Previous | Table of Contents | Next
Page 435
The Web Application Server administrator's guide provides useful information on sites
with more than one Web Agent installation. If this is the case for your site, minimize the amount
of storage space the system uses and enhance PL/SQL performance by performing the
following steps:
- Install the Developer's Toolkit into one database user's schema.
- If you've already installed them, drop the Developer's Toolkit PL/SQL from the
schemas of the Web Agent Database users for other Web Agent services. The syntax is as follows:
connect <user> / <password> drop package HTF;
drop package HTP; drop package OWA_UTIL; drop package OWA;
- Grant the execute system privilege on the PL/SQL packages to Web Agent
Database Users for other Web Agent services. The following lines show how to use Oracle7x
data definition language (DDL) to grant Web Application Server privileges to your users:
connect <toolkit owner> / <password>
grant execute on HTF to <user>;
grant execute on HTP to <user>;
grant execute on OWA_UTIL to <user>;
grant execute on OWA to <user>;
The connect statement takes the toolkit owner's ID and password as arguments. This
is used to authenticate the user to make sure he is authorized to enter the system.
The next four lines allow the successfully authenticated user to execute
HTF, HTP, OWA_UTIL, and OWA objects/methods. The first two objects are used for Hypertext Transfer
Protocol (HTTP) operations. The last two are used by the Oracle Web Agent for its operations.
- Create synonyms for the Developer's Toolkit PL/SQL packages in the schemas of
the OWA Database Users for the Web Agent's other services. Synonyms are alternate
names that make it possible for the packages to be referred to without being qualified
by schema names. The following shows how to create synonyms to authenticate a user
as an owner of a toolkit:
connect <user>/<password>
create synonym HTF for <Toolkit owner>.HTF;
create synonym HTP for <Toolkit owner>.HTP;
create synonym OWA_UTIL for <Toolkit owner>.OWA_UTIL;
create synonym OWA for <Toolkit owner>.OWA;
The connect statement takes the toolkit owner's ID, and password as arguments. This
is used to authenticate the user to make sure he or she is authorized to enter the
system. The next four lines create synonyms for
HTF, HTP, OWA_UTIL, and OWA objects/methods. The first two objects are used for Hypertext Transfer Protocol
(HTTP) operations. The last two are used by the Oracle Web Agent for its operations.
Page 436
CAUTION
|
Creating synonyms might sound great, but there are some security concerns you need to know about.
When PL/SQL procedures are executed, they carry with them the privileges of the creator of the PL/SQL code.
For the Developer's Toolkit, this is only an issue for the
OWA_UTIL package. Two of the subprograms,
SHOWSOURCE and TABLEPRINT, access user data. Granting execute privileges to users on this
package allows such users the ability to view the tables, views, and stored PL/SQL code of the owner of
OWA_UTIL.
If this is a security issue for your installation, Oracle advises installing the
OWA_UTIL package separately
for each OWA database user.
|
Using the Oracle Web Application Server
Administration Utility
The Oracle Web Application Server Administration pages enable management of the
entire Oracle Web Server. These pages can be reached by clicking the
Oracle Web Application Server
Administration link on the Web Application Server Administration home page.
The administrative tasks that are possible through these pages include the following:
- Startup and shutdown of Oracle databases
- Startup and shutdown of Oracle Web Listeners
- Creation of new Oracle Web Listeners and modification of existing ones
- Creation and modification of Oracle Web Agents
When reinstalling the Web Server, you might find it necessary to set up a new Web
Agent service. You might find this necessary when you add a new workgroup server to the
Web Application Server system architecture. To install a new Oracle Web Agent Service, click
Create New Service. You should see the Oracle Web Agent Administration Creation form. Use
this form to enter the parameters for the service you want to create. The following list
describes each field on this form; it is based on information provided by Oracle:
- OWA Service. The name of the service you want to create. The name is not
case sensitive, but must be unique.
- OWA Database User. The name of the Oracle7x user that will be used to access
the database for this service. If operating system authentication is used, then the
Web Listener must be run with the same effective user as the Oracle7x user.
- OWA User Password. The Oracle7x password for the associated OWA Database
User. If you need operating system level for the OWA database user, as determined by
the Identified By option button, you can leave this field blank. Otherwise, the user name
and password for the Web Agent Database User are verified by Oracle7x upon submission
of a Web Agent service.
Page 437
If an error occurs when you try to submit this form, the password fields are reset to
zero-length strings and must be filled in again. This is to provide the tightest security
available for your passwords. As a shortcut, you can select the Back button on your Web
browser to return to the original submission form.
- Confirm
Password. This field is used to verify the Web Agent User Password
you entered before recording it.
-
ORACLE_HOME. The actual location of the Oracle7x code tree in the file system.
This should be the ORACLE_HOME for the database to which this Web Agent service
connects, unless you set up the Web Agent service to connect to a remote database via
SQL*Net. In that case, the value that goes into
ORACLE_HOME is the location where the Web Agent is installed.
-
ORACLE_SID. This parameter corresponds to the system ID of the database. You
only need this if the Web Agent is to connect to a local database. For more on Oracle7x
SIDs, see the Oracle7x Server Administrator's Guide.
- SQL*Net V2
Service. The SQL*Net service used to indicate which database to
connect to. If the database is on the same machine as the Web Listener, then you can leave
the SQL*Net V2 Service field empty and specify an Oracle7x SID instead. If you specify
both parameters, the SQL*Net V2 Service takes precedence. If SQL*Net V1 is installed
on this machine, then you can also specify a SQL*Net V1 Connect String here. For more
on the SQL*Net V2 service, see your Oracle7x reference manual on SQL*Net.
- HTML Error
Page. If the Web Agent is unable to process a request, it returns
this HTML page to the user making the request. At the same time, it outputs detailed
error and debugging information to the error message file in the directory specified in the
Log File Directory parameter. If this field is left blank, the Web Agent returns a default
error message to the client.
- Log File
Directory. The directory where the Web Agent outputs its error file. The
error file has the name <SERVICE NAME>.ERR. If the Web Agent is unable to resolve a
service name and no service called
OWA_DEFAULT_SERVICE exists, then it writes error and
logging information to the file OWA.ERR.
- The default value for the Log File Directory is the log directory under the OWS
directory within ORACLE_HOME.
- Note that these log files are different from those used by the Oracle7x Server
for database recovery. The latter are explained in the Oracle7x Server Concepts Manual.
- Authorized
Ports. To provide security for your Web Agent service, use the
Authorized Ports field to list the valid Web Listener network ports for the Web Agent to service.
This listing must be in space-delimited format. This is a required field. You must explicitly
list the network ports.
- NLS
Language. This field specifies the NLS_LANG parameter, which specifies
the character set to be used. If this field is left blank, then the Web Agent
administration program looks it up upon service submission.
Previous | Table of Contents | Next
|