Glossary

Access Control Entries (ACEs)

A hierarchy of rules which the web server uses to evaluate incoming access requests.

Access Control List (ACL)

A collection of ACEs. An ACL is a mechanism for defining which users have access to your server. You can define ACL rules that are specific to a particular file or directory, granting or denying access to one or more users and groups.

Administration Server

A web-based server that contains the forms you use to configure all of your Sun Java System Web Servers.

admpw

The username and password file for the Enterprise Administrator Server superuser.

agent

Software that runs the network-management software in a network device, such as a router, host, or X terminal. See also intelligent agents.

authentication

Allows Glossarys to verify their identity to the server. Basic or Default authentication requires users to enter a username and password to access your web server or web site. It requires a list of users and groups in an LDAP database. See also digest and SSL authentication.

The granting of access to an entire server or particular files and directories on it. Authorization can be restricted by criteria including hostnames and IP addresses.

cache

A copy of original data that is stored locally. Cached data doesn’t have to be retrieved from a remote server again when requested.

certificate

A nontransferable, nonforgeable, digital file issued from a third party that both communicating parties already trust.

Certificate revocation list (CRL)

CA list, provided by the CA, of all revoked certificates.

certification authority (CA)

An internal or third-party organization that issues digital files used for encrypted transactions.

CGI

Common Gateway Interface. An interface by which external programs communicate with the HTTP server. Programs that are written to use CGI are called CGI programs or CGI scripts. CGI programs handle forms or parse output the server does not normally handle or parse.

chroot

An additional root directory you can create to limit the server to specific directories. You’d use this feature to safeguard an unprotected server.

cipher

A cipher is a cryptographic algorithm (a mathematical function), used for encryption or decryption.

ciphertext

Information disguised by encryption, which only the intended recipient can decrypt.

client

Software, such as Netscape Navigator, used to request and view World Wide Web material.

client auth

Client authentication.

cluster

A group of remote ”slave’ administration servers added to and controlled by a ”master’ and administration server. All servers in a cluster must be of the same platform and have the same userid and password.

collection

A database that contains information about documents, such as word list and file properties. Collections are used by the search function to retrieve documents matching specified search criteria.

Common LogFile Format

The format used by the server for entering information into the access logs. The format is the same among all major servers, including the Sun Java System Web Server.

Compromised key list (CKL)

A list of key information about users who have compromised keys. The CA also provides this list.

daemon (UNIX)

A background process responsible for a particular system task.

DHCP

Dynamic Host Configuration Protocol. An Internet Proposed Standard Protocol that allows a system to dynamically assign an IP to individual computers on a network.

digest authentication.

Allows the user to authenticate without sending the username and password as cleartext. The browser uses the MD5 algorithm to create a digest value. The server uses the Digest Authentication plug-in to compare the digest value provided by the client.

DNS

Domain Name System. The system that machines on a network use to associate standard IP addresses (such as 198.93.93.10) with hostnames (such as www.sun.com). Machines normally get this translated information from a DNS server, or they look it up in tables maintained on their systems.

DNS alias

A hostname that the DNS server knows points to a different host—specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as www.yourdomain.domain might point to a real machine called realthing.yourdomain.domain where the server currently exists.

document root

A directory on the server machine that contains the files, images, and data you want to present to users accessing the server.

drop word

See stop word.

encryption

The process of transforming information so it can’t be decrypted or read by anyone but the intended recipient.

expires header

The expiration time of the returned document, specified by the remote server.

extranet

An extension of a company’s intranet onto the Internet, to allow customers, suppliers, and remote workers access to the data.

fancy indexing

A method of indexing that provides more information than simple indexing. Fancy indexing displays a list of contents by name with file size, last modification date, and an icon reflecting file type. Because of this, fancy indexes might take longer than simple indexes for the client to load.

file extension

The last part of a filename that typically defines the type of file. For example, in the filename index.html the file extension is html.

file type

The format of a given file. For example, a graphics file doesn’t have the same file type as a text file. File types are usually identified by the file extension (.gif or .html).

firewall

A network configuration, usually both hardware and software, that protects networked computers within an organization from outside access. Firewalls are commonly used to protect information such as a network’s email and data files within a physical building or organization site.

flexible log format

A format used by the server for entering information into the access logs.

FORTEZZA

An encryption system used by U.S. government agencies to manage sensitive but unclassified information.

FTP

File Transfer Protocol. An Internet protocol that allows files to be transferred from one computer to another over a network.

GIF

Graphics Interchange Format. A cross-platform image format originally created by CompuServe. GIF files are usually much smaller in size than other graphic file types (BMP, TIFF). GIF is one of the most common interchange formats. GIF images are readily viewable on UNIX, Microsoft Windows, and Apple Macintosh systems.

hard restart

The termination of a process or service and its subsequent restart. See also soft restart.

home page

A document that exists on the server and acts as a catalog or entry point for the server’s contents. The location of this document is defined within the server’s configuration files.

hostname

A name for a machine in the form machine.domain.dom, which is translated into an IP address. For example, www.sun.com is the machine www in the subdomain sun and com domain.

HTML

Hypertext Markup Language. A formatting language used for documents on the World Wide Web. HTML files are plain text files with formatting codes that tell browsers such as the Netscape Navigator how to display text, position graphics and form items, and display links to other pages.

HTTP

HyperText Transfer Protocol. The method for exchanging information between HTTP servers and clients.

HTTPD

An abbreviation for the HTTP daemon or service, a program that serves information using the HTTP protocol..

HTTP-NG

The next generation of HyperText Transfer Protocol.

HTTPS

A secure version of HTTP, implemented using the Secure Sockets Layer, SSL.

imagemap

A process that makes areas of an image active, letting users navigate and obtain information by clicking the different regions of the image with a mouse. Imagemap can also refer to a CGI program called “imagemap,” which is used to handle imagemap functionality in other HTTPD implementations.

inittab (UNIX)

A UNIX file listing programs that need to be restarted if they stop for any reason It ensures that a program runs continuously. Because of its location, it is also called /etc/inittab. This file isn’t available on all UNIX systems.

intelligent agent

An object within a server that performs various requests (such as HTTP, NNTP, SMTP, and FTP requests) on behalf of the user. In a sense, the intelligent agent acts as a client to the server, making requests that the server fulfills.

IP address

Internet Protocol address. A set of numbers, separated by dots, that specifies the actual location of a machine on the Internet (for example, 198.93.93.10).

ISDN

Integrated Services Digital Network.

ISINDEX

An HTML tag that turns on searching in the client. Documents can use a network navigator’s capabilities to accept a search string and send it to the server to access a searchable index without using forms. In order to use <ISINDEX>, you must create a query handler.

ISMAP

ISMAP is an extension to the IMG SRC tag used in an HTML document to tell the server that the named image is an imagemap.

ISP

Internet Service Provider. An organization that provides Internet connectivity.

Java

An object-oriented programming language created by Sun Microsystems used to create real-time, interactive programs called applets.

JavaScript

A compact, object-based scripting language for developing client and server Internet applications.

JavaServer Pages

Extensions that enable all JavaServer page metafunctions, including instantiation, initialization, destruction, access from other components, and configuration management. JavaServer pages, are reusable Java applications that run on a web server rather than in a web browser.

Java Servlets

Extensions that enable all Java servlet metafunctions, including instantiation, initialization, destruction, access from other components, and configuration management. Java servlets are reusable Java applications that run on a web server rather than in a web browser.

last-modified header

The last modification time of the document file, returned in the HTTP response from the server.

LDAP database

A database where lists of users and groups is stored for use in authentication.

listen socket

The combination of port number and IP address. Connections between the server and clients happen on a listen socket.

magnus.conf

The main Web Server configuration file. This file contains global server configuration information (such as, port, security, and so on). This file sets the values for variables that configure the server during initialization. Enterprise Sever reads this file and executes the variable settings on startup. The server does not read this file again until it is restarted, so you must restart the server every time you make changes to this file.

MD5

A message digest algorithm by RSA Data Security. MD5 can be used to produce a short digest of data that is unique with high probability. It is mathematically extremely hard to produce a piece of data that produces the same message digest email.

MD5 signature

A message digest produced by the MD5 algorithm.

MIB

Management Information Base.

MIME

Multi-Purpose Internet Mail Extensions. An emerging standard for multimedia email and messaging.

mime.types

The MIME (Multi-purpose Internet Mail Extension) type configuration file. This file maps file extensions to MIME types, to enable the server to determine the type of content being requested. For example, requests for resources with .html extensions indicate that the client is requesting an HTML file, while requests for resources with .gif extensions indicate that the client is requesting an image file in GIF format.

modutil

Software utility required for installing PKCS#11 module for external encryption or hardware accelerator devices.

MTA

Message Transfer Agent. You must define your server’s MTA Host to use agent services on your server.

network management station (NMS)

A machine users can use to remotely manage a network. A managed device is anything that runs SNMP such as hosts, routers, and web servers. An NMS is usually a powerful workstation with one or more network management applications installed.

NIS (UNIX)

Network Information Service. A system of programs and data files that UNIX machines use to collect, collate, and share specific information about machines, users, file systems, and network parameters throughout a network of computers.

NNTP

Network News Transfer Protocol for newsgroups. You must define your news server host to use agent services on your server.

obj.conf

The server’s object configuration file. This file contains additional initialization information, settings for server customization, and instructions that the server uses to process requests from clients (such as browsers). Sun Java System Web Server reads this file every time it processes a client request.

password file (UNIX)

A file on UNIX machines that stores UNIX user login names, passwords, and user ID numbers. It is also known as /etc/passwd, because of where it is kept.

pk12util

Software utility required to export the certificate and key databases from your internal machine, and import them into an external PKCS#11 module.

private key

The decryption key used in public-key encryption.

protocol

A set of rules that describes how devices on a network exchange information.

public information directories (UNIX)

Directories not inside the document root that are in a UNIX user’s home directory, or directories that are under the user’s control.

public key

The encryption key used in public-key encryption.

Quality of Service

the performance limits you set for a server instance, virtual server class, or virtual server.

RAM

Random access memory. The physical semiconductor-based memory in a computer.

rc.2.d (UNIX)

A file on UNIX machines that describes programs that are run when the machine starts. This file is also called /etc/rc.2.d because of its location.

redirection

A system by which clients accessing a particular URL are sent to a different location, either on the same server or on a different server. This system is useful if a resource has moved and you want the clients to use the new location transparently. It’s also used to maintain the integrity of relative links when directories are accessed without a trailing slash.

resource

Any document (URL), directory, or program that the server can access and send to a client that requests it.

RFC

Request For Comments. Usually, procedures or standards documents submitted to the Internet community. People can send comments on the technologies before they become accepted standards.

root (UNIX)

The most privileged user on UNIX machines. The root user has complete access privileges to all files on the machine.

server daemon

A process that, once running, listens for and accepts requests from clients.

Server Plug-in API

An extension that allows you to extend and/or customize the core functionality of Sun Java System Web Servers and provide a scalable, efficient mechanism for building interfaces between the HTTP server and back-end applications. Also known as NSAPI.

server root

A directory on the server machine dedicated to holding the server program, configuration, maintenance, and information files.

simple index

The opposite of fancy indexing—this type of directory listing displays only the names of the files without any graphical elements.

SNMP

Simple Network Management Protocol.

SOCKS

Firewall software that establishes a connection from inside a firewall to the outside when direct connection will otherwise be prevented by the firewall software or hardware (for example, the router configuration).

soft restart

A way to restart the server that causes the server to internally restart, that is, reread its configuration files. A soft restart sends the process the HUP signal (signal number one). The process itself does not die, as it does in a hard restart.

SSL

Secure Sockets Layer. A software library establishing a secure connection between two parties (client and server) used to implement HTTPS, the secure version of HTTP.

SSL authentication

Confirms users’ identities with security certificates by using the information in the client certificate as proof of identity, or verifying a client certificate published in an LDAP directory.

stop word

A word identified to the search function as a word not to search on. This typically includes such words as the, a, an, and. Also referred to as drop words.

strftime

A function that converts a date and a time to a string. It’s used by the server when appending trailers. strftime has a special format language for the date and time that the server can use in a trailer to illustrate a file’s last-modified date.

Sun Java System Web Server Administration Console

A Java application that provides server administrators with a graphical interface for managing all Sun Java System Web Servers from one central location anywhere within your enterprise network. From any installed instance of the Sun Java System Web Server Administration Console, you can see and access all the Sun Java System servers on your enterprise’s network to which you have been granted access rights.

superuser (UNIX)

The most privileged user available on UNIX machines (also called root). The superuser has complete access privileges to all files on the machine.

Sym-links (UNIX)

Abbreviation for symbolic links, which is a type of redirection used by the UNIX operating system. Sym-links let you create a pointer from one part of your file system to an existing file or directory on another part of the file system.

TCP/IP

Transmission Control Protocol/Internet Protocol. The main network protocol for the Internet and for enterprise (company) networks.

telnet

A protocol where two machines on the network are connected to each other and support terminal emulation for remote login.

timeout

A specified time after which the server should give up trying to finish a service routine that appears hung.

TLS

Secure Sockets Layer. A software library establishing a secure connection between two parties (client and server) used to implement HTTPS, the secure version of HTTP.

top-level domain authority

The highest category of hostname classification, usually signifying either the type of organization the domain is (for example, .com is a company, .edu is an educational institution) or the country of its origin (for example, .us is the United States, .jp is Japan, .au is Australia, .fi is Finland).

top (UNIX)

A program on some UNIX systems that shows the current state of system resource usage.

uid (UNIX)

A unique number associated with each user on a UNIX system.

URI

Uniform Resource Identifier. A file identifier that provides an additional layer of security by using an abbreviated URL. The first part of the URL is substituted with a URL mapping that hides the file’s full physical pathname from the user. See also URL mapping.

URL

Uniform Resource Locator. The addressing system used by the server and the client to request documents. A URL is often called a location. The format of a URL is protocol://machine:port/document.

A sample URL is http://www.sun.com/index.html.

URL database repair

A process that repairs and updates a URL database that has been damaged by a software failure, a system crash, a disk breakdown, or a full file system.

URL mapping

The process of mapping a document directory’s physical pathname to a user-defined alias so that files within the directory need only refer to the directory’s alias instead of the file’s full physical pathname. Thus, instead of identifying a file as usr/sun/servers/docs/index.html, you can identify the file as /myDocs/index.html. This provides additional security for a server by eliminating the need for users to know the physical location of server files.

virtual server

Virtual servers are a way of setting up multiple domain names, IP addresses, and server monitoring capabilities with a single installed server.

virtual server class

A collection of virtual servers that shares the same basic configuration information in a obj.conf file.

web application

A collection of servlets, JavaServer Pages, HTML documents, and other web resources which might include image files, compressed archives, and other data. A web application may be packaged into an archive (a WAR file) or exist in an open directory structure.

Web Application Archive (WAR)

An archive file that contains a complete web application in compressed form.

Windows CGI (Windows)

CGI programs written in a Windows-based programming language such as Visual Basic.