Modules (mods) extend the basic functionality of Oracle HTTP Server and support integration between Oracle HTTP Server and other Oracle Fusion Middleware components.
This chapter includes the following sections:
The following sections describe modules that have been developed specifically by Oracle for Oracle HTTP Server:
The mod_certheaders module enables reverse proxies that terminate Secure Sockets Layer (SSL) connections in front of Oracle HTTP Server to transfer information regarding the SSL connection, such as SSL client certificate information, to Oracle HTTP Server and the applications running behind Oracle HTTP Server. This information is transferred from the reverse proxy to Oracle HTTP Server using HTTP headers. The information is then transferred from the headers to the standard CGI environment variable. The mod_ossl module or the mod_ssl module populate the variable if the SSL connection is terminated by Oracle HTTP Server.
The mod_certheaders module also enables certain requests to be treated as HTTPS requests even though they are received through HTTP. This is done using the SimulateHttps
directive.
SimulateHttps
takes the container it is contained within, such as <VirtualHost>
or <Location>
, and treats all requests received for this container as if they were received through HTTPS, regardless of the real protocol used by the request.
See mod_certheaders Module for a list and description of the directives accepted by mod_certheaders.
The mod_context module creates or propagates Execution Context IDs, or ECIDs, for requests handled by Oracle HTTP Server. If an ECID has been created for the request execution flow before it reaches Oracle HTTP Server, mod_context will make the ECID available for logging within Oracle HTTP Server and for propagation to other Fusion Middleware components, such as WebLogic Server. If an ECID has not been created when the request reaches Oracle HTTP Server, mod_context will create one.
mod_context is not configurable. It enables loading ECIDs into the server with the LoadModule directive, and disabled by removing or commenting out the LoadModule directive corresponding to this module. It should always be enabled to aid with problem diagnosis.
The mod_dms module provides FMW infrastructure access to the OHS Oracle Dynamic Monitoring Service (DMS) data.
See Also:
Oracle Dynamic Monitoring Service in Tuning Performance.
The mod_odl module allows Oracle HTTP Server to access Oracle Diagnostic Logging (ODL). ODL generates log messages in text or XML-formatted logs, in a format which complies with Oracle standards for generating error log messages. Oracle HTTP Server uses ODL by default.
ODL provides the following benefits:
The capability to limit the total amount of diagnostic information saved. You can set the level of information saved and you can specify the maximum size of the log file and the log file directory.
When you reach the specified size, older segment files are removed and newer segment files are saved in chronological fashion.
Components can remain active, and do not need to be shutdown, when older diagnostic logging files are deleted.
You can view log files using Fusion Middleware Control or with WLST commands, or you can download log files to your local client and view them using another tool (for example, a text edit or another file viewing utility)
For more information on using ODL with Oracle HTTP Server, see Managing Oracle HTTP Server Logs.
See Also:
Managing Log Files and Diagnostic Datain Administering Oracle Fusion Middleware.
This module provides the OraAuditEnable directive to support authentication and authorization auditing by using the FMW Common Audit Framework. Previously the code for Audit was integrated in Oracle HTTP Server binary itself. In the current release, this is provided as a separate loadable module. For more information, see Support for FMW Audit Framework.
The mod_ossl module, the Oracle Secure Sockets Layer (SSL) implementation used in the Oracle database, enables strong cryptography for Oracle HTTP Server. It is a plug-in to Oracle HTTP Server that enables the server to use SSL and is very similar to the OpenSSL module, mod_ssl. The mod_ossl module supports TLS versions 1, 1.1 and 1.2, and is based on Certicom and RSA Security technology.
Oracle HTTP Server complies with the Federal Information Processing Standard publication 140 (FIPS 140); it uses a version of the underlying SSL libraries that has gone through formal FIPS certification. As part of Oracle HTTP Server's FIPS 140 compliance, the mod_ossl plug-in now includes the SSLFIPS directive. For more information, see SSLFIPS Directive.
Oracle no longer supports the mod_ssl module. A tool is provided to enable you to migrate from mod_ssl to mod_ossl, and convert your text certificates to Oracle wallets.
The mod_ossl modules provides these features:
Encrypted communication between client and server, using RSA or DES encryption standards.
Integrity checking of client/server communication using MD5 or SHA checksum algorithms.
Certificate management with Oracle wallets.
Authorization of clients with multiple access checks, exactly as performed in the mod_ssl module.
mod_ossl Module Directives
See mod_ossl Module for a list and descriptions of directives accepted by the mod_ossl module.
Note:
For more information, see Configuring SSL for the Web Tier in Administering Oracle Fusion Middleware.
The mod_webgate module enables single sign-on (SSO) for Oracle HTTP Server. WebGate examines incoming requests and determines whether the requested resource is protected, and if so, retrieves the session information for the user.
For more information, see Authenticating Users with WebGate and Security: Single Sign-On with WebGate. For information on configuring WebGate, see Configuring WebGate for Oracle Access Manager in Installing and Configuring Oracle HTTP Server.
The mod_wl_ohs module is a key feature of Oracle HTTP Server that enables requests to be proxied from Oracle HTTP Server to Oracle WebLogic Server. This module is generally referred to as the Oracle WebLogic Server Proxy Plug-In. This plug-in enhances an Oracle HTTP server installation by allowing Oracle WebLogic Server to handle requests that require dynamic functionality. In other words, you typically use a plug-in where the HTTP server serves static pages such as HTML pages, while Oracle WebLogic Server serves dynamic pages such as HTTP Servlets and Java Server Pages (JSPs).
For information about the prerequisites and procedure for configuring mod_wl_ohs, see Configuring the Plug-In for Oracle HTTP Server in Using Oracle WebLogic Server Proxy Plug-Ins. Directives for this module are listed in Parameters for Oracle WebLogic Server Proxy Plug-Ins in Using Oracle WebLogic Server Proxy Plug-Ins.
Note:
mod_wl_ohs is similar to the mod_wl plug-in, which you can use to proxy requests from Apache HTTP Server to Oracle WebLogic server. However, while the mod_wl plug-in for Apache HTTP Server should be downloaded and installed separately, the mod_wl_ohs plug-in is bundled with Oracle HTTP Server.
Oracle HTTP Server includes the Apache HTTP Server and third-party modules listed in Table 2-1. These modules are not developed by Oracle.
Table 2-1 Apache HTTP Server and Third-party Modules in Oracle HTTP Server
Module | Enabled by Default? | For more information, see: |
---|---|---|
mod_access_compat |
No |
|
mod_actions |
Yes |
|
mod_alias |
Yes |
|
mod_asis |
Yes |
|
mod_auth_basic |
Yes |
|
mod_authn_anon |
Yes |
|
mod_authn_core |
Yes |
|
mod_authn_file |
Yes |
|
mod_authz_core |
Yes |
|
mod_authnz_fcgi |
No |
|
mod_authz_groupfile |
Yes |
|
mod_authz_host |
Yes |
|
mod_authz_owner |
No |
|
mod_authz_user |
Yes |
|
mod_autoindex |
Yes |
|
mod_cache (Windows only) |
No |
|
mod_cache_disk |
No |
|
mod_disk_cache (Windows only) |
No |
|
mod_cern_meta |
Yes |
|
mod_cgi |
Yes |
|
mod_cgid (UNIX only) |
Yes |
|
mod_deflate |
No |
|
mod_dir |
Yes |
|
mod_dumpio |
No |
|
mod_env |
Yes |
|
mod_expires |
Yes |
|
mod_file_cache |
Yes |
|
mod_filter |
No |
Note: The syntax of the |
mod_headers |
Yes |
|
mod_imagemap |
Yes |
|
mod_include |
Yes |
|
mod_info |
Yes |
|
mod_lbmethod_bybusyness |
No |
|
mod_lbmethod_byrequests |
No |
|
mod_lbmethod_bytraffic |
No |
|
mod_log_config |
Yes |
|
mod_log_forensic |
Yes |
|
mod_logio |
No |
|
mod_macro |
No |
|
mod_mime |
Yes |
|
mod_mime_magic |
Yes |
|
mod_mpm_event |
Yes (Linux only) |
|
mod_mpm_prefork |
No |
|
mod_mpm_winnt (Windows only) |
Yes |
|
mod_mpm_worker |
Yes (on Non-Windows and non-Linux platforms) |
|
mod_negotiation |
Yes |
|
mod_proxy |
Yes |
|
mod_proxy_balancer |
Yes |
|
mod_proxy_connect |
Yes |
|
mod_proxy_fcgi |
No |
|
mod_proxy_ftp |
Yes |
|
mod_proxy_http |
Yes |
|
mod_remoteip |
No |
|
mod_reqtimeout |
No |
|
mod_rewrite |
Yes |
|
mod_security2 |
No |
Also, for Oracle HTTP Server-specific information regarding mod_security, see Configuring mod_security in the httpd.conf File.. |
mod_sed |
No |
|
mod_setenvif |
Yes |
|
mod_slotmem_shm |
Yes |
|
mod_socache_shmcb |
Yes |
|
mod_speling |
Yes |
|
mod_status |
Yes |
|
mod_substitute |
No |
|
mod_unique_id |
Yes |
|
mod_unixd |
Yes |
|
mod_userdir |
Yes |
|
mod_usertrack |
Yes |
|
mod_version |
Yes |
|
mod_vhost_alias |
Yes |
|
mod_proxy_wstunnel |
No |
|