56. What is the programming model/Module?
JAVA related wage to me.
57. What is the functionality of web server plug-in file?
Web server plug-ins
A Web server can serve requests that do not require any dynamic content (for example, HTML pages). However, when a request requires dynamic content, such as Java Server Pages (JSP™) or Servlet processing, it must be forwarded to WebSphere Application Server for handling. To forward a request, you use a Web server plug-in that is included with the WebSphere Application Server packages for installation on a Web server. You copy an Extensible Markup Language (XML) configuration file, configured on the WebSphere Application Server, to the Web server plug-in directory. The plug-in uses the configuration file to determine whether a request should be handled by the Web server or an application server. When WebSphere Application Server receives a request for an application server, it forwards the request to the appropriate Web container in the application server. The plug-in can use HTTP or Https to transmit the request
58. What information contains by SERVER INDEX file?
Server index will have SOAP/Boot strap and all ports and details
Why use the bootstrap port number?
Client applications use the bootstrap port to access web sphere’s built-in object request broker (orb) to use enterprise java beans in applications installed on the application server. The java naming and directory interface service provider url used by the client application needs to reference the bootstrap port to obtain an initial context for looking up ejb’s it wants to use. (For communicate two servers)
59. How to configure remote system httpd.conf file?
Select web server machine (remote)
60. Tell me IHS executable files, means bin directory files?
Apache, ApacheMonitor, htpasswd, htdigest, htdbm, ldapstash, httpd.exe
61. What information contains by Plugin-cnf.xml file ?
Plug-in configuration file contains routing information for all applications mapped to the web server. This file is read by binary plug-in module loaded in the web server.
Plugin-cnf.xml file will have all the configuration setting to determine whether a request is for the webserver or the application server. When a request reaches the web server, the URL is compared to those managed by the plug-in. If a match is found, the plug-in configuration file contains the information needed to forward that request to the web container using the web container inbound transport chain.
62. How to set plug-in logs?
In Administrative console
Servers --> Webservers -->Webserver -->log files (configuration tab)( here we can change the path of the log files (access.log,error.log)
63. What is plug-in cfg.xml file?
It points were the applications are available
64. When we generate plug-in cfg.xml file?
Applications deployment at the time we will generate plug-in cfg.xml file
65. Why given the httpd.conf file to installation of plug-in?
Identify the web server (port, virtual hosts) to configure the web server definition.
66. How to see the plugin-cfg.xml file?
C:\Program Files\IBM\WebSphere\Plugins\config\webserver1\plugin-cfg.xml
Some problem is there in web server, so this information which log file contain?
http. Log, plugin.log
67. What is meant by SSL and how does it works?
SSL mean secured socket layer. This is to secure the WebSphere environment.
SSL provides connection security through
-Communication privacy –the data on the connection is encrypted
-Communication integrity—the protocol includes a built-in integrity check
-Authentication—the client knows who the server is
-SSL creates a VPN, securing the data using a combination os symmetric and asymmetric encryption.
Symmetric key encryption:
Symmetric or secret key technology is a model in which two parties have a shared secret
The same key is used for both encryption and decryption
Note: The trouble with this approach is that at some point the secret needs to be shared. In an e-business application, this would be rather difficult.
Asymmetric key encryption:
Public key cryptography:
-Two keys that are cryptographically related
-Public key (can be shared with every one)
Private Key (Must never be shared; possession is proof)
-Keys are asymmetric
Given message is encrypted with one key and decrypted with the other
Note: - If a server has public- private set, it can send out its public key( through a signing certificate – also known simply as a certificate ) to client machine. Those client machines can then use that public key to encrypt messages designed for the server which then only the server can decrypt. Unlike symmetric key encryption, this process does not require the client and server to have a shared secret.
Since the client can validate the server’s certificate, there is one way to authentication. But the server has no way (at this point) to authenticate the client. Nor can the server send the client secured messages.
68. How does SSL works?
SSL uses a combination of asymmetric and symmetric encryption to create a session between the client and server.
-Asymmetric encryption is used to negotiate a session key (shared secret)
--asymmetric encryption is slow but does not require a shared secret.
-Symmetric encryption os used to transfer data between the client and server
-- Symmetric encryption is fast but requires a shared secret
SSL Working Mechanism:
Client request SSL connection
Server presents certificate
Client verifies server certificate
Client generate a session key, encrypts it with the server’s public key
Using the session key, client and server switch to asymmetric key encryption
HTTPS communications
Note: Because the client chooses its own session key, nobody else knows it. It can securely send that session key to the server using the server’s public key. Now nobody but client and server knew the session key. The session key is then used as “shared secret” to switch to much more efficient symmetric key encryption.
Certificate (signing certificate) contains information about the server, including the server’s public key, and is digitally signed by the certificate authority.
Configuration of SSL in WebSphere :
SSL configuration can be achieved in three different ways
1) From Admin console:
Once we get the certificate from CA (Certificate Authority) then we will import into trust store. To enable security between IHS and Application server we need to export default personal certificates of all nodes and import the same to the trust store of the IHS.
2) Command line:
By using “gsk7cmd” command we can achieve the SSL configuration. Gsk7cmd provides the options like import, export, list, create options for certificates
Gsk7cmd –cert –create –db plugin-key.kdb –pw password –label ‘websphere pluginkey’ -dn
3) ikeyman:
By using ikeyman we can open the KDB(key data base) and add the certificates to the key database.
69. What is the difference between round robin and random load balancing?
a) Round robin load balance is nothing but symmetric clustering and random load balancing nothing but asymmetric clustering
70. What is the activity log and what it is useful?
The application server creates the activity.log file from the activity of the various WebSphere Application Server components. You cannot read this log with a text reader. You ca use this script called, show log under appserver root. “Events show history of web sphere server activities.”
Ex.,
./WAS_INST_ROOT/bin/showlog PATH_TOACTIVITY_LOG/activity.log
like this
websphere: /software/opt/IBM/WebSphere/AppServer/bin
$ ./showlog ../profiles/AppSrv*/logs/activity.log
This displays your activity log something like this, just as a sample:
ExtendedMessage:
Ex.,
./WAS_INST_ROOT/bin/showlog PATH_TOACTIVITY_LOG/activity.log
like this
websphere: /software/opt/IBM/WebSphere/AppServer/bin
$ ./showlog ../profiles/AppSrv*/logs/activity.log
This displays your activity log something like this, just as a sample:
ExtendedMessage:
71. What are the different roles available in the WAS?
In WAS we have the following roles
Monitor: Least privileged; allows a user to view the WebSphere configuration and current application server state.
Configuration: Monitor privileges plus the ability to change the WebSphere configuration.
Operator: Monitor privileges plus ability to change runtime state, such as starting or stopping servers.
Administrator: Operator, Configuration, and iscadmins privileges, plus additional privileges granted solely to the administrator role, such as
Modifying the primary administrative users and passwords.
Mapping users and groups to the administrator role
Enabling or disabling administrative and java 2 security
Additional console security roles:
Iscadmins (Integrated solutions console) :
Only available for administration console users
Allows a user to manage users and groups in the federated repository.
Deployer:
Only available for wsadmin users(not for administration console)
Allows a user to change configuration and runtime state on application using wsadmin
Admin Security Manager:
Only available for wsadmin users
Allows a user to map users to administrative roles using wsadmin
When restricted access to resource authentication data is in effect, users can also manage authorisation groups.
72. How many levels we can enable the trace file?
LEVEL = all | entryExit | debug | event
If memory leakage is there in then where (in which file) we get this information?
Memory leakage information can get in the process logs ( Native_stdout and Native_stderrer logs)
73. How many user registries are available in the WAS 6.X?
There are four user registries
Local O/S
LDAP
Federated repository
Custom Repository
74. Tell about federated repository?
Federated Repository is one of the existing users registry type. In this method we can use multiple repositories with WebSphere application server.
Default repository is a file based federated repository
Can be file based, LDAP, Multiple LDAPs or subtree of an LDAP
Defined and theoretically combined under a single realm
All of the user repositories that are configured under federated repository functionality are invisible to WebSphere application server.
Federation capabilities are provided by the VMM(Virtual Member Manager)
75. How to create heap dump?
HeapDiff is used to analyze memory leaks in J2EE applications running in WebSphere Application Server. It can compute differences between objects in heap, before and after memory leak had taken place. The program works with IBM heap dump files.
It is tested with IBM heap dump produced in WebSphere Application Server v5.0.x, 5.1.x and 6.x running in Linux and Windows
Posts
