Oracle® HTTP Server Administrator's Guide 10g Release 1 (10.1) Part Number B12255-01 |
|
|
View PDF |
This chapter provides an overview of the Oracle HTTP Server processes, and provides information on how to regulate, and monitor these processes.
Topics discussed are:
Documentation from the Apache Software Foundation is referenced when applicable.
Once Oracle HTTP Server is started, the system is ready to listen for and respond to http(s) requests. The request processing model is different on UNIX and Windows.
After installation, the main httpd parent process, as well as the child processes, run as the user who installed Oracle Database. The User
and Group
directive are used to set the privileges for the child processes. These directives are ignored if you are not running as root
.The child processes must be able to read all the content that will be served.
On UNIX, you will hare to run as root if you want to run on ports less than 1024.
In order to run Oracle HTTP Server as root
, perform the following steps:
ORACLE_HOME
/Apache/Apache/bin
on UNIX or ORACLE_HOME
\Apache\Apache\bin
on Windows and execute the following command:
chown root .apachectl chmod 6750 .apachectl
root
.On Windows, Oracle HTTP Server launches a single parent process and one child process. The child process creates multiple threads that listen and respond to client requests.
You must decide how you want to set Oracle HTTP Server to handle processes or threads.
For additional security on UNIX, you can change the user to "nobody". Be sure that the child processes can accomplish their tasks as the user "nobody". Change all static content, such as the ORACLE_HOME
/Apache/Apache/htdocs
directory on UNIX or ORACLE_HOME
\Apache\Apache\htdocs
on Windows, so that all the files are readable, but ideally not writable by the user "nobody". Also, verify that all the CGI and FastCGI programs can be run by user "nobody".
After making manual configuration changes to DAD passwords, it is recommended that the DAD passwords are obfuscated by running the "dadTool.pl
" script located in ORACLE_HOME
/Apache/modplsql/conf
.
See Also:
"PlsqlDatabasePassword" on instructions on performing the obfuscation. |
If your PL/SQL application is using the file-system caching functionality in mod_plsql
, then the httpd processes should have read and write privileges to the cache directory through the parameter PlsqlCacheDirectory in ORACLE_HOME
/Apache/modplsql/conf/cache.conf
on UNIX or ORACLE_HOME
\Apache\modplsql\conf\cache.conf
on Windows. By default, this parameter points to ORACLE_HOME
/Apache/modplsql/cache
on UNIX or ORACLE_HOME
\Apache\modplsql\cache
on Windows.
Finally, given that the cached content might contain sensitive data, the final contents of the file-system cache should be protected. So, although Oracle HTTP Server might run as "nobody", access to the system as this user should be well-protected.
Use the following directives to manage the server processes:
Provides the following two options, both being applicable on UNIX only:
inetd: Starts up a new child process every time a request comes in. The program exits once the request is dealt with. This setting eliminates the option of having several child processes in waiting, making it slower and expensive, but more secure.
standalone: Enables several waiting child processes, and requires the server to be started only once. It is the default and recommended setting for a busy Web site.
You must specify the User
and Group
under which the servers answer requests.
See Also:
" |
Specifies the group under which the server answers requests. In order to use this directive, the standalone server must be run initially as root. It is recommended that you create a new group for running the server. This is applicable to UNIX only.
See Also:
" |
Specifies the user ID to which the server answers requests. Run the standalone server as root
to use this directive.You should have privileges to access files that are available for everyone, and should not be able to execute code which is not meant for httpd requests. It is recommended that you set up a new user for running the server. This is applicable to UNIX only.
See Also:
" |
The following directives control and limit the number of child processes or simultaneous requests. They are located in the "Global Environment" of the httpd.conf
file.
Sets the number of child server processes created when Oracle HTTP Server is started. The default is set at 5. This is applicable to UNIX only.
See Also:
" |
Controls the maximum number of child threads handling requests. The default is set at 50. This is applicable to Windows only.
See Also:
" |
Limits the number of requests that can be dealt with at one time. The default and recommended value is 150. This is applicable to UNIX only.
See Also:
" |
Controls the number of requests a child process handles before it dies. This value should be specified again if the machine is rebooted. If you select the value to be 0, which is the default, then the process will never die. This is applicable to UNIX only.
See Also:
" |
Sets the maximum number of idle child server processes. An idle process is one which is running, but not handling a request. The parent process kills off idle child processes that exceed the value set for this directive. The default is set at 10. This is applicable to UNIX only.
See Also:
" |
Sets the minimum number of idle child server processes. An idle process is one which is running but not handling a request. The parent process will create new children at the maximum rate of one process for each second if there are fewer processes running. The default is set at 5. This is applicable to UNIX only.
See Also:
" |
There are several ways to monitor Oracle HTTP Server processes.
ps
utility on UNIX.
See Also:
Oracle Application Server 10g Performance Guide and your operating system documentation for more information. |