Release Notes

Contents

/ Index

/ Glossary

/ AdminTool Help

This document contains:

Quick List
Known Issues
Documentation Changes
Code Changes
Bug Fixes
Troubleshooting
Additional Sources of Information

Quick List

Java Web Server now supports Java^TM 2 SDK (formerly code-named "JDK 1.2").(more)
Administration now requires a JDK 1.1-compatible browser. (more)
Some Java Servlet API 2.1 methods now return NULL. (more)
Java Web Server now supports Java Server Pages (JSP) 1.0.
(Alternatively, the JSP 0.92 engine can be engaged.) (more)
New plugin servlet provided for use with NetDynamics Application server. (more)

Known Issues

Using the Java^TM 2 SDK (formerly code-named "JDK 1.2")
- Solaris platform: You can use either the reference implementation or the production version of the Java 2 SDK with the Java Web Server.
  For the reference implementation
  Use any Java 2 SDK 1.2.x release.
  The reference implementation of the Java 2 platform is available at http://java.sun.com/products/jdk/1.2/
  
  For the production version of the Java 2 SDK
  Use at least "Solaris_JDK_1.2.1_03_pre-release" or "Solaris_JDK_1.2.1_03".
  The production version is available at http://www.sun.com/solaris/java/
  If you use an earlier production release, you may experience problems running Secure Sockets Layer (SSL) with the Java Web Server.
- Windows platforms:
  - When running Java Web Server with Java 2, you might get an exception and have the Java Web Server fail to start after creating a server certificate with the authstore utility.
    The exception will look similar to the following:
```
    Exception in thread "main" java.lang.NoClassDefFoundError: com/sun/server/util/
    ErrorMessages
        at com.sun.server.util.ErrorMessages.class$(ErrorMessages.java:31)
        at com.sun.server.util.ErrorMessages.<clinit>(ErrorMessages.java:33)
        at com.sun.server.ServerProcess.<clinit>(ServerProcess.java:51)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Compiled Code)
        at sun.security.Login.getClass(Login.java:78)
        at sun.security.Login.main(Compiled Code)
    
```
    To avoid this problem, disable the JIT. (Note that disabling the JIT will have a negative impact on performance.) To disable the JIT, start the server using the jserv startup script and specify "-vmargs -Djava.compiler=NONE". For example:
    jserv -javahome d:\jdk1.2 -vmargs -Djava.compiler=NONE
  - When running Java Web Server with Java 2, resource locations relative to the partition root (\), the drive containing the Java Web Server, are not resolved properly. (Bug 4256359)
    This means that you must specify the drive letter when setting protection or aliases for resources not contained in the server_root. For example, rather than specifying the file pathname as:
    \home\$user\public_html\text.txt
    
    You would specify it as:
    c:\home\$user\public_html\text.txt
Changing Administration Port Requires Server Restart
If you are running the Java Web Server on Solaris, changing the port through which you access the Administration Tool will cause the server to shut down. You will then be unable to access the Administration Tool on the new port.

To work around this problem, perform the following steps when changing the administration port:
1. Log in to the Administration Tool.
2. Select the Properties button (top right).
3. Change the External Port field and accept the change.
4. Restart the server manually.
5. Access the Administration Tool on the new port.
Environment Variables with Quoted Strings Won't Work
Under Windows NT, environment variables set using quoted strings will cause the httpd program to exit without warning. For example, using the following setting will cause trouble for the startup scripts found in server_home/bin (where server_home is the directory in which Java Web Server is installed):

JAVA_HOME=C:"\PROGRAM FILES\JAVA"

The affected variables are PATH, JAVA_HOME, and CLASSPATH.
Limitations on JavaServer Pages 1.0 support
Please note the following regarding the Java Web Server 2.0's implementation of the JavaServer Pages 1.0 specification.
- Taglib directive: This tag is not implemented.
- Supported scripting languages: Java is the only supported scripting language.
- Included files: When using the <%@ include file="pathToFile" %> directive, the page is not recompiled if the included file subsequently changes.
- Buffering: The current JSP engine treats buffer size incorrectly, it uses units of characters instead of bytes.
- Forward: The servlet engine crashes with a StackOverflowException if there is an infinite recursion in RequestDispatcher.forward/include or <jsp:forward/include .../>.
Incorrect version of JRE redistribution information
On Solaris, the file containing configuration information for people wishing to redistribute the JRE reflects the wrong JRE release. The file is for JRE 1.1.6_03 while the Java Web Server actually ships JRE 1.1.7_05. The configuration instructions are virtually the same between the two releases, however, and should cause little difficulty for those in need of such information.
The file in question is jre_config.txt. It can be found in server_root/jre, where server_root is the directory of the installed Java Web Server.
Anyone requiring the JRE 1.1.7 version of the file can go through the following website for registration and download:
http://www.sun.com/solaris/jre/download.1.1.7/

Documentation Changes

Documentation moved
The product documentation directory has been moved to the top level of the Java Web Server installation. In addition, a default file-alias has been set up to allow access to the documentation through the following URL:
  http://hostname:port/doc/
It is recommended that this file alias be removed when the Java Web Server is deployed to avoid customers inadvertently accessing the product documentation.

Access improved
A Table of Contents has been added and the Index expanded to provide faster, easier access to information.

New documentation
Information has been added on the following topics:

Authstore - the utility for managing server certificates.

JavaServer Pages 1.0 - a technology for speeding the development and maintenance of dynamic web pages.

Examples - source code examples covering common web server tasks and how to perform them.

Code Changes

Java^TM 2 now supported
Java Web Server 2.0 supports, but does not bundle, the new Java^TM 2 SDK, Standard Edition, v 1.2 (formerly code-named "JDK 1.2"). To run the Java Web Server with the Java 2 SDK, you must use the following startup command:
  jserv -javahome <path to Java 2>
When using -javahome option, you must point to a full JDK image (which includes javac). For Java 2 support on Solaris, this means that you must install the development tools package (SUNWjsdev) in addition to the runtime package (SUNWj2rt).

For the latest Solaris Java 2 SDK and associated Operating System patches, please see:
http://www.sun.com/solaris/java

New version of JRE being bundled
Java Web Server 2.0 now installs, and uses by default, Java Runtime Environment (JRE) 1.1.7. The new JRE is expected to further enhance the Java Web Server's performance.
Using the Solaris implementation of the JRE, rather than the reference implementation, means threads are now native and not green as earlier. Consequently, command options referencing green threads are no longer valid. For instance, the "-threads green" option of the httpd (or jserv) command is no longer valid.
Other releases of the JDK or JRE (such as 1.1.6) may also work with Java Web Server 2.0, but they are untested and therefore unsupported.

Startup script refined
The jserv startup script has been revised to improve functionality, increase portability between different VM implementations, and aid in troubleshooting startup problems.
The following changes have been made to the design of jserv:

vmargs.txt

File for providing arguments to VM.

For javawebserver VM, located in server_root/properties/server/javawebserver/vmargs.txt

A template version of the vmargs.txt file is provided in the above location. The file contains additional detail and commonly used commands. The file as shipped is inactive because all lines are commented out. To activate one of the commands in the file, simply uncomment it.

Note: In the vmargs.txt file, the first character must be either # for comment or - for system command.

The following changes have been made to the jserv command-line arguments:

-D

Still supported but spaces in system properties must now be quoted

Defines system properties to be passed to the adminserver and javawebserver VMs.

-threads

No longer supported as -green or -native (default) can be specified in vmargs.txt file instead.

Used to set threads as native or green for the server.

-javacmd

Newly supported

Allows the user to specify the java runtime executable to invoke, such as java_g or jrew.

-classpath

Deprecated in favour of -cp

Prepends specified path to that of the CLASSPATH environment variable

Administration requirements changed
The Administration Tool is now JDK 1.1 based and therefore requires a JDK 1.1-compatible browser to use. This should pose little difficulty as recent versions of the major browsers are acceptable, including: Netscape Navigator 4.06, Netscape Communicator 4.5, Microsoft Internet Explorer 4.0, and HotJava Browser 1.1.5
Servlet API updated
Java Web Server now supports Java Servlet API 2.1. As a result, the following servlet API methods now return NULL (or an empty enumeration):

javax.servlet.http.HttpSessionContext.getIds()

javax.servlet.ServletContext.getServlet(String)

javax.servlet.ServletContext.getServletNames()

javax.servlet.ServletContext.getServlets()

javax.servlet.http.HttpSessionContext.getSession(String)

To provide backwards compatibility with Servlet 2.0, two compatibility flags have been added. They are the servlets.2.0.compatiblity property in:
server_root/properties/server/javawebserver/webpageservice/servlets.properties
server_root/properties/server/javawebserver/sessionservice/session.properties

where server_root is the location of the Java Web Server 2.0 installation.
Additional details are provided the .properties files themselves.

Removal of Proxy service
Java Web Server no longer includes the simple proxy service.

Sample Servlets moved
Samples servlets are no longer stored under the system/ directory or listed by default on the servlets screen of the Administration Tool. Sample servlets can now be found in a top-level examples/ directory, along with information on what the sample does and how to run it.

JavaServer Pages now supported
The Java Web Server 2.0 final product supports the JavaServer Pages 1.0 specification. Because of the Java Web Server's production schedule and the only very recent finalization of JavaServer Pages 1.0 as we were "going to press", user documentation on this feature is limited. However, a short quickstart, some reference material (including the specification), and a list of website resources are provided and should be sufficient to get you started.
Earlier Betas of the Java Web Server 2.0 product supported JavaServer Pages 0.92. These two specifications, 0.92 and 1.0, differ significantly. Developers should not expect pages developed with 0.92 version of the specification to be compatible with the 1.0 version.

For the convenience of our customers, we have not removed the earlier JavaServer Pages 0.92 support or examples from the final product. While the default is 1.0 support, you can modify the setup after installation to engage the 0.92 support instead.

Page Compilation being deprecated
Page Compilation (.jhtml) is being deprecated in favour of JavaServer Pages (JSP). JavaServer Pages technology, which is based on the "open standards" process, is a more powerful and portable solution to the problems of dynamic content generation.
Page Compilation files (.jhtml) will continue to run under Java Web Server 2.0 but such support is not guaranteed in future releases. It is recommended that you use JavaServer Pages for new development and consider porting your legacy applications to this new standard.
Authstore improvements
The list of imported root certificates is now viewable in the Authstore utility. In addition, the messages in the help panel have been expanded.

New NetDynamics plugin servlet provided.
Java Web Server 2.0 now includes a servlet that communicates with an existing NetDynamics application server. The servlet, ndservlet, forwards URL requests to an intermediary plugin server (provided with the NetDynamics server) which then passes the request to the application server.
To take advantage of this servlet, you must have a NetDynamics application server installed and running. Then follow these steps:

Configure the servlet
To configure ndservlet, edit the plugin.nd file in the server_root/properties directory. Modify the server.address entry in the plugin.nd file to provide the address of the host on which the plugin server is running and the port on which it handles requests.
For example:
server.address=localhost:14500

Access the servlet
Send a request of the following form to the Java Web Server for forwarding to the NetDynamics application server.
http://Java_Web_Server_host:Java_Web_Server_ port/servlet/ndservlet
For example:
http://schnauzer:8080/servlet/ndservlet

For more information on the NetDynamics application server and plugin server, see their website at http://www.netdynamics.com/

Source code customers only

In addition to other changes noted in this file, source code customers should be aware of the following changes from the Java Web Server 1.2 source code release:

Virtual Host support has been added.

Default port settings have been changed as follows:

Port 8080 - Web page service

Port 7070 - Secure service

Closed Bugs

This section contains a listing of the more important bugs fixed in the Java Web Server 2.0 release.

For the most up-to-date list of bugs and their status, Java^SM Developer Connection^SM members should see the Bug Parade page on the Java Developer Connection web site. Please check that page before you report a new bug.

Note: Java Developer Connection membership is free but does require registration for access. Details on how to become a Java Developer Connection member are provided on Java Software's For Developers web page.

To report a new bug or submit a feature request, simply fill out the details in the easy-to-use form on our website and submit.

Important bugs fixed in this release

Bug ID	Description
4079442	Encoded URL sessionIDs are not parsed correctly
4098713	Cannot load remote servlets as .class files.
4143172	-D command line parameters passed to jserv script are sometimes lost
4147152	Incomplete servlet tag in .shtml file freezes Java Web Server
4184074	Servlet alias names are case-sensitive
4184114	java.lang.Throwable being caught but not logged by servlets
4184118	Modified servlets not always reloaded.
4184122	HttpServletRequest.getRequestUri() should not return query string
4185256	Authstore sometimes does not start in Solaris environments
4185805	MIME-based servlet chaining may loop on itself.
4186784	Directory separators are not written correctly
4191867	getRealPath() incorrectly calculated for virtual hosts
4192745	getResource(String) and getSystemResource(String) does not work for servlets.
4192980	MIME type for MIDI files not recognized.
4193033	JWS becomes unresponsive after exceptions or errors
4194224	Directory path names are sometimes not fully parsed
4194239	Using invoker servlet and ssinclude displays page source
4195147	Invoker servlet does not check rules.properties file
4198423	CAstore file should be stored in JWS install directory, not home directory
4198978	JWS displays "500 Server Error." Log shows "Unrecognized SSL handshake."
4198981	JWS displays "500 Server Error." Log shows "Socket Closed."
4202853	Can't invoke *.shtml file as a welcome file, results in Internal Server error
4200500	Class loader errors not trapped and logged.
4208402	Attempting to write a byte array of more than 64k elements to a socket results in an ArrayIndexOutOfBoundsException being thrown.
4209670	Templates don't work when virtual hosts are used
4209727	Log files referer_log and agent_log do not contain timestamps.
4210600	getRealPath() method doesn't return the absolute path
4210616	Requesting .jhtml files do not maintain keepalive.
4211277	500 Internal Error while calling servlet chain: can't mix text and binary input
4212948	On Windows, JWS use of colon delimiters for system properties causes filepath conflicts
4216095	File names are case-sensitive in Windows (95/NT) environments
4217281	JWS does not handle If-modified-since header correctly.
4218341	JWS does not limit the size of HTTP headers
4218524	File aliases not functional in Windows (95/NT) environments
4218837	Incorrect Java runtime is used to start the javawebserver
4211983	SSI: When use #include with virtual, file attribute is ignored.
4220526	CGI programs do not propagate stderr information to error log
4225356	Unable to chain more than one servlet with MIME-based servlet chaining.
4236096	NT: servlets don't reload and can cause JWS to go into an infinite loop.

If you use a Java Runtime Environment (JRE) other than the one provided with the Java Web Server, you may experience problems with your Page Compilation (.jhtml) files. This is because Page Compilation uses the Java byte-code compiler (javac), which is included in the bundled JRE provided by the Java Web Server but not included in a standard JRE (a subset of the JDK).

To remedy the problem, either use a Java Development Kit (JDK), which will include the missing javac compiler, or switch to the Java Web Server's default JRE.

Troubleshooting Servlets

The sendRedirect and sendError methods of HttpServletResponse are convenience methods. Each is intended to be the only method called in response to a request.

sendRedirect and sendError each create a complete response object by performing the following calls: setStatus, setHeader (in the case of sendRedirect), setContentLength, and then a series of println's. For this reason, neither sendRedirect nor sendError should be used where you need to manage a part of the response explicitly. (For instance, you would not call either of these methods just after you set the status or just before you print to the output stream.)

If you use the sendRedirect or sendError methods incorrectly (for instance, in conjunction with println),you will get a "write past end of stream" error message.

The CLASSPATH Environment Variable and the Java Web Server

People are sometimes confused about how the CLASSPATH variable is used with the Java Web Server. Here's a quick overview.

The Java Web Server ships with a Java Runtime Environment (JRE). By default, the Java Web Server uses this included JRE--which means you don't have to be concerned about your CLASSPATH or JAVAHOME settings, their values are ignored unless you explicitly say otherwise when you start the server.

If you want the Java Web Server to find and access additional classes (for example, ones you've written), you can do this in any of the following ways:

Jar them up and put the jar file into the server_root/lib directory.
If you are using the default JRE and its associated class path, all jar files in this lib subdirectory of server_root are automatically added to the classpath.

Put them in the directory server_root/classes.
If you are using the default JRE and its associated class path, this classes subdirectory of server_root is automatically added to your classpath.

Note: With this method, classes cannot be in jar format.

Start the server with the -cp option to point to the directory containing your classes. For example:

  
C:\JavaWebServer2.0\bin\httpd -cp C:\myapp\classes  (Windows example)

% httpd -cp /usr/local/classes                      (Solaris example)

In all of the above cases, server_root refers to the directory containing the installed Java Web Server product.

Removing Java Web Server on the Windows Platform

On Windows NT 4.0, if you installed the Java Web Server as an NT service, you must remove it in the following order:

Shut down the Java Web Server
Issue a command to de-register the Java Web Server with the NT Service manager.
1. C> cd server_root\bin
2. C> jservsvc JavaWebServer remove

Remove the Java Web Server itself.
1. Click on the Control Panel.
2. Click on Add/Remove Programs.
3. Highlight on the Java Web Server entry in the window and then click on Add/Remove.
Remove any leftover files.
1. C> cd path-to-installed-JavaWebServer
2. C> rmdir JavaWebServer2.0 /s /q

Permissions on Files (Solaris only)

Some files and directories are not created when the Java Web Server is installed. Instead, they are created by the server runtime the first time the server is started. (The server_root/system/sessionSwap directory is one example.) Permissions on these files and directories are granted based on the user running the server at this initial time.

For example, if you run the server for the first time as a usernameA, the sessionSwap directory is owned by usernameA. Subsequent runs by any other user (including root) will result in error due to permission problems.

To correct this problem, use the jschangeowner script in the bin/ directory of the installed Java Web Server. The script changes the ownership of such files as logs, sessionSwap, properties, and realms to allow writing by the new owner.

Changing Your Admin Password and Default Port

Once you have installed the Java Web Server on your system and logged in to the Administration Tool, it is recommended that you take the following two steps to provide additional security for your Java Web Server:

Change your default password
Assign your Administration Service to a new port (not 9090)

For details on doing how to perform these steps, see the Properties document.

If You Have Lost Your Password

If, by chance, you change your Administration password and then forget it and can no longer get access to the Java Web Server Administration Tool, you can recover by following these steps:

Stop your Java Web Server
In your favorite text editor, open the file
server_root/realms/data/adminRealm/keyfile
Change the admin line there so that it reads:
admin::YWRtaW4=
Save the file.
Restart your Java Web Server

You can now access the Administration Tool using admin as the login and password .

If you are Locked Out of the Java Web Server

Although it is recommended that you take every opportunity to protect your Java Web Server by using the security tools provided with the product, it is not recommended that you assign access controls to any of the core internal servlets. Assigning access controls to any of these servlets can prevent you from having normal access to your Java Web Server. These include the admin, error, file, invoker, linkcheck, loganalyzer, snoop, cgi, and ssinclude servlets.

If, by chance, you do find yourself locked out of the Java Web Server because of the assignment of access controls to any of the core internal servlets, you can recover from this situation quite easily by editing the acl.properties file for the service in which you assigned the access controls.

To edit the acl.properties file:

Change to the directory
server_root/properties/server/javawebserver/service_name

Open the file acl.properties in your favorite text editor.

Look for the line that contains the name of the servlet and its realm. Comment this out or delete it from the file.
For example, if you have set access controls on the admin servlet in the realm defaultRealm using the Access Control defaultACL the line would look like this:
Servlet.admin=Basic:defaultRealm:defaultAcl

Stop the Java Web Server processes.

Close your browser then re-open it.

Restart your Java Web Server.

You should now be able to log in normally to the Java Web Server.

Maintaining Security When Changing the Document Root

In some cases, changes made to the Java Web Server are not dynamic and do not take affect until the server is restarted. For example, if you have protected files in your document root directory and you create a new document root and move them there, you will lose authentication on them until you restart the server.

If you change your document root and move protected files to it, you must restart the server.

To restart the server:

Open the Administration Tool.
Select Web Service.
Select Stop.
Select Restart.

File Descriptors

Due to the streamlined single-process nature of the Java Web Server, a large number of file descriptors may be in use at any one time. On some systems under high load, the default number of file descriptors your system supplies may not be enough. If your system begins to run out of file descriptors, you may see failed class loads messages, refused sockets, and other errors related to not being able to open files. To find out how to increase the number available to your process, please consult your operating system documentation.

Changes Requiring Server Restart

If you find that changes you have made do not seem to be getting updated in the Web Server, try restarting it. Restarting the server should ensure the necessary update for tasks such as the following:

changing passwords
reloading a remote servlet
loading missing classes
enabling or disabling session tracking
changing any of the parameters for the cgiservlet (for example, the bindir or perlexe)

Additional Sources of Information

Whether you're trying to troubleshoot a particular problem or just wanting to see what other Java Web Server users are talking about, don't forget to check out the following resources:

Frequently Asked Questions
You'll find lots of helpful information in this document located on the Sun Microsystems website.
http://www.sun.com/software/jwebserver/faq/faq.html
jserv-interest list
Problem-solving advice and discussion of Java Web Server-related issues by Java Web Server users. Instructions for subscribing can be found at
http://www.sun.com/software/jwebserver/faq/index.html

Top

java-server-feedback@java.sun.com