The common way to install IBM HTTP Server is to run the
installation program using an administrator user ID. However, it is
sometimes necessary to install IBM HTTP Server using a non-administrator
(non-root) user ID. On UNIX platforms, the user
ID that performs the installation of IBM HTTP Server must be the same
user ID that will start the IBM HTTP Server. When IHS is started
by the root, which is the recommended configuration, the user ID is
changed to an unprivileged user ID for the bulk of the runtime processing.
Before you begin
You must remember to perform all of the following
actions using the same user ID, whether it is an administrator user
ID or non-administrator user ID:
- Install IBM HTTP Server
- Install the WebSphere plug-in
- Start and stop the IBM HTTP Server
- Start and stop the IHS administration server (when applicable)
- Start and stop the WebSphere node agent (when applicable)
Administering a non-root IBM HTTP Server
from WebSphere
If you are installing a non-root
IBM HTTP Server as a local Web server, it may be managed by WebSphere
only if the following constraints are met:
About this task
Launching the IBM HTTP Server installation
program is done the same way for a non-root installation as it is
for a root installation, but there are several installation steps
that require root privileges that cannot be completed or must be completed
separately. Complete the installation steps as follows:
Procedure
- Register the installed program with the operating system.
This cannot be done for a non-root installation. The non-root
IBM HTTP Server installation is not listed when using operating system
facilities to display installed programs.
- Install GSKit.
Avoid trouble: This manual step is only necessary with IBM HTTP Server 6.1 and earlier.
gotcha
Complete
this task separately, using the root user ID if SSL configuration
is required and no version of GSKit is installed, or if the installed
version is down-level. Launch the GSKit installation from the WebSphere
Application Server CDROM as follows:
GSKit/gskit.sh
GSKit\setup.exe "IHS6.1"
If GSKit is not installed, the following configurations will
not work:
- SSL between client (browser) and IBM HTTP Server.
- SSL between the IBM HTTP Server plug-in and WebSphere Application
Server.
- SSL between IBM HTTP Server and LDAP server.
Note: The non-root
installation of the IBM HTTP Server plug-in is not supported, because
there is a dependency on the GSKit libraries which require full root
authority to install. If you do not install GSKit, the IBM HTTP Server
plug-in fails to load.
The way to handle this dependency is to first
install the GSKit libraries with a root user ID. Then, you can install
the IBM HTTP Server plug-in using a non-root user ID.
Create the Windows service entries
for IBM HTTP Server and IBM HTTP Administration Server. This
cannot be done for a non-root installation. Neither of these service
entries are created and IBM HTTP Server cannot start as a service. Start
IBM HTTP Server as follows:
<ihs_install_directory>/bin/apache.exe
Start
the IBM HTTP administration server as follows:
<ihs_install_directory>/bin/apache.exe -f <ihs_install_directory>/conf/admin.conf
Stop
IBM HTTP server as follows:
- Press Control+C in the IBM HTTP Server window, or
- End the Apache.exe processes using the Windows Task Manager
Create an entry in Start > Programs.
This cannot be done for a non-root installation. No entries
are created.
Create an entry in Add/Remove programs.
This cannot be done for a non-root installation. No entry is
created.
Install AFPA. This
cannot be done for a non-root installation. Do not enable AFPA for
the non-administrator IBM HTTP Server installation, even if AFPA is
already installed from a previous administrator installation. Only
enable AFPA for one instance of IBM HTTP Server.
Restriction on using the fast response cache accelerator (FRCA) on the Microsoft® Windows Vista™ operating system: The FRCA, which is based on the IBM
Advanced Fast Path Architecture (AFPA), is not supported on the Microsoft
Windows Vista operating system. IBM HTTP Server will fail to start
if the FRCA is enabled in the configuration file. This is a permanent
restriction.
- Silent installations. To enable a non-root
installation, add the following option to the silent installation
response file:
-OPT allowNonRootSilentInstall=”true”