Oracle WebServer provides an HTML-based Administration Utility which may be accessed with any forms-capable Web browser. This utility eliminates the need for the WebServer administrator to edit the Web Listener configuration file manually in most cases, and includes explanatory help text on the individual parameters. The Administration Utility is described, "The Oracle WebServer Administration Utility". This section documents the parameters in the configuration file for completeness, in the event an administrator wishes to edit the file manually.
For example, consider the following portion of a configuration file:
; ; www.acme.com configuration file ; [NetInfo] HostName = www.acme.com HostAddress = ANY PortNumber = 80
This portion of the file sets HostName to www.acme.com, HostAddress to ANY and PortNumber to 80.
Table 3 - 1 contains the parameters, grouped by logical function.
Section Parameter Name | Default Value | Description |
NetInfo HostName | none | hostname Web Listener is on, using the fully qualified host name, e.g.. www.acme.com The Listener uses the primary Internet address if no hostname is specified. |
HostAddress | ANY | Internet address on which the Web Listener on a multi-homed host accepts connection. ANY indicates connections accepted on all interfaces (IP addresses). Leave this set to ANY unless you have a specific need to change it. |
PortNumber | 80 | TCP/IP port number on which the Web Listener accepts requests. Note that port numbers less than 1024 require the Web Listener to run as root on many UNIX systems. 80 is the usual default for Web HTTP servers. |
MaxConnectCount | 50 | Maximum number of simultaneous connections from users. The Web Listener ignores requests over this limit. Note there is a compile-time per-platform limit which may not be exceeded, no matter what value is specified here. |
DNSResolution | NEVER | Controls DNS address to name resolution. If set to ALWAYS, the Web Listener always translates address to names. If set to LAZY, the Web Listener resolves names on demand only. If set to LAZY_WITH_CGI, the Web Listener also resolves on demand for CGI applications. If set to NEVER the Web Listener never resolves, even on demand (this provides the best performance). |
SERVERPID | none | Name of file in which to store the Web Listener's process identifier (PID). |
Section Parameter Name | Default Value | Description |
[Log] LogDir | none | Name of directory to contain log files. This directory must exist before the Web Listener starts. |
LogInfoFile | none | Name of file in which to store routine log information. |
LogErrorFile | none | Name of file in which to log errors. |
Note: Be sure that the user ID under which the Web Listener runs has privileges to read and write to the log file directory.
Directory_Name R|N|C Virtual_Path_Name
; ; directory mapping section of Web Listener configuration file ; [DirMaps] c:\html R /
For instance, in the above example, the directory c:\html and all subdirectories below it are mapped to the root directory (/) on the Web. So an access to the URL:
http://listenername/index.html
would actually read the following file on the Web Listener's disk.
c:\html\index.html
If a file is not listed here, it is not cached. When a non-cached file is requested by a client, the server maintains the resources to access that file only as long as the client refers to the file. The server will release the resources required to access a file requested by a client once there are no outstanding client references to the file.
There are three options for specifying files in the file cache.
; ; File Cache Definitions ; [FileCache] /index.html /marketing/a* /products
Note: The filenames specified are virtual pathnames (the names that appear in URLs on the Web), not necessarily the physical names of the files on disk if the Directory Mapping feature has been used.
For example:
; ; encoding definitions ; List for each combination of encodings ; one or more unique extensions ; [Encodings] compress Z gzip gz
Note that files that do not map to any type are by default considered MIME type application/octet-stream which denotes a binary file.
Each line in this section consists of:
MIME-type list of file extensions mapping to that type
For example:
[MIMEType] text/html htm html image/jpeg jpg jpeg image/gif gif
This example tells the Web Listener that files with extensions:
Each line consists of:
language_ID character_set_ID list_of_file-extensions
For example:
[LangExt] en iso-8859-1 eng en unicode-1-1 engU uc fr-CA iso-8859-1 frc
In this example, all files with the extension eng are mapped to English, ISO 8859-1 character set. Files with extension engU or uc are mapped to English, in the unicode character set. Files with extension frc are mapped to French Canadian language, ISO-8859-1 character sets.
The names of the character sets are as specified in RFC 1521, the language identifiers are defined in RFC 1766.
In order to use language mapping capability within the Web Listener, URLs must be specified without trailing extensions. The Web Listener adds the appropriate language/character set extension as required if the client supports natural language negotiation.
For instance:
http://www.oracle.com/index
results in access to the file:
/index.frc.html
if the client had configured French Canadian as the preferred language.
A list of languages may be configured on the client, so that several languages may be specified and if any of them is present, the file will be sent according to the first match. Note that if a file has no language extension before its type extension, that file is assumed to be language neutral. The default character set is ISO-8859-1.
To summarize: if the files /index.frc.html and /index.html existed, users who specified French Canadian as a language preference would see the first version of the file, and all other users would see the second version.
There are several sections in the file, one for each type of security.
The concept in Basic and Digest authentication is the same. Users are listed in username/password combinations, followed by specifying which users are in what groups. Finally, groups are assigned to security realms which are the parameters assigned to specific files to protect them.
Basic authentication is configured identically to Digest authentication, with the module name Digest above replaced with Basic.
Digest authentication is recommended wherever possible, to eliminate the possibility of passwords being intercepted on the network.
An example:
[Security] Digest { (Users) jjones: glorkz kmaco: plugh ajames: foo (Groups) mktg: ajames dev: kmaco all: jjones kmaco ajames (Realms) restricted: all secret: dev mktg }
This segment defines three users, (jjones, kmaco, ajames), with passwords (glorkz, plugh, foo) respectively. The group all has everyone in it, the groups mktg and dev have a single individual in each. The security realm restricted is accessible to all three people, but only the members of groups dev and mktg can access the secret realm.
In this situation, any file that was defined in the restricted realm would be accessible to the three users specified here (but no one else who used the same Web Listener), and any file in the secret realm would be accessible only to users ajames and kmaco.
To include a host or a group of hosts, specify the plus sign ( +) before the identifier for that host and exclude it by including a minus sign (-) before the identifier. In addition, the asterisk wildcard (*) can be used to match groups of hosts.
For example:
[Security] IP { st: +144.25.16.* +144.25.20.* dc: +130.35.*.* -130.35.1.1 }
This would configure everything on the networks 144.25.16 and 144.25.20 to be in group st, and everything on network 130.35 except host 130.35.1.1 to be in group dc. If the client's address doesn't match any of these, access will be denied to any file specified to require st or dc security access.
The same technique is used with hostnames in the case of domain name restriction.
The following example configures all machines in the domain oracle.com to be in group oracle except machine www.oracle.com:
[Security] Domain { oracle: +*.oracle.com -www.oracle.com }
Once the security groups have been defined, you can assign specific protections to individual files.
For example:
[Protection] /secret/ IP(st) | Basic(secret) /company/* Domain(acme)
This example protects everything under the directory /secret using either IP-based restriction from the st group or by anyone who can log into the secret realm using Basic authentication. All the files in /company are protected so that only people in the acme domain may see them.
Section Parameter Name | Default Value | Description |
Server UserDir | none | Directory under a user's home directory searched when the URL /~username/ is received. This allows users to store their own home pages in their home directories (UNIX only). |
InitialFile | initial | The file that the Listener looks for when a URL ending in a directory rather than a file is sent to the Listener. This is the 'index' file for the Web Listener. |
UserDirInitialFile | initial.html | Default filename when the /~username/ construction is used in a URL with no file specified. |
DefaultMIMEType | application/octet-stream | Default MIME type used by the Web Listener when the filename extension requested in a URL is not recognized. |
DefaultCharset | iso-8859-1 | Default character set if none is inferred from the file extension. |
PreferredLanguage | en | Language a Web Listener will prefer given a choice of languages when searching for a file. Default is English (en). |
ImageMap | none | Set this to 'map'. This is the extension the Web Listener expects imagemaps to have. |
ServiceTimeout | none | On Windows NT only: Specifies the time in seconds that the NT control panel will wait for a pending start, stop, or continue command to complete before reporting a failure. |