NonStop Servlets for JavaServer Pages (5.0) System Administrator's Guide

Manuals Brands HP Manuals Server HP NonStop G-Series

NonStop Servlets for

JavaServer Pages

(NSJSP) System

Administrator’s Guide

Abstract

NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets

and JavaServer Pages (JSPs), which are platform-independent server-side programs

that programmatically extend the functionality of web-based applications by providing

dynamic content from a webserver to a client browser over the HTTP protocol.

Product Version

NonStop Servlets for JavaServer Pages 5.0

Supported Release Version Updates (RVUs)

This guide supports G06 and all subsequent RVUs until otherwise indicated in a new

edition. For Parallel Library TCP/IP support you must be running G06.08 or later.

Part Number Published

525644-002 December 2005

Summary of content (256 pages)

PAGE 1

NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Abstract NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent server-side programs that programmatically extend the functionality of web-based applications by providing dynamic content from a webserver to a client browser over the HTTP protocol. Product Version NonStop Servlets for JavaServer Pages 5.
PAGE 2

Document History Part Number Product Version Published 525644-001 NonStop Servlets for JavaServer Pages 2.0 March 2003 525644-002 NonStop Servlets for JavaServer Pages 5.
PAGE 3

NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Glossary Index Examples What’s New in This Manual xi Manual Information xi New and Changed Information Figures Tables xi About This Manual xiii Who Should Read This Guide xiii Organization of This Guide xiv Related Manuals xiv Reference Information on the Internet Notation Conventions xviii Abbreviations xxiii xvii 1.
PAGE 4

1. Overview and Architecture (continued) Contents 1. Overview and Architecture (continued) JMX Based Administration Feature 1-16 admin Web Application 1-16 manager Web Application 1-17 Enhanced NSJSPCoyoteConnector 1-19 Session Clustering (not supported) 1-19 Invoker Servlet Availability 1-19 2.
PAGE 5

3. Configuring NSJSP Contents 3.
PAGE 6

4. Programming and Management Features Contents 4. Programming and Management Features javax.servlet.request.
PAGE 7

Contents 6. Logs and Error Conditions (continued) 6.
PAGE 8

. Security Considerations Contents 8. Security Considerations Virtual Hosts 8-1 Roles 8-1 Single Sign-On 8-1 A. JMXProxy Servlet JMX Query command A-1 JMX Set command A-1 B. Sample Ant Script for the Client Deployer C.
PAGE 9

Examples (continued) Contents Examples (continued) Example 3-3. Example 3-4. Example 3-5. Example 3-6. Example 3-7. Example 3-8. Example 3-9. Example 3-10. Example 3-11. Example 3-12. Example 3-13. Example 3-14. Example 3-15. Example 3-16. Example 3-17. Example 3-18. Example 3-19. Example 3-20. Example 3-21. Example 3-22. Example 3-23. Example 3-24. Example 3-25. Example 3-26. Example 3-27. Example 3-28. Example 3-29. Example 3-30. Example 3-31. Example 3-33. Example 3-32. Example 3-34. Example 3-35.
PAGE 10

Examples (continued) Contents Examples (continued) Example 5-4. Example 5-5. Example 5-6. Example 5-7. Example 5-8. Example 5-9. Example 5-10. Example 5-11. Example 5-12. Example 5-13. Example 5-14. Example 5-15. Example 5-16. Example 6-1. Example 7-1. Example B-1.
PAGE 11

Figures (continued) Contents Figures (continued) Figure 4-12. Figure 5-1. Figure 5-2. Figure 5-3. Figure 5-4. Figure 5-5. Figure 5-6. Figure 5-7. Figure 5-8. Figure 7-1. Inconsistent Warning 4-30 Manager Web Application Architecture 5-1 Manager Web Application Login Dialog 5-2 Manager Web Application User Interface 5-3 Manager Area 5-4 Application Area 5-5 Deploy Area 5-5 NSJSP Information Area 5-6 NSJSP Status Summary Page 5-8 New Persistent Session Class Location 7-6 Tables Table 2-1.
PAGE 12

Contents NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide —525644-002 x
PAGE 13

What’s New in This Manual Manual Information NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide Abstract NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent server-side programs that programmatically extend the functionality of web-based applications by providing dynamic content from a webserver to a client browser over the HTTP protocol.
PAGE 14

What’s New in This Manual • • • • • • • • • New and Changed Information Enhanced JSP runtime engine. NSJSP uses the new Jasper 2 JSP engine which includes significant performance improvements over the original Jasper engine. For more information, see Enhanced JSP Runtime Engine on page 1-14. Support for an enhanced Security Manager. NSJSP allows you to configure which NSJSP internal packages are protected against package definition and access.
PAGE 15

About This Manual This guide describes the installation, configuration, and management of the NonStop Servlets for JavaServer Pages (NSJSP) 5.0 component of the iTP Secure WebServer. Who Should Read This Guide The NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide is intended for experienced HP NonStop system administrators and operators who need to install, configure, and manage the iTP Secure WebServer on an HP NonStop system.
PAGE 16

About This Manual Organization of This Guide Organization of This Guide Section 1, Overview and Architecture gives a general introduction to the Java 2 Enterprise Edition (J2EE) and discusses the architecture of NonStop Servlets for JavaServer Pages (NSJSP). Section 2, Installing NSJSP provides the procedures for installing NSJSP, including what to do before you begin, starting and restarting NSJSP, stopping NSJSP, and uninstalling NSJSP. This section also shows the post-installation NSJSP 5.
PAGE 17

About This Manual TCP/IP Manuals products. The audience for this manual is system managers and operators who will monitor and control the operations of an iTP Secure WebServer environment. The following manuals contain additional information about installing, configuring, and managing HP NonStop systems or other products you can use with NSJSP.
PAGE 18

About This Manual • NonStop Java Manuals The TS/MP Management Programming Manual describes how to start, configure, and manage PATHMON environments programmatically and describes the event messages that report errors and other occurrences of interest to operators.
PAGE 19

About This Manual Reference Information on the Internet Reference Information on the Internet The following URL references are available on the Internet: • • • • • • General references: http://www.w3.org HyperText Transfer Protocol (HTTP) references: http://www.w3.org/Protocols/rfc2616/rfc2616.txt Common Gateway Interface (CGI) references: http://hoohoo.ncsa.uiuc.edu/cgi Tomcat 5.0 Documentation: http://jakata.apache.org/tomcat/tomcat-5.0-doc/index.html Java Servlet Specification Version 2.
PAGE 20

About This Manual Notation Conventions Notation Conventions Hypertext Links Blue underline is used to indicate a hypertext link within text. By clicking a passage of text with a blue underline, you are taken to the location described. For example: This requirement is described under Backup DAM Volumes and Physical Disk Drives on page 3-2. General Syntax Notation This list summarizes the notation conventions for syntax presentation in this manual. UPPERCASE LETTERS.
PAGE 21

About This Manual General Syntax Notation { } Braces. A group of items enclosed in braces is a list from which you are required to choose one item. The items in the list can be arranged either vertically, with aligned braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines. For example: LISTOPENS PROCESS { $appl-mgr-name } { $process-name } ALLOWSU { ON | OFF } | Vertical Line.
PAGE 22

Notation for Messages About This Manual a blank line. This spacing distinguishes items in a continuation line from items in a vertical list of selections. For example: ALTER [ / OUT file-spec / ] LINE [ , attribute-spec ]… !i and !o. In procedure calls, the !i notation follows an input parameter (one that passes data to the called procedure); the !o notation follows an output parameter (one that returns data to the calling program).
PAGE 23

About This Manual Notation for Management Programming Interfaces lowercase italic letters. Lowercase italic letters indicate variable items whose values are displayed or returned. For example: p-register process-name [ ] Brackets. Brackets enclose items that are sometimes, but not always, displayed.
PAGE 24

About This Manual Notation for Management Programming Interfaces UPPERCASE LETTERS. Uppercase letters indicate names from definition files. Type these names exactly as shown. For example: ZCOM-TKN-SUBJ-SERV lowercase letters. Words in lowercase letters are words that are part of the notation, including Data Definition Language (DDL) keywords. For example: token-type !r. The !r notation following a token or field name indicates that the token or field is required. For example: ZCOM-TKN-OBJNAME !o.
PAGE 25

About This Manual Abbreviations Abbreviations The following list defines abbreviations and acronyms used in this guide. Both industrystandard terms and HP terms are included. AWT. Abstract Windowing Toolkit ARPA. Advanced Research Project Agency ATP. Active Transaction Pages BSD. Berkeley Software Distribution C. Country CA. Certificate Authority CBC. Cipher Block Chaining CCITT. Consultative Committee for International Telegraph and Telephone CGI. Common Gateway Interface CN. Common Name CWD.
PAGE 26

About This Manual Abbreviations HTTPD. HyperText Transfer Protocol Daemon IEEE. Institute of Electrical and Electronics Engineers IEN. Internet Engineering Note IP. Internet Protocol J2EE. Java 2 Enterprise Edition JAR. Java Archive Tool JDBC. Java DataBase Connectivity JDK. Java Development Kit JIT. Just-In-Time (Java compiler) JNDI. Java Naming and Directory Interface JNI. Java Native Interface JSP. JavaServer Pages JVCP. Java Visual Class Package JVM. Java Virtual Machine KEK. Key Exchange Key L.
PAGE 27

About This Manual O. Abbreviations Organization OLTP. Online Transaction Processing OSS. Open System Services OU. Organizational Unit PAID. Process Accessor ID PCT. Private Communication Technology PDF. Portable Document Format PEM. Privacy Enhanced Message PKS. Public Key Certificate Standard PPP. Point to Point Protocol QIO. Queued Input Output RFC. Request for Comments RLS. Resource Locator Service RSA. Rivest, Shamir, and Adelman SCF. Subsystem Control Facility SCT.
PAGE 28

About This Manual Abbreviations TACL. Tandem Advanced Command Language TAL. Transaction Application Language Tcl. Tool Command Language Tcl/CGI. Tool Command Language/Common Gateway Interface TCP/IP. Transmission Control Protocol/Internet Protocol TS/MP. Transaction Services/Massively Parallel URL. Uniform Resource Locator WAR. Web Archive WID. WebSafe2 Interface Driver WISP. WebSafe2 Internet Security Processor X.509. CCITT Recommendation for Security Service XML.
PAGE 29

1 Overview and Architecture This section describes: • • • • Java 2 Enterprise Edition (J2EE) Overview on page 1-3 JavaServer Pages (JSP) Architecture on page 1-7 NonStop Servlets for JavaServer Pages (NSJSP) Architecture on page 1-12 New Features in the HP NSJSP Implementation on page 1-14 NonStop Servlets for JavaServer Pages (NSJSP) is a container that runs Java servlets and JavaServer Pages (JSPs), which are platform-independent, server-side programs that programmatically extend the functionality of
PAGE 30

Overview and Architecture To use this documentation, you should have some familiarity with the Java language and tools and the Java Servlet Application Programming Interface (API) as defined by JSR 154: Java 2.4 Specifications. This section does not attempt to teach you how to program servlets or JSPs, although it does offer advice and ideas. You also should be familiar with the overall iTP Secure WebServer environment, which must be installed and running before you can install and use NSJSP.
PAGE 31

Overview and Architecture Java 2 Enterprise Edition (J2EE) Overview Java 2 Enterprise Edition (J2EE) Overview This subsection summarizes the following topics: • • • • • • The Web Container on page 1-3 JavaServer Pages (JSP) on page 1-4 The Web Application on page 1-5 The WEB-INF Subdirectory on page 1-6 The Deployment Descriptor on page 1-6 Web Archive (WAR) Files on page 1-6 J2EE defines the standard for developing and running applications in a multi-tier architecture.
PAGE 32

JavaServer Pages (JSP) Overview and Architecture • • • The applications, including Java servlets and JavaServer Pages, class libraries, resources such as HTML or XML documents, and images. The Servlet API and runtime management including initializing, invoking, and managing the Servlet and JSP lifecycles. The deployment descriptors (the web.xml file) that contain resource definitions such as MIME types, mapping of requests to servlets, access control, and servlet initialization parameters.
PAGE 33

Overview and Architecture The Web Application design, the web page combines the presentation material usually created by designers with the business logic usually created by programmers. By separating the user interface from content generation, JSP allows page designers to change the page layout without altering the underlying programmable dynamic content. Furthermore, the programmable content, or business logic, can be written in the form of reusable components such as Java Beans.
PAGE 34

Overview and Architecture The WEB-INF Subdirectory Web applications should be located in a directory (typically called webapps) under the root directory of the container engine (default for the root for NSJSP is /usr/tandem/webserver/servlet_jsp). Assume you have an application called myapp1 and that one of the servlets in that application is called helloworld. The directory structure to myapp1 would be /servlet_jsp/webapps/myapp1 where myapp1 is the name of your web application directory.
PAGE 35

Overview and Architecture JavaServer Pages (JSP) Architecture For example, to create a WAR file for the application /myapp1 go to the root of the application. cd /usr/tandem/webserver/servlet_jsp/webapps/myapp1 The following command packs all the files and subdirectories into a single file called myapp1.war. The -c option creates a new archive, the -f option specifies the target file name, and the -v (verbose) option echoes the files to your display. jar -cf myapp1.
PAGE 36

Overview and Architecture Model-View-Controller Designs JSP page that processes the request and replies to the client. Content is separated from presentation because data access is performed using Java Beans. This approach works well for simple applications, but requires that all request processing occurs in the JSP page, making each page individually responsible for managing the application state, verifying authentication, and maintaining security. Figure 1-3.
PAGE 37

Overview and Architecture Model-View-Controller Designs The second approach is to adopt the design, shown in Figure 1-4, A Model-ViewController Design. In this design, processing is divided between the controller and presentation components. The presentation component, or View, consists of JSP pages that generate the HTML or XML response that determines the user interface rendered by the browser.
PAGE 38

Overview and Architecture JSP Syntax Basics 2. Obtain a reference to the request dispatcher object for the servlet in use. Use the getRequestDispatcher(String name) method, which takes in the path and name of the servlet (URI) and returns the request dispatcher object. 3. Invoke the include or forward method of the RequestDispatcher object. Either method takes two arguments; the HttpServletRequest and HttpServletResponse objects.
PAGE 39

Overview and Architecture An Example of JSP Code template is coded as JSP using the include directive to reference some HTML in another file. Example 1-1. JSP Code <%-- Filename: "TemplateDemo.jsp" --%>
Welcome To My WebSite

The time is <% new java.util.Date().toString() %>
<%@ include file = "Body.
PAGE 40

Overview and Architecture NonStop Servlets for JavaServer Pages (NSJSP) Architecture NonStop Servlets for JavaServer Pages (NSJSP) Architecture This subsection contains background information about the NonStop Servlets for JavaServer Pages (NSJSP) architecture. It illustrates and discusses the relationships between HTML clients, iTP Secure WebServer processes, and the NSJSP environment. It also describes the lifecycle of a servlet and the benefits of running servlets in NonStop TS/MP ServerClasses.
PAGE 41

Overview and Architecture NonStop Servlets for JavaServer Pages (NSJSP) Architecture The iTP Secure WebServer software, which is inherently scalable and reliable, enables the creation of Java servlets that can take advantage of the database and transaction services infrastructure on the HP NonStop server.
PAGE 42

Overview and Architecture New Features in the HP NSJSP Implementation New Features in the HP NSJSP Implementation New features incorporated in the HP NSJSP implementation are described below: J2EE Standards Support NSJSP 5.0 implements the Java Servlet 2.4 and JavaServer Pages 2.0 specifications by porting Tomcat version 5.0.28. For more information about Tomcat version 5.0, see the Apache Jakarta Tomcat 5 Servlet/JSP Container documentation at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/index.html.
PAGE 43

Overview and Architecture JAASRealm Support Jasper engine. In addition to general code improvements, the following changes have been made: • • • JSP custom tag pooling. The Java objects instantiated for JSP custom tags can be pooled and reused. This arrangement significantly boosts the performance of JSP pages which use custom tags. Background JSP compilation. If you make a change to a previously compiled JSP page, Jasper 2 can recompile that page in the background.
PAGE 44

Overview and Architecture JMX Based Administration Feature JMX Based Administration Feature NSJSP supports JMX based administration. NSJSP incorporates JMX technology to manage internal objects (for example, Servers, Services, Hosts, Contexts, Loggers, and other resource entities). In prior releases, NSJSP required you to bring down the entire container and change the configuration file iTP_server.xml to modify container objects.
PAGE 45

Overview and Architecture manager Web Application Figure 1-6. Admin User Interface For more information about the admin web application, see admin Web Application on page 4-10. manager Web Application The manager web application provides the management functions for web applications in the NSJSP container. In prior versions, the management functions were provided using the nsjsp_manager (an interactive shell script). The nsjsp_manager is discontinued in NSJSP 5.
PAGE 46

Overview and Architecture manager Web Application Figure 1-7. Manager User Interface On this page, the manager lists the installed web applications in a table. Each row in the table represents a web application. The management functions supported are listed using hyperlinks. By selecting a specific hyperlink, the operator issues the specified command to the web application. Note.
PAGE 47

Overview and Architecture Enhanced NSJSPCoyoteConnector Enhanced NSJSPCoyoteConnector The NSJSP connector component NSJSPCoyoteConnector has been enhanced so the connector is managed using JMX MBeans. Session Clustering (not supported) NSJSP 5.0 does not support session clustering. Instead, the current session routing mechanism continues to be used in NSJSP 5.0. Session clustering was not implemented because Tomcat 5.
PAGE 48

Overview and Architecture Invoker Servlet Availability NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 1- 20
PAGE 49

2 Installing NSJSP The section describes: • • • • • • Before You Begin the Installation on page 2-1 Begin the Installation on page 2-2 Starting or Restarting NSJSP on page 2-6 Stopping NSJSP on page 2-7 Uninstalling NSJSP on page 2-8 NSJSP Directory Structure on page 2-9 The procedure for installing NSJSP software depends on the distribution medium for the product. Check the readme.txt file if you have received the software on a CD. Check the softdoc if you are installing the product from a tape.
PAGE 50

Installing NSJSP • • Begin the Installation To fully deploy the product pax file into the OSS space, ensure that the "Extract files from ustar archives to OSS file system" option is selected when prompted. If TCP/IP and FTP are unavailable, or if you have problems using automatic file placement, use the instructions in the IPSetup User Guide section about Manual Software Placement to manually place NonStop operating system files.
PAGE 51

Installing NSJSP setupjava 3. To complete a typical installation of NSJSP, first run the setupjava script, then run the setup script. Both these scripts are located in the OSS file system directory: $NSJSP_HOME/ setupjava The setupjava script updates and re-links the JVM (default /usr/tandem/java) to include this version of the NSJSP software libraries and class files. By default, setupjava updates the JVM java binary located in /usr/tandem/java.
PAGE 52

Installing NSJSP setup 2. After running the setupjava script, ensure that no errors have been reported by the script. Once the setupjava script is run, the Servlet JNI code (libT1222.a and libT1222log.a) libraries are in the /usr/tandem/java_public_lib_jdk142 directory The Java binaries will have been automatically rebuilt to include the Servlet JNI code. The setupjava script is expected to be run only once when the product is first unpaxed (by using COPYOSS) into its version-specific location.
PAGE 53

Installing NSJSP setup 5. Run the setup script using the same user ID as you used to install the iTP Secure WebServer. For example, if you previously used the SUPER.WEB user ID to install the iTP Secure WebServer you must now use SUPER.WEB to install this portion of the product as follows: TACL> LOGON SUPER.WEB TACL> OSH OSS: cd $NSJSP_HOME/ OSS: ./setup After the setup script runs, the default files are located in the iTPWS_INSTALL_DIR/conf directory are: • • • • • • jdbc.
PAGE 54

Installing NSJSP Starting or Restarting NSJSP 6. Verify the VPROC of the $NSJSP_HOME/bin/servlet.ssc binary. There should be a T1222 VPROC that matches the portion of the installation directory. If no match exists, an installation error has occurred and must be corrected before proceeding. 7. To compile servlets in the NSJSP environment, update your OSS profile. After installing NSJSP 5.0, include the servlet-api.jar file in the Java classpath.
PAGE 55

Installing NSJSP Stopping NSJSP Stopping NSJSP You can stop NSJSP in two ways by using the stop script, as described in the iTP Secure WebServer System Administrator’s Guide, or by using the nsjsp_stop script, described as follows. The NSJSP script called nsjsp_stop is located in the iTPWS_INSTALL_DIR/conf directory.
PAGE 56

Installing NSJSP Uninstalling NSJSP Example 2-1. The nsjsp_stop Script /usr/tandem/webserver/conf : ./nsjsp_stop NonStop(tm) Servlets for JavaServer Pages(tm) Stop Script T1222V50_10NOV2005_BASE_V500_2 __________________________________________________________ Gracefully shuts down the NonStop(tm) Servlets for JavaServer Pages(tm) ServerClass (SERVLET+NSJSPAdmin)and the iTP WebServer environment.
PAGE 57

Installing NSJSP NSJSP Directory Structure After the uninstall script runs, the Servlet JNI code (libT1222.a and libT1222log.a) is removed from the /usr/tandem/java_public_lib_jdk142 directory. The Java binaries are automatically rebuilt. To reinstall NSJSP after the uninstall script has been run, follow the installation instructions for the specific NSJSP version you wish to reinstall.
PAGE 58

Installing NSJSP NSJSP Directory Structure Table 2-1. NSJSP Directory Structure Directory nsjsp_webapps Description Admin and manager web applications. webapps/ Base directory containing web applications included with NSJSP. work/ Used by NSJSP to store temporary files, notably the .java source files and compiled .class files created when processing JSP pages. deployer/ The standalone application deployer. share/ The classes/ and lib/ subdirectories shared across all web applications.
PAGE 59

Installing NSJSP Directory Example Directory Example Example 2-2 is intended to summarize the answer to the question, "How do you get from a URL to the application and to a servlet?" (Refer to Map Requests to Applications and Servlets on page 3-20.) The example shows the main directories and the configuration necessary to get NSJSP up and running. The example assumes the default location of /usr/tandem/webserver as the root of your directory structure.
PAGE 60

Installing NSJSP Directory Example By default, the /webapps subdirectory contains your server applications. (Use docbase in myappl.xml to set this path, or any other preferred location.) myapp1 is a sample application subdirectory. At this (root) level you can store files such as index.html, or create subdirectories to manage your web application resources, for example /images for graphics files. Every application must have a WEB-INF subdirectory.
PAGE 61

3 Configuring NSJSP The section describes: • • • • • • • Configuring the NSJSP Container on page 3-1 Configuring Web Applications on page 3-14 Configuring the Security Manager on page 3-21 Configuring Virtual Hosting on page 3-28 Configuring Realms on page 3-28 Configuring Single Sign-On Support on page 3-46 Configuring Persistent Sessions on page 3-49 Configuring the NSJSP Container Several configuration files support the NSJSP container environment and web applications.
PAGE 62

Configuring NSJSP servlet.config servlet.config This file contains the configuration information and filemaps required for the SERVLET ServerClass. The file is located (by default) in iTPWS_INSTALL_DIR/conf. For security when you run a new installation (of T1222) for the first time, the setup script automatically makes a backup of any pre-existing servlet.config file. You can then make any changes to the default, such as adding filemaps.
PAGE 63

Configuring NSJSP servlet.config Java Runtime Arguments Consider adding any of the optional Java runtime arguments (listed below) to the Java Arglist parameter. Note that the Arglist arguments for Java precede the NSJSP container class, as in the following example: Arglist -Xbootclasspath/a:$env(JAVA_HOME)/lib/tools.jar \ -Xnoclassgc -Xmx64m -Xss128k -Dbrowserdebug=false \ -Djdbc.drivers=com.tandem.sqlmp.SQLMPDriver \ -Xbootclasspath Sets the classpath of the arguments.
PAGE 64

Configuring NSJSP servlet.config -Djdbc.drivers Identifies the SQL driver to NonStop Server for Java. This option is required for servlets that use SQL/MP or SQL/MX for Java. If present, this option must have the value com.tandem.sqlmp.SQLMPDriver or com.tandem.sqlmx.SQLMXDriver. -Djava.security.manager Sets the Java Security Manager. By default, NSJSP is run without a security manager (-Dnsjsp.security.manager=none). -Djava.security.policy sets the Java Security Manager policy file (-Djava.security.
PAGE 65

Configuring NSJSP nsjspadmin.config -DDiscardFileMapHistory=[ true | false ] Preserves or discards the history of all Filemap related changes. The default is false, if the option is not specified. This means that all the history of Filemap related changes is preserved. -DEnableJMXProxyServlet=[ true | false ] Enables or disable the JMXProxyServlet in the manager web application. The default is false, which is disabled.
PAGE 66

Configuring NSJSP nsjspadmin.config the attributes of the nsjspadmin ServerClass are not changed accidentally. For the nsjspadmin server to perform properly, most of these attributes should be maintained as the installed value. The nsjspadmin ServerClass is in the same TS/MP environment as the SERVLET ServerClass and also uses the same iTP_server.xml configuration file as the SERVLET ServerClass.
PAGE 67

Configuring NSJSP nsjspadmin.config Example 3-2. Configuration File nsjspadmin.config set nsjspadmin_objectcode $root/bin/nsjspadmin.ssc Server $nsjspadmin_objectcode { CWD $env(NSJSP_HOME) Env CLASSPATH=$JVCP:$USRCP Env JAVA_HOME=$env(JAVA_HOME) Env JREHOME=$env(JAVA_HOME)/jre Env TANDEM_HTTPD_SC_NAME=HTTPD Env TANDEM_SERVLET_SC_NAME=SERVLET Env TANDEM_SERVLET_SC_PATH=$server_objectcode Env TANDEM_FILEMAPS_CONFIG=$root/conf/filemaps.
PAGE 68

Configuring NSJSP nsjspadmin.config In addition, the following Filemaps are also added to the nsjspadmin.config configuration file: Filemap /admin $nsjspadmin_objectcode Filemap /manager $nsjspadmin_objectcode This action directs all requests starting with /admin and /manager to the nsjspadmin ServerClass.
PAGE 69

Configuring NSJSP iTP_server.xml iTP_server.xml iTP_server.xml is a version of the standard server.xml file modified to use with the iTP WebServer. iTP_server.xml is an XML file. The file’s default location is $NSJSP_HOME/conf. Example 3-3. Basic Structure of iTP_server.xml At the top level, the element represents the entire Java Virtual Machine (JVM).
PAGE 70

Configuring NSJSP iTP_server.xml The default iTP_server.xml file is well commented, read these comments to become familiar with the contents of this file. Various additional elements, not shown or described here but included in the default iTP_server.xml file, provide for logging and other similar functionality, and define authentication realms. For more information about Tomcat version 5.0, see the Apache Jakarta Tomcat 5 documentation at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/index.html.
PAGE 71

Configuring NSJSP web.xml Reloading Servlets If the reloadable attribute is set to true in the .xml file (located in the Context configuration file in the $NSJSP_HOME/conf/NSJSP/ directory, as shown in Example 3-6), the container automatically reloads classes (loaded from either the WEB-INF /classes directory or JAR files in the WEB-INF/lib directory) that have changed. Example 3-6.
PAGE 72

Configuring NSJSP web.xml Example 3-7 shows a servlet class file, SessionSnoop, which has a priority of 3. Files that have a higher priority are loaded before this one. Note that the servlet class name is SessionSnoop, but a URL could reference the servlet by the servlet name Snoop. Example 3-7.
PAGE 73

Configuring NSJSP jdbc.config Initializing Servlets You can initialize servlets in either of the two versions of the web.xml file. If portability is a requirement, you may prefer to put the initialization within the application version of web.xml which is the deployment descriptor location used when packing or unpacking web application archive (WAR) files. The element contains a name/value pair as the initialization parameter of the servlet, as shown in Example 3-9. Example 3-9.
PAGE 74

Configuring NSJSP Configuring Web Applications Any application deployed using the admin or manager application has the option of requesting the nsjspadmin ServerClass to add the context path as a Filemap for HTTPD routing purpose. The nsjspadmin ServerClass manages filemaps.config file so it is recommended that you place all user-defined filemaps in the filemaps.config file.
PAGE 75

Configuring NSJSP Add a New Web Application The NSJSP container knows where to look for your classes if you use this application directory structure. You do not need to add classes and JAR files explicitly to the CLASSPATH. Each application can be managed separately from others in the container. To add an application, just add the context to a Context configuration file in the $NSJSP_HOME/conf/NSJSP// directory.
PAGE 76

Configuring NSJSP Deploy Using the Standalone Application Deployer needs to include the default NSJSP root directory (/servlet_jsp) when accessing a web application using this automatically generated context: http://hostname:port/servlet_jsp/web_application_name To access a servlet from the browser, specify the servlet keyword in the URL, as shown: http://hostname:port/servlet_jsp/web_application_name/servlet /Myservlet This feature allows you to not define a context for your web application in $NSJSP_HOM
PAGE 77

Configuring NSJSP Deploy Using the admin or manager Web Applications BUILD SUCCESSFUL Total time: 11 seconds C:\java\nsjsp 5.0\deployer>ant deploy Buildfile: build.xml deploy: [deploy] OK - Deployed application at context path /servlet_jsp/myapp BUILD SUCCESSFUL Total time: 7 seconds C:\java\nsjsp 5.0\deployer> C:\java\nsjsp 5.0\deployer>ant stop Buildfile: build.xml stop: [stop] OK - Stopped application at context path /servlet_jsp/myapp BUILD SUCCESSFUL Total time: 1 second C:\java\nsjsp 5.
PAGE 78

Configuring NSJSP Compile a Servlet 1. Create the appropriate directory structure under $NSJSP_HOME/webapps. If you prefer to locate elsewhere, use the docbase attribute of the context path. Populate with the required servlets and JSP files. 2. Create a local version of the web.xml file for deployment descriptors. Note that if you write the deployment descriptors in the main default web.xml file, creating a WAR file is difficult later on (only the local version of web.xml becomes part of the WAR file). 3.
PAGE 79

Configuring NSJSP Deploy a Servlet Example 3-11.
PAGE 80

Configuring NSJSP Map Requests to Applications and Servlets Map Requests to Applications and Servlets Mapping requests to servlets is closely linked to the concept of a context path. The application name and the context path lead to the application subdirectory. The and tags are needed to find a servlet or JSP within that application.
PAGE 81

Configuring NSJSP Configuring the Security Manager Example 3-13. Mapping a URL to the Servlet start startCartRequest start /myapp1/* Path mappings are relative to the context’s URL path. By providing a wildcard (*), any URL containing the path /myapp1 can always be passed to the startCartRequest servlet.
PAGE 82

Configuring NSJSP Configuring the Security Manager The default iTP_catalina.policy file contains all the grant entries in the standard catalina.
PAGE 83

Configuring NSJSP Configuring the Security Manager Example 3-15. Policy File Entry for the NSJSP Container // These permissions apply to the nsjsp-logging code grant codeBase "file:${catalina.home}/bin/nsjsp-logging.jar" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.home}/bin/nsjsp_bootstrap.jar" { permission java.security.AllPermission; }; ...
PAGE 84

Configuring NSJSP Starting NSJSP Through a Security Manager Example 3-15. Policy File Entry for the NSJSP Container // These permissions are granted to the NSJSP balancer web // application. grant codeBase "file:${catalina.home}/webapps/balancer/WEBINF/lib/catalina-balancer.jar" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }; // These permissions are granted by default to all web // applications.
PAGE 85

Configuring NSJSP Troubleshooting the Security Manager Example 3-16. Starting NSJSP With a Security Manager # # NSJSP Java2 System policy file and Java2 VM option. # # Note: the "double" equalto signs "==" is not a typo!! This informs the JVM # to use this file exclusively and that all others are to be ignored. # set env(JVM_POLICY_FILE) $env(NSJSP_HOME)/conf/iTP_catalina.policy set NSJSP_SECMGR_POLICY -Djava.security.policy==$env(JVM_POLICY_FILE) ... set NSJSP_SECMGR -Djava.security.manager ...
PAGE 86

Configuring NSJSP Enhanced Security Manager Example 3-17. Troubleshooting the NSJSP Security Manager Arglist -Xbootclasspath/a:$env(JAVA_HOME)/lib/tools.jar -Xnoclassgc -Xmx64m -Xss128k -Dbrowserdebug=false \ -Djdbc.drivers=com.tandem.sqlmp.SQLMPDriver \ $NSJSP_SECMGR $NSJSP_SECMGR_POLICY $NSJSP_JAAS_CONFIG \ -Djava.security.debug=all \ -DEnableJMXProxyServlet=false \ -Djava.endorsed.dirs=$env(NSJSP_ENDORSED_DIRS) \ -Dcatalina.home=$env(NSJSP_HOME) \ -Djava.io.tmpdir=$env(NSJSP_HOME)/temp \ com.tandem.
PAGE 87

Configuring NSJSP Enhanced Security Manager Example 3-18. Default Security Property File # # # # List of comma-separated packages that start with or equal this string will cause a security exception to be thrown when passed to checkPackageAccess unless the corresponding RuntimePermission ("accessClassInPackage."+package) has been granted. package.access=sun.,com.tandem.servlet.,org.apache.catalina.,org.apache.coyot e.,org.apache.tomcat.,org.apache.jasper.,sun.beans.
PAGE 88

Configuring NSJSP Configuring Virtual Hosting Configuring Virtual Hosting The virtual hosting feature enables you to access web services on multiple IP addresses or hostnames through a single iTP WebServer/NSJSP environment. Each virtual host can have its own servlet context or a set of servlet contexts. Servlet contexts cannot be shared across virtual hosts. In the iTP_server.xml file, the element represents a virtual host. One or more elements are nested inside an element.
PAGE 89

Configuring NSJSP MemoryRealm JDBCRealm Obtains authentication information stored in a relational database, accessed through a Java Database Connectivity (JDBC) driver. JNDIRealm Obtains authentication information stored in an Lightweight Directory Access Protocol (LDAP) based directory server, accessed through a Java Naming and Directory Interface (JNDI) provider. JAASRealm Obtains authentication information through the Java Authentication and Authorization Service (JAAS) framework.
PAGE 90

Configuring NSJSP MemoryRealm document is loaded from the $NSJSP_HOME/conf/tomcat-users.xml file). Changes to the data in this file are not recognized until NSJSP is restarted. Realm Element Attributes To configure MemoryRealm, create a element and nest it in your $NSJSP_HOME/conf/iTP_server.xml file or in the element in the context configuration file, as described in Example 3-20. The following attributes are supported for MemoryRealm: className The value is org.apache.catalina.realm.
PAGE 91

Configuring NSJSP JDBCRealm roles Comma-delimited list of the role names associated with this user. The default contents of the $NSJSP_HOME/conf/tomcat-users.xml file are shown in Example 3-21. Example 3-21.
PAGE 92

Configuring NSJSP ° • JDBCRealm Password, to be recognized by the NSJSP container when the user logs in. This value can be in clear text or digested as described under Digested Passwords on page 3-45. A userRole table must exist, as referenced in Example 3-22, that contains one row for every valid role that is assigned to a particular user. A user may have zero, one, or more than one role.
PAGE 93

Configuring NSJSP JDBCRealm Example 3-23. SQLCI Commands to Create and Load the JDBCRealm osh> gtacl -p sqlci < iTP_JDBCRealm.create.your_copy osh> gtacl -p sqlci < iTP_JDBCRealm.load.your_copy You may also run the NonStop SQL Commands directly through the NonStop Command Interpreter (SQLCI) after replacing the =T1222DBDIR string with the Guardian Location of the JDBCRealm catalog (of the form $Volume.SubVolume).
PAGE 94

Configuring NSJSP JDBCRealm driverName The fully qualified Java class name of the JDBC driver to be used. For SQL/MP, specify the value com.tandem.sqlmp.SQLMPDriver here. You must have the sqlmp.jar file in your classpath. For SQL/MX, specify the value com.tandem.sqlmx.SQLMXDriver here. You must have the jdbcMx.jar file in your classpath. roleNameCol The name of the column in the userRoleTable that contains the name of a role assigned to this user. The default is role_name.
PAGE 95

Configuring NSJSP JNDIRealm Example 3-24. Using the SQL/MP Database to Specify JDBCRealm Attributes PAGE 96
Configuring NSJSP ° • • • JNDIRealm There must be an attribute (identified by the userPassword attribute of our element) that contains the user's password, either in clear text or digested (see Digested Passwords on page 3-45). Each group of users that has been assigned a particular role is represented by an individual element in the top level DirContext, which is accessed through the connectionURL attribute.
PAGE 97

Configuring NSJSP JNDIRealm connectionURL The directory server URL with which to establish a JNDI connection. debug The level of debugging detail logged by this realm to the associated . Higher numbers generate more detailed output. If not specified, the default debugging detail level is zero (0). digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class.
PAGE 98

Configuring NSJSP JNDIRealm The schema creation for your directory server is beyond the scope of this document because it is unique to each directory server implementation. The examples below show you how to configure the OpenLDAP directory server, which can be downloaded from http://www.openldap.org. These examples assume that the OpenLDAP server's configuration file (slapd.conf) contains the LDBM settings (among others). Example 3-25.
PAGE 99

Configuring NSJSP JNDIRealm Example 3-26.
PAGE 100

Configuring NSJSP JAASRealm Example 3-27. Realm Element for the OpenLDAP Directory Server PAGE 101
Configuring NSJSP * * */ JAASRealm Safeguard Alias NonStopUserDB { com.tandem.servlet.jaas.NonStopLoginModule REQUIRED E.g. root debug=false; }; If you use the NonStopLoginModule, then the user name may be specified in any of the following forms: Nonstop User Name: SUPER.
PAGE 102

Configuring NSJSP JAASRealm The System User ROLE SYSSW SUPER : : 5. Configure the JAASRealm module in the iTP_server.xml file or in your Context configuration file located in the $NSJSP_HOME/conf/NSJSP// directory. Example 3-28 shows an example of using the NSJSP provided NonStopLoginModule. . Example 3-28. Realm Element in the iTP Web Server Configuration File PAGE 103
Configuring NSJSP DataSourceRealm useContextClassLoader Instructs the JAASRealm to use the context’s loader for loading the user specified LoginModule and associated classes. The default is true. debug The level of debugging logged by the Logger. The default is 0. For more information about configuring JAASRealm or creating your own login module, see the Tomcat 5.0 Specification at http://jakata.apache.org/tomcat/tomcat-5.0-doc.index.html.
PAGE 104

Configuring NSJSP UserDatabaseRealm digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class. See Digested Passwords on page 3-45 for more information. If not specified, passwords are stored in clear text. roleNameCol Specifies the name of the column in the User RoleTable where the name of a role assigned to this user.
PAGE 105

Configuring NSJSP Digested Passwords className The value is org.apache.catalina.realm.UserDataBaseRealm. digest The digest algorithm used to store passwords in non-plain text formats. Valid values are those accepted for the algorithm name by the java.security.MessageDigest class. See Digested Passwords on page 3-45 for more information. If not specified, passwords are stored in clear text. resourceName Specifies a defined resource for user database.
PAGE 106

Configuring NSJSP Configuring Single Sign-On Support select this option, the contents of the password that is stored in the realm must be the digested version of the clear text password, as digested by the specified algorithm. When the authenticate() method of the realm is called, the (clear text) password specified by the user is itself digested by the same algorithm, and the result is compared with the value returned by the Realm. A match means that the user is authorized.
PAGE 107

Configuring NSJSP Configuring Single Sign-On Support Example 3-31. Configuring Single Sign-On Support ... ... 3. For each web application that you need to operate under the single sign-on support environment, define appropriate and elements in the web application’s web.xml.
PAGE 108

Configuring NSJSP Configuring Single Sign-On Support The single sign-on facility operates according to the following rules: • • • • • • • All web applications configured for this virtual host must share the same Realm. In practice, that means you can nest the element inside this element (or the surrounding element), but not inside a element for one of the involved web applications.
PAGE 109

Configuring NSJSP Configuring Persistent Sessions Configuring Persistent Sessions NSJSP provides support for persistent sessions through the element in the Context configuration file. Nest the element below a element, because the element represents a session manager that can be used to create and maintain session data for a particular web application/Context.
PAGE 110

Configuring NSJSP Creating a NonStop SQL Database to Store the Persistent Session Data Example 3-32. SQL Script for Configuring Persistent Sessions sqlci> sqlci> create catalog =TheT1222SessionCatalog secure "OOOO"; create table =TheT1222SessionCatalog.
PAGE 111

Configuring NSJSP Configuring the Manager for Sessions Support Example 3-34. Adding Partitions Using the SQLCI ALTER TABLE Command sqlci> alter table =TheT1222SessionCatalog.SessData =TheFirstSessionPartition.SessData FIRST catalog =TheT1222SessionCatalog; add partition KEY “5” sqlci> alter table =TheT1222SessionCatalog.SessData =TheSecondSessionPartition.
PAGE 112

Configuring NSJSP Configuring the Manager for Sessions Support maxInactiveInterval The maximum inactive interval (in minutes) for any sessions created. The default value is 30 minutes. The value of this property is automatically inherited from the web application deployment descriptor (WEB-INF/web.xml) based on the value specified in the element.
PAGE 113

Configuring NSJSP Configuring the Manager for Sessions Support maxActiveSessions The maximum number of active sessions that can be created. The default is -1 for no limit or unlimited active sessions. randomClass The Java class name of the java.util.random implementation class. The default class is java.security.SecureRandom. Example 3-35 shows how to use the NSJSPStandardManager. Example 3-35.
PAGE 114

Configuring NSJSP Configuring the Manager for Sessions Support debug The debug level for messages logged to the associated logger. Higher numbers generate more detailed output. The default is 0 (zero). entropy A string value used when seeding the random-number generator that creates session identifiers. If this attribute is not specified, a semi-useful preset value is used. For a security-conscious environment, use a long string value.
PAGE 115

Configuring NSJSP Configuring the Persistent Store randomClass The Java class name of the java.util.random implementation class. The default class is java.security.SecureRandom. saveOnRestart Determines whether all sessions should be saved to the store on shutdown. The default is true.
PAGE 116

Configuring NSJSP Configuring the Persistent Store driverName The fully qualified Java class name of the JDBC driver to be used. For SQL/MP, specify the value com.tandem.sqlmp.SQLMPDriver. You must have the sqlmp.jar file in your classpath. For SQL/MX, specify the value com.tandem.sqlmx.SQLMXDriver. You must have the jdbcMx.jar file in your classpath. connectionURL The connection URL to hand to the JDBC driver to establish a connection to the database containing the session information.
PAGE 117

Configuring NSJSP Configuring the Persistent Store sessionProcessNameCol The name of the NonStop SQL database column contained in the specified sessionTable that contains the HP NonStop process name of the NonStop Server for Java (NSJ) process. This column type must accept as many characters as are contained in the NonStop process name (typically 6).
PAGE 118

Configuring NSJSP Before using the NonStop SQL JDBC-based store, create a NonStop SQL catalog and database table to store the swapped out/backed up sessions. See Configuring the Manager for Sessions Support on page 3-51 for more details. Note. The NonStop SQL catalog must be created on a TMF-audited data volume (disk).
PAGE 119

4 Programming and Management Features The information discussed in this section includes the following: • • • • Client Programming Features on page 4-1 Servlet Programming Features on page 4-2 JMX Based Administration on page 4-9 admin Web Application on page 4-10 Client Programming Features Before you read this subsection, you should be familiar with the information in the iTP Secure WebServer System Administrator’s Guide.
PAGE 120

Programming and Management Features Receiving Response Information Receiving Response Information The response from the NSJSP container has the same form as the output from any other CGI program and consists of: • • • One or more HTTP response headers A blank line The response content However, the servlet/JSP itself need not generate all these elements. If it does not provide header information, the servlet API methods insert the header content-type: text/html.
PAGE 121

Programming and Management Features Programming Using NonStop Server for Java This section provides a brief summary about how to use the Servlet API 2.4. For detailed information about the Servlet API 2.4, see the Java Servlet API Specification, Version 2.4 at the following web site: http://java.sun.com/products/servlet/ and other API documentation available from Sun Microsystems.
PAGE 122

Programming and Management Features • Programming Using Other Java Environments Transaction protection using TMF. For detailed information about NonStop Server for Java, see NonStop Server for Java (NSJ) Programmer’s Reference.
PAGE 123

Programming and Management Features Using the Servlet API responds to a request from a web client. The HttpServlet class inherits the init(ServletConfig) and destroy() methods from the GenericServlet class. A servlet that you write for the iTP WebServer environment must extend the GenericServlet class or the HttpServlet class; the HttpServlet class is preferable for the web environment because it includes many features supporting HTTP protocol.
PAGE 124

Programming and Management Features Obtaining Specific CGI Environment Variable Values Obtaining Specific CGI Environment Variable Values To obtain the value of a specific CGI environment variable, use the getHeaderNames() or getAttribute() methods with the string parameter value "com.tandem.servlet.parameter-name" where parameter_name is the name of the desired environment variable.
PAGE 125

Programming and Management Features Request and Response Streams the data of the servlet. In most cases this arrangment is the most efficient method of handling multiple requests for servlets that do not contain client data. Be aware that multithreading may require you to allow for threading synchronization. Every client has access to each field in the servlet: the fields of the servlet are being shared by each client.
PAGE 126

Programming and Management Features Reserved Cookie Names Reserved Cookie Names The cookie names JSESSIONID, JSESSIONIDSSO, NSJSPADMINSSO, and iTPWebSessionId are reserved for internal use. According to the servlet API the name of the cookie must be JSESSIONID and the name of the session-tracking parameter used in the URL rewriting must be jsessionid. javax.servlet.request.X509Certificate javax.servlet.request.X509Certificate returns an array of one object of type java.security.cert.
PAGE 127

Programming and Management Features JMX Based Administration JMX Based Administration NSJSP allows administering container objects using JMX technology to manage internal objects (for example, Servers, Services, Hosts, Contexts, Loggers, and other resource entities).These objects are administered using the admin web application which is described in admin Web Application on page 4-10.
PAGE 128

Programming and Management Features admin Web Application admin Web Application The admin web application provides a graphical user interface (GUI) for administering container objects and resource modifications using JMX MBeans. In addition, an MBean invocation can also be done using the manager web application by specifying the target object (or resource name), the invoking method, and the associated argument list in the query string of the URI.
PAGE 129

Programming and Management Features Overview and Architecture When an admin operation is run in Tomcat (after the Save button is clicked), the change takes effect immediately. For example, a change made to the Debug Level property of the Server object directly affects the Tomcat server at the time the Save button is clicked. Later, the Commit Changes command simply serializes the Tomcat server configuration back to the server.xml file. An NSJSP 5.
PAGE 130

Programming and Management Features Login and Security Considerations Figure 4-1 shows that the operator commands received by the iTP WebServer are directed to the nsjspadmin server. Figure 4-2 shows that when the Commit Changes button is clicked, the nsjspadmin server first updates the iTP_server.xml configuration file, then broadcasts all the previously saved changes in a chunk to every running server instance of the SERVLET ServerClass.
PAGE 131

Programming and Management Features Login and Security Considerations need remote access to the admin web application, you should run the admin web application over SSL with proper security setup. Figure 4-3 displays the admin login page of the NSJSP admin web application. You may log into the admin web application by entering your user name, password, and then clicking the Login button.
PAGE 132

Programming and Management Features Login and Security Considerations Having completed the authentication and authorization process, the admin page displays the entire NSJSP server's container objects in an expandable directory-tree structure as shown in Figure 4-4. Figure 4-4. Admin Initial page Every tree node represents an object node. The open and (+) sign indicates an expandable object node. By selecting, you can fold or unfold a specific object node.
PAGE 133

Programming and Management Features Login and Security Considerations Changes button commits all of the previously saved operations and updates the iTP_server.xml configuration file.
PAGE 134

Programming and Management Features Administering Server Objects Administering Server Objects Figure 4-5 displays the views of a Server object. The Server Actions drop-down menu lists the actions you can select, for example: • • Create a new Service Delete existing Services Figure 4-5. Server Object View/Modify page The Server object properties are described in detail in Server Object on page C-1.
PAGE 135

Programming and Management Features Administering Service and Engine Objects Administering Service and Engine Objects Figure 4-6 displays the views of a Service object. The Service Actions drop-down menu lists the available actions for a Service object, for example: • • • • Delete existing Connectors Create a new Host or delete existing Hosts Create a new Logger or delete existing Loggers Create a new Valve or delete existing Valves Figure 4-6.
PAGE 136

Programming and Management Features Administering Service and Engine Objects The Service object properties are described in detail in Service Object on page C-2.
PAGE 137

Programming and Management Features Administering Connector Objects 4 Programming and Management Features Administering Connector Objects Figure 4-7 displays the views of a Connector object. The Connector Actions drop-down menu lists one available action: • Delete this Connector. (You cannot add or delete an NSJSPCoyoteConnector). Figure 4-7. Connector Object View/Modify page The Connector object properties are described in detail in Connector Object on page C-2. Note.
PAGE 138

Programming and Management Features Administering Host Objects Administering Host Objects Displays the views of a Host object. The Host Actions drop-down menu lists the available actions, for example: • • • • • • Create a new Alias or delete existing Aliases Create a new Logger or delete existing Loggers Create a new Context or delete existing Contexts Create new User Realm or delete User Realms Create a new Valves or delete existing Valves Delete this host An Alias is the alias of a Host object.
PAGE 139

Programming and Management Features Administering Default Context Objects Figure 4-8. Context Object View/Modify page The supported session managers are: NSJSPStandardManager and the NSJSPPersistentManager. The NSJSPStandardManager properties and NSJSPPersistentManager properties are described in detail in Manager Object on page C-13. Administering Default Context Objects Displays the views of a DefaultContext object. There is no available actions in the DefaultContext Actions drop-down menu.
PAGE 140

Programming and Management Features Administering Logger Object The admin web application does not allow a DefaultContext object to be created online as this affects all the running Contexts at the Engine or Host levels. Administering Logger Object Displays the views of a Logger object. The Logger Actions drop-down menu lists the available action, for example: • Delete this Logger The Logger object properties are described in detail in Logger Object on page C-12.
PAGE 141

Programming and Management Features Administering Realm Objects Figure 4-9.
PAGE 142

Programming and Management Features Administering Realm Objects NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 4- 24
PAGE 143

Programming and Management Features Administering Valve Objects 4 Programming and Management Features Administering Valve Objects This section displays views of Value objects. NSJSP supports several types of Valves: RemoteHostValve, AccessLogValve, RemoteAddrValve, RequestDumperValve, and SingleSignOnValve using the admin web application. See Valve Object on page C-27 for a detailed description of the attributes.
PAGE 144

Programming and Management Features Administering Resources Administering Resources Figure 4-10 displays views of Data Sources. The Data Source Actions drop-down menu lists the available actions, for example: • • Create a new Data Source Delete existing Data Sources Figure 4-10. Data Source View/Modify page The Data Source properties are described in detail in Data Sources on page C-17.
PAGE 145

Programming and Management Features Administering Resources Mail Sessions Displays views of Mail Sessions. The Mail Session Actions drop-down menu lists the available actions, for example: • • Create a new Mail Session Delete existing Mail Sessions The Mail Session properties are described in detail in Mail Sessions on page C-18. Environment Entries Displays views of Environment Entries.
PAGE 146

Programming and Management Features Administering User Definition Administering User Definition This section displays views of the Users List, Groups List, and Roles List. Users List Figure 4-11 displays a view of the Users List. The User Actions drop-down menu lists the available actions, for example: • • • Create new User Delete existing Users List existing Users Figure 4-11.
PAGE 147

Programming and Management Features Administering User Definition The Users List properties are described in detail in Users on page C-20. Groups List Displays views of the Groups List. The Groups List Actions drop-down menu lists the available actions, for example: • • • Create new Group Delete existing Groups List existing Groups The Group properties are described in detail in Group on page C-20. Roles List Displays views of the Roles List.
PAGE 148

Programming and Management Features Inconsistent Conditions Inconsistent Conditions When the Commit Changes button is clicked all previously saved changes are sent to every server processes of the SERVLET ServerClass. Because these commands have already been validated and processed by the nsjspadmin ServerClass, no errors are expected from the SERVLET ServerClass. If a server instance returns an error, the server is marked as inconsistent and an warning message is returned to the operator.
PAGE 149

Programming and Management Features nsjspadmin.config ServerClass Configuration File Stop button. The Ignore button allows these inconsistent servers to continue to run. The operator should stop these processes manually. All occurrences of inconsistency are logged to the associated Logger objects. When a servlet server process catches an exception while processing an admin command, the servlet server process automatically stops itself.
PAGE 150

Programming and Management Features iTP_server.xml Configuration File iTP_server.xml Configuration File The commit change operation causes the nsjspadmin server to serialize the current configuration back to the NSJSP's iTP_server.xml configuration file. At the same time, the current version of the iTP_server.xml file is preserved using the following naming convention: iTP_server.xml.yyyy-mm-dd.
PAGE 151

Programming and Management Features iTP_server.xml Configuration File 3. Rename the previously preserved iTP_server.xml.yyyy-mm-dd.hh-mm-ss file to iTP_server.xml. 4. Depending on the nature of the commit change operation, rename the appropriate context configuration files .xml files to .xml.temp. 5. Depending on the nature of the commit change operation, rename the previously preserved context configuration files .xml.yyyy-mm-dd.hhmm-ss files to .
PAGE 152

Programming and Management Features iTP_server.
PAGE 153

5 Manager Web Application The managerweb application provides the management functions for all web applications in the NSJSP container. In prior releases, the management functions were provided using the nsjsp_manager (an interactive shell script). The nsjsp_manager is no longer supported. The manager web application replaces nsjsp_manager and provides the same functionality. NSJSP uses the nsjspadmin ServerClass to handle all the web application management front-end functions.
PAGE 154

Manager Web Application The manager GUI Interface Figure 5-2. Manager Web Application Login Dialog The manager web application lists all the configured web applications in the NSJSP container (including both static configured and dynamically deployed web applications) after the user has logged in.
PAGE 155

Manager Web Application The manager GUI Interface Figure 5-3. Manager Web Application User Interface Message Box The Message box lists the result of last run command.
PAGE 156

Manager Web Application The manager GUI Interface Example 5-1. Message Box Manager Area The Manager area contains links to the following commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application. • Manager Help The Manager App HOW-TO document which describes the access control of the manager application and supported commands.
PAGE 157

Manager Web Application The manager GUI Interface Figure 5-5. Application Area Deploy Area Web applications can be installed using files or directories located on the server, or you can upload a web application archive (WAR) file to the server. Figure 5-6 displays the Deploy area. The Context Path field is optional. If the Context Path field is omitted, the directory name or the war file name without the .
PAGE 158

Manager Web Application The manager GUI Interface You can also install a web application directory or WAR file located in your host's appBase directory (see Host Object on page C-6 for appBase directory) by specifying the WAR file name without the .war extension in the WAR or Directory URL field. For example, if you had a WAR file named myAppl.war residing in your host's appBase directory, you could specify myAppl in the WAR or Directory URL field.
PAGE 159

Manager Web Application NSJSP Status Command 5 Manager Web Application NSJSP Status Command Access the NSJSP Status command from the link or the /manager/status URI.
PAGE 160

Manager Web Application NSJSP Status Command Figure 5-8. NSJSP Status Summary Page Manager The Manager area contains links to the following commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application.
PAGE 161

Manager Web Application • NSJSP Status Command NSJSP Status Summary Retrieves the summary status of the NSJSP container. For detailed information about the NSJSP Status command, see NSJSP Status Command on page 5-7. • Complete NSJSP Status Retrieves detailed status information. Example 5-2. NSJSP Status Summary Manager Area NSJSP Information • • • • • • NSJSP Version: For NSJSP, NonStop™ Servlets For JavaServer Pages™ v5.0. JVM Version: For example,1.4.2_04-b05. JVM Vendor: Hewlett-Packard Company.
PAGE 162

Manager Web Application NSJSP Status Command JVM The aggregation of JVM statistics counters of all NSJSP server processes. The JVM title links to the JVM Statistics Detail which lists the JVM statistics of every running server instance. Example 5-5 shows an example of the status summary JVM area. Example 5-5. NSJSP Status Summary JVM Area Example 5-6. NSJSP Status (JVM) Statistics Detail Area Connectors The aggregation of statistics counters of the Connectors for all NSJSP server processes.
PAGE 163

Manager Web Application NSJSP Server Instance Detail Example 5-8. NSJSP Status (Connector) Statistics Detail Area NSJSP Server Instance Detail The NSJSP Server Instance Detail lists the complete status and statistics information for an NSJSP server instance. It is accessed using the link listed in the Server Instances.
PAGE 164

Manager Web Application NSJSP Server Instance Detail Example 5-9. NSJSP Status ($Z5BA) Page Manager The Manager area contains links to the following commands: • Lists Applications Refreshes the display which lists the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application.
PAGE 165

Manager Web Application NSJSP Server Instance Detail Retrieves the summary status of the NSJSP container • Complete NSJSP Status Retrieves detailed status information. NSJSP Information The NSJSP Information area contains the following: • • • • • • NSJSP Version: For NSJSP, NonStop™ Servlets For JavaServer Pages™ v5.0. JVM Version: For example, 1.4.2_04-b05. JVM Vendor: Hewlett-Packard Company. OS Name: NONSTOP_KERNEL. OS Version: For example, G06. OS Architecture: For example, mips.
PAGE 166

Manager Web Application NSJSP Server Instance Detail NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 5- 14
PAGE 167

Manager Web Application 5 Manager Web Application Web Applications Lists all of the configured web applications. Every entry is a link to the detail display of the application. Example 5-10 shows an example of the application list area. Example 5-10. NSJSP Status ($Z5BA) Application List Area Example 5-11 shows the detail display of the servlets-examples web application. Example 5-11.
PAGE 168

Manager Web Application Complete NSJSP Status The complete NSJSP Status lists the aggregation of all status and statistics counters for all NSJSP server processes. It is accessed using the link listed in the Manager Area of the NSJSP Status page.
PAGE 169

Manager Web Application Example 5-12.
PAGE 170

Manager Web Application Manager The Manager area contains links to the following commands: • Lists Applications Refreshes the display which lists all of the configured web applications in the NSJSP container. • HTML Manager Help The help document for the HTML-based manager web application. • NSJSP Status Summary Retrieves the summary status of the NSJSP container. • Complete NSJSP Status Retrieves complete NSJSP status information.
PAGE 171

Manager Web Application Example 5-13. Complete NSJSP Status Application List Area Example 5-14 shows the detail display of the NSJSP Status localhost/servlet_jsp/servlets-examples and localhost/manager Area. Example 5-14.
PAGE 172

Manager Web Application Cleaning Up the NonStop SQL Session Data Cleaning Up the NonStop SQL Session Data Sessions saved by the NonStopSQLJDBCStore to a NonStop SQL database may never get cleaned up and remain as orphan sessions when • • The sessions are saved on an NSJSP container restart and never accessed after the restart, Or the seesion were backed up or swapped out to the NonStop SQL database and not accessed again after the NSJSP container failed and was restarted.
PAGE 173

Manager Web Application Managing Constraints Managing Constraints The manager web application has the following constraints: • • • The manager web application only manages the web applications in a virtual host. Therefore, you must configure a manager web application for every virtual host. The manager web application manages only the running NSJSP container. Any commands or changes made using the manager web application affects only the running server processes.
PAGE 174

Manager Web Application nsjsp_digestPassword T1222V50_10NOV2005_BASE_V500_2 _________________________________________________________________ Migrates the persistent session data stored in a NonStop(tm) SQL database for NonStop(tm) Servlets for JavaServer Pages(tm). Please enter the database table name [$SYSTEM.T1222CAT.SessData] : $DATA00.MYSESS.
PAGE 175

Manager Web Application nsjsp_cleanConfigBackups name>/ directories before they are updated using the admin web application. Overtime, these backup files may need to be cleaned up. The syntax is: nsjsp_cleanConfigBackups [-h] [-s] [-d ] [-n ] where -h prints out help (usage information). -s runs in silent mode suppressing messages. Additional config backup directory to search for backup configuration files.
PAGE 176

Manager Web Application nsjsp_cleanConfigBackups NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 5- 24
PAGE 177

6 • • • • • • • Logs and Error Conditions NSJSP Logging on page 6-1 Logging Configuration on page 6-1 Status Information on page 6-4 Log Files Rollover on page 6-4 Log Files Cleanup Script on page 6-4 Recovery Procedure for Broadcast Error on page 6-5 EMS Message Format on page 6-8 NSJSP Logging NSJSP processes report configuration and status information to the standard output (STDOUT) file, and report errors and exceptions to the EMS log and standard error (STDERR) files and other log files.
PAGE 178

Logs and Error Conditions Switching From Multiple Log Files to a Single Log File log messages to a single log file or to multiple log files. The default logging option is to use multiple log files. In case of the single log file option, all output is sent to a single log file (that is, servlet.log). Example 6-1 shows an example on how to use the tag to redirect all the log messages to a file myApp..log using time stamped log messages. Example 6-1.
PAGE 179

Logs and Error Conditions Switching From a Single Log File to Multiple Log Files 3. Use the DIFF program to compare the iTP_server.xml with the iTP_server.xml.sample and save the changes. 4. Back up the iTP_server.xml file. 5. Copy the iTP_server-singleLog.xml.sample to the iTP_server.xml file. 6. Delete the iTP_server.xml.sample and create the iTP_server.xml.sample by symbolically linking to the iTP_serversingleLog.xml.sample file: ln -s iTP_server-singleLog.xml.sample iTP_server.xml.sample 7.
PAGE 180

Logs and Error Conditions Status Information 9. Optionally, you can add tags with the com.tandem.servlet.catalina.logger.NSJSPFileLogger to your context.xml configuration file. 10. Restart the NSJSP container. Status Information NSJSP processes report the following kinds of information to the standard output file: • • A message indicating that the NSJSP process has started or failed to start. Any message written to the standard output file by a servlet or JSP.
PAGE 181

Logs and Error Conditions nsjsp_cleanlogs Syntax nsjsp_cleanlogs Syntax nsjsp_cleanlogs [-d log_file_directory] [-n number_of_days] [-x log_file_extension] [-b backup_directory] -s nsjsp_cleanlogs Options -d log_file_directory The -d option takes one argument, a string, which specifies the directory where the log files are located. The log file directory path given can be in relative or absolute format. $NSJSP_HOME/logs is the default directory -n number_of_days The -n option requires a number argument.
PAGE 182

Logs and Error Conditions Broadcast Error Broadcast Error A broadcast resulted in error. Some, but not all, of the server processes reported error in their responses. As a result, those failed servers may be out of sync (in an inconsistent state) from the rest of the servers. For example, if the broadcast is on behalf of a deploy command, then these failed servers will not have the new application. This causes an inconsistent service (i.e.
PAGE 183

Logs and Error Conditions • • Causes of Broadcast Error/Failure Additionally, you will need to rollback any Context configuration files (.xml) that have been modified. You can use the backup copies from the $NSJSP_HOME/conf/NSJSP//backup/ directory. Restart your iTP WebServer environment. Causes of Broadcast Error/Failure A broadcast error could be the result of the following: 1.
PAGE 184

Logs and Error Conditions EMS Message Format EMS Message Format When an error occurs during startup, the container reports an EMS message consisting of the following elements: • • A line that reports the date, the time, the process name, and the syslog severity category, as described in the OSS manual set. A descriptive string, for example, (#7001) Servlet ServerClass started. Version Procedure = T1222V50_10NOV0503_BASE_V500_2.
PAGE 185

Logs and Error Conditions EMS Message Format NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 6-9
PAGE 186

Logs and Error Conditions EMS Message Format NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 6- 10
PAGE 187

7 • • • • • • • • Migrating to NSJSP 5.0 NSJSP Environment on page 7-1 Jar File Considerations on page 7-1 Configuration Considerations on page 7-2 Pre-Compiled JSPs on page 7-4 Application Migration Considerations on page 7-4 Strict Rules on TagExtraInfo Classes on page 7-5 Persistent Session Classes Moved on page 7-6 Changes from JSP 1.2 to JSP 2.0 on page 7-12 NSJSP Environment NSJSP 5.0 continues running in the same environment as in prior versions.
PAGE 188

Migrating to NSJSP 5.0 Configuration Considerations Configuration Considerations Both SERVLET and nsjspadmin ServerClasses are defined in the servlet.config and nsjspadmin.config respectively. They both use the same iTP_server.xml configuration file. When configuration is altered using the admin web application, a backup copy of the iTP_server.xml is saved in the $NSJSP_HOME/conf/backup directory. There are three new configuration files for NSJSP 5.0. They are: • • • nsjspadmin.
PAGE 189

Migrating to NSJSP 5.0 Configuring the Security Manager configuration file, you can store Context elements in individual files (with a .xml extension) in the $NSJSP_HOME/conf/// directory. This method allows dynamic reconfiguration of the web application because the main iTP_server.xml file cannot be reloaded without restarting NSJSP. It is recommended that you not place elements directly in the iTP_server.xml file. Instead, you should put them in the META-INF/context.
PAGE 190

Migrating to NSJSP 5.0 Pre-Compiled JSPs During installation the existing iTP_catalina.policy file is backed up. Incorporate your specific configuration into the new iTP_catalina policy file. For more information about the NSJSP enhanced security manager, see Enhanced Security Manager on page 3-26. For more information about the security manager, see the documentation at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/security-manager-howto.html. Pre-Compiled JSPs The NSJSP 5.
PAGE 191

Migrating to NSJSP 5.0 Strict Rules on TagExtraInfo Classes If the Invoker Servlet is disabled, some servlets in your web applications might not work and may return error 404 (page not found) to the browser. This problem occurs if your web application descriptors do not explicitly describe all of the servlet mappings. Example 7-1 illustrates how to add mappings for a servlet to a web application's deployment descriptor (web.xml file). Example 7-1.
PAGE 192

Migrating to NSJSP 5.0 Persistent Session Classes Moved a result, you will have to reduce the size of app_name field to VARCHAR(200) in order to create a NonStop SQL/MX database table. Persistent Session Classes Moved Both NSJSPPersistentManager and NonStopSQLJDBCStore classes have been moved from org.apache.catalina.session package to com.tandem.servlet.catalina.session package. All existing elements nested inside tags are required to change. Figure 7-1 is an example using the com.
PAGE 193

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Changes from Servlet 2.3 to Servlet 2.4 The differences between the Java Servlet 2.4 API specification and Java Servlet 2.3 is as follows: • Java Servlets 2.4 requires HTTP/1.1 and at least the J2SE (Java 2 Platform, Standard Edition) 1.3 version. In addition, the HttpServletResponse interface has a new variable called SC_FOUND for HTTP/1.1 Status code 302.
PAGE 194

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Filters are configured such that they are invoked on RequestDispatcher include() and forward() calls. Use the sub-element under the element in the deployment descriptor web.xml. For example, the following code configures filter mapping whereby a filter named "my Forward Filter" is invoked when the request being processed under a RequestDispatcher matches the for a forward() call.
PAGE 195

Migrating to NSJSP 5.0 • Changes from Servlet 2.3 to Servlet 2.4 Provision for shared library files and Classloader extension mechanisms. For web applications that use shared library files, the Container now provides a directory for all shared libraries. The files placed in the directory are available to all web applications. Additionally, deployment support for extensions is recommended but not required. (Support for extensions is specified using METAINF/MANIFEST/MF entry in the web application.
PAGE 196

Migrating to NSJSP 5.0 Changes from Servlet 2.3 to Servlet 2.4 Note that these attributes are not set for forwarded servlets and JSPs obtained using the getNamedDispatcher() method. • The ServletRequest and ServletRequestWrapper classes have four new methods to return information about the IP connection. • • • • • getRemotePort(): returns the IP port number of the client or last proxy that sent this request. getLocalName(): returns the host name on which this request was received.
PAGE 197

Migrating to NSJSP 5.0 • Changes from Servlet 2.3 to Servlet 2.4 In the Deployment Descriptor web.xml, all sub-elements under the element can be in any order. In the schema for the deployment descriptor web.xml, the element under the // element tree is mandatory and must always be specified.
PAGE 198

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.0 Changes from JSP 1.2 to JSP 2.0 Differences between the JavaServer Pages 2.0 API specification and JavaServer Pages 1.2 specification. • A new simple Expression Language. The JavaServer Pages Expression Language (EL) has been added to the JavaServerPages 2.0 API. The Expression Language was originally defined in the JSP StandardTag Library (JSTL) 1.0 specification and is now incorporated in the JavaServer Pages 2.0 API specifications.
PAGE 199

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.0 superclass for a cleaner implementation. This change does not affect the PageContext class and is compatible with previous JSP releases. Fragments are pieces of a JSP page that are translated into implementations of the JspFragment class before being passed to a tag handler.
PAGE 200

Migrating to NSJSP 5.0 Changes from JSP 1.2 to JSP 2.
PAGE 201

8 • • • Security Considerations Virtual Hosts on page 8-1 Roles on page 8-1 Single Sign-On on page 8-1 The admin web application directly changes the attributes of the NSJSP container which affects every application running in the container. The manager web application allows install, deploy, and control of all web applications running in the NSJSP container. Therefore, the admin and manager web applications are security-sensitive applications and proper security constraints should be implemented.
PAGE 202

Security Considerations Single Sign-On NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 8-2
PAGE 203

A JMXProxy Servlet The JMX Proxy Servlet is a lightweight proxy that gets and sets NSJSP internal objects by using JMX MBeans. Although the admin web application can perform most of the functions, using the JMX Proxy Servlet simplifies writing control scripts (especially, if you are monitoring and performing minor attribute changes). The -DEnableJMXProxyServlet=true Java system property enables the JMXProxy Servlet. The JMXProxy Servlet is disabled by default (property value set to false).
PAGE 204

JMXProxy Servlet JMX Set command NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 A- 2
PAGE 205

B Sample Ant Script for the Client Deployer Example B-1. Sample Ant Script for the Client Deployer - PAGE 206
Sample Ant Script for the Client Deployer Example B-1. Sample Ant Script for the Client Deployer - - PAGE 207
C NSJSP Container Objects The container objects you can administer using JMX technology are: • • • • • • • • • • • • Server Object on page C-1 Service Object on page C-2 Connector Object on page C-2 Engine Object on page C-5 Host Object on page C-6 Context and Default Context Objects on page C-7 Loader Object on page C-11 Logger Object on page C-12 Manager Object on page C-13 Resources on page C-16 Realm Object on page C-21 Valve Object on page C-27 Server Object The Server object represents the NSJSP
PAGE 208

NSJSP Container Objects Service Object Service Object The Service object represents the combination of one or more Connector components that share a single Engine component for processing incoming requests. The Service object properties supported are: name (String) The name of the Service object which is the same name specified in the tag of your iTP_server.xml configuration file. The default is NSJSP-iTPWebServer.
PAGE 209

NSJSP Container Objects Connector Object acceptCount (int) The maximum queue length of the incoming connections. This attribute is reserved, and uses the TANDEM_RECEIVE_DEPTH value from the servlet.config configuration file. allowTrace (boolean) Enables or disables the TRACE HTTP method. The default is false. bufferSize (int) Specifies the buffer size to be used for input streams. The default is 2048.
PAGE 210

NSJSP Container Objects Connector Object maxProcessors (int) The maximum processor threads supported by this connector. This number should always be greater than the minProcessors and greater than or equal to acceptCount. The default is 75. maxSpareThreads (int) The maximum number of unused request processing threads supported by this connector. The default is 25. maxThreads (int) The maximum number of request processing threads supported by this connector. The default is 75.
PAGE 211

NSJSP Container Objects Engine Object scheme (String) The protocol scheme of the connector. The default value is http. secure (boolean) Specifies whether this is a secure connector. The default value is false. tcpNoDelay (boolean) Specifies whether to use TPC_NO_DELAY option. The default value is true. threadPriority (int) The priority of the request processing threads within the JVM. The default value is 5. type (String) The connector type. The default value is iTPWS-CGI.
PAGE 212

NSJSP Container Objects Host Object debug (int) Specifies the level of debugging detail logged by this Engine to the associated Logger. The default is 0. defaultHost (String) Specifies the default host name. The default is localhost. managedResource (java.lang.Object) Specifies the managed resource with which this MBean is associated. The default is StandardEngine . baseDir (String) Specifies the base directory for the engine. Typically, this is $NSJSP_HOME. realm (org.apache.catalina.
PAGE 213

NSJSP Container Objects Context and Default Context Objects children (javax.management.ObjectName[]) List of all subordinate (child) MBean objects associated with this Host. autoDeploy (boolean) Instructs the virtual host to automatically deploy web applications if the web application resides in the virtual host's appBase directory. The default is false. deployOnStartup (boolean) Instructs the virtual host to automatically deploy web applications at start-up. The default is true.
PAGE 214

NSJSP Container Objects Context and Default Context Objects set defaults for those properties when web applications are automatically deployed. The Context object properties supported using the JMX interface are: allowLinking[*] (boolean) Specifies whether to allow symbolic links inside a web application. The default is false. cacheMaxSize[*] (int) Specifies the maximum size of the static resource cache in KBytes. The default is 10240.
PAGE 215

NSJSP Container Objects Context and Default Context Objects docBase (String) Specifies the absolute or relative (to the appBase of the owning Host) pathname of a directory containing an unpacked web application or of a web application archive (WAR) file. engineName (String) Specifies the engine name of this web application.
PAGE 216

NSJSP Container Objects Context and Default Context Objects modified (boolean) Specifies whether the web application has been modified. resourceNames (java.lang.String[]) Specifies the Object names for the resources. objectName (String) Specifies the object name of this context. override (boolean) Indicates whether the settings in this context should override the corresponding settings in the Default Context. The default is false. parentClassLoader (java.lang.
PAGE 217

NSJSP Container Objects Loader Object stateManageable (boolean) Enables state management support for this context. The default is true. statisticsProvider (boolean) Enables statistics support. The default is false. staticResources (javax.naming.directory.DirContext) Specifies the static resources associated with this context. swallowOutput[*] (boolean) Indicates whether to redirect the bytes output to System.out and System.err by the web application to the web application's Logger. The default is false.
PAGE 218

NSJSP Container Objects Logger Object debug (int) Specifies the level of debugging detail logged by this Loader object to the associated Logger object. The default is 0 (zero). delegate (boolean) Enables the class loader to follow the standard java2 delegation model, and attempt to load classes and resources from parent class loaders before looking inside the web application. Otherwise, the class loader looks inside the web application first. The default is false.
PAGE 219

NSJSP Container Objects Manager Object verbosity levels are: 0 (fatal messages only), 1 (errors), 2 (warnings), 3 (information), and 4 (debug). The default is 0. directory (String) The absolute or relative (to $NSJSP_HOME) path of the directory in which log files are created. The default is logs. prefix (String) The string added to the beginning of generated log file names. The default value is NSJSP_catalina. suffix (String) The string added to the end of generated log file names. The default is .log.
PAGE 220

NSJSP Container Objects Manager Object name (String) The descriptive name of this manager implementation. The default is NSJSPStandardManager. algorithm The name of the Message Digest algorithm to calculate the Session identifiers it generates. The java.security.MessageDigest class must support this value. The default is MD5. checkInterval The number of seconds between checks for expired Sessions.
PAGE 221

NSJSP Container Objects Manager Object sessionCounter (int) Specifies the total number of sessions ever created by this manager. maxActive (int) Specifies the high water mark of the active session. rejectedSessions (int) Specifies the total number of sessions rejected because the maxActiveSessions has been reached. expiredSessions (int) Specifies the total number of sessions that have expired. This number does not include those sessions that have been explicitly invalidated.
PAGE 222

NSJSP Container Objects Resources maxIdleSwap (int) The interval (in seconds) for which a session must be idle (time since last access to the session) before the session is persisted to the session store and passivated out of the NSJSP Container's memory. A value of -1 disables this feature. If this feature is enabled, the interval specified should be equal to or longer than the value specified for maxIdleBackup. The default is -1.
PAGE 223

NSJSP Container Objects Data Sources NSJSP supports the following resources: • • • • • Data Sources on page C-17 Mail Sessions on page C-18 Environment Entries on page C-18 User Databases on page C-19 Resource Links on page C-21 Data Sources A Data Source represents a database connection made available in the JNDI naming context associated with a web application. The Data Source properties are: name (String) The JNDI naming context that identifies the data source.
PAGE 224

NSJSP Container Objects Mail Sessions scope (String) Specifies the sharing scope. The default is Shareable. type (String) Specifies the resource type. The default is javax.sql.DataSource. Mail Sessions A Mail Session represents a standard resource factory that creates javax.mail.Session session instances for web applications so that the application is insulated from changes in the email server configuration environment. The Mail Session properties are: name (String) The name of the Mail Session. mail.
PAGE 225

NSJSP Container Objects User Databases java.lang.Float, java.lang.Integer, java.lang.Long, java.lang.Short, java.lang.String. value (supported data type) The value of the assigned entry. override (boolean) Indicates whether the same named entry specified in the web application's deployment descriptor overrides this value. The default is true. description (String) The description of this entry. User Databases A User Database is a database of user names and their corresponding passwords.
PAGE 226

NSJSP Container Objects User Databases groups (java.lang.String[]) List of groups defined in this database. roles (java.lang.String[]) List of roles defined in this database. users (java.lang.String[]) List of users defined in this database. Using JMX, the User Database’s subordinate objects such as User, Group, and Role can also be managed. For more information about configuring the User Database, see the Tomcat 5.0 Specification Version 5.0 at http://jakata.apache.org/tomcat/tomcat-5.0doc.index.html.
PAGE 227

NSJSP Container Objects Resource Links groups (java.lang.String[]) Lists groups in which the user belongs. password (String) Specifies the user’s password for user authentication. username (String) Specifies the name of the User. roles (java.lang.String[]) Lists roles assigned to this User. Resource Links Resource Link is used to create a link to a global JNDI resource. Therefore, it exists only inside a context.
PAGE 228

NSJSP Container Objects Realm Object connectionPassword (String) Specifies the database password to use when establishing a JDBC connection. connectionURL (String) Specifies the connection URL to use when establishing a JDBC connection. debug (int) Specifies the level of debugging detail logged by this Realm to the associated Logger. The default is 0. digest (String) Specifies name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding.
PAGE 229

NSJSP Container Objects Realm Object MemoryRealm Properties className (String) The value is org.apache.catalina.realm.MemoryRealm. debug (int) Specifies the level of debugging detail logged by this Realm to the associated Logger object. The default is 0 (zero). digest (String) Specifies the name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding. The default is no digest.
PAGE 230

NSJSP Container Objects Realm Object digest (String) Specifies name of the MessageDigest algorithm that encodes passwords in the database, or specifies a zero-length string for no encoding. The default is no digest. roleBase (String) The base element for role searches. If not specified, the top-level element in the directory context is used. roleName (String) The name of the directory server attribute which contains the role name.
PAGE 231

NSJSP Container Objects Realm Object userSearch (String) Specifies the LDAP filter expression to use when searching for a user's directory entry, with {0} marking where the actual username should be inserted. Use this property (along with the userBase and userSubtree properties) instead of userPattern to search the directory for the user's entry. userSubtree (boolean) Specifies if you want user searches to search sub trees of the element selected by userBase. The default is false.
PAGE 232

NSJSP Container Objects Realm Object localDataSource (Boolean) Specifies whether the JNDI lookup for the datasource is done in the web application's local context. The default is false. roleNameCol (String) Specifies the name of the column in the user roles table which contains a role name assigned to the corresponding user. userCredCol (String) Specifies the name of the column in the users table which contains the user's credentials (for example, password).
PAGE 233

NSJSP Container Objects Valve Object roleClassNames (String) A comma-separated list of role Principal class names. useContextClassLoader (String) Instructs JAASRealm to use the context class loader for loading the user-specified LoginModule class and associated Principal classes. The default is true. Valve Object A Valve object represents a component that is inserted into the request-processing pipeline.
PAGE 234

NSJSP Container Objects Valve Object debug (int) Specifies the level of debugging detail logged by this Valve object to the associated Logger. The default is 0 (zero). directory (String) The absolute (or relative to $NSJSP_HOME) pathname of a directory in which log files created by this valve are placed. The default value is $NSJSP_HOME/logs. pattern (String) The formatting layout identifying the various information fields from the request and response to be logged.
PAGE 235

NSJSP Container Objects Valve Object deny (String) A comma-separated list of regular expression patterns that are compared to the remote client's IP address. If this attribute is specified, the remote address must not match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the accept attribute. containerName (javax.management.ObjectName) Specifies the object name of the parent container.
PAGE 236

NSJSP Container Objects Valve Object requireReauthentication (boolean) Specifies whether each request needs to be reauthenticated to the security Realm. If true, this Valve uses the cached security credentials (user name and password) to reauthenticate to the Realm.
PAGE 237

Glossary This glossary defines terms used both in this manual and in other HP manuals. Both industry-standard terms and HP-specific terms are included. authentication. The process of identifying an individual, usually based on a username and password. In security systems, authentication is distinct from authorization, which is the process of giving individuals access to system objects based on their identity.
PAGE 238

Glossary DNS DNS. See Domain Name Server (DNS). Document Type Definition (DTD). A DTD states what tags and attributes are used to describe content in an SGML document, where each tag is allowed, and which tags can appear within other tags. For example, in a DTD one could say that LIST tags can contain ITEM tags, but ITEM tags cannot contain LIST tags. In some editors, when authors are inputting information, they can place tags only where the DTD allows.
PAGE 239

Glossary GESA across one physical network. The term is loosely applied to any machine that transfers information from one network to another, as in mail gateway. GESA. See Gigabit Ethernet ServerNet Adapter (GESA). Gigabit Ethernet ServerNet Adapter (GESA). A single-port ServerNet adapter that provides Gigabit connectivity on a NonStop S-series server. The GESA installs directly into an existing Ethernet port, and multiple GESAs are supported in a system enclosure. hierarchical routing.
PAGE 240

Glossary Java 2 Platform Enterprise Edition (J2EE) Java 2 Platform Enterprise Edition (J2EE). J2EE is a platform-independent, Java-centric environment from Sun for developing, building, and deploying Web-based enterprise applications online. The J2EE platform consists of a set of services, APIs, and protocols that provide the functionality for developing multitiered, Web-based applications. Java Database Connectivity (JDBC). The Java standard for access to relational databases such as SQL/MP or SQL/MX.
PAGE 241

Glossary NonStop Servlets for JavaServer Pages (NSJSP) NonStop Servlets for JavaServer Pages (NSJSP). NonStop Servlets for JavaServer Pages (NSJSP) are platform-independent server-side programs that programmatically extend the functionality of web-based applications by providing dynamic content from a webserver to a client browser over the HTTP protocol. nowait mode.
PAGE 242

Glossary Request for Comments (RFC) Request for Comments (RFC). The name of a series of notes that contain surveys, measurements, ideas, techniques, and observations, along with proposed and accepted Internet protocol standards. RFCs are edited but not referenced. They are available across the Internet. RFC. See Request for Comments (RFC). sandbox. A protected memory space wherein a program cannot access outside resources such as file or network services. Secure Sockets Layer (SSL).
PAGE 243

Glossary subsystem subsystem. The software and/or hardware facilities that provide users with access to a set of communications services. Transmission Control Protocol (TCP). The Internet standard transport-level protocol that provides the reliable, full-duplex stream service on which many application protocols depend. TCP allows a process on one machine to send a stream of data to a process on another.
PAGE 244

Glossary Web clients Web clients. Programs that execute on IBM-compatible PC, Apple Macintosh, or Unix platforms, among others. They provide a graphic user interface (GUI) for access to documents and programs on the Web. A web browser is the most familiar example of a web client. Web server. Web servers are programs that execute on a variety of server platforms. These include IBM-compatible servers, Apple Macintosh servers, Unix servers, and a large number of proprietary hosts.
PAGE 245

Index A Abstract Windows Toolkit (AWT) 4-4 access control 1-4 active sessions, maximum 3-53/3-54 Admin Web Application administering connector objects 4-19 administering context objects 4-20 administering default context objects 4-21 administering host objects 4-20 administering logger object 4-22 administering realm objects 4-22 administering resources 4-26 administering server objects 4-16 administering service and engine objects 4-17 administering user definition 4-28 administering valve objects 4-25 env
PAGE 246

Index D org.apache.catalina.realm.
PAGE 247

Index E MemoryRealm attribute 3-30 digest algorithm 3-30, 3-33, 3-37, 3-42, 3-44, 3-45 digested user password 3-37, 3-45 Digest() method 3-46 DirContext 3-35 directives 1-10 directory example 2-11 structure 1-6, 2-9 distinguished name (dn) attribute 3-35 distributable, Manager element attribute 3-51 Djdbc.
PAGE 248

Index H H J header information 4-2 Host element 3-9, 3-28, 3-29, 3-31, 3-35, 3-46/3-48 hosting, virtual 3-28 HTML clients 1-12 dynamic 1-4 forms 4-1 HTTP cookies 3-48 protocol 1-1 resources 1-3 response headers 4-2, 4-5 sessions 3-48 HTTPD process 1-12, 2-6 HTTPS protocol 4-8 HttpServlet class 4-4 HttpServletRequest class 4-5 HttpServletRequest object 1-10 HttpServletResponse class 4-5 HttpServletResponse object 1-10, 3-19 J2EE architecture 1-3 concepts 1-3 J2EE-compliant web server 1-5 JAR files ident
PAGE 249

Index L java.io.Serializable interface 3-51 java.policy file 3-21 java.security.MessageDigest class 3-30, 3-37, 3-42, 3-44, 3-45, 3-52/3-53 java.security.SecureRandom class 3-53, 3-55 java.text.MessageFormat class 3-37 java.util.random implementation class 3-53, 3-55 JAVA_HOME environment variable 3-21 JDBC driver 3-31, 3-34 jdbcMx.
PAGE 250

Index N Maxservers attribute 4-6 server directive 3-2 MD5 3-45 memory allocation pool, maximum 3-3 MemoryRealm 3-28/3-29 attributes 3-30 rules of operation 3-31 message digest algorithm 3-52/3-53 methods authenticate() 3-31, 3-35, 3-46 destroy() 1-4, 2-7, 4-5 Digest() 3-46 doGet() 4-5 doPost() 4-5 getAttribute() 4-5, 4-6 getRequestDispatcher(String name) 1-10 init(ServletConfig) 4-5 init() 1-4 jspDestroy() 1-7 jspInit() 1-7 println() 1-10 service(HttpServletRequest) 4-5 service(HttpServletResponse) 4-5 se
PAGE 251

Index O NSJSPPersistentManager 3-52 attributes 3-53 NSJSPStandardManager attributes 3-52 class 3-49 implementation 3-52/3-53 nsjsp_cleanlogs options -b backup_directory 6-5 -d log_file_directory 6-5 -n number_of_days 6-5 -s 6-5 -x log_file_extension 6-5 nsjsp_cleanlogs script 6-4 nsjsp_cleanSessionData script 3-57 nsjsp_stop script 2-6, 3-55 Numstatic attribute 4-6 server directive 3-2 O objects HttpServletRequest 1-10 HttpServletResponse 1-10, 3-19 RequestDispatcher 1-10 OpenLDAP directory server 3-38 o
PAGE 252

Index S Region directive 4-7 reinstallation 2-9 reload support, automatic (not recommended for production applications) 3-11 reloadable attribute 3-11 request dispatcher 1-9 RequestDispatcher object 1-10 requests, sending 4-1 request-response relationship 1-3 response content 4-2 responses, receiving 4-1 restart script 2-6 role 3-32 role name 3-37 roleBase attribute 3-36 roleBase, JNDIRealm attribute 3-37 roleName attribute 3-36 roleNameCol, JDBCRealm attribute 3-34 roleName, JNDIRealm attribute 3-37 role
PAGE 253

Index S servlet application programming interface (API) 1-2 servlet initialization parameters 1-4 SERVLET ServerClass 3-2 ServletException class 4-5 ServletJSPConnector.jar class file 2-6 ServletRequest class 4-5 ServletRequest method 4-4 ServletResponse class 4-5 ServletResponse method 4-4 servlet-class element 3-20 servlet-name element 3-20 servlet.config file 3-1, 7-2 servlet_error.
PAGE 254

Index T string value 3-52 Sun Microsystems Java Developer’s Kit 4-3 Java website, java.sun.
PAGE 255

Index Special Characters -Djava.security.
PAGE 256

Index Special Characters NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-002 Index-12