Sun Java System Web Server 6.1 SP11 NSAPI Programmer's Guide

The Object and Client Tags

This section discusses the use of <Object> and <Client> tags in the file obj.conf.

<Object> tags group directives that apply to requests for particular resources, while <Client> tags group directives that apply to requests received from specific clients.

These tags are described in the following topics:

The Object Tag

Directives in the obj.conf file are grouped into objects that begin with an <Object> tag and end with an </Object> tag. The default object provides instructions to the server about how to process requests by default. Each new object modifies the default object’s behavior.

An Object tag may have a name attribute or a ppath attribute. Either parameter may be a wildcard pattern. For example:

<Object name="cgi">

- or -

<Object ppath="/usr/sun/webserver61/server1/docs/private/*">

The server always starts handling a request by processing the directives in the default object. However, the server switches to processing directives in another object after the NameTrans stage of the default object if either of the following conditions is true:

The successful NameTrans directive specifies a name argument.
The physical path name that results from the NameTrans stage matches the ppath attribute of another object.

When the server has been alerted to use an object other than the default object, it processes the directives in the other object before processing the directives in the default object. For some steps in the process, the server stops processing directives in that particular stage (such as the Service stage) as soon as one is successfully executed, whereas for other stages the server processes all directives in that stage, including the ones in the default object as well as those in the additional object. For more details, see Flow of Control in obj.conf.

Objects that Use the name Attribute

If a NameTrans directive in the default object specifies a name argument, the server switches to processing the directives in the object of that name before processing the remaining directives in the default object.

For example, the following NameTrans directive in the default object assigns the name cgi to any request whose URL starts with http://server_name/cgi/:

<Object name="default">
NameTrans fn="pfx2dir" from="/cgi" 
dir="D:/sun/webserver61/server1/docs/mycgi" 
name="cgi"...
</Object>

When that NameTrans directive is executed, the server starts processing directives in the object named cgi:

<Object name="cgi">
more directives...
</Object>

Objects that Use the ppath Attribute

When the server finishes processing the NameTrans directives in the default object, the logical URL of the request will have been converted to a physical path name. If this physical path name matches the ppath attribute of another object in obj.conf, the server switches to processing the directives in that object before processing the remaining ones in the default object.

For example, the following NameTrans directive translates the http://server_name/ part of the requested URL to D:/Sun/WebServer61/server1/docs/ (which is the document root directory):

<Object name="default">
NameTrans fn="document-root" 
root="D:/Sun/WebServer61/server1/docs"
...
</Object>

The URL http://server_name/internalplan1.html would be translated to D:/Sun/WebServer61/server1/docs/internalplan1.html. However, suppose that obj.conf contains the following additional object:

<Object ppath="*internal*">
more directives...
</Object>

In this case, the partial path *internal* matches the path D:/Sun/WebServer61/server1/docs/internalplan1.html. So now the server starts processing the directives in this object before processing the remaining directives in the default object.

The Client Tag

The <Client> tag is used to limit execution of a set of directives to requests received from specific clients. Directives listed between the <Client> and </Client> tags are executed only when information in the client request matches the parameter values specified.

Client Tag Parameters

The following table lists the <Client> tag parameters.

Table 1–1 Client Tag Parameters


Parameter	Description
`browser`	User-agent string sent by a browser to the Web Server
`chunked`	Boolean value set by a client requesting chunked encoding
`code`	HTTP response code
`dns`	DNS name of the client
`internal`	Boolean value indicating internally generated request
`ip`	IP address of the client
`keep-alive`	Boolean value indicating the client has requested a keep-alive connection
`keysize`	Key size used in an SSL transaction
`match`	Match mode for the <`Client>` tag; valid values are `all`, `any`, and `none`
`method`	HTTP method used by the browser
`name`	Name of an object as specified in a previous `NameTrans` statement
`odds`	Sets a random value for evaluating the enclosed directive; specified as either a percentage or a ratio (for example, 20% or 1/5)
`path`	Physical path to the requested resource
`ppath`	Physical path of the requested resource
`query`	Query string sent in the request
`reason`	Text version of the HTTP response code
`restarted`	Boolean value indicating a request has been restarted
`secret-keysize`	Secret key size used in an SSL transaction
`security`	Indicates an encrypted request
`type`	Type of document requested (such as `text/html` or `image/gif`)
`uri`	URI section of the request from the browser
`urlhost`	DNS name of the virtual server requested by the client (the value is provided in the `Host` header of the client request)
`variable-headers`	Prevents access to a specific site, based on the request by the client. For example, Client variable-headers="Weferer:SKVFVWRKJVZCMHVIBGDA Service type="image/*"fn="deny-existence" </Client>

The <Client> tag parameters provide greater control over when and if directives are executed. In the following example, use of the odds parameter gives a request a 25% chance of being redirected:

<Client odds="25%">
NameTrans fn="redirect" from="/Pogues" 
url-prefix="http://pogues.example.com"
</Client>

One or more wildcard patterns can be used to specify Client tag parameter values.

Wildcards can also be used to exclude clients that match the parameter value specified in the <Client tag>. In the following example, the <Client> tag and the AddLog directive are combined to direct the Web Server to log access requests from all clients except those from the specified subnet:

<Client ip="*~192.85.250.*">
AddLog fn="flex-log" name="access"
</Client>

Using the ~ wildcard negates the expression, so the Web Server excludes clients from the specified subnet.

You can also create a negative match by setting the match parameter of the Client tag to none. In the following example, access requests from the specified subnet are excluded, as are all requests to the virtual server www.sunone.com:

<Client match="none" ip="192.85.250.*" urlhost="www.sunone.com">AddLog fn="flex-log" name="access"</Client>

For more information about wildcard patterns, see Chapter 9, Using Wildcard Patterns.