Scripts buffering on

Yes enables scripts buffering. The ASP Server processes an entire ASP page before returning its HTML output to the browser, yielding better server performance.

No disables scripts buffering. The ASP Server returns the HTML output for an ASP page to the browser incrementally, as soon as the HTML is processed, which makes debugging easier.

This setting is yes by default. For more information, see Enabling Scripts Buffering.

Session timeout

This specifies the number of minutes the ASP Server maintains a user’s session information since the last page request. When a user does not submit a page request for the specified length of time, the server cancels the session and discards its information. If a value for SessionTimeout is specified in the script, it overrides this setting. This setting is 20 minutes by default. For more information, see Changing the Session Timeout Value.

Script timeout

This specifies the number of seconds the ASP Server waits for a page to finish processing before canceling the page request. A value for ScriptTimeout specified in a script will always override this value. This setting is 90 seconds by default. For more information, see Changing the Script Timeout Value.

Note: If the deadlock timeout (below) is set to a value lower than the script timeout, the ASP engine will restart once the time specified for the deadlock timeout has elapsed.

Deadlock timeout

This specifies the number of seconds that should elapse before the ASP Server is considered deadlocked and the engine is restarted. This setting is 600 seconds (10 minutes) by default. For more information, see Configuring Engine Deadlock Recovery.

Note: If the deadlock timeout is set to a value lower than the script timeout (above), the ASP engine will restart once the time specified for the deadlock timeout has elapsed.

Allow session state

This specifies whether the ASP Server maintains session state. This setting must be enabled (yes) in order for Session objects in scripts to function. This setting is yes by default. For more information, see Enabling Session State.

ASP errors logging file

To enable logging for the ASP Server and specify the location of the log file, type the absolute path name of the log file in this text box. Sun ONE ASP creates the log file in the directory you specify. You cannot give the log file the same name as a file that already exists in that directory. If the ASP errors logging file text box is empty (the default), no logging is performed. For more information, see Enabling ASP Errors Logging.

Number of threads

This specifies the number of threads the ASP Server handles simultaneously. The default number of threads is 10 for Solaris, and 5 for Linux. If you have many ASP pages that include blocking operations (database access, for example), it is best to increase this number. However, keep in mind that increasing the number of threads also increases system overhead. A maximum number of up to 20 threads is recommended. DO NOT set this to a number greater than 20. For more information, see Configuring Multi-threading.

Inherit user security

This setting enables you to specify the security mode under which the ASP Server runs, and can have a serious impact on the security of your server, especially if you are running Sun ONE Web Server.

When Inherit user security is set to yes (Inherit User Security mode), the ASP Server runs with the permissions of the Apache Web server or the virtual host defined in the Apache Web server’s httpd.conf file. This is the default security mode for Sun ONE ASP and is available only for Sun ONE ASP running with the Apache Web server (for Sun ONE Web Server, see the following discussion of the Defined User Security mode).

When Inherit user security is set to no (Defined User Security mode), the ASP Server runs with the permissions of the user who started the ASP Server, unless a different user and group is specified in the Sun ONE ASP configuration file (casp.cnfg). This can create a security risk for your server. If Inherit user security is set to no (or if you are running Sun ONE Web server), be sure to define a user and group in casp.cnfg, as described in Editing the Sun ONE ASP Configuration File (see the [default machine] keyword). The ASP Server will then run with the permissions of that user and group. Defined User Security mode is available for Sun ONE ASP running with both the Apache and Sun ONE Web servers.

For more information about the security modes and their implications, see Setting the Security Mode.

Note: ADO logging will not be functional if Inherit user security is set to yes. Also note that the Inherit user security setting does not add any restrictions to executing Java code. For example, if you want to restrict Java code to access files within the application directory, the proper permissions should be in the bean.policy file.

Locale

This specifies the locale setting. The ASP Server uses the appropriate code page for the language associated with the locale specified. It also correctly formats dates, numbers, and currency according to the locale. For more information, see Configuring International Support. Supported locales vary by platform.

Enable parent paths

This enables file system access by an ASP application to a directory in the file system that is not contained in the ASP application root directory or its subdirectories.

By default, Enable parent paths is set to no. This is the most secure setting and is appropriate for most shared Web hosting environments. Changing Enable parent paths to yes can affect the security of your server. For more information, see Configuring File System Access.

Note: The Enable parent paths setting does not add any restrictions to executing Java code. For example, if you want to restrict Java code to access files within the application directory, the proper permissions should be in the bean.policy file.