You can use templates to group URLs together so that you can configure how the proxy handles them. You can make the proxy behave differently depending on the URL the client tries to retrieve. For example, you might require the client to authenticate by typing a user name and password when accessing URLs from a specific domain. Or, you might deny access to URLs that point to image files. You can configure different cache refresh settings based on the file type.
This chapter contains the following sections:
A template is a collection of URLs, called resources. A resource might be a single URL, a group of URLs that have something in common, or an entire protocol. You name and create a template and then you assign URLs to that template by using regular expressions. In this way, you can configure the proxy server to handle requests for various URLs differently. Any URL pattern you can create with regular expressions can be included in a template. The following table lists the default resources and provides some ideas for other templates.
Table 16–1 Resource regular expression wildcard patterns
Regular expression pattern |
What it configures |
---|---|
ftp://.* |
All FTP requests |
http://.* |
All HTTP requests |
https://.* |
All secure HTTP requests |
gopher://.* |
All Gopher requests |
connect://.*:443 |
All SSL (secure) transactions to HTTPS port. |
http://home\.example\.com.* |
All documents on the home.example.com web site. |
.*\.gif.* |
Any URL that includes the string .gif |
.*\.edu.* |
Any URL that includes the string .edu |
http://.*\.edu.* |
Any URL going to a computer in the .edu domain |
Proxy Server allows you to use regular expressions to identify resources. Regular expressions specify a pattern of character strings. In the proxy server, regular expressions are used to find matching patterns in URLs.
The following example shows a regular expression:
[a-z]*://[^:/]*\.abc\.com.*
This regular expression would match any documents from the .abc.com domain. The documents could be of any protocol and could have any file extension.
The following table lists the regular expressions and their corresponding meanings.
Table 16–2 Regular expressions and their meanings
Expression |
Meaning |
---|---|
. |
Matches any single character except a newline. |
x? |
Matches zero or one occurrences of regular expression x. |
x* |
Matches zero or more occurrences of regular expression x. |
x+ |
Matches one or more occurrences of regular expression x. |
x{n,m} |
Matches the character x where x occurs at least n times but no more than m times. |
x{n,} |
Matches the character x where x occurs at least n times. |
x{n} |
Matches the character x where x occurs exactly n times. |
[abc] |
Matches any of the characters enclosed in the brackets. |
[^abc] |
Matches any character not enclosed in the brackets. |
[a-z] |
Matches any characters within the range in the brackets. |
x |
Matches the character x where x is not a special character. |
\x |
Removes the meaning of special character x. |
"x" |
Removes the meaning of special character x. |
xy |
Matches the occurrence of regular expression x followed by the occurrence of regular expression y. |
x|y |
Matches either the regular expression x or the regular expression y. |
^ |
Matches the beginning of a string. |
$ |
Matches the end of a string. |
(x) |
Groups regular expressions. |
This example illustrates how you can use some of the regular expressions in Understanding Regular Expressions.
[a-z]*://([^.:/]*[:/]|.*\.local\.com).*
[a-z]* matches a document of any protocol.
:// matches a (:) followed by (//).
[^.:/]*[:/] matches any character string that does not include a (.),(:) or (/), and is followed by either a (:) or a (/). This expression therefore matches host names that are not fully qualified and hosts with port numbers.
|.*\.local\.com does not match fully qualified domain name host names such as local.com but does match documents in the .local.com domain.
.* matches documents with any file extension.
As noted in Understanding Regular Expressions, the backslash can be used to escape or remove the meaning of special characters. Characters such as the period and question mark have special meanings, and therefore, must be escaped if they are used to represent themselves. The period, in particular, is found in many URLs. So, to remove the special meaning of the period in your regular expression, you need to precede it with a backslash.
You can create lists of wildcard patterns that enable you to specify which URLs can be accessed from your site. Wildcards can be in the form of regular expressions or shell expressions, depending on usage. As a general rule:
Use regular expressions for any pattern that matches destination URLs. This includes <Object ppath=...>, URL filters, and the NameTrans, PathCheck, and ObjectType functions.
Use shell expressions for any pattern that matches incoming client or user IDs, including user names and groups for access control and the IP addresses or DNS names of incoming users, for example, <Client dns=...>.
You can specify several URLs by using regular expression wildcard patterns. Wildcards enable you to filter by domain name or by any URL with a given word in the URL. For example, you might want to block access to URLs that contain the string “careers.” To do this, you could specify http://.*careers.* as the regular expression for the template.
You can create a template using a regular expression wildcard pattern. You can then configure aspects that affect only the URLs specified in that template. For example, you might use one type of caching configuration for .GIF images and another for plain .html files.
Access the Server Manager, and click the Templates tab.
Click the Create Template link. The Create Template page is displayed.
In the Template Name field, type a name for the template you are creating, and click OK.
The name should be something you can easily remember. The Server Manager prompts you to save and apply your changes. You can save the changes after you create a regular expression for the template, as described in the remaining steps.
Access the Server Manager, and click the Templates tab.
Click the Apply Template link.
The Apply Template page is displayed.
Type a regular expression wildcard pattern that includes all of the URLs you want to include in your template in the URL Prefix Wildcard field.
From the Template list, select the name of the new template you just added.
Click OK.
Click Restart Required.
The Apply Changes page is displayed.
Click the Restart Proxy Server button to apply the changes.
You can remove existing templates. Removing a template deletes all of the associated configurations for the template. For example, if you have access control set up for all URLs in the template TEST, removing the TEST template also removes the access control to the URLs contained in then template.
Access the Server Manager, and click the Templates tab.
Click the Remove Template link.
The Remove Template page is displayed.
Choose the template from the Remove list.
Click OK.
Click Restart Required.
The Apply Changes page is displayed.
Click the Restart Proxy Server button to apply the changes.
You can view and edit the templates created in the Server Manager.
Access the Server Manager, and click the Templates tab.
Click the View Template link.
The View Template page is displayed. The templates are shown in a table that lists the regular expression for the template and the template name.
To edit an existing template, click the Edit Template Assignment link. The Apply Template page is displayed.
You can delete an entire regular expression object and its corresponding configurations with the Remove Resource page. For instance, you can remove the gopher resource so that all settings associated with that resource will be removed from the proxy server’s configuration files.
Access the Server Manager, and click the Templates tab.
Click the Remove Resource link.
The Remove Resource page is displayed.
Select the resource that you want to remove by choosing it from the Remove drop-down list.
Click OK.
Click Restart Required.
The Apply Changes page is displayed.
Click the Restart Proxy Server button to apply the changes.