0187-0189
Page 187
This section provided an overview of the current Web Application Server architecture, but numerous enhancements are on the immediate horizon. Future versions will expand the capabilities of the WRB by making it fully CORBA (Common Object Request Broker Architecture) compliant, supporting standard IDL (Interface Definition Language) and IIOP (Internet Inter-Object Protocol). These enhancements will simplify cartridge development and provide an even more scalable architecture through compatibility with other CORBA implementations .
Installation and Configuration
Many of the details of installing the Oracle Web Application Server are operation specific, but many administrative tasks are performed through a common HTML interface. This section provides an overview of the basic installation and configuration steps common to all platforms.
| TIP |
As with any Oracle server product, it is advisable to consult the operating-system_specific installation guide for platform-specific details and back up the server before installing. |
On all platforms, Web Application Server requires a Web browser that supports tables and frames to access the HTML administration interface and the JavaSoft JDK 1.0.2 to support the Java cartridge. If Web Application Server is installed on the same machine as an Oracle database, ensure that all Oracle instances are shut down and all Oracle services are stopped before installing.
There will be slight differences in the Oracle installer process for different platforms, but it prompts for certain information on all platforms, including
- The home directory for the installation
- Location for documentation
- Site name (used to differentiate Web servers when multiple servers are running on the same installation)
- Host name (for example, www.acme.com)
- Listener port numbers
- The admin user password
After the installation is complete, the installer prompts to start the WRB and the Admin server. Depending on the platform, you might need to do this manually. (Consult the operating- system_specific documentation for instructions on starting the listener and the server.) Once the Admin server is up and running, use a Web browser to connect to the following URL to install and configure additional listeners, DADs, and cartridges:
http://host_name.domain_name:port_number/ows-abin/boot
Page 188
The connection to this installation page is established using the highly privileged Admin listener. At least one additional listener must be configured for other users. To create the additional listener, simply supply a name for the listener, the host name, and the port number for the new listener. After reviewing the information, click the Create Listener button to complete the configuration of the new listener. If the Web Application Server will be used only as a standard Web server for HTML pages, CGI scripts, and so on, the installation is complete. You can create new listeners at any time, and you can modify configurations through the listener administration HTML interface at
http://host_name.domain_name:port_number/ows-abin/wladminl.html
From this page, you can add a listener, delete a listener, or modify the configuration of an existing listener. You can configure all listener options through this interface, including
- Network and logging options
- Virtual directory mappings
- File caching and file extensions for different language formats, MIME types, and encoding formats
- All forms of listener security, including SSL (certificate required)
| NOTE |
If you modify an existing listener, you should shut down and restart the listener to ensure that the changes take effect. |
Database Access
To avoid confusion later, this is a good time to define and describe database access descriptors and PL/SQL Agents. Database access descriptors, as the name implies, are simply named sets of parameters used to connect to the database. Each DAD contains a single Oracle user and password, an Oracle SID or a SQL*Net connect string, a specified language, and a log destination. PL/SQL agents are also used to store configuration information. Each PL/SQL agent has a specified DAD and additional NLS parameter/value pairs. Although DADs are used to enforce database-level security, access to PL/SQL agents is governed by dispatcher-level security. Each PL/SQL agent is associated with a virtual path , which is used as part of the URL when accessing the PL/SQL cartridge. The primary role of the PL/SQL agent is to provide a security and environment context for each specific instance of the PL/SQL cartridge.
If the Oracle Web Application Server will be used to access an Oracle database, you must configure at least two DADs. From the installation page, simply add the passwords to use for the default name and supply the Oracle SID (for a local database) or the SQL*Net connect string, DBA user, and password (for remote databases). If the default names are accepted, this creates
Page 189
the OWA_DBA, OWA_DEFAULT_SERVICE, and LOG_ANALZ_SERVICE PL/SQL agents and the DBA and DEFAULT DADs, which use the new www_dba and www_user database accounts. It might take several minutes for this process to create the packages required to support the PL/SQL agents and logging service. You can create and configure additional DADs at any time through the Web Application Server Administration home page at
http://host_name.domain_name:port_number/ows-adoc/wsintro.html
You use the DAD administration option to perform these tasks. To enable use of the PL/SQL cartridge for a DAD, be sure to select the option to install the PL/SQL Web Toolkit. This grants the appropriate privileges to the DAD database user and creates a number of packages to support the PL/SQL cartridge.
The previous URL (wsintro.html) serves as a good starting point for all non-listener administrative tasks. In logger administration, you can create the logger tables, select default statistics, and select specific statistics for individual DADs. You use Log Analyzer to view this information. The Authorization Server and Cartridge Administration options require more careful consideration.
Before configuring Authorization Server, consider the options selected for listener security. The least restrictive listener serves as the starting point for designing WRB security. Remember the operating modes described in the previous section (In Memory and ORB) ”you must select one of these modes of operation, regardless of the authentication method. As mentioned previously, this selection involves a trade-off between performance and resource conservation. When you cannot accurately estimate the number of concurrent requests in advance, it is safest to use the ORB mode. You can gather statistics to determine if you can use In Memory mode, based on peak usage. If enough resources are available, you can change this setting to In Memory mode. Mode of operation does not affect the authentication scheme. You can select and modify authentication schemes to use third-party providers. In addition to mode of operation and authentication scheme, the WRB allows protection by virtual path or specific file (cartridge). This interface is accessible through the following URL:
http://host_name.domain_name:port_number/ows-abin/wrbadmin.html
Note that the virtual paths and security options set in the Applications and Directories and Protecting Applications sections apply to the Authorization Server only and do not overlap with listener virtual paths and security mechanisms. Remember that the listener passes requests for URLs that represent cartridges to the dispatcher. The dispatcher accesses the Authorization Server to determine if the user has access to the cartridge before requesting an instance. The security mechanisms set for the Authorization Server apply equally to the dispatcher and the intercartridge exchange. Cartridges can impose additional security mechanisms within their implementations. However, in some cases, the intercartridge exchange can bypass internal cartridge security. If the cartridges are installed in the same instance of WRB, any cartridge authorizations in the initialize event handler are bypassed. The specifics of cartridge event handlers and security are discussed in greater detail later.
EAN: 2147483647
Pages: 391