NSJSP_HOME/conf/tomcat-users.xml file are shown in Example 3-21. Example 3-21.
PAGE 89

JDBCRealm Configuring NSJSP ° • Password, to be recognized by the NSJSP container when the user logs in. This value can be in clear text or digested as described in Digested Passwords on page 3-44. A userRole table must exist, as referenced in Example 3-22, that contains one row for every valid role that is assigned to a particular user. A user may have zero, one, or more than one role.
PAGE 90

JDBCRealm Configuring NSJSP Example 3-23. SQLCI Commands to Create and Load the JDBCRealm osh> gtacl -p sqlci < iTP_JDBCRealm.create.your_copy osh> gtacl -p sqlci < iTP_JDBCRealm.load.your_copy You may also run the NonStop SQL Commands directly through the NonStop Command Interpreter (SQLCI) after replacing the =T1222DBDIR string with the Guardian Location of the JDBCRealm catalog (of the form $Volume.SubVolume).
PAGE 91

Configuring NSJSP JDBCRealm driverName The fully qualified Java class name of the JDBC driver to be used. For SQL/MP, specify the value com.tandem.sqlmp.SQLMPDriver here. You must have the sqlmp.jar file in your classpath. For SQL/MX, specify the value com.tandem.sqlmx.SQLMXDriver here. You must have the jdbcMx.jar file in your classpath. roleNameCol The name of the column in the userRoleTable that contains the name of a role assigned to this user. The default is role_name.
PAGE 92

Configuring NSJSP JNDIRealm Example 3-24. Using the SQL/MP Database to Specify JDBCRealm Attributes PAGE 93
Configuring NSJSP ° • • • JNDIRealm There must be an attribute (identified by the userPassword attribute of our element) that contains the user's password, either in clear text or digested (see Digested Passwords on page 3-44). Each group of users that has been assigned a particular role is represented by an individual element in the top level DirContext, which is accessed through the connectionURL attribute.
PAGE 94

Configuring NSJSP JNDIRealm connectionURL The directory server URL with which to establish a JNDI connection. debug The level of debugging detail logged by this realm to the associated . Higher numbers generate more detailed output. If not specified, the default debugging detail level is zero (0). digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class.
PAGE 95

JNDIRealm Configuring NSJSP The schema creation for your directory server is beyond the scope of this document because it is unique to each directory server implementation. The examples below show you how to configure the OpenLDAP directory server, which can be downloaded from http://www.openldap.org. These examples assume that the OpenLDAP server's configuration file (slapd.conf) contains the LDBM settings (among others). Example 3-25.
PAGE 96

Configuring NSJSP JNDIRealm Example 3-26.
PAGE 97

JAASRealm Configuring NSJSP Example 3-27. Realm Element for the OpenLDAP Directory Server PAGE 98
JAASRealm Configuring NSJSP * * */ Safeguard Alias NonStopUserDB { com.tandem.servlet.jaas.NonStopLoginModule REQUIRED E.g. root debug=false; }; If you use the NonStopLoginModule, then the user name may be specified in any of these forms: Nonstop User Name: SUPER.
PAGE 99

Configuring NSJSP JAASRealm The System User ROLE SYSSW SUPER : : 5. Configure the JAASRealm module in the iTP_server.xml file or in your Context configuration file located in the $NSJSP_HOME/conf/NSJSP// directory. Example 3-28 shows an example of using the NSJSP provided NonStopLoginModule. . Example 3-28. Realm Element in the iTP Web Server Configuration File PAGE 100
Configuring NSJSP DataSourceRealm useContextClassLoader Instructs the JAASRealm to use the context’s loader for loading the user specified LoginModule and associated classes. The default is true. debug The level of debugging logged by the Logger. The default is 0. For more information about configuring JAASRealm or creating your own login module, see the Tomcat 5.0 Specification at http://jakata.apache.org/tomcat/tomcat-5.0-doc.index.html.
PAGE 101

Configuring NSJSP UserDatabaseRealm digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class. For more information, see Digested Passwords on page 3-44. If not specified, passwords are stored in clear text. roleNameCol Specifies the name of the column in the User RoleTable where the name of a role assigned to this user.
PAGE 102

Configuring NSJSP Digested Passwords className The value is org.apache.catalina.realm.UserDataBaseRealm. digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class. For more information, see Digested Passwords on page 3-44. If not specified, passwords are stored in clear text. resourceName Specifies a defined resource for user database.
PAGE 103

Configuring NSJSP Configuring Single Sign-On Support select this option, the contents of the password that is stored in the realm must be the digested version of the clear text password, as digested by the specified algorithm. When the authenticate() method of the realm is called, the (clear text) password specified by the user is itself digested by the same algorithm, and the result is compared with the value returned by the Realm. A match means that the user is authorized.
PAGE 104

Configuring NSJSP Configuring Single Sign-On Support Example 3-31. Configuring Single Sign-On Support ... ... 3. For each web application that you need to operate under the single sign-on support environment, define appropriate and elements in the web application’s web.xml.
PAGE 105

Configuring NSJSP Configuring Persistent Sessions Security Considerations Because the single sign-on support implementation uses cookies to maintain user identity across applications, the same risks of information exposure apply here as when cookies are used to maintain session identity within a single web application.
PAGE 106

Configuring NSJSP Creating a NonStop SQL Database to Store the Persistent Session Data $Volume.SubVolume). This subvolume (disk) should be a TMF-audited data volume. Note. The following example assumes that you are creating a NonStop SQL/MP database table. If you wish to create a NonStop SQL/MX database table, be aware that the maximum record size limit is 4036 bytes (unlike the 4096 byte limit in SQL/MP).
PAGE 107

Configuring NSJSP Configuring the Manager for Sessions Support Example 3-33. Adding Extra Partitions to Support Persistent Sessions sqlci> create table =TheT1222SessionCatalog.
PAGE 108

Configuring NSJSP Configuring the Manager for Sessions Support className The Java class name of the implementation to use. This class must implement the org.apache.catalina.Manager interface. If not specified, the default is com.tandem.servlet.catalina.session.NSJSPStandardManager. distributable If distributable is set to true, the session manager enforces the restrictions described in the Servlet 2.
PAGE 109

Configuring NSJSP Configuring the Manager for Sessions Support checkInterval The number of seconds between checks for expired sessions. The default value used is 60 seconds. debug The debug level for messages logged to the associated . Higher numbers generate more detailed output. The default is 0 (zero). entropy A string value used when seeding the random-number generator that creates session identifiers. If this attribute is not specified, a preset value is used.
PAGE 110

Configuring NSJSP Configuring the Manager for Sessions Support algorithm Name of the message digest algorithm that calculates the session identifiers it generates. The java.security.MessageDigest class must support this value. The default is MD5. checkInterval The number of seconds between checks for expired sessions. The default is 60 seconds. className The Java class name of the implementation to use. Specify com.tandem.servlet.catalina.session.NSJSPPersistentManager.
PAGE 111

Configuring NSJSP Configuring the Persistent Store minIdleSwap The interval (in seconds) for which a session must be idle (time since last access to the session) before it is eligible to be persisted to the session store and passivated out of the NSJSP container's memory. If this feature is enabled, the interval specified here should be less than the value specified for maxIdleSwap. The default of -1 disables this feature.
PAGE 112

Configuring NSJSP Configuring the Persistent Store To configure a NonStopSQLJDBCStore, add a element nested under the element using these attributes: checkInterval The number of seconds between checks for expired sessions that are stored in the NonStop SQL Database. The default is 60 seconds. className The Java class name of the implementation to use. Specify com.tandem.servlet.catalina.session.NonStopSQLJDBCStore. debug The debug level for messages logged to the associated .
PAGE 113

Configuring NSJSP Configuring the Persistent Store sessionProcessNameCol The name of the NonStop SQL database column contained in the specified sessionTable that contains the HP NonStop process name of the NonStop Server for Java (NSJ) process. This column type must accept as many characters as are contained in the NonStop process name (typically 6).
PAGE 114

Configuring NSJSP Configuring the Persistent Store Before using the NonStop SQL JDBC-based store, create a NonStop SQL catalog and database table to store the swapped out/backed up sessions. For more information, see Configuring the Manager for Sessions Support on page 3-49. Note. The NonStop SQL catalog must be created on a TMF-audited data volume (disk).
PAGE 115

4 Programming and Management Features The information discussed in this section includes: • • • • Client Programming Features on page 4-1 Servlet Programming Features on page 4-2 JMX Based Administration on page 4-8 admin Web Application on page 4-9 Client Programming Features Before you read this subsection, you should be familiar with the information in the iTP Secure WebServer System Administrator’s Guide.
PAGE 116

Programming and Management Features Receiving Response Information Receiving Response Information The response from the NSJSP container has the same form as the output from any other CGI program and consists of: • • • One or more HTTP response headers A blank line The response content However, the servlet/JSP itself need not generate all these elements. If it does not provide header information, the servlet API methods insert the header content-type: text/html.
PAGE 117

Programming and Management Features Programming Using NonStop Server for Java This section provides a brief summary about how to use the Servlet API 2.4. For detailed information about the Servlet API 2.4, see the Java Servlet API Specification, Version 2.4 at this web site: http://java.sun.com/products/servlet/ and other API documentation available from Sun Microsystems. For information about programming using NonStop Server for Java, see the NonStop Server for Java (NSJ) Programmer’s Reference.
PAGE 118

Programming and Management Features • Programming Using Other Java Environments Transaction protection using TMF. For detailed information about NonStop Server for Java, see the NonStop Server for Java (NSJ) Programmer’s Reference.
PAGE 119

Programming and Management Features Using the Servlet API responds to a request from a web client. The HttpServlet class inherits the init(ServletConfig) and destroy() methods from the GenericServlet class. A servlet that you write for the iTP WebServer environment must extend the GenericServlet class or the HttpServlet class; the HttpServlet class is preferable for the web environment because it includes many features supporting HTTP protocol.
PAGE 120

Programming and Management Features Obtaining Specific CGI Environment Variable Values Obtaining Specific CGI Environment Variable Values To obtain the value of a specific CGI environment variable, use the getHeaderNames() or getAttribute() methods with the string parameter value "com.tandem.servlet.parameter-name" where parameter_name is the name of the desired environment variable.
PAGE 121

Programming and Management Features Request and Response Streams the data of the servlet. In most cases this arrangement is the most efficient method of handling multiple requests for servlets that do not contain client data. Be aware that multithreading may require you to allow for threading synchronization. Every client has access to each field in the servlet: the fields of the servlet are being shared by each client.
PAGE 122

Programming and Management Features Reserved Cookie Names Reserved Cookie Names The cookie names JSESSIONID, JSESSIONIDSSO, NSJSPADMINSSO, and iTPWebSessionId are reserved for internal use. According to the servlet API the name of the cookie must be JSESSIONID and the name of the session-tracking parameter used in the URL rewriting must be jsessionid. javax.servlet.request.X509Certificate javax.servlet.request.X509Certificate returns an array of one object of type java.security.cert.
PAGE 123

Programming and Management Features admin Web Application For more information about JMX MBeans, see the Apache Jakarta Tomcat 5 Servlet/JSP Container documentation at http://jakarta.apache.org/tomcat/tomcat-5.0doc/index.html. admin Web Application The admin web application provides a graphical user interface (GUI) for administering container objects and resource modifications using JMX MBeans.
PAGE 124

Programming and Management Features Overview and Architecture Overview and Architecture The NSJSP admin operations do not behave the same way as the Apache Tomcat implementation. The Apache Tomcat implementation is a standalone application. When an admin operation is run in Tomcat (after the Save button is clicked), the change takes effect immediately. For example, a change made to the Debug Level property of the Server object directly affects the Tomcat server at the time the Save button is clicked.
PAGE 125

Login and Security Considerations Programming and Management Features Figure 4-1. Operator Save Command object browses, updates, & “SAVE” nsjspdmin httpd httpd httpd server Figure 4-2. Operator Commit Changes Command Select “Commit Change” button httpd httpd httpd nsjspdmin server servlet servlet broadcast Servlet update Read by new dynamic servers iTP_server.
PAGE 126

Programming and Management Features Login and Security Considerations Figure 4-3. Admin Login page Having completed the authentication and authorization process, the admin page displays the entire NSJSP server's container objects in an expandable directory-tree structure as shown in Figure 4-4 on page 4-13.
PAGE 127

Programming and Management Features Login and Security Considerations Figure 4-4. Admin Initial page Every tree node represents an object node. The open and (+) sign indicates an expandable object node. By selecting, you can fold or unfold a specific object node. The (-) sign indicates a non-expandable object node. To show and modify a specific node you select the label of an object node. The object tree is on the left-hand side of the frame. The frame on the right is for the view of a selected object.
PAGE 128

Programming and Management Features Administering Server Objects Administering Server Objects Figure 4-5 displays the views of a Server object. The Server Actions drop-down menu lists the actions you can select, for example: • • Create a new Service Delete existing Services Figure 4-5. Server Object View/Modify page The Server object properties are described in detail in Server Object on page C-1.
PAGE 129

Programming and Management Features Administering Service and Engine Objects Administering Service and Engine Objects Figure 4-6 displays the views of a Service object. The Service Actions drop-down menu lists the available actions for a Service object, for example: • • • • Delete existing Connectors Create a new Host or delete existing Hosts Create a new Logger or delete existing Loggers Create a new Valve or delete existing Valves Figure 4-6.
PAGE 130

Programming and Management Features Administering Service and Engine Objects The Service object properties are described in detail in Service Object on page C-2.
PAGE 131

Programming and Management Features Administering Connector Objects 4 Programming and Management Features Administering Connector Objects Figure 4-7 displays the views of a Connector object. The Connector Actions drop-down menu lists one available action: • Delete this Connector. (You cannot add or delete an NSJSPCoyoteConnector). Figure 4-7. Connector Object View/Modify page The Connector object properties are described in detail in Connector Object on page C-2. Note.
PAGE 132

Programming and Management Features Administering Host Objects Administering Host Objects Displays the views of a Host object. The Host Actions drop-down menu lists the available actions, for example: • • • • • • Create a new Alias or delete existing Aliases Create a new Logger or delete existing Loggers Create a new Context or delete existing Contexts Create new User Realm or delete User Realms Create a new Valves or delete existing Valves Delete this host An Alias is the alias of a Host object.
PAGE 133

Programming and Management Features Administering Default Context Objects Figure 4-8. Context Object View/Modify page The supported session managers are: NSJSPStandardManager and the NSJSPPersistentManager. The NSJSPStandardManager properties and NSJSPPersistentManager properties are described in detail in Manager Object on page C-13. Administering Default Context Objects Displays the views of a DefaultContext object. There is no available actions in the DefaultContext Actions drop-down menu.
PAGE 134

Programming and Management Features Administering Logger Object The admin web application does not allow a DefaultContext object to be created online as this affects all the running Contexts at the Engine or Host levels. Administering Logger Object Displays the views of a Logger object. The Logger Actions drop-down menu lists the available action, for example: • Delete this Logger The Logger object properties are described in detail in Logger Object on page C-12.
PAGE 135

Programming and Management Features Administering Realm Objects Figure 4-9.
PAGE 136

Programming and Management Features Administering Realm Objects NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 4- 22
PAGE 137

Programming and Management Features Administering Valve Objects 4 Programming and Management Features Administering Valve Objects This section displays views of Value objects. NSJSP supports several types of Valves: RemoteHostValve, AccessLogValve, RemoteAddrValve, RequestDumperValve, and SingleSignOnValve using the admin web application. For more information about the attributes, see Valve Object on page C-27.
PAGE 138

Programming and Management Features Administering Resources Administering Resources Figure 4-10 displays views of Data Sources. The Data Source Actions drop-down menu lists the available actions, for example: • • Create a new Data Source Delete existing Data Sources Figure 4-10. Data Source View/Modify page The Data Source properties are described in detail in Data Sources on page C-17.
PAGE 139

Programming and Management Features Administering Resources Mail Sessions Displays views of Mail Sessions. The Mail Session Actions drop-down menu lists the available actions, for example: • • Create a new Mail Session Delete existing Mail Sessions The Mail Session properties are described in detail in Mail Sessions on page C-18. Environment Entries Displays views of Environment Entries.
PAGE 140

Programming and Management Features Administering User Definition Administering User Definition This section displays views of the Users List, Groups List, and Roles List. Users List Figure 4-11 displays a view of the Users List. The User Actions drop-down menu lists the available actions, for example: • • • Create new User Delete existing Users List existing Users Figure 4-11.
PAGE 141

Programming and Management Features Administering User Definition The Users List properties are described in detail in Users on page C-20. Groups List Displays views of the Groups List. The Groups List Actions drop-down menu lists the available actions, for example: • • • Create new Group Delete existing Groups List existing Groups The Group properties are described in detail in Group on page C-20. Roles List Displays views of the Roles List.
PAGE 142

Programming and Management Features Inconsistent Conditions Inconsistent Conditions When the Commit Changes button is clicked all previously saved changes are sent to every server processes of the SERVLET ServerClass. Because these commands have already been validated and processed by the nsjspadmin ServerClass, no errors are expected from the SERVLET ServerClass. If a server instance returns an error, the server is marked as inconsistent and an warning message is returned to the operator.
PAGE 143

Programming and Management Features nsjspadmin.config ServerClass Configuration File Stop button. The Ignore button allows these inconsistent servers to continue to run. The operator should stop these processes manually. All occurrences of inconsistency are logged to the associated Logger objects. When a servlet server process catches an exception while processing an admin command, the servlet server process automatically stops itself.
PAGE 144

Programming and Management Features iTP_server.xml Configuration File iTP_server.xml Configuration File The commit change operation causes the nsjspadmin server to serialize the current configuration back to the NSJSP's iTP_server.xml configuration file. At the same time, the current version of the iTP_server.xml file is preserved using this naming convention: iTP_server.xml.yyyy-mm-dd.hh-mm-ss where yyyy-mm-dd is the year-month-day hh-mm-ss is the hour-minutes-seconds (in 24-hour format) The yyyy-mm-dd.
PAGE 145

Programming and Management Features iTP_server.xml Configuration File 3. Rename the previously preserved iTP_server.xml.yyyy-mm-dd.hh-mm-ss file to iTP_server.xml. 4. Depending on the nature of the commit change operation, rename the appropriate context configuration files .xml files to .xml.temp. 5. Depending on the nature of the commit change operation, rename the previously preserved context configuration files .xml.yyyy-mm-dd.hhmm-ss files to .
PAGE 146

Programming and Management Features iTP_server.
PAGE 147

5 Manager Web Application The managerweb application provides the management functions for all web applications in the NSJSP container. In prior releases, the management functions were provided using the nsjsp_manager (an interactive shell script). The nsjsp_manager is no longer supported. The manager web application replaces nsjsp_manager and provides the same functionality. NSJSP uses the nsjspadmin ServerClass to handle all the web application management front-end functions.
PAGE 148

Manager Web Application The manager GUI Interface Figure 5-2. Manager Web Application Login Dialog The manager web application lists all the configured web applications in the NSJSP container (including both static configured and dynamically deployed web applications) after the user has logged in.
PAGE 149

Manager Web Application The manager GUI Interface Figure 5-3. Manager Web Application User Interface Message Box The Message box lists the result of last run command.
PAGE 150

Manager Web Application The manager GUI Interface Example 5-1. Message Box Manager Area The Manager area contains links to these commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application. • Manager Help The Manager App HOW-TO document which describes the access control of the manager application and supported commands.
PAGE 151

Manager Web Application The manager GUI Interface Figure 5-5. Application Area Deploy Area Web applications can be installed using files or directories located on the server, or you can upload a web application archive (WAR) file to the server. Figure 5-6 displays the Deploy area. The Context Path field is optional. If the Context Path field is omitted, the directory name or the war file name without the .
PAGE 152

Manager Web Application The manager GUI Interface You can also install a web application directory or WAR file located in your host's appBase directory (for information about appBase directory, see Host Object on page C-6) by specifying the WAR file name without the .war extension in the WAR or Directory URL field. For example, if you had a WAR file named myAppl.war residing in your host's appBase directory, you could specify myAppl in the WAR or Directory URL field.
PAGE 153

Manager Web Application NSJSP Status Command 5 Manager Web Application NSJSP Status Command Access the NSJSP Status command from the link or the /manager/status URI.
PAGE 154

Manager Web Application NSJSP Status Command Figure 5-8. NSJSP Status Summary Page Manager The Manager area contains links to these commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application.
PAGE 155

Manager Web Application • NSJSP Status Command NSJSP Status Summary Retrieves the summary status of the NSJSP container. For more information about the NSJSP Status command, see NSJSP Status Command on page 5-7. • Complete NSJSP Status Retrieves detailed status information. Example 5-2. NSJSP Status Summary Manager Area NSJSP Information • • • • • • NSJSP Version: For NSJSP, NonStop™ Servlets For JavaServer Pages™ v5.0. JVM Version: For example,1.4.2_04-b05. JVM Vendor: Hewlett-Packard Company.
PAGE 156

Manager Web Application NSJSP Status Command JVM The aggregation of JVM statistics counters of all NSJSP server processes. The JVM title links to the JVM Statistics Detail which lists the JVM statistics of every running server instance. Example 5-5 shows an example of the status summary JVM area. Example 5-5. NSJSP Status Summary JVM Area Example 5-6. NSJSP Status (JVM) Statistics Detail Area Connectors The aggregation of statistics counters of the Connectors for all NSJSP server processes.
PAGE 157

Manager Web Application NSJSP Server Instance Detail Example 5-8. NSJSP Status (Connector) Statistics Detail Area NSJSP Server Instance Detail The NSJSP Server Instance Detail lists the complete status and statistics information for an NSJSP server instance. It is accessed using the link listed in the Server Instances.
PAGE 158

Manager Web Application NSJSP Server Instance Detail Example 5-9. NSJSP Status ($Z5BA) Page Manager The Manager area contains links to these commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application.
PAGE 159

Manager Web Application NSJSP Server Instance Detail Retrieves the summary status of the NSJSP container • Complete NSJSP Status Retrieves detailed status information. NSJSP Information The NSJSP Information area contains the: • • • • • • NSJSP Version: For NSJSP, NonStop™ Servlets For JavaServer Pages™ v5.0. JVM Version: For example, 1.4.2_04-b05. JVM Vendor: Hewlett-Packard Company. OS Name: NONSTOP_KERNEL. OS Version: For example, G06. OS Architecture: For example, mips.
PAGE 160

Manager Web Application NSJSP Server Instance Detail NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 5- 14
PAGE 161

Manager Web Application 5 Manager Web Application Web Applications Lists all of the configured web applications. Every entry is a link to the detail display of the application. Example 5-10 shows an example of the application list area. Example 5-10. NSJSP Status ($Z5BA) Application List Area Example 5-11 shows the detail display of the servlets-examples web application. Example 5-11.
PAGE 162

Manager Web Application Complete NSJSP Status The complete NSJSP Status lists the aggregation of all status and statistics counters for all NSJSP server processes. It is accessed using the link listed in the Manager Area of the NSJSP Status page.
PAGE 163

Manager Web Application Example 5-12.
PAGE 164

Manager Web Application Manager The Manager area contains links to the these commands: • Lists Applications Refreshes the display which lists all of the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application. • NSJSP Status Summary Retrieves the summary status of the NSJSP container. • Complete NSJSP Status Retrieves complete NSJSP status information.
PAGE 165

Manager Web Application Example 5-13. Complete NSJSP Status Application List Area Example 5-14 shows the detail display of the NSJSP Status localhost/servlet_jsp/servlets-examples and localhost/manager Area. Example 5-14.
PAGE 166

Manager Web Application Cleaning Up the NonStop SQL Session Data Cleaning Up the NonStop SQL Session Data Sessions saved by the NonStopSQLJDBCStore to a NonStop SQL database may never get cleaned up and remain as orphan sessions when • • The sessions are saved on an NSJSP container restart and never accessed after the restart, Or the session were backed up or swapped out to the NonStop SQL database and not accessed again after the NSJSP container failed and was restarted.
PAGE 167

Manager Web Application Shell Scripts This section lists some of the manager commands that may cause the inconsistency. Stop Command The Stop command stops a specific application only in the running server processes. A dynamic server created after the command may still have the same application running. The Stop command always returns this warning: Warning: Command applied only to the running servers. Any servers created subsequently may be inconsistent.
PAGE 168

Manager Web Application nsjsp_digestPassword >>>>ALTER TABLE $DATA00.MYSESS.SESSDATA +>+> ADD COLUMN app_name VARCHAR(255) --- SQL operation complete. >>>> >> End of SQLCI Session Note: DEFAULT "" NOT NULL; In the future, if you do not wish to be prompted for the Persistent Session catalog, then please edit your setup information file located at: ./.nsjsp_setup.info Edit the the two entries for T1222SessionCatalog and T1222SessionTable at the very end of this file.
PAGE 169

Manager Web Application nsjsp_cleanConfigBackups Additional config backup directory to search for backup configuration files. This is in addition to the /h/myInstall/webserver/servlet_jsp/conf/backup and /h/myInstall/webserver/servlet_jsp/conf/NSJSP/localhost/backu p directories, which are always cleaned up. Number of days to filter cleaning up backup configuration files. Files that have a file name older than these many days will be cleaned up (deleted).
PAGE 170

Manager Web Application nsjsp_cleanConfigBackups NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 5- 24
PAGE 171

6 • • • • • • • Logs and Error Conditions NSJSP Logging on page 6-1 Logging Configuration on page 6-1 Status Information on page 6-4 Log Files Rollover on page 6-4 Log Files Cleanup Script on page 6-4 Recovery Procedure for Broadcast Error on page 6-5 EMS Message Format on page 6-7 NSJSP Logging NSJSP processes report configuration and status information to the standard output (STDOUT) file, and report errors and exceptions to the EMS log and standard error (STDERR) files and other log files.
PAGE 172

Logs and Error Conditions Switching From Multiple Log Files to a Single Log File log messages to a single log file or to multiple log files. The default logging option is to use multiple log files. In case of the single log file option, all output is sent to a single log file (that is, servlet.log). Example 6-1 shows an example on how to use the tag to redirect all the log messages to a file myApp.YYYY-MM-DD.log using time stamped log messages. Example 6-1.
PAGE 173

Logs and Error Conditions Switching From a Single Log File to Multiple Log Files 3. Use the DIFF program to compare the iTP_server.xml with the iTP_server.xml.sample and save the changes. 4. Back up the iTP_server.xml file. 5. Copy the iTP_server-singleLog.xml.sample to the iTP_server.xml file. 6. Delete the iTP_server.xml.sample and create the iTP_server.xml.sample by symbolically linking to the iTP_serversingleLog.xml.sample file: ln -s iTP_server-singleLog.xml.sample iTP_server.xml.sample 7.
PAGE 174

Logs and Error Conditions Status Information 9. Optionally, you can add tags with the com.tandem.servlet.catalina.logger.NSJSPFileLogger to your context.xml configuration file. 10. Restart the NSJSP container. Status Information NSJSP processes report these kinds of information to the standard output file: • • A message indicating that the NSJSP process has started or failed to start. Any message written to the standard output file by a servlet or JSP.
PAGE 175

Logs and Error Conditions nsjsp_cleanlogs Syntax nsjsp_cleanlogs Syntax nsjsp_cleanlogs [-d log_file_directory] [-n number_of_days] [-x log_file_extension] [-b backup_directory] -s nsjsp_cleanlogs Options -d log_file_directory The -d option takes one argument, a string, which specifies the directory where the log files are located. The log file directory path given can be in relative or absolute format. $NSJSP_HOME/logs is the default directory -n number_of_days The -n option requires a number argument.
PAGE 176

Logs and Error Conditions Broadcast Error Broadcast Error A broadcast resulted in error. Some, but not all, of the server processes reported error in their responses. As a result, those failed servers may be out of sync (in an inconsistent state) from the rest of the servers. For example, if the broadcast is on behalf of a deploy command, then these failed servers will not have the new application. This causes an inconsistent service (i.e.
PAGE 177

Logs and Error Conditions • • Causes of Broadcast Error/Failure Additionally, you will need to rollback any Context configuration files (.xml) that have been modified. You can use the backup copies from the $NSJSP_HOME/conf/NSJSP//backup/ directory. Restart your iTP WebServer environment. Causes of Broadcast Error/Failure A broadcast error could be the result of: 1.
PAGE 178

Logs and Error Conditions EMS Message Format Event #7001 Servlet Server Class started. Version Procedure = %VPROC% where %VPROC% is the version procedure number. The NSJSP process has started. Event #7002 Servlet Server Class Start failed. Servlet Server Class Object code vproc %VPROC1% does not match Class file vproc: %VPROC2% Terminating Server. where %VPROC1% and %VPROC2% are the vprocs of the two T1222 product components. Re-install the NSJSP product.
PAGE 179

7 • • • • • • • • Migrating to NSJSP 5.0 NSJSP Environment on page 7-1 Jar File Considerations on page 7-1 Configuration Considerations on page 7-2 Pre-Compiled JSPs on page 7-4 Application Migration Considerations on page 7-4 Strict Rules on TagExtraInfo Classes on page 7-5 Persistent Session Classes Moved on page 7-6 Changes from JSP 1.2 to JSP 2.0 on page 7-12 NSJSP Environment NSJSP 5.0 continues running in the same environment as in prior versions.
PAGE 180

Migrating to NSJSP 5.0 Configuration Considerations Configuration Considerations Both SERVLET and nsjspadmin ServerClasses are defined in the servlet.config and nsjspadmin.config respectively. They both use the same iTP_server.xml configuration file. When configuration is altered using the admin web application, a backup copy of the iTP_server.xml is saved in the $NSJSP_HOME/conf/backup directory. Three new configuration files for NSJSP 5.0 are: • • • nsjspadmin.config File on page 7-2 filemaps.
PAGE 181

Migrating to NSJSP 5.0 Configuring the Security Manager extension) in the $NSJSP_HOME/conf/+engine-name>// directory. This method allows dynamic reconfiguration of the web application because the main iTP_server.xml file cannot be reloaded without restarting NSJSP. It is recommended that you not place elements directly in the iTP_server.xml file. Instead, you should put them in the META-INF/context.
PAGE 182

Migrating to NSJSP 5.0 Pre-Compiled JSPs For more information about the NSJSP enhanced security manager, see Enhanced Security Manager on page 3-25. For more information about the security manager, see the documentation at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/security-manager-howto.html. Pre-Compiled JSPs The NSJSP 5.0 release has an upgraded JSP compiler and runtime environment (Jasper2). As part of the upgrade when the setup script is run, the work directory $NSJSP_HOME/work is deleted.
PAGE 183

Migrating to NSJSP 5.0 Strict Rules on TagExtraInfo Classes Example 7-1 illustrates how to add mappings for a servlet to a web application's deployment descriptor (web.xml file). Example 7-1. Mapping Servlets in the Web Application Deployment Descriptor (web.
PAGE 184

Migrating to NSJSP 5.0 Persistent Session Classes Moved Persistent Session Classes Moved Both NSJSPPersistentManager and NonStopSQLJDBCStore classes have been moved from org.apache.catalina.session package to com.tandem.servlet.catalina.session package. All existing elements nested inside tags are required to change. Figure 7-1 is an example using the com.tandem.servlet.catalina.session package. Figure 7-1.
PAGE 185

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Changes from Servlet 2.3 to Servlet 2.4 Differences between the Java Servlet 2.4 API specification and Java Servlet 2.3: • Java Servlets 2.4 requires HTTP/1.1 and at least the J2SE (Java 2 Platform, Standard Edition) 1.3 version. In addition, the HttpServletResponse interface has a new variable called SC_FOUND for HTTP/1.1 Status code 302.
PAGE 186

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Filters are configured such that they are invoked on RequestDispatcher include() and forward() calls. Use the sub-element under the element in the deployment descriptor web.xml. For example, this code configures filter mapping whereby a filter named “my Forward Filter” is invoked when the request being processed under a RequestDispatcher matches the for a forward() call.
PAGE 187

Migrating to NSJSP 5.0 • Changes from Servlet 2.3 to Servlet 2.4 Provision for shared library files and Classloader extension mechanisms. For web applications that use shared library files, the Container now provides a directory for all shared libraries. The files placed in the directory are available to all web applications. Additionally, deployment support for extensions is recommended but not required. (Support for extensions is specified using METAINF/MANIFEST/MF entry in the web application.
PAGE 188

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Note that these attributes are not set for forwarded servlets and JSPs obtained using the getNamedDispatcher() method. • The ServletRequest and ServletRequestWrapper classes have four new methods to return information about the IP connection. • • • • • getRemotePort(): returns the IP port number of the client or last proxy that sent this request. getLocalName(): returns the host name on which this request was received.
PAGE 189

Migrating to NSJSP 5.0 • Changes from Servlet 2.3 to Servlet 2.4 In the Deployment Descriptor web.xml, all sub-elements under the element can be in any order. In the schema for the deployment descriptor web.xml, the element under the // element tree is mandatory and must always be specified.
PAGE 190

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.0 Changes from JSP 1.2 to JSP 2.0 Differences between the JavaServer Pages 2.0 API specification and JavaServer Pages 1.2 specification: • A new simple Expression Language. The JavaServer Pages Expression Language (EL) has been added to the JavaServerPages 2.0 API. The Expression Language was originally defined in the JSP StandardTag Library (JSTL) 1.0 specification and is now incorporated in the JavaServer Pages 2.0 API specifications.
PAGE 191

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.0 superclass for a cleaner implementation. This change does not affect the PageContext class and is compatible with previous JSP releases. Fragments are pieces of a JSP page that are translated into implementations of the JspFragment class before being passed to a tag handler.
PAGE 192

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.
PAGE 193

8 • • • Security Considerations Virtual Hosts on page 8-1 Roles on page 8-1 Single Sign-On on page 8-1 The admin web application directly changes the attributes of the NSJSP container which affects every application running in the container. The manager web application allows install, deploy, and control of all web applications running in the NSJSP container. Therefore, the admin and manager web applications are security-sensitive applications and proper security constraints should be implemented.
PAGE 194

Security Considerations Single Sign-On NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 8-2
PAGE 195

A JMXProxy Servlet The JMX Proxy Servlet is a lightweight proxy that gets and sets NSJSP internal objects by using JMX MBeans. Although the admin web application can perform most of the functions, using the JMX Proxy Servlet simplifies writing control scripts (especially, if you are monitoring and performing minor attribute changes). The -DEnableJMXProxyServlet=true Java system property enables the JMXProxy Servlet. The JMXProxy Servlet is disabled by default (property value set to false).
PAGE 196

JMXProxy Servlet JMX Set command NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 A- 2
PAGE 197

B Sample Ant Script for the Client Deployer Example B-1. Sample Ant Script for the Client Deployer - PAGE 198
Sample Ant Script for the Client Deployer Example B-1. Sample Ant Script for the Client Deployer - - PAGE 199
C NSJSP Container Objects The container objects you can administer using JMX technology are: • • • • • • • • • • • • Server Object on page C-1 Service Object on page C-2 Connector Object on page C-2 Engine Object on page C-5 Host Object on page C-6 Context and Default Context Objects on page C-8 Loader Object on page C-11 Logger Object on page C-12 Manager Object on page C-13 Resources on page C-16 Realm Object on page C-21 Valve Object on page C-27 Server Object The Server object represents the NSJSP
PAGE 200

NSJSP Container Objects Service Object Service Object The Service object represents the combination of one or more Connector components that share a single Engine component for processing incoming requests. The Service object properties supported are: name (String) The name of the Service object which is the same name specified in the tag of your iTP_server.xml configuration file. The default is NSJSP-iTPWebServer.
PAGE 201

NSJSP Container Objects Connector Object acceptCount (int) The maximum queue length of the incoming connections. This attribute is reserved, and uses the TANDEM_RECEIVE_DEPTH value from the servlet.config configuration file. allowTrace (boolean) Enables or disables the TRACE HTTP method. The default is false. bufferSize (int) Specifies the buffer size to be used for input streams. The default is 2048.
PAGE 202

NSJSP Container Objects Connector Object maxProcessors (int) The maximum processor threads supported by this connector. This number should always be greater than the minProcessors and greater than or equal to acceptCount. The default is 75. maxSpareThreads (int) The maximum number of unused request processing threads supported by this connector. The default is 25. maxThreads (int) The maximum number of request processing threads supported by this connector. The default is 75.
PAGE 203

NSJSP Container Objects Engine Object scheme (String) The protocol scheme of the connector. The default value is http. secure (boolean) Specifies whether this is a secure connector. The default value is false. tcpNoDelay (boolean) Specifies whether to use TPC_NO_DELAY option. The default value is true. threadPriority (int) The priority of the request processing threads within the JVM. The default value is 5. type (String) The connector type. The default value is iTPWS-CGI.
PAGE 204

NSJSP Container Objects Host Object debug (int) Specifies the level of debugging detail logged by this Engine to the associated Logger. The default is 0. defaultHost (String) Specifies the default host name. The default is localhost. managedResource (java.lang.Object) Specifies the managed resource with which this MBean is associated. The default is StandardEngine . baseDir (String) Specifies the base directory for the engine. Typically, this is $NSJSP_HOME. realm (org.apache.catalina.
PAGE 205

NSJSP Container Objects Host Object children (javax.management.ObjectName[]) List of all subordinate (child) MBean objects associated with this Host. autoDeploy (boolean) Instructs the virtual host to automatically deploy web applications if the web application resides in the virtual host's appBase directory. The default is false. deployOnStartup (boolean) Instructs the virtual host to automatically deploy web applications at start-up. The default is true.
PAGE 206

NSJSP Container Objects Context and Default Context Objects Context and Default Context Objects The Context object represents an individual web application. The Default Context object represents a subset of the configurable properties of a Context and is used to set defaults for those properties when web applications are automatically deployed. The Context object properties supported using the JMX interface are: allowLinking[*] (boolean) Specifies whether to allow symbolic links inside a web application.
PAGE 207

NSJSP Container Objects Context and Default Context Objects deploymentDescriptor (String) Specifies the deployment descriptor. docBase (String) Specifies the absolute or relative (to the appBase of the owning Host) pathname of a directory containing an unpacked web application or of a web application archive (WAR) file. engineName (String) Specifies the engine name of this web application.
PAGE 208

NSJSP Container Objects Context and Default Context Objects mappingObject (java.lang.Object) Specifies the object used for mapping. Typically, this is the same object of the managedResource. modified (boolean) Specifies whether the web application has been modified. resourceNames (java.lang.String[]) Specifies the Object names for the resources. objectName (String) Specifies the object name of this context.
PAGE 209

NSJSP Container Objects Loader Object state (int) Specifies the current state. stateManageable (boolean) Enables state management support for this context. The default is true. statisticsProvider (boolean) Enables statistics support. The default is false. staticResources (javax.naming.directory.DirContext) Specifies the static resources associated with this context. swallowOutput[*] (boolean) Indicates whether to redirect the bytes output to System.out and System.
PAGE 210

NSJSP Container Objects Logger Object debug (int) Specifies the level of debugging detail logged by this Loader object to the associated Logger object. The default is 0 (zero). delegate (boolean) Enables the class loader to follow the standard java2 delegation model, and attempt to load classes and resources from parent class loaders before looking inside the web application. Otherwise, the class loader looks inside the web application first. The default is false.
PAGE 211

NSJSP Container Objects Manager Object verbosity levels are: 0 (fatal messages only), 1 (errors), 2 (warnings), 3 (information), and 4 (debug). The default is 0. directory (String) The absolute or relative (to $NSJSP_HOME) path of the directory in which log files are created. The default is logs. prefix (String) The string added to the beginning of generated log file names. The default value is NSJSP_catalina. suffix (String) The string added to the end of generated log file names. The default is .log.
PAGE 212

NSJSP Container Objects Manager Object name (String) The descriptive name of this manager implementation. The default is NSJSPStandardManager. algorithm The name of the Message Digest algorithm to calculate the Session identifiers it generates. The java.security.MessageDigest class must support this value. The default is MD5. checkInterval The number of seconds between checks for expired Sessions.
PAGE 213

NSJSP Container Objects Manager Object sessionCounter (int) Specifies the total number of sessions ever created by this manager. maxActive (int) Specifies the high water mark of the active session. rejectedSessions (int) Specifies the total number of sessions rejected because the maxActiveSessions has been reached. expiredSessions (int) Specifies the total number of sessions that have expired. This number does not include those sessions that have been explicitly invalidated.
PAGE 214

NSJSP Container Objects Resources maxIdleSwap (int) The interval (in seconds) for which a session must be idle (time since last access to the session) before the session is persisted to the session store and passivated out of the NSJSP Container's memory. A value of -1 disables this feature. If this feature is enabled, the interval specified should be equal to or longer than the value specified for maxIdleBackup. The default is -1.
PAGE 215

NSJSP Container Objects Data Sources NSJSP supports these resources: • • • • • Data Sources on page C-17 Mail Sessions on page C-18 Environment Entries on page C-18 User Databases on page C-19 Resource Links on page C-21 Data Sources A Data Source represents a database connection made available in the JNDI naming context associated with a web application. The Data Source properties are: name (String) The JNDI naming context that identifies the data source.
PAGE 216

NSJSP Container Objects Mail Sessions scope (String) Specifies the sharing scope. The default is Shareable. type (String) Specifies the resource type. The default is javax.sql.DataSource. Mail Sessions A Mail Session represents a standard resource factory that creates javax.mail.Session session instances for web applications so that the application is insulated from changes in the email server configuration environment. The Mail Session properties are: name (String) The name of the Mail Session. mail.
PAGE 217

NSJSP Container Objects User Databases java.lang.Float, java.lang.Integer, java.lang.Long, java.lang.Short, java.lang.String. value (supported data type) The value of the assigned entry. override (boolean) Indicates whether the same named entry specified in the web application's deployment descriptor overrides this value. The default is true. description (String) The description of this entry. User Databases A User Database is a database of user names and their corresponding passwords.
PAGE 218

NSJSP Container Objects User Databases groups (java.lang.String[]) List of groups defined in this database. roles (java.lang.String[]) List of roles defined in this database. users (java.lang.String[]) List of users defined in this database. Using JMX, the User Database’s subordinate objects such as User, Group, and Role can also be managed. For more information about configuring the User Database, see the Tomcat 5.0 Specification Version 5.0 at http://jakata.apache.org/tomcat/tomcat-5.0doc.index.html.
PAGE 219

NSJSP Container Objects Resource Links groups (java.lang.String[]) Lists groups in which the user belongs. password (String) Specifies the user’s password for user authentication. username (String) Specifies the name of the User. roles (java.lang.String[]) Lists roles assigned to this User. Resource Links Resource Link is used to create a link to a global JNDI resource. Therefore, it exists only inside a context.
PAGE 220

NSJSP Container Objects Realm Object connectionPassword (String) Specifies the database password to use when establishing a JDBC connection. connectionURL (String) Specifies the connection URL to use when establishing a JDBC connection. debug (int) Specifies the level of debugging detail logged by this Realm to the associated Logger. The default is 0. digest (String) Specifies name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding.
PAGE 221

NSJSP Container Objects Realm Object MemoryRealm Properties className (String) The value is org.apache.catalina.realm.MemoryRealm. debug (int) Specifies the level of debugging detail logged by this Realm to the associated Logger object. The default is 0 (zero). digest (String) Specifies the name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding. The default is no digest.
PAGE 222

NSJSP Container Objects Realm Object digest (String) Specifies name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding. The default is no digest. roleBase (String) The base element for role searches. If not specified, the top-level element in the directory context is used. roleName (String) The name of the directory server attribute which contains the role name.
PAGE 223

NSJSP Container Objects Realm Object userSearch (String) Specifies the LDAP filter expression to use when searching for a user's directory entry, with {0} marking where the actual username should be inserted. Use this property (along with the userBase and userSubtree properties) instead of userPattern to search the directory for the user's entry. userSubtree (boolean) Specifies if you want user searches to search sub trees of the element selected by userBase. The default is false.
PAGE 224

NSJSP Container Objects Realm Object localDataSource (Boolean) Specifies whether the JNDI lookup for the datasource is done in the web application's local context. The default is false. roleNameCol (String) Specifies the name of the column in the user roles table which contains a role name assigned to the corresponding user. userCredCol (String) Specifies the name of the column in the users table which contains the user's credentials (for example, password).
PAGE 225

NSJSP Container Objects Valve Object roleClassNames (String) A comma-separated list of role Principal class names. useContextClassLoader (String) Instructs JAASRealm to use the context class loader for loading the user-specified LoginModule class and associated Principal classes. The default is true. Valve Object A Valve object represents a component that is inserted into the request-processing pipeline.
PAGE 226

NSJSP Container Objects Valve Object debug (int) Specifies the level of debugging detail logged by this Valve object to the associated Logger. The default is 0 (zero). directory (String) The absolute (or relative to $NSJSP_HOME) pathname of a directory in which log files created by this valve are placed. The default value is $NSJSP_HOME/logs. pattern (String) The formatting layout identifying the various information fields from the request and response to be logged.
PAGE 227

NSJSP Container Objects Valve Object deny (String) A comma-separated list of regular expression patterns that are compared to the remote client's IP address. If this attribute is specified, the remote address must not match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the accept attribute. containerName (javax.management.ObjectName) Specifies the object name of the parent container.
PAGE 228

NSJSP Container Objects Valve Object requireReauthentication (boolean) Specifies whether each request needs to be reauthenticated to the security Realm. If true, this Valve uses the cached security credentials (user name and password) to reauthenticate to the Realm.
PAGE 229

Glossary This glossary defines terms used both in this manual and in other HP manuals. Both industry-standard terms and HP-specific terms are included. authentication. The process of identifying an individual, usually based on a username and password. In security systems, authentication is distinct from authorization, which is the process of giving individuals access to system objects based on their identity.
PAGE 230

Glossary DNS DNS. See Domain Name Server (DNS). Document Type Definition (DTD). A DTD states what tags and attributes are used to describe content in an SGML document, where each tag is allowed, and which tags can appear within other tags. For example, in a DTD one could say that LIST tags can contain ITEM tags, but ITEM tags cannot contain LIST tags. In some editors, when authors are inputting information, they can place tags only where the DTD allows.
PAGE 231

Glossary GESA across one physical network. The term is loosely applied to any machine that transfers information from one network to another, as in mail gateway. GESA. See Gigabit Ethernet ServerNet Adapter (GESA). Gigabit Ethernet ServerNet Adapter (GESA). A A single-port ServerNet adapter that provides 1000 megabits/second (Mbps) data transfer rates between HP NonStop™ systems and Ethernet LANs.
PAGE 232

Glossary interoperability interoperability. The ability of software and hardware on multiple machines from multiple vendors to communicate meaningfully. IP. See Internet Protocol (IP). J2EE. See Java 2 Platform Enterprise Edition (J2EE) Java 2 Platform Enterprise Edition (J2EE). J2EE is a platform-independent, Java-centric environment from Sun for developing, building, and deploying Web-based enterprise applications online.
PAGE 233

Glossary local area network (LAN) local area network (LAN). Any physical network technology that operates at high speed (usually from tens of megabits per second to several gigabits per second) over short distances (up to a few thousand meters). Netscape. See browser. NonStop Kernel. The HP operating system, which consists of core and system services. The operating system does not include any application program interfaces (APIs). NonStop Servlets for JavaServer Pages (NSJSP).
PAGE 234

Glossary protocol protocol. A formal description of the message formats and rules two or more machines must follow to exchange messages. Protocols can describe low-level details of machine-to-machine interfaces (for example, the order in which the bits from a byte are sent across a wire) or high-level exchanges between application programs (for example, the way in which two programs transfer a file across the Internet).
PAGE 235

Glossary SSL SSL. See Secure Sockets Layer (SSL). subnet address. An extension of the Internet addressing scheme that allows a site to use a single Internet address for multiple physical networks. Outside of the site using subnet addressing, routing continues as usual by dividing the destination address into an Internet portion and local portion.
PAGE 236

Glossary URL URL. Uniform Resource Locator. wait mode. In the NonStop Kernel operating system, the mode in which the called procedure waits for the completion of an input/output (I/O) operation before returning a condition code to the caller. Compare nowait mode. Web Container. a Java runtime environment that manages the lifecycle of servlets and JSP. Web clients. Programs that execute on IBM-compatible PC, Apple Macintosh, or Unix platforms, among others.
PAGE 237

Index A Abstract Windows Toolkit (AWT) 4-4 access control 1-3 active sessions, maximum 3-51/3-52 Admin Web Application administering connector objects 4-17 administering context objects 4-18 administering default context objects 4-19 administering host objects 4-18 administering logger object 4-20 administering realm objects 4-20 administering resources 4-24 administering server objects 4-14 administering service and engine objects 4-15 administering user definition 4-26 administering valve objects 4-23 env
PAGE 238

Index D classes (continued) org.apache.catalina.realm.
PAGE 239

Index E digest (continued) JNDIRealm attribute 3-36, 3-41, 3-43, 3-44 MemoryRealm attribute 3-29 digest algorithm 3-29, 3-32, 3-36, 3-41, 3-43, 3-44 digested user password 3-36, 3-44 Digest() method 3-45 DirContext 3-34 directives 1-10 directory example 2-9 structure 1-5, 2-7 distinguished name (dn) attribute 3-34 distributable, Manager element attribute 3-50 Djdbc.
PAGE 240

Index H H J header information 4-2 Host element 3-8, 3-27, 3-28, 3-30, 3-34, 3-45/3-46 hosting, virtual 3-27 HTML clients 1-11 dynamic 1-4 forms 4-1 HTTP cookies 3-46 protocol 1-1 resources 1-2 response headers 4-2, 4-5 sessions 3-46 HTTPD process 1-11, 2-5 HTTPS protocol 4-8 HttpServlet class 4-4 HttpServletRequest class 4-5 HttpServletRequest object 1-10 HttpServletResponse class 4-5 HttpServletResponse object 1-10, 3-18 J2EE architecture 1-2 concepts 1-2 J2EE-compliant web server 1-5 JAR files, iden
PAGE 241

Index L java.security.MessageDigest class 3-29, 3-36, 3-41, 3-43, 3-44, 3-50/3-52 java.security.SecureRandom class 3-51, 3-53 java.text.MessageFormat class 3-36 java.util.random implementation class 3-51, 3-53 JAVA_HOME environment variable 3-20 JDBC driver 3-30, 3-33 jdbcMx.
PAGE 242

Index N Maxservers attribute 4-6 server directive 3-2 MD5 3-44 memory allocation pool, maximum 3-3 MemoryRealm attributes 3-29 definition 3-27, 3-28 rules of operation 3-30 message digest algorithm 3-50/3-52 methods authenticate() 3-30, 3-34, 3-45 destroy() 1-3, 2-5, 4-5 Digest() 3-45 doGet() 4-5 doPost() 4-5 getAttribute() 4-5, 4-6 getRequestDispatcher(String name) 1-10 init(ServletConfig) 4-5 init() 1-3 jspDestroy() 1-7 jspInit() 1-7 println() 1-10 service(HttpServletRequest) 4-5 service(HttpServletResp
PAGE 243

Index O nsjspadmin.
PAGE 244

Index S reinstallation 2-7 reloadable attribute 3-10 request dispatcher 1-9 RequestDispatcher object 1-10 requests, sending 4-1 request-response relationship 1-2 response content 4-2 responses, receiving 4-1 restart script 2-5 role 3-31 role name 3-36 roleBase attribute 3-35 roleBase, JNDIRealm attribute 3-36 roleName attribute 3-35 roleNameCol, JDBCRealm attribute 3-33 roleName, JNDIRealm attribute 3-36 roles 3-31, 8-1 roleSearch, JNDIRealm attribute 3-35/3-36 roleSubtree, JNDIRealm attribute 3-35/3-36 r
PAGE 245

Index S ServletRequest class 4-5 ServletRequest method 4-4 ServletResponse class 4-5 ServletResponse method 4-4 servlet-class element 3-19 servlet-name element 3-19 servlet.config file 3-1, 7-2 servlet_error.
PAGE 246

Index T T TCP/IP availability or automatic file placement 2-2 running process required 2-5 templating 1-11 temporary directory 3-4 threading synchronization 4-7 three-tier model 1-2 TMF 4-4 U Unicode set 4-7 uninstall script 2-7 URI 1-2 URL 1-2 user group element 3-35 userCredCol, JDBCRealm attribute 3-33 userNameCol, JDBCRealm attribute 3-33 userPassword attribute 3-35 userPassword, JNDIRealm attribute 3-36 userPattern, JNDIRealm attribute 3-36 userRole table 3-30/3-31 userRoleTable, JDBCRealm attribute
PAGE 247

Index Special Characters (continued) Special Characters (continued ) _jspService method 1-7 NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 Index- 11
PAGE 248

Index Special Characters (continued) NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-003 Index-12