Custom Software Development

This page explains how to set file permissions for the three most common type of web files: pages, scripts and data/config files.

To keep things simple, let’s make the following assumptions:

a. pages should be readable/writable by the owner and readable by the web visitor.
b. scripts should be readable/writable/executable by the owner and readable/executable by the web visitor.
c. data-config files should be readable/writable by the owner and readable/writable by the web visitor.
And also, lets use the following abbreviations:

- – - (or 0) = no permission
r – - (or 4) = read-only permission
rw – (or 6) = read/write permission
rwx (or 7) = read/write/execute permission

To change UNIX file permissions using your shell account (Telnet):

When changing file permissions on a UNIX server, there are three groups to which you assign permissions: owner, group, other. Owner is typically you. Group is typically all users with accounts on your server. Other is typically the web visitors. Using the chmod command on a UNIX server, you can set the permissions for each of those groups.

1. Log into your account and go to the directory where the files are located
2. Use the chmod command to change permissions like so:
2a. chmod 604 page.html
2b. chmod 705 script.cgi
2c. chmod 606 config-data.txt

To change UNIX file permissions using your FTP software:

1. Log into your account and go to the directory where the files are located.
2. Highlight the file that you want to change permission.
3. Locate the “file permission” or “chmod” command on your FTP software software (you may need to refer to the manual or help file)
4. There should be three groups. Each group should have either checkboxes or a selection for the permission type.
4a. set pages to rw- for the owner, no permission for the group, and r–for other
4b. set scripts to rwx for the owner, no permission for the group, and r-x for other
4c. set data/config files to rw- for the owner, no permission for the group, and rw- for other

The following is a list of UNIX commands that I have found helpful when modifying web sites on the server. Most UNIX commands have many options and parameters which I have not listed here. Instead I have given examples of practical uses. For more complete information on most command, you can refer to the online manual by typing man [command] at the UNIX prompt. Some commands you can type [command] –help or [command] -?

Note, when I specify something in brackets like so: [filename] that is to indicate that you type in a filename or whatever. Do not include the brackets in your command.

Navigating UNIX:

/ (refers to the root directory on the server)
./ (the current directory that you are in)
../ (parent directory of your current directory)

pwd (shows what you current directory is – giving the full path)

ls (lists all the files in your current directory)
ls -al (lists filenames + information)
ls -alR (lists filenames + information in all subdirectories)
ls -alR | more (lists filenames + information in all subdirectories,
pausing when the screen become full)
ls -alR > result.txt (lists filenames + information in all subdirectories,
and ouputs the results to a file instead of the screen)
ls *.html (lists all files ending with .html)
ls -al /home/usr/bob/ (lists files + info for /home/usr/bob)

cd (changes you to a new directory)
cd images
cd / (changes you to the root directory)
cd /home/usr/images
cd .. (this goes back one directory)

Moving, Copying and Deleting Files:

mv [old name] [new name] (move/rename a file)

cp [filename] [new filename] (copy a file)

rm [filename] (delete a file)
rm * (delete all files in your current directory)
rm *.html (delete all files ending in .html
in your current directory)

Creating, Moving, Copying and Deleting Directories:

mkdir [directoryname] (creates a new directory)

ls -d */ (lists all directories within current directory)

cp -r [directoryname] [new directoryname] (copy a directory and all
files/directories in it)

rmdir [directoryname] (remove a directory if it is empty)
rm -r [directoryname] (remove a directory and all files in it)

Searching Files and Directories

find / -name [filename] -print (search the whole server for a file)
find . -name [filename] -print (search for a file starting with
the current directory)
find / -name [directoryname] – type d -print
(search the whole server for a direcory)

grep [text] [filename] (search for text within a file)

sed s/[oldtext]/[newtext]/g [filename] (searches file and replaces all occurances of [oldtext] with [newtext]

Viewing and Editing Files:

tail [filename] – view the tail end of a file, useful for checking the error log
when debugging a script

vi [filename] – opens a file using the vi text editor. you are a true geek if you use vi, however it’s fairly easy to use. (refer to the vi primer in this support forum)

Installing Software & Scripts

For downloaded ‘tar’ scripts, to un-tar and un-gz
tar -xvf [archive.tar] – extracts files from the tar archive ‘archive.tar’
tar -zxvf [archive.tar.gz] extracts files from the tar archive ‘archive.tar.gz’

Getting Server Information

which perl displays the path to perl

For viewing disk space.
du to view disk usage on server
quota to view your disk usage on server

whoami – displays your current username

uptime – displays how long the server has been up and some performance statistics

ps – displays running processes

top – (may be only available to admins) similar to windows task manager

kill -9 [process Id] – terminiates a running process (out of control CGI, etc). The process Id can be obtained using “ps”

File and Directory Permissions

There are three levels of file permission: read, write and execute. In
addition, there are three groups to which you can assign permission,
The file owner, the user group, and everyone. The command chmod followed
by three numbers is used to change permissons. The first number is
the permission for the owner, the second for the group and the third
for everyone. Here are how the levels of permission translate:

0 = — (no permission)
1 = –x (execute only)
2 = -w- (write only)
3 = -wx (write and execute)
4 = r– (read only)
5 = r-x (read and execute)
6 = rw- (read and write)
7 = rwx (read, write and execute)

I prefer that the group always have permission of 0. This prevents other
users on the server from browsing files via Telnet and FTP. Here are the
most common file permissions used:

chmod 604 [filename] (minimum permission for www HTML file)
chmod 705 [directoryname] (minimum permission for www directories)
chmod 705 [filename] (minimum permission for www scripts & programs)
chmod 606 [filename] (permission for datafiles used by www scripts)
chmod 703 [directoryname] (write-only permission for public FTP uploading)

Note that some systems use AFS filesystem and chmod does not behave as expected.You can sometimes identify AFS if the path that you are using begins like so /afs/path/to/files/ If your system uses AFS, then the following commands are used instead of chmod.

fs setacl [directory] [group] [access] (set file permissions)
fs listacl [directory] (list file permissions)

example:

fs setacl . httpd rliw (set read, lookup, insert, write to http for current dir)

Scheduling Tasks

You can schedule tasks to run automatically by using the UNIX cron command.
To use this, you create a text file with cron instructions, then process
this file. cron instructions are basically UNIX commands with extra info
about the time that they will run.

One important thing to note is that it is best to use full paths when
creating your cron file. As an example, create a file called mycronfile
and in it place one line:

0 1 * * * cp /usr/www/file.txt /usr/www/backup.txt

now at the command line, type the following:

crontab mycronfile

You have just scheduled an automated task! This task will run at the time
specified until you decide you want to cancel it.
There are six fields in this file. The first five represent the time that
the job will run. The sixth field is a UNIX command that will run at the
specified time. The above example will run every night at 1AM, at which
time it will copy a file.

Here is how the fields break down:

Field 1 | Field 2 | Field 3 | Field 4 | Field 5
Minutes | Hours | Day of Month | Month | Day of Week
(0-59) | (0-23) | (1-31) | (1-12) | (0-6)

You can enter a number in the field, a range of numbers, or an * to indicate all.
Here are a few more examples. These examples use the ls command, which would be
pretty useless. Note the time that it runs, though.

0 1 * * 1-5 ls (this would run every Monday-Friday at 1am)
0 1 * * 1,3,5 ls (this would run every Monday, Wednesday and Friday at 1am)
10 2 1 * * ls (this would run at 2:10am on the first of every month)
0 1 1 1 * ls (this would run at 1am on January 1 every year)

If you have a more complicated command that you want to run, it is sometimes
helpful to create a shell script and have that script run. You specify the
shell script as you would any UNIX command. For example:

0 1 * * * /usr/www/myscript

There are some other crontab switches that are useful:

crontab -l (lists your currently scheduled tasks)
crontab -r (delete all currently scheduled tasks)
crontab -e (directly edit your scheduled tasks)

Credits
——–

Originally created by J. Hinkle
Additional content provided by Dave Wojo

UPDATE – This article was written originally in 2002. The main concept of using Tomcat to handle the JSP pages under-the-hood is still the same and this page is probably still useful, however, there are now products available to do this for you such as JspISAPI (which offers a free lite version). If you want to do it yourself, there is official documentation and another walk-though page here.

The purpose of this document is to provide a walkthough for setting up a windows server running IIS to serve JSP pages alongside asp, html, etc. at the moment, this is a fairly complicated procedure. because microsoft does not natively support a competitive technical solution (JSP) and the java community does not necessarily like microsoft that much, there are few resources. this is surprising to me, as it seems a very natural thing to want as a windows server administrator.

although IIS does not support jsp pages, it does have a plugin architechture which they refer to as ISAPI filters. the solution for serving jsp pages through IIS is to actually install a second web server which runs on another port. the second web server we will install is called Tomcat and is provided through the apache foundation. in addition to Tomcat, you install an ISAPI filter that intercepts any .jsp file, forwards it to Tomcat for processing. Tomcat returns the results to IIS, and IIS spits it back out to the visitor. So IIS doesn’t actually processes the jsp page, however from the perspective of the web visitor, that is how it appears.

this document was written for Tomcat version 3 (Tomcat 5 is the current version) and as a result, the content is probably outdated. however, the basics are still very much the same. also we now have the good fortune of a more detailed how-to provided on the apache site which is found here.
http://tomcat.apache.org/connectors-doc/webserver_howto/printer/iis.html. you will probably have the best luck following the instructions on this page.

——————————————————————————–

original walkthrough below:

——————————————————————————–

This How-To provides start to finish instructions for setting up IIS to serve Java Server Pages (JSP). After successfully completing these instructions, IIS will work as normal, except when a JSP is encountered, it will pass it along to Tomcat, which will process and send the results back to IIS. This how-to doesn’t really explain how or why things work, but rather will get you up and running quickly with a configuration that will serve most people’s needs. You should definitely read the Tomcat ReadMe files for more detailed information.

The following file paths will be used in these instructions. If you install to a different directory, then you’ll want to change the instructions accordingly. These seem to be the default installation directories for the programs, except for Tomcat, which doesn’t mention a default installation directory.

Java: C:\JDK1.3
Tomcat: C:\Tomcat
isapi_redirect.dll: C:\Tomcat\bin
IIS Root: C:\InetPub\wwwroot

Part 1: Installing JDK and Tomcat

This first part is just to get the JDK and Tomcat up and running. Tomcat works fine as a stand-alone application, so the most logical place to begin is to get it running properly by itself.

Download (from sun.com) and Install Win32 JDK 1.3 to “C:\JDK1.3″
Download (from jakarta.apache.org) and unzip Win32 binary version of Tomcat (jakarta-tomcat) to “C:\Tomcat”
Right-Click on My Computer -> Properties, go to Evironmental Variables* and set:

TOMCAT_HOME = C:\Tomcat
JAVA_HOME = C:\JDK1.3

IMPORTANT: In the environmental variables, make sure “C:\JDK1.3\bin” is the first directory in your PATH. If you have installed other Java programs, they may try to put their Java Run-Time directory first, which will mess up your Tomcat installation. (It’s also good to keep in mind that if you install another Java application later, it might try to change the path and mess up Tomcat)

* On Win2000, The environmental variables are found on the Computer Properties Advanced tab. If you are on Win95/98, then you probably have to edit autoexec.bat instead.

Restart the computer to finalize changes to PATH
Go to DOS prompt, CD to C:\Tomcat\Bin and start Tomcat by typing “startup” (without the quotes). You should get a 2nd DOS window that is running Tomcat. If the 2nd window flashes and immediately closes, then something is wrong – most likely your PATH (See C:\Tomcat\logs\tomcat.log for info) You can make sure Tomcat is running by opening your browser to http://localhost:8080/ (NOTE: If you have previously installed Sun’s JavaWebServer, make sure it is not running because it also uses port 8080)
Part 2: Installing The ISAPI Redirector and jakarta Virtual Directory

In this part we are installing an ISAPI filter in IIS. What this really means is that when IIS receives a request for pages that meet certain criteria, it will hand it off to another program (Tomcat) to deal with processing, and that program will then return plain text to IIS, which is what IIS will send to the browser. We will also create a virtual directory that allows this to happen.

Download (from jakarta.apache.org) isapi_redirect.dll and copy to “C:\Tomcat\bin”
Download and double-click isapi_redirect_nt.reg or isapi_redirect_2000.reg to import the information into your registry. (If you have used directories other than the one’s specified here, then you should edit the .reg file appropriately before you double-click it). Note: You may have to reboot your PC after the registry update for changes to take effect.
Open IIS management console and create a new virtual directory called “jakarta” and make the physical path “C:\Tomcat\bin” Make sure that this virtual directory has “Execute” permissions.
In the IIS Management Console right-click on your machine name (not the root web) and select properties. Click the Edit button next to the “Master Properties” for the WWW Service. Select the “ISAPI Filters” tab and click “Add” Name the filter “jakarta” and for the executable, browse to C:\Tomcat\bin\isapi_redirect.dll file.
Now go to the control panel, select Services and restart the IIS Admin service (make sure Word Wide Web Publishing Service restarts as well). After you have restarted, go back to the ISAPI filters screen and make sure that the jakarta filter has a green arrow next to it. If it does, then everything is working.
Make sure that Tomcat is running. Open your browser to http://localhost/examples/ – you should see that Tomcat is serving this directory. There are several JSP examples which you can click on to test.
Part 3: Configuring Tomcat to handle JSP files, and IIS to deal with everything else.

This part we are configuring two things – telling Tomcat where the JSP files are going to be found (using server.xml) and telling the ISAPI filter which pages should be redirected to Tomcat (using uriworkermap.properties)

Open C:\Tomcat\conf\Server.xml in notepad and find the line towards the bottom that looks like this:

<Context path=”" docBase=”webapps/ROOT” debug=”0″ reloadable= “true”/>
and change it to this:
<Context path=”/” docBase=”C:/InetPub/wwwroot” debug=”0″ reloadable=”true”/>
(if that line doesn’t already exist, then just add it)
Open C:\Tomcat\conf\uriworkermap.properties with notepad. Add the following line anywhere in the file:

/*.jsp=ajp12

If you like, you can comment out the other lines that redirect the examples and servlet directories, although it doesn’t hurt anything to leave them there.

Make sure that it is working by browsing to http://localhost/ to see that your normal default page is still showing up as expected. Now place a file called test.jsp (or whatever) in C:\InetPub\wwwroot and browse to http://localhost/test.jsp If you put some JSP code in there, it should execute. If you didn’t, then the blank page should load. If you are prompted to download instead, then something is not working.
That is it. The final thing you might want to do is to install Tomcat as a service so you don’t have to open it in a DOS window every time. Instructions for installing the service can be found on jakarta.apache.org – look for “Working with the Jakarta NT Service” or “jk_nt_service.exe”