Sun ONE logo      Previous      Contents      Index      Next     

Sun ONE Web Server 6.1 Administrator's Configuration File Reference

Chapter 4
Predefined SAFs in obj.conf

The obj.conf configuration file contains directives that instruct the Sun™ Open Net Environment (Sun ONE) Web Server how to handle HTTP and HTTPS requests from clients and service web server content such as native server plugins and CGI programs. You can modify and extend the request-handling process by adding or changing the instructions in obj.conf.

All obj.conf files are located in the instance_dir/config directory, where instance_dir is the path to the installation directory of the server instance. There is one obj.conf file for each virtual server class, unless several virtual server classes are configured to share an obj.conf file. Whenever this guide refers to "the obj.conf file," it refers to all obj.conf files or to the obj.conf file for the virtual server class being described.

By default, the obj.conf file for the initial virtual server class is named obj.conf, and the obj.conf files for the administrator-defined virtual server classes are named virtual_server_class_id.obj.conf. Editing one of these files directly or through the Administration interface changes the configuration of a virtual server class.

This chapter describes the standard directives and predefined Server Application Functions (SAFs) that are used in the obj.conf file to give instructions to the server. For details about the syntax and use of the obj.conf file, refer to the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

Each SAF has its own arguments, which are passed to it by a directive in obj.conf. Every SAF is also passed additional arguments that contain information about the request (such as what resource was requested and what kind of client requested it), and any other server variables created or modified by SAFs called by previously invoked directives. Each SAF may examine, modify, or create server variables. Each SAF returns a result code that tells the server whether it succeeded, did nothing, or failed.

This chapter includes functions that are part of the core functionality of Sun ONE Web Server. It does not include functions that are available only if additional components, such as server-parsed HTML, are enabled.

This chapter covers the following stages:

For an alphabetical list of predefined SAFs, see "Alphabetical List of Predefined SAFs.".

The following table lists the SAFs that can be used with each directive.

Table 4-1  Available Server Application Functions (SAFs) Per Directive

Directive

Server Application Functions

AuthTrans

basic-auth                         
basic-ncsa
get-sslid
match-browser
qos-handler
set-variable

NameTrans

assign-name
document-root
home-page
match-browser
ntrans-dav
ntrans-j2ee
pfx2dir
redirect
set-variable
strip-params
unix-home

PathCheck

check-acl
deny-existence
find-index
find-links
find-pathinfo
get-client-cert
load-config
match-browser
nt-uri-clean
ntcgicheck
require-auth
set-variable
set-virtual-index
ssl-check
ssl-logout
unix-uri-clean

ObjectType

force-type
match-browser
set-default-type
set-variable
shtml-hacktype
type-by-exp
type-by-extension

Input

insert-filter
match-browser
remove-filter
set-variable

Output

insert-filter
match-browser
remove-filter
set-variable

Service

add-footer
add-header
append-trailer
imagemap
index-common
index-simple
key-toosmall
list-dir
make-dir
match-browser
query-handler
remove-dir
remove-file
remove-filter
rename-file
send-cgi
send-error
send-file
send-range
send-shellcgi
send-wincgi
service-dump
service-j2ee
service-trace
set-variable
shtml_send
stats-xml
upload-file

AddLog

common-log
flex-log
match-browser
record-useragent
set-variable

Error

error-j2ee
match-browser
qos-error
query-handler
remove-filter
send-error
set-variable


The bucket Parameter

The following performance buckets are predefined in Sun ONE Web Server:

You can define additional performance buckets in the magnus.conf file (see the perf-init and define-perf-bucket functions).

You can measure the performance of any SAF in obj.conf by adding a bucket=bucket-name parameter to the function, for example bucket=cache-bucket.

To list the performance statistics, use the service-dump Service function.

As an alternative, you can use the stats-xml Service function to generate performance statistics; use of buckets is optional.

For more information about performance buckets, see the Sun ONE Web Server 6.1 Performance Tuning, Sizing, and Scaling Guide.


AuthTrans

AuthTrans stands for Authorization Translation. AuthTrans directives give the server instructions for checking authorization before allowing a client to access resources. AuthTrans directives work in conjunction with PathCheck directives. Generally, an AuthTrans function checks if the user name and password associated with the request are acceptable, but it does not allow or deny access to the request; that is left to a PathCheck function.

The server handles the authorization of client users in two steps:

The authorization process is split into two steps so that multiple authorization schemes can be easily incorporated, and to provide the flexibility to have resources that record authorization information, but do not require it.

AuthTrans functions get the user name and password from the headers associated with the request. When a client initially makes a request, the user name and password are unknown so the AuthTrans functions and PathCheck functions work together to reject the request, since they can’t validate the user name and password. When the client receives the rejection, its usual response is to present a dialog box asking for the user name and password to enter the appropriate realm, and then the client submits the request again, this time including the user name and password in the headers.

If there is more than one AuthTrans directive in obj.conf, each function is executed in order until one succeeds in authorizing the user.

The following AuthTrans-class functions are described in detail in this section:

basic-auth

Applicable in AuthTrans-class directives.

The basic-auth function calls a custom function to verify authorization information sent by the client. The Authorization header is sent as part of the basic server authorization scheme.

This function is usually used in conjunction with the PathCheck-class function require-auth.

Parameters

The following table describes parameters for the basic-auth function.

Table 4-2  basic-auth parameters

Parameter

Description

auth-type

Specifies the type of authorization to be used. This should always be basic.

userdb

(Optional) Specifies the full path and file name of the user database to be used for user verification. This parameter will be passed to the user function.

userfn

Name of the user custom function to verify authorization. This function must have been previously loaded with load-modules. It has the same interface as all of the SAFs, but it is called with the user name (user), password (pw), user database (userdb), and group database (groupdb) if supplied, in the pb parameter. The user function should check the name and password using the database and return REQ_NOACTION if they are not valid. It should return REQ_PROCEED if the name and password are valid. The basic-auth function will then add auth-type, auth-user (user), auth-db (userdb), and auth-password (pw, Windows only) to the rq->vars pblock.

groupdb

(Optional) Specifies the full path and file name of the user database. This parameter will be passed to the group function.

groupfn

(Optional) Name of the group custom function that must have been previously loaded with load-modules. It has the same interface as all of the SAFs, but it is called with the user name (user), password (pw), user database (userdb), and group database (groupdb) in the pb parameter. It also has access to the auth-type, auth-user (user), auth-db (userdb), and auth-password (pw, Windows only) parameters in the rq->vars pblock. The group function should determine the user’s group using the group database, add it to rq->vars as auth-group, and return REQ_PROCEED if found. It should return REQ_NOACTION if the user’s group is not found.

bucket

(Optional) Common to all obj.conf functions.

Examples

In magnus.conf:

Init fn=load-modules shlib=/path/to/mycustomauth.so funcs=hardcoded_auth

In obj.conf:

AuthTrans fn=basic-auth auth-type=basic userfn=hardcoded_auth

PathCheck fn=require-auth auth-type=basic realm="Marketing Plans"

See Also

require-auth

basic-ncsa

Applicable in AuthTrans-class directives.

The basic-ncsa function verifies authorization information sent by the client against a database. The Authorization header is sent as part of the basic server authorization scheme.

This function is usually used in conjunction with the PathCheck-class function require-auth.

Parameters

The following table describes parameters for the basic-ncsa function.

Table 4-3  basic-auth parameters

Parameter

Description

auth-type

Specifies the type of authorization to be used. This should always be basic.

dbm

(Optional) Specifies the full path and base file name of the user database in the server's native format. The native format is a system DBM file, which is a hashed file format allowing instantaneous access to billions of users. If you use this parameter, don’t use the userfile parameter as well.

userfile

(Optional) Specifies the full path name of the user database in the NCSA-style HTTPD user file format. This format consists of lines using the format name:password, where password is encrypted. If you use this parameter, don’t use dbm.

grpfile

(Optional) Specifies the NCSA-style HTTPD group file to be used. Each line of a group file consists of group:user1 user2 ... userN where each user is separated by spaces.

bucket

(Optional) Common to all obj.conf functions.

Examples

AuthTrans fn=basic-ncsa auth-type=basic dbm=/sun/server61/userdb/rs

PathCheck fn=require-auth auth-type=basic realm="Marketing Plans"
AuthTrans fn=basic-ncsa auth-type=basic userfile=/sun/server61/.htpasswd grpfile=/sun/server61/.grpfile

PathCheck fn=require-auth auth-type=basic realm="Marketing Plans"

See Also

require-auth

get-sslid

Applicable in AuthTrans-class directives.


Note

This function is provided for backward compatibility only. The functionality of get-sslid has been incorporated into the standard processing of an SSL connection.


The get-sslid function retrieves a string that is unique to the current SSL session, and stores it as the ssl-id variable in the Session->client parameter block.

If the variable ssl-id is present when a CGI is invoked, it is passed to the CGI as the HTTPS_SESSIONID environment variable.

The get-sslid function has no parameters and always returns REQ_NOACTION. It has no effect if SSL is not enabled.

Parameters

The following table describes parameters for the get-sslid function.

Table 4-4  get-sslid parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

match-browser

Applicable in all stage directives.

The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables.

Syntax

stage fn="match-browser" browser="string" name="value" [name="value" ...]

Parameters

The following table describes parameter values for the match-browser function.

Table 4-5  match-browser parameter values

Value

Description

stage

Stage directive used in obj.conf processing (NameTrans, PathCheck, and so on). The match-browser function is applicable in all stage directives.

string

Wildcard pattern to compare against the User-Agent header (for example, "*Mozilla*").

name

Variable to be changed. The match-browser SAF indirectly invokes the set-variable SAF. For a list of valid variables, see set-variable.

value

New value for the specified variable.

Example

The following AuthTrans directive instructs Sun ONE Web Server to do as follows when the browser's User-Agent header contains the string Broken or broken. The server will:

See Also

set-variable

qos-handler

Applicable in AuthTrans-class directives.

The qos-handler function examines the current quality of service statistics for the virtual server, virtual server class, and global server, logs the statistics, and enforces the QOS parameters by returning an error. This must be the first AuthTrans function configured in the default object in order to work properly.

The code for this SAF is one of the examples provided in the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

For more information, see the Sun ONE Web Server 6.1 Performance Tuning, Sizing, and Scaling Guide.

Parameters

The following table describes parameters for the qos-handler function.

Table 4-6  qos-handler parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

Example

AuthTrans fn=qos-handler

See Also

qos-error

set-variable

Applicable in all stage directives.

The set-variable function enables you to change server settings based upon conditional information in a request. It can also be used to manipulate variables in parameter blocks with the following commands:


Note

For more information about parameter blocks, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.


Syntax

stage fn="set-variable" [{insert|set|remove}-pblock="name=value" ...]
[
name="value" ...]

Parameters

The following table describes parameter values for the set-variable function.

Table 4-7  set-variable parameter values

Value

Description

pblock

One of the following Session/Request parameter block names:

  • client: Contains the IP address of the client machine and the DNS name of the remote machine. For more information, see the description of the Session->client function in the “Data Structure Reference” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.
  • vars: Contains the server's working variables, which includes anything not specifically found in the reqpb, headers, or srvhdrs pblocks. The contents of this pblock differ, depending upon the specific request and the type of SAF.
  •  reqpb: Contains elements of the HTTP request, which includes the HTTP method (GET, POST, and so on), the URI, the protocol (generally HTTP/1.0), and the query string. This pblock doesn’t usually change during the request-response process.
    headers: Contains all the request headers (such as User-Agent, If-Modified-Since, and so on) received from the client in the HTTP request. This pblock doesn’t usually change during the request-response process. For more information about request headers, see the “Hypertext Transfer Protocol” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.
  •  srvhdrs: Contains the response headers (such as Server, Date, Content-type, Content-length, and so on) that are to be sent to the client in the HTTP response. For more information about response headers, see the “Hypertext Transfer Protocol” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

Note: For more information about parameter blocks, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

name

The variable to set.

value

The string assigned to the variable specified by name.

Variables

The following tables lists variables supported by the set-variable SAF.

Table 4-8  Supported Variables

Parameter

Description

abort

A value of true indicates the result code should be set to REQ_ABORTED. Setting the result code to REQ_ABORTED will abort the current request and send an error to the browser. For information about result codes, see the “Creating Custom SAFs” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

error

Sets the error code to be returned in the event of an aborted browser request.

escape

A boolean value signifying whether a URL should be escaped using util_uri_escape. For information about util_uri_escape, see the “NSAPI Function Reference” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

find-pathinfo-forward

Path information after the file name in a URI. See find-pathinfo.

http-downgrade

HTTP version number (for example, 1.0).

http-upgrade

HTTP version number (for example, 1.0).

keep-alive

A boolean value that establishes whether a keep-alive request from a browser will be honored.

name

Specifies an additional named object in the obj.conf file whose directives will be applied to this request. See also assign-name.

noaction

A value of true indicates the result code should be set to REQ_NOACTION. For AuthTrans, NameTrans, Service, and Error stage SAFs, setting the result code to REQ_NOACTION indicates that subsequent SAFs in that stage should be allowed to execute. For information about result codes, see the “Creating Custom SAFs” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

nostat

Causes the server not to perform the stat() function for a URL when possible. See also assign-name.

senthdrs

A boolean value that indicates whether HTTP response headers have been sent to the client.

ssl-unclean-shutdown

A boolean value that can be used to alter the way SSL3 connections are closed. As this violates the SSL3 RFCs, you should only use this with great caution if you know that you are experiencing problems with SSL3 shutdowns.

stop

A value of true indicates the result code should be set to REQ_PROCEED. For AuthTrans, NameTrans, Service, and Error stage SAFs, setting the result code to REQ_PROCEED indicates that no further SAFs in that stage should be allowed to execute. For information about result codes, see the “Creating Custom SAFs” chapter of the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

url

Redirect requests to a specified URL.

Examples
See Also

match-browser


NameTrans

NameTrans stands for Name Translation. NameTrans directives translate virtual URLs to physical directories on your server. For example, the URL

http://www.test.com/some/file.html

could be translated to the full file system path

/usr/Sun/WebServer61/server1/docs/some/file.html

NameTrans directives should appear in the default object. If there is more than one NameTrans directive in an object, the server executes each one in order until one succeeds.

The following NameTrans-class functions are described in detail in this section:

assign-name

Applicable in NameTrans-class directives.

The assign-name function specifies the name of an object in obj.conf that matches the current request. The server then processes the directives in the named object in preference to the ones in the default object.

For example, consider the following directive in the default object:

NameTrans fn=assign-name name=personnel from=/personnel

Let’s suppose the server receives a request for http://server-name/personnel. After processing this NameTrans directive, the server looks for an object named personnel in obj.conf, and continues by processing the directives in the personnel object.

The assign-name function always returns REQ_NOACTION.

Parameters

The following table describes parameters for the assign-name function.

Table 4-9  assign-name parameters

Parameter

Description

from

Wildcard pattern that specifies the path to be affected.

name

Specifies an additional named object in obj.conf whose directives will be applied to this request.

find-pathinfo-forward

(Optional) Makes the server look for the PATHINFO forward in the path right after the ntrans-base instead of backward from the end of path as the server function assign-name does by default.

The value you assign to this parameter is ignored. If you do not wish to use this parameter, leave it out.

The find-pathinfo-forward parameter is ignored if the ntrans-base parameter is not set in rq->vars. By default, ntrans-base is set.

This feature can improve performance for certain URLs by reducing the number of stats performed.

nostat

(Optional) Prevents the server from performing a stat on a specified URL whenever possible.

The effect of nostat="virtual-path" in the NameTrans function assign-name is that the server assumes that a stat on the specified virtual-path will fail. Therefore, use nostat only when the path of the virtual-path does not exist on the system, for example, for NSAPI plugin URLs, to improve performance by avoiding unnecessary stats on those URLs.

When the default PathCheck server functions are used, the server does not stat for the paths /ntrans-base/virtual-path and /ntrans-base/virtual-path/* if ntrans-base is set (the default condition); it does not stat for the URLs /virtual-path and /virtual-path/* if ntrans-base is not set.

bucket

(Optional) Common to all obj.conf functions.

Example

# This NameTrans directive is in the default object.
NameTrans fn=assign-name name=personnel from=/a/b/c/pers
...
<Object name=personnel>
...additional directives..
</Object>

NameTrans fn="assign-name" from="/perf" find-pathinfo-forward="" name="perf"

NameTrans fn="assign-name" from="/nsfc" nostat="/nsfc" name="nsfc"

document-root

Applicable in NameTrans-class directives.

The document-root function specifies the root document directory for the server. If the physical path has not been set by a previous NameTrans function, the http://server-name/ part of the path is replaced by the physical path name for the document root.

When the server receives a request for http://server-name/somepath/somefile, the document-root function replaces http://server-name/ with the value of its root parameter. For example, if the document root directory is /usr/sun/webserver61/server1/docs, then when the server receives a request for http://server-name/a/b/file.html, the document-root function translates the path name for the requested resource to /usr/sun/webserver61/server1/docs/a/b/file.html.

This function always returns REQ_PROCEED. NameTrans directives listed after this will never be called, so be sure that the directive that invokes document-root is the last NameTrans directive.

There can be only one root document directory. To specify additional document directories, use the pfx2dir function to set up additional path name translations.

Parameters

The following table describes parameters for the document-root function.

Table 4-10  document-root parameters

Parameter

Description

root

File system path to the server’s root document directory.

bucket

(Optional) Common to all obj.conf functions.

Examples

NameTrans fn=document-root root=/usr/sun/webserver61/server1/docs

NameTrans fn=document-root root=$docroot

See Also

pfx2dir

home-page

Applicable in NameTrans-class directives.

The home-page function specifies the home page for your server. Whenever a client requests the server’s home page (/), they’ll get the document specified.

Parameters

The following table describes parameters for the home-page function.

Table 4-11  home-page parameters

Parameter

Description

path

Path and name of the home page file. If path starts with a slash (/), it is assumed to be a full path to a file.

This function sets the server’s path variable and returns REQ_PROCEED. If path is a relative path, it is appended to the URI and the function returns REQ_NOACTION continuing on to the other NameTrans directives.

bucket

(Optional) Common to all obj.conf functions.

Examples

NameTrans fn="home-page" path="/path/to/file.html"

NameTrans fn="home-page" path="/path/to/$id/file.html"

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

ntrans-dav

Applicable in NameTrans-class directives.

The ntrans-dav function determines whether a request should be handled by the WebDAV subsystem and if so, adds a dav object to the pipeline.

Parameters

The following table describes parameters for the ntrans-dav function.

Table 4-12  ntrans-dav parameters

Parameter

Description

name

Specifies an additional named object in obj.conf whose directives will be applied to this request.

bucket

(Optional) Common to all obj.conf functions.

Example

NameTrans fn="ntrans-dav" name="dav"

See Also

service-dav

ntrans-j2ee

Applicable in NameTrans-class directives.

The ntrans-j2ee function determines whether a request maps to a Java web application context.

Parameters

The following table describes parameters for the ntrans-j2ee function.

Table 4-13  ntrans-j2ee parameters

Parameter

Description

name

Named object in obj.conf whose directives are applied to requests made to Java web applications.

bucket

(Optional) Common to all obj.conf functions.

Example

NameTrans fn="ntrans-j2ee" name="j2ee"

See Also

service-j2ee, error-j2ee

pfx2dir

Applicable in NameTrans-class directives.

The pfx2dir function replaces a directory prefix in the requested URL with a real directory name. It also optionally allows you to specify the name of an object that matches the current request. (See the discussion of assign-name for details of using named objects.)

Parameters

The following table describes parameters for the pfx2dir function.

Table 4-14  pfx2dir parameters

Parameter

Description

from

URI prefix to convert. It should not have a trailing slash (/).

dir

Local file system directory path that the prefix is converted to. It should not have a trailing slash (/).

name

(Optional) Specifies an additional named object in obj.conf whose directives will be applied to this request.

find-pathinfo-forward

(Optional) Makes the server look for the PATHINFO forward in the path right after the ntrans-base instead of backward from the end of path as the server function find-pathinfo does by default.

The value you assign to this parameter is ignored. If you do not wish to use this parameter, leave it out.

The find-pathinfo-forward parameter is ignored if the ntrans-base parameter is not set in rq->vars when the server function find-pathinfo is called. By default, ntrans-base is set.

This feature can improve performance for certain URLs by reducing the number of stats performed in the server function find-pathinfo.

On Windows, this feature can also be used to prevent the PATHINFO from the server URL normalization process (changing '\' to '/') when the PathCheck server function find-pathinfo is used. Some double-byte characters have hexadecimal values that may be parsed as URL separator characters such as \ or ~. Using the find-pathinfo-forward parameter can sometimes prevent incorrect parsing of URLs containing double-byte characters.

bucket

(Optional) Common to all obj.conf functions.

Examples

In the first example, the URL http://server-name/cgi-bin/resource (such as http://x.y.z/cgi-bin/test.cgi) is translated to the physical path name /httpd/cgi-local/resource (such as /httpd/cgi-local/test.cgi), and the server also starts processing the directives in the object named cgi.

NameTrans fn=pfx2dir from=/cgi-bin dir=/httpd/cgi-local name=cgi

In the second example, the URL http://server-name/icons/resource (such as http://x.y.z/icons/happy/smiley.gif) is translated to the physical path name /users/nikki/images/resource (such as /users/nikki/images/smiley.gif).

NameTrans fn=pfx2dir from=/icons/happy dir=/users/nikki/images

The third example shows the use of the find-pathinfo-forward parameter. The URL http://server-name/cgi-bin/resource is translated to the physical path name /export/home/cgi-bin/resource.

NameTrans fn="pfx2dir" find-pathinfo-forward="" from="/cgi-bin" dir="/export/home/cgi-bin" name="cgi"

redirect

Applicable in NameTrans-class directives.

The redirect function lets you change URLs and send the updated URL to the client. When a client accesses your server with an old path, the server treats the request as a request for the new URL.

Parameters

The following table describes parameters for the redirect function.

Table 4-15  redirect parameters

Parameter

Description

from

Specifies the prefix of the requested URI to match.

url

(Maybe optional) Specifies a complete URL to return to the client. If you use this parameter, don’t use url-prefix (and vice versa).

url-prefix

(Maybe optional) The new URL prefix to return to the client. The from prefix is simply replaced by this URL prefix. If you use this parameter, don’t use url (and vice versa).

escape

(Optional) Flag that tells the server to util_uri_escape the URL before sending it. It should be yes or no. The default is yes.

For more information about util_uri_escape, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

bucket

(Optional) Common to all obj.conf functions.

Examples

In the first example, any request for http://server-name/whatever is translated to a request for http://tmpserver/whatever.

NameTrans fn=redirect from=/ url-prefix=http://tmpserver

In the second example, any request for http://server-name/toopopular/whatever is translated to a request for http://bigger/better/stronger/morepopular/whatever.

NameTrans fn=redirect from=/toopopular url=http://bigger/better/stronger/morepopular

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.

strip-params

Applicable in NameTrans-class directives.

The strip-params function removes embedded semicolon-delimited parameters from the path. For example, a URI of /dir1;param1/dir2 would become a path of /dir1/dir2. When used, the strip-params function should be the first NameTrans directive listed.

Parameters

The following table describes parameters for the strip-params function.

Table 4-16  strip-params parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

Example

NameTrans fn=strip-params

unix-home

Applicable in NameTrans-class directives.

UNIX Only. The unix-home function translates user names (typically of the form ~username) into the user’s home directory on the server’s UNIX machine. You specify a URL prefix that signals user directories. Any request that begins with the prefix is translated to the user’s home directory.

You specify the list of users with either the /etc/passwd file or a file with a similar structure. Each line in the file should have this structure (elements in the passwd file that are not needed are indicated with *):

username:*:*:groupid:*:homedir:*

If you want the server to scan the password file only once at startup, use the Init-class function init-uhome in magnus.conf.

Parameters

The following table describes parameters for the unix-home function.

Table 4-17  unix-home parameters

Parameter

Description

subdir

Subdirectory within the user’s home directory that contains their web documents.

pwfile

(Optional) Full path and file name of the password file if it is different from /etc/passwd.

name

(Optional) Specifies an additional named object whose directives will be applied to this request.

bucket

(Optional) Common to all obj.conf functions.

Examples

NameTrans fn=unix-home from=/~ subdir=public_html

NameTrans fn=unix-home from /~ pwfile=/mydir/passwd subdir=public_html

See Also

find-links


PathCheck

PathCheck directives check the local file system path that is returned after the NameTrans step. The path is checked for things such as CGI path information and for dangerous elements such as /./and /../ and //, and then any access restriction is applied.

If there is more than one PathCheck directive, each of the functions is executed in order.

The following PathCheck-class functions are described in detail in this section:

check-acl

Applicable in PathCheck-class directives.

The check-acl function specifies an access control list (ACL) to use to check whether the client is allowed to access the requested resource. An access control list contains information about who is or is not allowed to access a resource, and under what conditions access is allowed.

Regardless of the order of PathCheck directives in the object, check-acl functions are executed first. They cause user authentication to be performed, if required by the specified ACL, and will also update the access control state.

Parameters

The following table describes parameters for the check-acl function.

Table 4-18  check-acl parameters

Parameter

Description

acl

Name of an access control list.

path

(Optional) Wildcard pattern that specifies the path for which to apply the ACL.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=check-acl acl="*HRonly*"

find-compressed

Applicable in PathCheck-class directives.

The find-compressed function checks if a compressed version of the requested file is available. If the following conditions are met, find-compressed changes the path to point to the compressed file:

Not all clients support compression. The find-compressed function allows you to use a single URL for both the compressed and noncompressed versions of a file. The version of the file that is selected is based on the individual clients' capabilities.

A compressed version of a file must have the same file name as the noncompressed version but with a .gz suffix. For example, the compressed version of a file named /httpd/docs/index.html would be named /httpd/docs/index.html.gz. To compress files, you can use the freely available gzip program.

Because compressed files are sent as is to the client, you should not compress files such as SHTML pages, CGI programs, or pages created with JavaServer Pages™ (JSP™) technology that need to be interpreted by the server. To compress the dynamic content generated by these types of files, use the http-compression filter.

The find-compressed function does nothing if the HTTP method is not GET or HEAD.

Parameters

The following table describes parameters for the find-compressed function.

Table 4-19  find-compressed parameters

Parameter

Description

check-age

Specifies whether to check if the compressed version is older than the noncompressed version. Possible values are yes and no.

  • If set to yes, the compressed version will not be selected if it is older than the noncompressed version.
  • If set to no, the compressed version will always be selected, even if it is older than the noncompressed version.

By default, the value is set to yes.

vary

Specifies whether to insert a Vary: Accept-Encoding header. Possible values are yes or no.

  • If set to yes, a Vary: Accept-Encoding header is always inserted when a compressed version of a file is selected.
  • If set to no, a Vary: Accept-Encoding header is never inserted.

By default, the value is set to yes.

bucket

(Optional) Common to all obj.conf functions.

Example

<Object name="default">
NameTrans fn="assign-name" from="*.html" name="find-compressed"
...
</Object>
<Object name="find-compressed">
PathCheck fn="find-compressed"
</Object>

See Also

http-compression

deny-existence

Applicable in PathCheck-class directives.

The deny-existence function sends a “not found” message when a client tries to access a specified path. The server sends “not found” instead of “forbidden,” so the user cannot tell if the path exists.

Parameters

The following table describes parameters for the deny-existence function.

Table 4-20  deny-existence parameters

Parameter

Description

path

(Optional) Wildcard pattern of the file system path to hide. If the path does not match, the function does nothing and returns REQ_NOACTION. If the path is not provided, it is assumed to match.

bong-file

(Optional) Specifies a file to send rather than responding with the “not found” message. It is a full file system path.

bucket

(Optional) Common to all obj.conf functions.

Examples

PathCheck fn=deny-existence path=/usr/sun/server61/docs/private

PathCheck fn=deny-existence bong-file=/svr/msg/go-away.html

find-index

Applicable in PathCheck-class directives.

The find-index function investigates whether the requested path is a directory. If it is, the function searches for an index file in the directory, and then changes the path to point to the index file. If no index file is found, the server generates a directory listing.

Note that if the file obj.conf has a NameTrans directive that calls home-page, and the requested directory is the root directory, then the home page rather than the index page is returned to the client.

The find-index function does nothing if there is a query string, if the HTTP method is not GET, or if the path is that of a valid file.

Parameters

The following table describes parameters for the find-index function.

Table 4-21  find-index parameters

Parameter

Description

index-names

Comma-separated list of index file names to look for. Use spaces only if they are part of a file name. Do not include spaces before or after the commas. This list is case-sensitive if the file system is case-sensitive.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=find-index index-names=index.html,home.html

find-links

Applicable in PathCheck-class directives.

UNIX Only. The find-links function searches the current path for symbolic or hard links to other directories or file systems. If any are found, an error is returned. This function is normally used for directories that are not trusted (such as user home directories). It prevents someone from pointing to information that should not be made public.

Parameters

The following table describes parameters for the find-links function.

Table 4-22  find-links parameters

Parameter

Description

disable

Character string of links to disable:

  • h is hard links
  • s is soft links
  • o allows symbolic links from user home directories only if the user owns the target of the link

dir

Directory to begin checking. If you specify an absolute path, any request to that path and its subdirectories is checked for symbolic links. If you specify a partial path, any request containing that partial path is checked for symbolic links. For example, if you use /user/ and a request comes in for some/user/directory, then that directory is checked for symbolic links.

checkFileExistence

Checks linked file for existence and aborts request with 403 (forbidden) if this check fails.

bucket

(Optional) Common to all obj.conf functions.

Examples

PathCheck fn=find-links disable=sh dir=/foreign-dir

PathCheck fn=find-links disable=so dir=public_html

See Also

unix-home

find-pathinfo

Applicable in PathCheck-class directives.

The find-pathinfo function finds any extra path information after the file name in the URL and stores it for use in the CGI environment variable PATH_INFO.

Parameters

The following table describes parameters for the find-pathinfo function.

Table 4-23  find-pathinfo parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

Examples

PathCheck fn=find-pathinfo

PathCheck fn=find-pathinfo find-pathinfo-forward=""

get-client-cert

Applicable in PathCheck-class directives.

The get-client-cert function gets the authenticated client certificate from the SSL3 session. It can apply to all HTTP methods, or only to those that match a specified pattern. It only works when SSL is enabled on the server.

If the certificate is present or obtained from the SSL3 session, the function returns REQ_NOACTION, allowing the request to proceed; otherwise, it returns REQ_ABORTED and sets the protocol status to 403 FORBIDDEN, causing the request to fail and the client to be given the FORBIDDEN status.

Parameters

The following table describes parameters for the get-client-cert function.

Table 4-24  get-client-cert parameters

Parameter

Description

dorequest

Controls whether to actually try to get the certificate, or just test for its presence. If dorequest is absent, the default value is 0.

  • 1 tells the function to redo the SSL3 handshake to get a client certificate, if the server does not already have the client certificate. This typically causes the client to present a dialog box to the user to select a client certificate. The server may already have the client certificate if it was requested on the initial handshake, or if a cached SSL session has been resumed.
  • 0 tells the function not to redo the SSL3 handshake if the server does not already have the client certificate.

If a certificate is obtained from the client and verified successfully by the server, the ASCII base64 encoding of the DER-encoded X.509 certificate is placed in the parameter auth-cert in the Request->vars pblock, and the function returns REQ_PROCEED, allowing the request to proceed.

require

Controls whether failure to get a client certificate will abort the HTTP request. If require is absent, the default value is 1.

  • 1 tells the function to abort the HTTP request if the client certificate is not present after dorequest is handled. In this case, the HTTP status is set to PROTOCOL_FORBIDDEN, and the function returns REQ_ABORTED.
  • 0 tells the function to return REQ_NOACTION if the client certificate is not present after dorequest is handled.

method

(Optional) Specifies a wildcard pattern for the HTTP methods for which the function will be applied. If method is absent, the function is applied to all requests.

bucket

(Optional) Common to all obj.conf functions.

Example

# Get the client certificate from the session.
# If a certificate is not already associated with the
# session, request one.
# The request fails if the client does not present a
# valid certificate.
PathCheck fn="get-client-cert" dorequest="1"

load-config

Applicable in PathCheck-class directives.

The load-config function searches for configuration files in document directories and adds the file’s contents to the server’s existing configuration. These configuration files (also known as dynamic configuration files) specify additional access control information for the requested resource. Depending on the rules in the dynamic configuration files, the server may or may not allow the client to access the requested resource.

Each directive that invokes load-config is associated with a base directory, which is either stated explicitly through the basedir parameter or derived from the root directory for the requested resource. The base directory determines two things:

When you enable dynamic configuration files through the Server Manager interface, the system writes additional objects with ppath parameters into the obj.conf file. If you manually add directives that invoke load-config to the default object (rather than putting them in separate objects), the Server Manager interface might not reflect your changes.

If you manually add PathCheck directives that invoke load-config to the file obj.conf, put them in additional objects (created with the <OBJECT> tag) rather than putting them in the default object. Use the ppath attribute of the OBJECT tag to specify the partial path name for the resources to be affected by the access rules in the dynamic configuration file. The partial path name can be any path name that matches a pattern, which can include wildcard characters.

For example, the following <OBJECT> tag specifies that requests for resources in the directory D:/sun/server61/docs are subject to the access rules in the file my.nsconfig.

<Object ppath="D:/sun/server61/docs/*">
PathCheck fn="load-config" file="my.nsconfig" descend=1 basedir="D:/sun/server61/docs"
</Object>


Note

If the ppath resolves to a resource or directory that is higher in the directory tree (or is in a different branch of the tree) than the base directory, the load-config function is not invoked. This is because the base directory specifies the highest-level directory for which requests will invoke the load-config function.


The load-config function returns REQ_PROCEED if configuration files were loaded, REQ_ABORTED on error, or REQ_NOACTION when no files are loaded.

Parameters

The following table describes parameters for the load-config function.

Table 4-25  load-config parameters

Parameter

Description

file

(Optional) Name of the dynamic configuration file containing the access rules to be applied to the requested resource. If not provided, the file name is assumed to be .nsconfig.

disable-types

(Optional) Specifies a wildcard pattern of types to disable for the base directory, such as magnus-internal/cgi. Requests for resources matching these types are aborted.

descend

(Optional) If present, specifies that the server should search in subdirectories of this directory for dynamic configuration files. For example, descend=1 specifies that the server should search subdirectories. No descend parameter specifies that the function should search only the base directory.

basedir

(Optional) Specifies base directory. This is the highest-level directory for which requests will invoke the load-config function, and is also the directory where the server starts searching for configuration files.

If basedir is not specified, the base directory is assumed to be the root directory that results from translating the requested resource’s URL to a physical path name. For example, if the request is for http://server-name/a/b/file.html, the physical file name would be
/document-root/a/b/file.html.

bucket

(Optional) Common to all obj.conf functions.

Examples

In this example, whenever the server receives a request for any resource containing the substring secret that resides in D:/Sun/WebServer61/server1/docs/nikki/ or a subdirectory thereof, it searches for a configuration file called checkaccess.nsconfig.

The server starts the search in the directory D:/Sun/WebServer61/server1/docs/nikki, and searches subdirectories too. It loads each instance of checkaccess.nsconfig that it finds, applying the access control rules contained therein to determine whether the client is allowed to access the requested resource.

<Object ppath="*secret*">
PathCheck fn="load-config" file="checkaccess.nsconfig" basedir="D:/Sun/WebServer61/server1/docs/nikki" descend="1"
</Object>

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

nt-uri-clean

Applicable in PathCheck-class directives.

Windows Only. The nt-uri-clean function denies access to any resource whose physical path contains \.\, \..\ or \\ (these are potential security problems).

Parameters

The following table describes parameters for the nt-uri-clean function.

Table 4-26  nt-uri-clean parameters

Parameter

Description

tildeok

If present, allows tilde (~) characters in URIs. This is a potential security risk on the Windows platform, where longfi~1.htm might reference longfilename.htm but does not go through the proper ACL checking. If present, “//” sequences are allowed.

dotdirok

If present, “//” sequences are allowed.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=nt-uri-clean

See Also

unix-uri-clean

ntcgicheck

Applicable in PathCheck-class directives.

Windows Only. The ntcgicheck function specifies the file name extension to be added to any file name that does not have an extension, or to be substituted for any file name that has the extension .cgi.

Parameters

The following table describes parameters for the ntcgicheck function.

Table 4-27  ntcgicheck parameters

Parameter

Description

extension

The replacement file extension.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=ntcgicheck extension=pl

See Also

send-cgi, send-wincgi, send-shellcgi

pcheck-dav

Applicable in PathCheck-class directives.

The pcheck-dav function inserts a DAV-specific service function as the first service function if the Translate:f header is present, DAV is enabled for the request uri, and a corresponding source uri for the request uri exists. During the Service stage, this inserted service function restarts the request if necessary; otherwise, REQ_NOACTION is returned.

Parameters

The following table describes parameters for the pcheck-dav function.

Table 4-28  pcheck-dav parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

See Also

ntrans-dav, service-dav

require-auth

Applicable in PathCheck-class directives.

The require-auth function allows access to resources only if the user or group is authorized. Before this function is called, an authorization function (such as basic-auth) must be called in an AuthTrans directive.

If a user was authorized in an AuthTrans directive, and the auth-user parameter is provided, then the user’s name must match the auth-user wildcard value. Also, if the auth-group parameter is provided, the authorized user must belong to an authorized group, which must match the auth-user wildcard value.

Parameters

The following table describes parameters for the require-auth function.

Table 4-29  require-auth parameters

Parameter

Description

path

(Optional) Wildcard local file system path on which this function should operate. If no path is provided, the function applies to all paths.

auth-type

Type of HTTP authorization used, and must match the auth-type from the previous authorization function in AuthTrans. Currently, basic is the only authorization type defined.

realm

String sent to the browser indicating the secure area (or realm) for which a user name and password are requested.

auth-user

(Optional) Specifies a wildcard list of users who are allowed access. If this parameter is not provided, any user authorized by the authorization function is allowed access.

auth-group

(Optional) Specifies a wildcard list of groups that are allowed access.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=require-auth auth-type=basic realm="Marketing Plans" auth-group=mktg auth-user=(jdoe|johnd|janed)

See Also

basic-auth, basic-ncsa

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.

set-virtual-index

Applicable in PathCheck-class directives.

The set-virtual-index function specifies a virtual index for a directory, which determines the URL forwarding. The index can refer to a LiveWire application, a servlet in its own namespace, a Sun™ ONE Application Server applogic, and so on.

REQ_NOACTION is returned if none of the URIs listed in the from parameter match the current URI. REQ_ABORTED is returned if the file specified by the virtual-index parameter is missing, or if the current URI cannot be found. REQ_RESTART is returned if the current URI matches any one of the URIs mentioned in the from parameter, or if there is no from parameter.

Parameters

The following table describes parameters for the set-virtual-index function.

Table 4-30  set-virtual-index parameters

Parameter

Description

virtual-index

URI of the content generator that acts as an index for the URI the user enters.

from

(Optional) Comma-separated list of URIs for which this virtual-index is applicable. If from is not specified, the virtual-index always applies.

bucket

(Optional) Common to all obj.conf functions.

Example

# MyLWApp is a LiveWire application
PathCheck fn=set-virtual-index virtual-index=MyLWApp

ssl-check

Applicable in PathCheck-class directives.

If a restriction is selected that is not consistent with the current cipher settings under Security Preferences, this function opens a popup dialog warning that ciphers with larger secret keysizes need to be enabled. This function is designed to be used together with a Client tag to limit access of certain directories to nonexportable browsers.

The function returns REQ_NOACTION if SSL is not enabled, or if the secret-keysize parameter is not specified. If the secret keysize for the current session is less than the specified secret-keysize and the bong-file parameter is not specified, the function returns REQ_ABORTED with a status of PROTOCOL_FORBIDDEN. If the bong file is specified, the function returns REQ_PROCEED, and the path variable is set to the bong file name. Also, when a keysize restriction is not met, the SSL session cache entry for the current session is invalidated, so that a full SSL handshake will occur the next time the same client connects to the server.

Requests that use ssl-check are not cacheable in the accelerator file cache if ssl-check returns something other than REQ_NOACTION.

Parameters

The following table describes parameters for the ssl-check function.

Table 4-31  ssl-check parameters

Parameter

Description

secret-keysize

(Optional) Minimum number of bits required in the secret key.

bong-file

(Optional) Name of a file (not a URI) to be served if the restriction is not met.

bucket

(Optional) Common to all obj.conf functions.

ssl-logout

Applicable in PathCheck-class directives.

The ssl-logout function invalidates the current SSL session in the server's SSL session cache. This does not affect the current request, but the next time the client connects, a new SSL session will be created. If SSL is enabled, this function returns REQ_PROCEED after invalidating the session cache entry. If SSL is not enabled, it returns REQ_NOACTION.

Parameters

The following table describes parameters for the ssl-logout function.

Table 4-32  ssl-logout parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

unix-uri-clean

Applicable in PathCheck-class directives.

UNIX Only. The unix-uri-clean function denies access to any resource whose physical path contains /./, /../ or // (these are potential security problems).

Parameters

The following table describes parameters for the unix-uri-clean function.

Table 4-33  unix-uri-clean parameters

Parameter

Description

dotdirok

If present, “//” sequences are allowed.

bucket

(Optional) Common to all obj.conf functions.

Example

PathCheck fn=unix-uri-clean

See Also

nt-uri-clean


ObjectType

ObjectType directives determine the MIME type of the file to send to the client in response to a request. MIME attributes currently sent are type, encoding, and language. The MIME type is sent to the client as the value of the Content-Type header.

ObjectType directives also set the type parameter, which is used by Service directives to determine how to process the request according to what kind of content is being requested.

If there is more than one ObjectType directive in an object, all of the directives are applied in the order they appear. If a directive sets an attribute and later directives try to set that attribute to something else, the first setting is used and the subsequent ones are ignored.

The obj.conf file almost always has an ObjectType directive that calls the type-by-extension function. This function instructs the server to look in a particular file (the MIME types file) to deduce the content type from the extension of the requested resource.

The following ObjectType-class functions are described in detail in this section:

force-type

Applicable in ObjectType-class directives.

The force-type function assigns a type to requests that do not already have a MIME type. This is used to specify a default object type.

Make sure that the directive that calls this function comes last in the list of ObjectType directives, so that all other ObjectType directives have a chance to set the MIME type first. If there is more than one ObjectType directive in an object, all of the directives are applied in the order they appear. If a directive sets an attribute and later directives try to set that attribute to something else, the first setting is used and the subsequent ones are ignored.

Parameters

The following table describes parameters for the force-type function.

Table 4-34  force-type parameters

Parameter

Description

type

(Optional) Type assigned to a matching request (the Content-Type header).

enc

(Optional) Encoding assigned to a matching request (the Content-Encoding header).

lang

(Optional) Language assigned to a matching request (the Content-Language header).

charset

(Optional) Character set for the magnus-charset parameter in rq->srvhdrs. If the browser sent the Accept-Charset header or its User-Agent is Mozilla™/1.1 or newer, then append “; charset=charset” to content-type, where charset is the value of the magnus-charset parameter in rq->srvhdrs.

bucket

(Optional) Common to all obj.conf functions.

Example

ObjectType fn=force-type type=text/plain

ObjectType fn=force-type lang=en_US

See Also

type-by-extension, type-by-exp

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

set-default-type

Applicable in ObjectType-class directives.

The set-default-type function allows you to define a default charset, content-encoding, and content-language for the response being sent back to the client.

If the charset, content-encoding, and content-language have not been set for a response, then just before the headers are sent the defaults defined by set-default-type are used. Note that by placing this function in different objects in obj.conf, you can define different defaults for different parts of the document tree.

Parameters

The following table describes parameters for the set-default-type function.

Table 4-35  set-default-type parameters

Parameter

Description

enc

(Optional) Encoding assigned to a matching request (the Content-Encoding header).

lang

(Optional) Language assigned to a matching request (the Content-Language header).

charset

(Optional) Character set for the magnus-charset parameter in rq->srvhdrs. If the browser sent the Accept-Charset header or its User-agent is Mozilla/1.1 or newer, then append “; charset=charset” to content-type, where charset is the value of the magnus-charset parameter in rq->srvhdrs.

bucket

(Optional) Common to all obj.conf functions.

Example

ObjectType fn="set-default-type" charset="iso_8859-1"

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.

shtml-hacktype

Applicable in ObjectType-class directives.

The shtml-hacktype function changes the Content-Type of any .htm or .html file to magnus-internal/parsed-html and returns REQ_PROCEED. This provides backward compatibility with server-side includes for files with .htm or .html extensions. The function may also check the execute bit for the file on UNIX systems. The use of this function is not recommended.

Parameters

The following table describes parameters for the shtml-hacktype function.

Table 4-36  shtml-hacktype parameters

Parameter

Description

exec-hack

(UNIX only, optional) Tells the function to change the content-type only if the execute bit is enabled. The value of the parameter is not important; it need only be provided. You may use exec-hack=true.

bucket

(Optional) Common to all obj.conf functions.

Example

ObjectType fn=shtml-hacktype exec-hack=true

type-by-exp

Applicable in ObjectType-class directives.

The type-by-exp function matches the current path with a wildcard expression. If the two match, the type parameter information is applied to the file. This is the same as type-by-extension, except you use wildcard patterns for the files or directories specified in the URLs.

Parameters

The following table describes parameters for the type-by-exp function.

Table 4-37  type-by-exp parameters

Parameter

Description

exp

Wildcard pattern of paths for which this function is applied.

type

(Optional) Type assigned to a matching request (the Content-Type header).

enc

(Optional) Encoding assigned to a matching request (the Content-Encoding header).

lang

(Optional) Language assigned to a matching request (the Content-Language header).

charset

(Optional) is the character set for the magnus-charset parameter in rq->srvhdrs. If the browser sent the Accept-Charset header or its User-Agent is Mozilla/1.1 or newer, then append “; charset=charset” to content-type, where charset is the value of the magnus-charset parameter in rq->srvhdrs.

bucket

(Optional) Common to all obj.conf functions.

Example

ObjectType fn=type-by-exp exp=*.test type=application/html

See Also

type-by-extension, force-type

type-by-extension

Applicable in ObjectType-class directives.

The type-by-extension function instructs the server to look in a table of MIME type mappings to find the MIME type of the requested resource according to the extension of the requested resource. The MIME type is added to the Content-Type header sent back to the client.

The table of MIME type mappings is created by a MIME element in the server.xml file, which loads a MIME types file or list and creates the mappings. For more information about server.xml and MIME types files, see the Sun ONE Web Server 6.1 Administrator’s Configuration File Reference Guide.

For example, the following two lines are part of a MIME types file:

type=text/html    exts=htm,html
type=text/plain    exts=txt

If the extension of the requested resource is htm or html, the type-by-extension file sets the type to text/html. If the extension is .txt, the function sets the type to text/plain.

Parameters

The following table describes parameters for the type-by-extension function.

Table 4-38  type-by-extension parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

Example

ObjectType fn=type-by-extension

See Also

type-by-exp, force-type


Input

All Input directives are executed when the server or a plugin first attempts to read entity body data from the client.

The Input stage allows you to select filters that will process incoming request data read by the Service step.

NSAPI filters in Sun ONE Web Server 6.1 enable a function to intercept (and potentially modify) the content presented to or generated by another function.

You can add NSAPI filters that process incoming data by invoking the insert-filter SAF in the Input stage of the request-handling process. The Input directives are executed at most once per request.

You can also define the appropriate position of a specific filter within the filter stack. For example, filters that translate content from XML to HTML are placed higher in the filter stack than filters that compress data for transmission. You can use the filter_create function to define the filter's position in the filter stack, and the init-filter-order to override the defined position.

When two or more filters are defined to occupy the same position in the filter stack, filters that were inserted later will appear higher than filters that were inserted earlier. That is, the order of Input fn="insert-filter" and Output fn="insert-filter" directives in obj.conf becomes important.

The following Input-class functions are described in detail in this section:

insert-filter

Applicable in Input-class directives.

The insert-filter SAF is used to add a filter to the filter stack to process incoming (client-to-server) data.

The order of Input fn="insert-filter" and Output fn="insert-filter" directives can be important.

Returns

Returns REQ_PROCEED if the specified filter was inserted successfully or REQ_NOACTION if the specified filter was not inserted because it was not required. Any other return value indicates an error.

Parameters

The following table describes parameters for the insert-filter function.

Table 4-39  insert-filter parameters

Parameter

Description

filter

Specifies the name of the filter to insert.

bucket

(Optional) Common to all obj.conf functions.

Example

Input fn="insert-filter" filter="http-decompression"

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

remove-filter

Applicable in Input-, Output-, Service-, and Error-class directives.

The remove-filter SAF is used to remove a filter from the filter stack. If the filter has been inserted multiple times, only the topmost instance is removed. In general, it is not necessary to remove filters with remove-filter, as they will be removed automatically at the end of the request.

Returns

Returns REQ_PROCEED if the specified filter was removed successfully, or REQ_NOACTION if the specified filter was not part of the filter stack. Any other return value indicates an error.

Parameters

The following table describes parameters for the remove-filter function.

Table 4-40  remove-filter parameters

Parameter

Description

filter

Specifies the name of the filter to remove.

bucket

(Optional) Common to all obj.conf functions.

Example

Input fn="remove-filter" filter="http-compression"

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.


Output

All Output directives are executed when the server or a plugin first attempts to write entity body data from the client.

The Output stage allows you to select filters that will process outgoing data.

You can add NSAPI filters that process outcoming data by invoking the insert-filter SAF in the Output stage of the request-handling process. The Output directives are executed at most once per request.

You can define the appropriate position of a specific filter within the filter stack. For example, filters that translate content from XML to HTML are placed higher in the filter stack than filters that compress data for transmission. You can use the filter_create function to define the filter's position in the filter stack, and the init-filter-order to override the defined position.

When two or more filters are defined to occupy the same position in the filter stack, filters that were inserted later will appear higher than filters that were inserted earlier.

The following Output-class functions are described in detail in this section:

insert-filter

Applicable in Output-class directives.

The insert-filter SAF is used to add a filter to the filter stack to process outgoing (server-to-client) data.

The order of Input fn="insert-filter" and Output fn="insert-filter" directives can be important.

Returns

Returns REQ_PROCEED if the specified filter was inserted successfully, or REQ_NOACTION if the specified filter was not inserted because it was not required. Any other return value indicates an error.

Parameters

The following table describes parameters for the insert-filter function.

Table 4-41  insert-filter parameters

Parameter

Description

filter

Specifies the name of the filter to insert.

bucket

(Optional) Common to all obj.conf functions.

Example

Output fn="insert-filter" filter="http-compression"

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

remove-filter

Applicable in Input-, Output-, Service-, and Error-class directives.

The remove-filter SAF is used to remove a filter from the filter stack. If the filter has been inserted multiple times, only the topmost instance is removed. In general, it is not necessary to remove filters with remove-filter, as they will be removed automatically at the end of the request.

Returns

Returns REQ_PROCEED if the specified filter was removed successfully, or REQ_NOACTION if the specified filter was not part of the filter stack. Any other return value indicates an error.

Parameters

The following table describes parameters for the remove-filter function.

Table 4-42  remove-filter parameters

Parameter

Description

filter

Specifies the name of the filter to remove.

bucket

(Optional) Common to all obj.conf functions.

Example

Output fn="remove-filter" filter="http-compression"

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.


Service

The Service-class of functions sends the response data to the client.

Every Service directive has the following optional parameters to determine whether the function is executed. All optional parameters must match the current request for the function to be executed.

If there is more than one Service-class function, the first one matching the optional wildcard parameters (type, method, and query) is executed.

For more information about the UseOutputStreamSize, flushTimer, ChunkedRequestBufferSize, and ChunkedRequestTimeout parameters, see The UseOutputStreamSize, ChunkedRequestBufferSize, and ChunkedRequestTimeout parameters also have equivalent magnus.conf directives. For more information, see “Chunked Encoding” in the chapter “Syntax and Use of magnus.conf” in the Sun ONE Web Server 6.1 Administrator’s Configuration File Reference. The obj.conf parameters override the magnus.conf directives.

By default, the server sends the requested file to the client by calling the send-file function. The directive that sets the default is:

Service method="(GET|HEAD)" type="*~magnus-internal/*" fn="send-file"

This directive usually comes last in the set of Service-class directives to give all other Service directives a chance to be invoked. This directive is invoked if the method of the request is GET, HEAD, or POST, and the type does not start with magnus-internal/. Note here that the pattern *~ means “does not match.” For a list of characters that can be used in patterns, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

The following Service-class functions are described in detail in this section:

add-footer

Applicable in Service-class directives.

This function appends a footer to an HTML file that is sent to the client. The footer is specified either as a file name or a URI, thus the footer can be dynamically generated. To specify static text as a footer, use the append-trailer function.

Parameters

The following table describes parameters for the add-footer function.

Table 4-43  add-footer parameters

Parameter

Description

file

(Optional) Path name to the file containing the footer. Specify either file or uri.

By default, the path name is relative. If the path name is absolute, pass the NSIntAbsFilePath parameter as yes.

uri

(Optional) URI pointing to the resource containing the footer. Specify either file or uri.

NSIntAbsFilePath

(Optional) If the file parameter is specified, the NSIntAbsFilePath parameter determines whether the file name is absolute or relative. The default is relative. Set the value to yes to indicate an absolute file path.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

Service type=text/html method=GET fn=add-footer file="footers/footer1.html"

Service type=text/html method=GET fn=add-footer file="D:/Sun/WebServer61/server1/footers/footer1.html" NSIntAbsFilePath="yes"

See Also

append-trailer, add-header

add-header

Applicable in Service-class directives.

This function prepends a header to an HTML file that is sent to the client. The header is specified either as a file name or a URI, thus the header can be dynamically generated.

Parameters

The following table describes parameters for the add-header function.

Table 4-44  add-header parameters

Parameter

Description

file

(Optional) Path name to the file containing the header. Specify either file or uri.

By default, the path name is relative. If the path name is absolute, pass the NSIntAbsFilePath parameter as yes.

uri

(Optional) URI pointing to the resource containing the header. Specify either file or uri.

NSIntAbsFilePath

(Optional) If the file parameter is specified, the NSIntAbsFilePath parameter determines whether the file name is absolute or relative. The default is relative. Set the value to yes to indicate an absolute file path.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

Service type=text/html method=GET fn=add-header file="headers/header1.html"

Service type=text/html method=GET fn=add-footer file="D:/Sun/WebServer61/server1/headers/header1.html" NSIntAbsFilePath="yes"

See Also

add-footer, append-trailer

append-trailer

Applicable in Service-class directives.

The append-trailer function sends an HTML file and appends text to the end. It only appends text to HTML files. This is typically used for author information and copyright text. The date the file was last modified can be inserted.

Returns REQ_ABORTED if a required parameter is missing, if there is extra path information after the file name in the URL, or if the file cannot be opened for read-only access.

Parameters

The following table describes parameters for the append-trailer function.

Table 4-45  append-trailer parameters

Parameter

Description

trailer

Text to append to HTML documents. The string is unescaped with util_uri_unescape before being sent. The text can contain HTML tags, and can be up to 512 characters long after unescaping and inserting the date.

If you use the string :LASTMOD:, which is replaced by the date the file was last modified, you must also specify a time format with timefmt.

timefmt

(Optional) Time format string for :LASTMOD:. If timefmt is not provided, :LASTMOD: will not be replaced with the time.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

Service type=text/html method=GET fn=append-trailer trailer="<hr><img src=/logo.gif> Copyright 1999"

# Add a trailer with the date in the format: MM/DD/YY
Service type=text/html method=GET fn=append-trailer timefmt="%D" trailer="<HR>File last updated on: :LASTMOD:"

See Also

add-footer, add-header

imagemap

Applicable in Service-class directives.

The imagemap function responds to requests for imagemaps. Imagemaps are images that are divided into multiple areas that each have an associated URL. The information about which URL is associated with which area is stored in a mapping file.

Parameters

The following table describes parameters for the imagemap function.

Table 4-46  imagemap parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service type=magnus-internal/imagemap method=(GET|HEAD) fn=imagemap

index-common

Applicable in Service-class directives.

The index-common function generates a fancy (or common) list of files in the requested directory. The list is sorted alphabetically. Files beginning with a period (.) are not displayed. Each item appears as an HTML link. This function displays more information than index-simple, including the size, date last modified, and an icon for each file. It may also include a header and/or readme file into the listing.

The Init-class function cindex-init in magnus.conf specifies the format for the index list, including where to look for the images.

If obj.conf contains a call to index-common in the Service stage, magnus.conf must initialize fancy (or common) indexing by invoking cindex-init during the Init stage.

Indexing occurs when the requested resource is a directory that does not contain an index file or a home page, or no index file or home page has been specified by the functions find-index or home-page.

The icons displayed are .gif files dependent on the content-type of the file, as listed in the following table:

Table 4-47  content-type icons

Content-type

Icon

"text/*"

text.gif

"image/*"

image.gif

"audio/*"

sound.gif

"video/*"

movie.gif

"application/octet-stream"

binary.gif

directory

menu.gif

all others

unknown.gif

Parameters

The following table describes parameters for the index-common function.

Table 4-48  index-common parameters

Parameter

Description

header

(Optional) Path (relative to the directory being indexed) and name of a file (HTML or plain text) that is included at the beginning of the directory listing to introduce the contents of the directory. The file is first tried with .html added to the end. If found, it is incorporated near the top of the directory list as HTML. If the file is not found, it is tried without the .html and incorporated as preformatted plain text (bracketed by <PRE> and).

readme

(Optional) Path (relative to the directory being indexed) and name of a file (HTML or plain text) to append to the directory listing. This file might give more information about the contents of the directory, indicate copyrights, authors, or other information. The file is first tried with .html added to the end. If found, it is incorporated at the bottom of the directory list as HTML. If the file is not found, it is tried without the .html and incorporated as preformatted plain text (enclosed by <PRE> and </PRE>).

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn=index-common type=magnus-internal/directory method=(GET|HEAD) header=hdr readme=rdme.txt

See Also

index-simple, find-index, home-page

index-simple

Applicable in Service-class directives.

The index-simple function generates a simple index of the files in the requested directory. It scans a directory and returns an HTML page to the browser displaying a bulleted list of the files and directories in the directory. The list is sorted alphabetically. Files beginning with a period (.) are not displayed. Each item appears as an HTML link.

Indexing occurs when the requested resource is a directory that does not contain either an index file or a home page, or no index file or home page has been specified by the functions find-index or home-page.

Parameters

The following table describes parameters for the index-simple function.

Table 4-49  index-simple parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service type=magnus-internal/directory fn=index-simple

See Also

index-common

key-toosmall

Applicable in Service-class directives.


Note

This function is provided for backward compatibility only and was deprecated in Sun ONE Web Server 4.x. It is replaced by the PathCheck-class SAF ssl-check.


The key-toosmall function returns a message to the client specifying that the secret key size for SSL communications is too small. This function is designed to be used together with a Client tag to limit access of certain directories to nonexportable browsers.

Parameters

The following table describes parameters for the key-toosmall function.

Table 4-50  key-toosmall parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

<Object ppath=/mydocs/secret/*>
Service fn=key-toosmall
</Object>

list-dir

Applicable in Service-class directives.

The list-dir function returns a sequence of text lines to the client in response to a request whose method is INDEX. The format of the returned lines is:

name type size mimetype

The name field is the name of the file or directory. It is relative to the directory being indexed. It is URL-encoded, that is, any character might be represented by %xx, where xx is the hexadecimal representation of the character's ASCII number.

The type field is a MIME type such as text/html. Directories will be of type directory. A file for which the server doesn't have a type will be of type unknown.

The size field is the size of the file, in bytes.

The mtime field is the numerical representation of the date of last modification of the file. The number is the number of seconds since the epoch (Jan 1, 1970 00:00 UTC) since the last modification of the file.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that calls list-dir for requests whose method is INDEX.

Parameters

The following table describes parameters for the list-dir function.

Table 4-51  list-dir parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn=list-dir method="INDEX"

make-dir

Applicable in Service-class directives.

The make-dir function creates a directory when the client sends a request whose method is MKDIR. The function can fail if the server can’t write to that directory.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that invokes make-dir when the request method is MKDIR.

Parameters

The following table describes parameters for the make-dir function.

Table 4-52  make-dir parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn="make-dir" method="MKDIR"

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

query-handler

Applicable in Service- and Error-class directives.


Note

This function is provided for backward compatibility only and is used mainly to support the obsolete ISINDEX tag. If possible, use an HTML form instead.


The query-handler function runs a CGI program instead of referencing the path requested.

Parameters

The following table describes parameters for the query-handler function.

Table 4-53  query-handler parameters

Parameter

Description

path

Full path and file name of the CGI program to run.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

Service query=* fn=query-handler path=/http/cgi/do-grep

Service query=* fn=query-handler path=/http/cgi/proc-info

remove-dir

Applicable in Service-class directives.

The remove-dir function removes a directory when the client sends a request whose method is RMDIR. The directory must be empty (have no files in it). The function will fail if the directory is not empty or if the server doesn’t have the privileges to remove the directory.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that invokes remove-dir when the request method is RMDIR.

Parameters

The following table describes parameters for the remove-dir function.

Table 4-54  remove-dir parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn="remove-dir" method="RMDIR"

remove-file

Applicable in Service-class directives.

The remove-file function deletes a file when the client sends a request whose method is DELETE. It deletes the file indicated by the URL if the user is authorized and the server has the needed file system privileges.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that invokes remove-file when the request method is DELETE.

Parameters

The following table describes parameters for the remove-file function.

Table 4-55  remove-file parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn="remove-file" method="DELETE"

remove-filter

Applicable in Input-, Output-, Service-, and Error-class directives.

The remove-filter SAF is used to remove a filter from the filter stack. If the filter has been inserted multiple times, only the topmost instance is removed. In general, it is not necessary to remove filters with remove-filter, as they will be removed automatically at the end of the request.

Returns

Returns REQ_PROCEED if the specified filter was removed successfully, or REQ_NOACTION if the specified filter was not part of the filter stack. Any other return value indicates an error.

Parameters

The following table describes parameters for the remove-filter function.

Table 4-56  remove-filter parameters

Parameter

Description

filter

Specifies the name of the filter to remove.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn="remove-filter" filter="http-compression"

rename-file

Applicable in Service-class directives.

The rename-file function renames a file when the client sends a request with a New-URL header whose method is MOVE. It renames the file indicated by the URL to New-URL within the same directory if the user is authorized and the server has the needed file system privileges.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that invokes rename-file when the request method is MOVE.

Parameters

The following table describes parameters for the rename-file function.

Table 4-57  rename-file parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn="rename-file" method="MOVE"

send-cgi

Applicable in Service-class directives.

The send-cgi function sets up the CGI environment variables, runs a file as a CGI program in a new process, and sends the results to the client.

For details about the CGI environment variables and their NSAPI equivalents, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

For additional information about CGI, see the Sun ONE Web Server 6.1 Administrator’s Guide, and the Sun ONE Web Server 6.1 Programmer’s Guide

There are three ways to change the timing used to flush the CGI buffer:

Parameters

The following table describes parameters for the send-cgi function.

Table 4-58  send-cgi parameters

Parameter

Description

user

(UNIX only) Specifies the name of the user to execute CGI programs as.

group

(UNIX only) Specifies the name of the group to execute CGI programs as.

chroot

(UNIX only) Specifies the directory to chroot to before execution begins.

dir

(UNIX only) Specifies the directory to chdir to after chroot, but before execution begins.

rlimit_as

(UNIX only) Specifies the maximum CGI program address space in bytes. You can supply both current (soft) and maximum (hard) limits, separated by a comma. The soft limit must be listed first. If only one limit is specified, both limits are set to this value.

rlimit_core

(UNIX only) Specifies the maximum CGI program core file size. A value of 0 disables writing cores. You can supply both current (soft) and maximum (hard) limits, separated by a comma. The soft limit must be listed first. If only one limit is specified, both limits are set to this value.

rlimit_nofile

(UNIX only) Specifies the maximum number of file descriptors for the CGI program. You can supply both current (soft) and maximum (hard) limits, separated by a comma. The soft limit must be listed first. If only one limit is specified, both limits are set to this value.

nice

(UNIX only) Accepts an increment that determines the CGI program's priority relative to the server. Typically, the server is run with a nice value of 0 and the nice increment would be between 0 (the CGI program runs at same priority as server) and 19 (the CGI program runs at much lower priority than server). While it is possible to increase the priority of the CGI program above that of the server by specifying a nice increment of -1, this is not recommended.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

The following example uses variables defined in the server.xml file for the send-cgi parameters. For more information about defining variables, see the Sun ONE Web Server 6.1 Administrator's Configuration File Reference.

<Object name="default">
...
NameTrans fn="pfx2dir" from="/cgi-bin" dir="/home/foo.com/public_html/cgi-bin" name="cgi"
...
</Object>

<Object name="cgi">
ObjectType fn="force-type" type="magnus-internal/cgi"
Service fn="send-cgi" user="$user" group="$group" dir="$dir" chroot="$chroot" nice="$nice"
</Object>

send-error

Applicable in Service-class directives.

The send-error function sends an HTML file to the client in place of a specific HTTP response status. This allows the server to present a friendly message describing the problem. The HTML page may contain images and links to the server’s home page or other pages.

Parameters

The following table describes parameters for the send-error function.

Table 4-59  send-error parameters

Parameter

Description

path

Specifies the full file system path of an HTML file to send to the client. The file is sent as text/html regardless of its name or actual type. If the file does not exist, the server sends a simple default error page.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Error fn=send-error code=401 path=/sun/server61/docs/errors/401.html

send-file

Applicable in Service-class directives.

The send-file function sends the contents of the requested file to the client. It provides the Content-Type, Content-Length, and Last-Modified headers.

Most requests are handled by this function using the following directive (which usually comes last in the list of Service-class directives in the default object, so that it acts as a default):

Service method="(GET|HEAD|POST)" type="*~magnus-internal/*" fn="send-file"

This directive is invoked if the method of the request is GET, HEAD, or POST, and the type does not start with magnus-internal/. Note that the pattern *~ means “does not match.” For a list of characters that can be used in patterns, see the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

Parameters

The following table describes parameters for the send-file function.

Table 4-60  send-file parameters

Parameter

Description

nocache

(Optional) Prevents the server from caching responses to static file requests. For example, you can specify that files in a particular directory are not to be cached, which is useful for directories where the files change frequently.

The value you assign to this parameter is ignored. If you do not wish to use this parameter, leave it out.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service type="*~magnus-internal/*" method="(GET|HEAD)" fn="send-file"

In the following example, the server does not cache static files from /export/somedir/ when requested by the URL prefix /myurl.

<Object name=default>
...
NameTrans fn="pfx2dir" from="/myurl" dir="/export/mydir", name="myname"
...
Service method=(GET|HEAD|POST) type=*~magnus-internal/* fn=send-file
...
</Object>
<Object name="myname">
Service method=(GET|HEAD) type=*~magnus-internal/* fn=send-file nocache=""
</Object>

send-range

Applicable in Service-class directives.

When the client requests a portion of a document, by specifying HTTP byte ranges, the send-range function returns that portion.

Parameters

The following table describes parameters for the send-range function.

Table 4-61  send-range parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn=send-range

send-shellcgi

Applicable in Service-class directives.

Windows Only. The send-shellcgi function runs a file as a shell CGI program and sends the results to the client. Shell CGI is a server configuration that lets you run CGI applications using the file associations set in Windows. For information about shell CGI programs, consult the Sun ONE Web Server 6.1 Administrator’s Guide.

Parameters

The following table describes parameters for the send-shellcgi function.

Table 4-62  send-shellcgi parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions

Examples

Service fn=send-shellcgi

Service type=magnus-internal/cgi fn=send-shellcgi

send-wincgi

Applicable in Service-class directives.

Windows Only. The send-wincgi function runs a file as a Windows CGI program and sends the results to the client. For information about Windows CGI programs, consult the Sun ONE Web Server 6.1 Administrator’s Guide.

Parameters

The following table describes parameters for the send-wincgi function.

Table 4-63  send-wincgi parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

Service fn=send-wincgi

Service type=magnus-internal/cgi fn=send-wincgi

service-dav

Applicable in Service-class directives.

The service-dav function services a request to a WebDAV-enabled URI. In response to a request for a WebDAV resource, the service-dav function services the static content and restarts the request with the sourceuri for dynamic content. The sourceuri is identified by the magnus-internal setting. If no sourceuri is defined for dynamic content, an HTTP error message is returned.

Requests to WebDAV resources are authenticated and authorized by the AuthTrans and PathCheck NSAPI stages, respectively. By default, all access to sourceuri is restricted by the PathCheck entry in the dav object.

OPTIONS on a WebDAV-enabled URI are always handled by the default object's service-dav directive. Therefore, the OPTIONS method is not included in the service-dav directive of the dav object.

In response to an OPTIONS request to a WebDAV-enabled uri (or sourceuri), the service-dav function in the default object adds the necessary DAV headers and returns control to the core server, which then services the request.

For more information on access control for WebDAV resources, see the Sun ONE Web Server 6.1 Administrator’s Guide.

Parameters

The following table describes parameters for the service-dav function.

Table 4-64  service-dav parameters

Parameter

Description

method

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

<Object name="default">
....
Service method="(OPTIONS|PUT|DELETE|COPY|MOVE|PROPFIND|PROPPATCH|LOCK|UNL OCK|MKCOL)" fn="service-dav"
</Object>

<Object name="dav">
PathCheck fn="check-acl" acl="dav-src"
Service fn="service-dav" method="(PUT|DELETE|COPY|MOVE|PROPFIND|PROPPATCH|LOCK|UNLOCK|MKCO L)"
</Object>

See Also

stats-xml

service-dump

Applicable in Service-class directives.

The service-dump function creates a performance report based on collected performance bucket data (see "The bucket Parameter").

To read the report, point the browser here:

http://server_id:port/.perf

Parameters

The following table describes parameters for the service-dump function.

Table 4-65  service-dump parameters

Parameter

Description

type

Must be perf for this function.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

<Object name=default>
NameTrans fn="assign-name" from="/.perf" name="perf"
...
</Object>

<Object name=perf>
Service fn="service-dump"
</Object>

See Also

stats-xml

service-j2ee

Applicable in Service-class directives.

The service-j2ee function services requests made to Java web applications.

Parameters

The following table describes parameters for the service-j2ee function.

Table 4-66  service-j2ee parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

<Object name=default>
NameTrans fn="ntrans-j2ee" name="j2ee"
...
</Object>

<Object name=j2ee>
Service fn="service-j2ee"
</Object>

See Also

ntrans-j2ee, error-j2ee

service-trace

Applicable in Service-class directives.

The service-trace function services TRACE requests. TRACE requests are typically used to diagnose problems with web proxy servers located between a web client and web server.

Parameters

The following table describes parameters for the service_trace function.

Table 4-67  service-trace parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

<Object name="default">
...
Service method="TRACE" fn="service-trace"
...
</Object>

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.

shtml_send

Applicable in Service-class directives.

The shtml_send function parses an HTML document, scanning for embedded commands. These commands may provide information from the server, include the contents of other files, or execute a CGI program. The shtml_send function is only available when the Shtml plugin (libShtml.so on UNIX libShtml.dll on Windows) is loaded. Refer to the Sun ONE Web Server 6.1 Programmer’s Guide for server-parsed HTML commands.

Parameters

The following table describes parameters for the shtml_send function.

Table 4-68  shtml-send parameters

Parameter

Description

ShtmlMaxDepth

Maximum depth of include nesting allowed. The default value is 10.

addCgiInitVars

(UNIX only) If present and equal to yes (the default is no), adds the environment variables defined in the init-cgi SAF to the environment of any command executed through the SHTML exec tag.

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service type=magnus-internal/shtml_send method=(GET|HEAD) fn=shtml_send

stats-xml

Applicable in Service-class directives.

The stats-xml function creates a performance report in XML format. If performance buckets have been defined, this performance report includes them.

However, you do need to initialize this function using the stats-init function in magnus.conf, then use a NameTrans function to direct requests to the stats-xml function. See the examples below.

The report is generated here:

http://server_id:port/stats-xml/iwsstats.xml

The associated DTD file is here:

http://server_id:port/stats-xml/iwsstats.dtd

For more information about the format of the iwsstats.xml file, see the Sun ONE Web Server 6.1 Performance Tuning, Sizing, and Scaling Guide

Parameters

The following table describes parameters for the stats-xml function.

Table 4-69  stats-xml parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Examples

In magnus.conf:

Init fn="stats-init" update-interval="5" virtual-servers="2000" profiling="yes"

In obj.conf:

<Object name="default">
...
NameTrans fn="assign-name" from="/stats-xml/*" name="stats-xml"
...
</Object>
...
<Object name="stats-xml">
Service fn="stats-xml"
</Object>

See Also

service-dump

upload-file

Applicable in Service-class directives.

The upload-file function uploads and saves a new file when the client sends a request whose method is PUT if the user is authorized and the server has the needed file system privileges.

When remote file manipulation is enabled in the server, the obj.conf file contains a Service-class function that invokes upload-file when the request method is PUT.

Parameters

The following table describes parameters for the upload-file function.

Table 4-70  upload-file parameters

Parameter

Description

type

(Optional) Common to all Service-class functions.

method

(Optional) Common to all Service-class functions.

query

(Optional) Common to all Service-class functions.

UseOutputStreamSize

(Optional) Common to all Service-class functions.

flushTimer

(Optional) Common to all Service-class functions.

ChunkedRequestBufferSize

(Optional) Common to all Service-class functions.

ChunkedRequestTimeout

(Optional) Common to all Service-class functions.

bucket

(Optional) Common to all obj.conf functions.

Example

Service fn=upload-file


AddLog

After the server has responded to the request, the AddLog directives are executed to record information about the transaction.

If there is more than one AddLog directive, all are executed.

The following AddLog-class functions are described in detail in this section:

common-log

Applicable in AddLog-class directives.

The common-log function records request-specific data in the common log format (used by most HTTP servers). There is a log analyzer in the /extras/log_anly directory for Sun ONE Web Server.

The common log must have been initialized previously by the init-clf function. For information about rotating logs, see flex-rotate-init in the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

There are also a number of free statistics generators for the common log format.

Parameters

The following table describes parameters for the common-log function.

Table 4-71  common-log parameters

Parameter

Description

name

(Optional) Gives the name of a log file, which must have been given as a parameter to the init-clf function in magnus.conf. If no name is given, the entry is recorded in the global log file.

iponly

(Optional) Instructs the server to log the IP address of the remote client rather than looking up and logging the DNS name. This will improve performance if DNS is off in the magnus.conf file. The value of iponly has no significance, as long as it exists; you may use iponly=1.

bucket

(Optional) Common to all obj.conf functions.

Examples

# Log all accesses to the global log file
AddLog fn=common-log
# Log accesses from outside our subnet (198.93.5.*) to
# nonlocallog
<Client ip="*~198.93.5.*">
AddLog fn=common-log name=nonlocallog
</Client>

See Also

record-useragent, flex-log

flex-log

Applicable in AddLog-class directives.

The flex-log function records request-specific data in a flexible log format. It may also record requests in the common log format. There is a log analyzer in the /extras/flexanlg directory for Sun ONE Web Server.

There are also a number of free statistics generators for the common log format.

The log format is specified by the flex-init function call. For information about rotating logs, see flex-rotate-init in the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

Parameters

The following table describes parameters for the flex-log function.

Table 4-72  flex-log parameters

Parameter

Description

name

(Optional) Gives the name of a log file, which must have been given as a parameter to the flex-init function in magnus.conf. If no name is given, the entry is recorded in the global log file.

iponly

(Optional) Instructs the server to log the IP address of the remote client rather than looking up and logging the DNS name. This will improve performance if DNS is off in the magnus.conf file. The value of iponly has no significance, as long as it exists; you may use iponly=1.

bucket

(Optional) Common to all obj.conf functions.

buffers-per-file

Specifies the number of buffers for a given log file. The default value is determined by the server.

Access log entries can be logged in strict chronological order by using a single buffer per log file. To accomplish this, add buffers-per-file="1" to the Init fn="flex-init" line in magnus.conf. This ensures that requests are logged in chronological order. Note that this approach will result in decreased performance when the server is under heavy load.

Examples

# Log all accesses to the global log file
AddLog fn=flex-log
# Log accesses from outside our subnet (198.93.5.*) to
# nonlocallog
<Client ip="*~198.93.5.*">
AddLog fn=flex-log name=nonlocallog
</Client>

See Also

common-log, record-useragent

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

record-useragent

Applicable in AddLog-class directives.

The record-useragent function records the IP address of the client, followed by its User-Agent HTTP header. This indicates what version of the client was used for this transaction.

Parameters

The following table describes parameters for the record-useragent function.

Table 4-73  record-useragent parameters

Parameter

Description

name

(Optional) Gives the name of a log file, which must have been given as a parameter to the init-clf function in magnus.conf. If no name is given, the entry is recorded in the global log file.

bucket

(Optional) Common to all obj.conf functions.

Example

# Record the client ip address and user-agent to browserlog
AddLog fn=record-useragent name=browserlog

See Also

common-log, flex-log

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.


Error

If a Server Application Function results in an error, it sets the HTTP response status code and returns the value REQ_ABORTED. When this happens, the server stops processing the request. Instead, it searches for an Error directive matching the HTTP response status code or its associated reason phrase, and executes the directive’s function. If the server does not find a matching Error directive, it returns the response status code to the client.

The following Error-class functions are described in detail in this section:

error-j2ee

Applicable in Error-class directives.

The error-j2ee function handles errors that occur during execution of web applications deployed to the Sun ONE Web Server individually or as part of full J2EE applications.file name

Parameters

The following table describes parameters for the error-j2ee function.

Table 4-74  error-j2ee Parameters

Parameter

Description

bucket

(Optional) Common to all obj.conf functions.

See Also

ntrans-j2ee, service-j2ee

match-browser

Applicable in all stage directives. The match-browser SAF matches specific strings in the User-Agent string supplied by the browser, and then modifies the behavior of Sun ONE Web Server based upon the results by setting values for specified variables. See match-browser.

qos-error

Applicable in Error-class directives.

The qos-error function returns an error page stating which quality of service limits caused the error, and what the value of the QOS statistic was.

The code for this SAF is one of the examples in the Sun ONE Web Server 6.1 NSAPI Programmer’s Guide.

For more information, see the Sun ONE Web Server 6.1 Performance Tuning, Scaling, and Sizing Guide.

Parameters

The following table describes parameters for the qos-error function.

Table 4-75  qos-error parameters

Parameter

Description

code

(Optional) Three-digit number representing the HTTP response status code, such as 401 or 407. The recommended value is 503.

This can be any HTTP response status code or reason phrase according to the HTTP specification.

The following is a list of common HTTP response status codes and reason strings:

  • 401 Unauthorized
  • 403 Forbidden
  • 404 Not Found
  • 500 Server Error

bucket

(Optional) Common to all obj.conf functions.

Example

Error fn=qos-error code=503

See Also

qos-handler

query-handler

Applicable in Service- and Error-class directives.


Note

This function is provided for backward compatibility only and is used mainly to support the obsolete ISINDEX tag. If possible, use an HTML form instead.


The query-handler function runs a CGI program instead of referencing the path requested.

Parameters

The following table describes parameters for the query-handler function.

Table 4-76  query-handler parameters

Parameter

Description

path

Full path and file name of the CGI program to run.

reason

(Optional) Text of one of the reason strings (such as “Unauthorized” or “Forbidden”). The string is not case-sensitive.

code

(Optional) Three-digit number representing the HTTP response status code, such as 401 or 407.

This can be any HTTP response status code or reason phrase according to the HTTP specification.

The following is a list of common HTTP response status codes and reason strings:

  • 401 Unauthorized
  • 403 Forbidden
  • 404 Not Found
  • 500 Server Error

bucket

(Optional) Common to all obj.conf functions.

Examples

Error query=* fn=query-handler path=/http/cgi/do-grep

Error query=* fn=query-handler path=/http/cgi/proc-info

remove-filter

Applicable in Input-, Output-, Service-, and Error-class directives.

The remove-filter SAF is used to remove a filter from the filter stack. If the filter has been inserted multiple times, only the topmost instance is removed. In general, it is not necessary to remove filters with remove-filter, as they will be removed automatically at the end of the request.

Returns

Returns REQ_PROCEED if the specified filter was removed successfully, or REQ_NOACTION if the specified filter was not part of the filter stack. Any other return value indicates an error.

Parameters

The following table describes parameters for the remove-filter function.

Table 4-77  remove-filter parameters

Parameter

Description

filter

Specifies the name of the filter to remove.

bucket

(Optional) Common to all obj.conf functions.

Example

Error fn="remove-filter" filter="http-compression"

send-error

Applicable in Error-class directives.

The send-error function sends an HTML file to the client in place of a specific HTTP response status. This allows the server to present a friendly message describing the problem. The HTML page may contain images and links to the server’s home page or other pages.

Parameters

The following table describes parameters for the send-error function.

Table 4-78  send-error parameters

Parameter

Description

path

Specifies the full file system path of an HTML file to send to the client. The file is sent as text/html regardless of its name or actual type. If the file does not exist, the server sends a simple default error page.

reason

(Optional) Text of one of the reason strings (such as “Unauthorized” or “Forbidden”). The string is not case-sensitive.

code

(Optional) Three-digit number representing the HTTP response status code, such as 401 or 407.

This can be any HTTP response status code or reason phrase according to the HTTP specification.

The following is a list of common HTTP response status codes and reason strings:

  • 401 Unauthorized
  • 403 Forbidden
  • 404 Not Found
  • 500 Server Error

bucket

(Optional) Common to all obj.conf functions.

Example

Error fn=send-error code=401 path=/sun/server61/docs/errors/401.html

set-variable

Applicable in all stage directives. The set-variable SAF enables you to change server settings based upon conditional information in a request, and to manipulate variables in parameter blocks by using specific commands. See set-variable.



Previous      Contents      Index      Next     


Copyright 2004 Sun Microsystems, Inc. All rights reserved.