Skip Headers

Oracle9iAS Web Cache Release Notes
Release 2 (9.0.2) for Windows

Part Number A97397-01
Go To Documentation Library
Home

Oracle9iAS Web Cache

Release Notes

Release 2 (9.0.2) for Windows

May 2002

Part No. A97397-01

This document summarizes the differences between Oracle9iAS Web Cache and its documented functionality.

See Also:

Oracle9i Application Server Release Notes

1 General Issues and Workarounds

This section describes general issues and their workarounds for Oracle9iAS Web Cache. It contains the following sections:

1.1 Default Buffer Sizes

Oracle9iAS Web Cache uses 2 KB for the access log buffer size and the following for cached documents:

The internal.xml file is located in the ORACLE_HOME\webcache directory on Windows.

1.2 Insufficient Input Checking in Oracle9iAS Web Cache Manager

Oracle9iAS Web Cache Manager does not enforce the same level of consistency checking upon receiving configuration input that Oracle9iAS Web Cache does upon starting up. Therefore, there may be instances where configuration changes are accepted by the Oracle9iAS Web Cache Manager, but Oracle9iAS Web Cache does not start up with the resulting configuration.

This is especially a problem when the admin server process is shut down (with the webcachectl stop or webcachectl stopadm command) after applying invalid configuration changes. In that case, the admin server process will not be able to start up, and the Oracle9iAS Web Cache Manager will become inaccessible.

To remedy this problem:

1.3 Oracle Application Server Limitations


Note:

This limitation applies to Oracle Application Server using the Oracle Web Listener only. This does not apply to other listeners used with Oracle Application Server. It also does not apply to Oracle9i Application Server.


Oracle Application Server, when used specifically with the Oracle Web Listener, strictly enforces virtual-host checking using the Host request header, that is sent by almost all browsers. The Host header contains the string "hostname:port" where hostname and port are as entered in the location bar of the browser, even if the hostname in the location bar is an IP address. If the Oracle Web Listener receives a Host header that does not match an entry in the Host Name and Port columns of the Network section of the configuration (corresponding to the [Multiport] section in the sv*.cfg configuration file for the listener), it returns an HTTP error code 400 indicating that the request did not specify a valid virtual host.

1.3.1 Deployments

This limitation applies to the following deployments:

  1. In Oracle Application Server 4.x, this is strictly enforced for HTTP/1.1 requests only. For HTTP/1.0 requests, only the host name has to match an entry in the Network section. The port number in the Host header does not matter.

  2. Oracle Web Listener, as shipped with Oracle Web Application Server 3.0 enforces this strictly for all HTTP requests, that is HTTP/1.0 and HTTP/1.1.

1.3.2 Entries for Network

To make an Oracle Web Listener recognize and accept a Host header, a corresponding entry must be added to the Network section for that listener. When you add an entry with host name h1 and port p1, h1 is only used to match incoming Host headers and does not otherwise effect the operation of the listener. h1 does not need to be a DNS host name of the computer. However, p1 is used as a port that the Oracle Web Listener tries to listen on. Hence there should be no other process on the computer listening on port p1.

1.3.3 Oracle9iAS Web Cache Behavior

Oracle9iAS Web Cache does not change the Host header that it receives as part of a request when relaying that request to the application Web server.

If you set up Oracle9iAS Web Cache to listen on port 1100 on a computer with DNS host name m1 and the Application Web Server is on computer m2 on port 80, and you use a browser to access http://m1:1100/, the Host header received by Oracle9iAS Web Cache is "Host: m1:1100". This is exactly the Host header that will be received by the application Web server.

1.3.4 What Restrictions Does This Imply?

If you are using Oracle Application Server with the Oracle Web Listener as your application Web server, this means that the Host header sent to Oracle9iAS Web Cache must be recognized by the Oracle Web Listener, that is, there must be a corresponding entry in the Network section.

If you are using Oracle9iAS Web Cache's host name and port directly in your browser, and if Oracle9iAS Web Cache and the Oracle Web Listener are on the same computer, the Oracle Web Listener will need to accept Oracle9iAS Web Cache's host name and port number in the Host header, and for that to occur Oracle9iAS Web Cache's port number needs to be in the Network section of the Listener's configuration. This would mean that both Oracle9iAS Web Cache and the Oracle Web Listener will try to listen on that port, which is not possible. See Section 1.3.2, "Entries for Network".

When you are using your browser to connect directly to Oracle9iAS Web Cache, ensure that Oracle9iAS Web Cache and the Oracle Web Listener are not on the same computer.

To deploy Oracle9iAS Web Cache and the Oracle Web Listener on the same computer, there has to be a port-translating switch between the browser and Oracle9iAS Web Cache that translates the port number to which the browser connects to Oracle9iAS Web Cache's listening port.

For example, assume that Oracle9iAS Web Cache is listening on port 7777 on computer m1.aaa.com, and Oracle Web Listener is the application Web server listening on port 80 on the same computer m1.aaa.com. In this example, the user enters http://www.aaa.com/ in the browser. The browser will attempt to connect to port 80 on www.aaa.com. www.aaa.com should be resolved through DNS to the switch, which should redirect requests for www.aaa.com on port 80 to computer m1 on port 1100. Note that the Host header will be: "Host: www.aaa.com:80". Oracle9iAS Web Cache will forward requests as needed to computer m1 port 80, that is, the Oracle Web Listener. For the Oracle Web Listener to accept this Host header, you will need to have added an entry to Network containing host name www.aaa.com and port 80. See Section 1.3.2, "Entries for Network" for how this can done on computer m1.

1.4 TCP/IP Tuning

If you want Oracle9iAS Web Cache to handle a large number of concurrent HTTP requests, you may need to tune TCP/IP settings for your operating system, such as the maximum TCP/IP connection queue length.

In particular, if you run stress tests against Oracle9iAS Web Cache and continuously open more TCP/IP connections from one client computer to Oracle9iAS Web Cache, you may experience periodic oscillation of throughput. This is usually caused by the TCP/IP TIMED_WAIT state of the operation system. In real world deployments, this is not an issue since it is unlikely that a single client will generate a huge number of connections. You can adjust the setting of the TIMED_WAIT state by modifying the value of the TcpTimedWaitDelay parameter in the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters.

In case of denial of service attack, availability problems usually arise in the network layer in your operating system. For example, if one client generates large number of connections, TCP/IP connection problems generally arise in your operating system.

2 Configuration Issues and Workarounds

This section describes configuration issues and their workarounds for Oracle9iAS Web Cache. It contains the following sections:

2.1 Oracle9iAS Web Cache Configuration Basics

To start initial Oracle9iAS Web Cache configuration:

  1. If not currently logged on to the Oracle9iAS Web Cache computer, log in with the user ID of the user that performed the installation.

  2. Start Oracle9iAS Web Cache.

    From the command line, enter webcachectl start.

  3. Point your browser to the URL http://web_cache_hostname:4000/

  4. When prompted for the administrator user ID and password, enter administrator for the user name and the appropriate password. The first time you log in, the password is administrator.

    See Also:

    Oracle9iAS Web Cache Administration and Deployment Guide (available at http://otn.oracle.com/products/ias/web_cache/) for complete configuration coverage

Oracle9iAS Web Cache uses two configuration files: webcache.xml and internal.xml. The Oracle9iAS Web Cache Manager writes its configuration information to the webcache.xml file. Oracle9iAS Web Cache uses internal.xml file. These files are located in the ORACLE_HOME\webcache directory on Windows. Do not edit these configuration files manually, except in the cases described in these Release Notes, or when directed to do so by Oracle Support Services. Improper editing of these configuration files may cause problems in Oracle9iAS Web Cache.

2.2 Configuration File Upgrades

In past releases, the following attributes required manual modification of the internal.xml file:

In this release of Oracle9iAS Web Cache, these attributes have been merged into the Oracle9iAS Web Cache Manager (webcache.xml). During migration, these modifications are not preserved. If you modified these attributes, you have two choices. You can:

If you are upgrading an existing Oracle9iAS Web Cache installation, the passwords for administration and invalidation are reset. The user name and password for administration is administrator/administrator and the user name and password for invalidation is invalidator/invalidator. You can change both passwords in the Security page (General Configuration > Security) of Oracle9iAS Web Cache Manager.

2.3 Oracle9iAS Web Cache Default Ports

By default, Oracle9iAS Web Cache is configured to use the following default TCP ports:

If these ports are in use, then the installation procedure attempts to assign other port numbers from a range of possible port numbers.

See Also:

Oracle9i Application Server Installation Guide

The Oracle HTTP Server is configured to use the following default ports:

At the end of installation, Oracle9iAS Web Cache will attempt to start. If there are port conflicts, then Oracle9iAS Web Cache may fail to start.

See Also:

  • Chapter 10, "Troubleshooting Oracle9iAS Web Cache Configuration," of the Oracle9iAS Web Cache Administrator's Guide to resolve port conflicts

  • Appendix E, "Event Log Messages," of the Oracle9iAS Web Cache Administrator's Guide to understand common event log error messages

2.4 Mismatched Oracle Home Definitions Causes Web Cache to Fail to Start

If the definition of Oracle home in the webcache.xml configuration file is different than the definition of Oracle home in your environment, Oracle9iAS Web Cache may fail to start.

For example on Windows, if the Oracle home is configuration as C:\home\oracle_home_ias during the installation, then that configuration is written to the ORACLEHOME attribute in the webcache.xml file. However, if the registry specifies ORACLE_HOME parameter as C:\oracle\oracle_home_ias and you invoke the webcachectl start command to start Oracle9iAS Web Cache, then Oracle9iAS Web Cache will fail to start. In this case, you may see a message similar to the following:

The description for Event ID ( 1 ) in Source ( Oracle9iAS-Web-Cache ) 
cannot be found.The local computer may not have the necessary registry
information or message DLL files to display messages from a remote 
computer.The following information is part of the event: Cannot open log 
files because NULL socket indicates problem.

You can remedy this situation by modifying the webcache.xml file to match the registry settings located in HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE so that the definitions are identical. (In the webcache.xml file, you modify the ORACLEHOME attribute of the CACHE NAME element. In a cluster environment, there is more than one CACHE NAME element, one for each cluster member. Be sure to modify the correct element.)

[Reference Bug: 2286732]

2.5 Peer-to Peer-Logging

By default, peer requests between two members of a cache cluster are not logged in the access log. Only client requests to the cluster are logged. Peer request logging can be enabled for individual cache cluster members by adding the ACCESSLOGIGNOREPEERREQUEST attribute to the MISCELLANEOUS element in the internal.xml configuration file.

The valid values for this attribute are:

The default value is YES.

The following example shows the MISCELLANEOUS element with peer-to-peer logging enabled:

<MISCELLANEOUS
    ERRORLOGFILE="C:/my_oracle_home/webcache/logs/event_log"
    ACCESSLOGIGNOREPEERREQUEST="NO"/>

[Reference Bug: 2364139]

2.6 DAVOraWebCacheReadOnly Parameter Does Not Work

The DAVOraWebCacheReadOnly parameter, if specified in the httpd.conf file, does not work in this release.

As a workaround, use the <LimitExcept> directive in the httpd.conf file, as described in the OraDAV module configuration chapter of the Oracle HTTP Server Administration Guide. Applying access restrictions to a location for all methods except GET, HEAD, and OPTIONS requests will essentially achieve the goal of using the DAVOraWebCacheReadOnly parameter. However, a caveat is that end users will always be restricted to GET, HEAD, and OPTIONS requests, even when Oracle9iAS Web Cache is not being used.

[Reference Bug: 2312620]

3 Issues Specific to Windows

This section describes issues specific to Windows. It contains the following sections:

3.1 Concurrent Users on Windows NT Workstation

Oracle9iAS Web Cache permits only five concurrent users on Windows NT Workstation. If you require more than five concurrent users, then consider using a Windows NT Server, such as Windows NT or Windows 2000.

3.2 XML Parsing Errors of webcache.xml Appears in Event Viewer

XML parsing errors related to not being able to read the webcache.xml file are displayed to the Event Viewer rather than to the screen in Windows NT.

[Reference Bug: 2277346]

4 Security Issues and Workarounds

This section describes security limitations for Oracle9iAS Web Cache. It contains the following sections:

4.1 Single Sign-On

Oracle9iAS Web Cache does not cache login requests or authenticated pages that use mod_sso static directives. To ensure that responses for those pages using dynamic directives with mod_sso are not cached, add the Surrogate-Control: no-store response-header field to identify the page as non-cacheable.

When configured with HTTPS listening ports, Oracle9iAS Web Cache is unable to forward browser certificates to origin servers. If browsers are using certificate-based single sign-on authentication, do not use Oracle9iAS Web Cache. This restriction will be lifted in a future release of Oracle9iAS Web Cache.

4.2 User Certificates

If a wallet contains a user certificate as a trustpoint for an origin server, then a core dump will occur when the user connects to the origin server. Oracle Corporation recommends not adding user certificates to trustpoints in the Oracle wallet but instead install the certificate authority (CA) signers' certificate as a trustpoint.

Oracle Corporation plans to resolve this issue in the next release.

[Reference Bugs: 2295542 and 2295884]

5 Documentation Errata

When using the Oracle9iAS Web Cache Manager online help, refer to the Oracle9iAS Web Cache Administrator's Guide for updated information on the following topics:

Oracle is a registered trademark, and Oracle9i is a trademark or registered trademark of Oracle Corporation. Other names may be trademarks of their respective owners.

Copyright © 2002 Oracle Corporation.

All Rights Reserved.


Oracle
Copyright © 2002 Oracle Corporation.

All Rights Reserved.
Go To Documentation Library
Home