Configuring HTTPD (System Administrator)

Switches and Parameters in $TCP:TCPIP.CONFIG

HTTPD Namelist Parameters

Creating Alternate HTTP Servers

Alternate HTTP Server Exec File

Aliases for Web Resources

Authorizing Logon CGIs

Changing, Adding and Deleting MIME Types

Configuring HTTPD (System Administrator)

The WEB server (HTTPD) is configured by the system administrator by setting options in the file $TCP:TCPIP.CONFIG. The system administrator can also configure HTTPD by changing parameters in the $TCP:HTTPD exec file.

HTTPD_ALLOWED_FILES *:*HTTP\*

This entry defines the MASK for any file allowed to be accessed via HTTPD. For example to allow the subdirectory HTTPD on userids that begin with dollar to be accessible you specify $*:HTTPD\*

The default is *:*HTTP\*

HTTPD_ALLOW_PUBLIC no

This entry specifies whether public files not fitting the HTTP_ALLOWED_FILES mask, should be accessible.

The default is no.

HTTPD_ALLOWED_EXECS *:*HTTPEXEC\*

This entry defines the MASK for any program (CGI) allowed to be executed via HTTPD. This is specifically meant for forms support in html files. Non-form processing CGIs may also appear in this directory. All other WEB documents and files (gif, jpg etc) must be placed in the mask specified by httpd_allowed_files.

The default is *:*HTTPEXEC\*

HTTPD_ALLOWED_EXECS *:*CGI-BIN\*

This entry defines the MASK for any CGI allowed to be executed via HTTPD. This is specifically meant for non-forms support. However, CGIs that process forms data can appear in this directory. All other WEB documents and files (gif, jpg etc) must be placed in the mask specified by httpd_allowed_files.

The default is *:*CGI-BIN\*

HTTPD_DEFAULT_PAGE MSI:HTTP\HOME.HTML

This entry defines the default page to be transmitted when no page is specifically requested in the HTTPD connection.

The default is $000:http\home.HTML

HTTPD_PERSONAL_PAGE HTTP\HOME.HTML HTTP\INDEX.HTML

This entry defines the default PERSONAL page to be transmitted when no page is specifically requested in the URL. For example http://musicm.mcgill.ca/ccfp will get the default personal page text tacked on. You can specify up to three person al page templates. The order is important in that the first template is attempted first etc. For personal home pages, an automatic check is made for either .html and .htm endings.

The default is http\home.HTML

HTTPD_CHECK_CODEREC no

This entry enables code record sampling for specific controls based on the user's profile. The default is "no" code record check.

HTTPD_USER_ACCESS_DEFAULT yes

This entry defines the default access status of user web pages, in the case where access status is not specified in the code record. "Yes" or "no" can be specified. "No" means the user's web pages are disabled (if the user's code record does not specify whether or not access is allowed). Default is "yes".

The Following parameters are added or modified in an actual HTTPD exec file. These also allow you, as the system administrator, to create an alternate HTTPD server on a different port. To this end, every item configurable in $TCP:TCPIP.CONFIG, also has a namelist counterpart. This will allow for HTTPD servers with different operating characteristics and options.

The HTTPD exec file is shipped with the following contents.

/SYS NOPRINT,REGION=840,TIME=MAX
/LOAD XMON
HTTPD N($TCP:HTTPD.LMOD)
TRACE=F,PORT=80,BUFSIZ=16000

PORT=n

Used to override the port number specified for the HTTPD SERVER in $TCP:INETD.PORTS.

TRACE=F/T

Used to turn on tracing. This is used for debugging only. The output is directed to @tcpip.log and to @tcpip.buffers

MYSITE='site_name'

Used to override the HOSTNAME default used by the HTTPD SERVER in $TCP:TCPIP.CONFIG.

DPAGE='default_page_name'

Used to override the http default page in $TCP:TCPIP.CONFIG. The default is '$000:HTTP\HOME.HTML'

LOG=T/F

logs transactions via LOGSTT. Default is LOG=T.

HTFILE='mask'

Mask is 1-64 character mask for allowed files. Used to override the default mask in $TCP:TCPIP.CONFIG. Default is *:*http\*

HTEXEC='mask'

Mask is 1-64 character mask for allowed EXEC files. Used to override the default mask in $TCP:TCPIP.CONFIG. Default is *:*httpexec\* (This is where form execs are stored)

HTCGI ='mask'

Mask is 1-64 character mask for allowed EXEC files. Used to override the default mask in $TCP:TCPIP.CONFIG. Default is *:*CGI-BIN\*

BUFSIZ=N

bufsiz is used to control the size of the buffering done to the socket. See comments in $TCP:TCWRT.S for more details. Default is 2000.

TIMOUT=n

timout value on reads and writes to socket, a value of 0 defaults to 30 seconds.

PPAGE(n)=xxx

where xxx is a character string to be tacked on to the file name when the file ends in '/'. n is an integer between 1 and 3. Default is PPAGE(1)='http\index.html', PPAGE(2)='http\home.html', and PPAGE(3)=' '. The order is important - whatever is found first is tested first.

PUBFIL=F/T

specifies whether public files not in the allowed mask are served. The default is F.

HTCODC=F/T

specifies whether the account (userid profile) of the user are tested for specific requirements. This entails a code table lookup. See the section on Global Access Control earlier is this document. The default is HTCODC=F.

HTADEF=F/T

specifies whether all web files are automatically accessible or not. When T (true) all web files in the appropriate directories are accessible unless limited or controlled by the owner. The default is HTADEF=T. See the section on Global Access Control earlier is this document.

You can define alternate http servers on MUSIC. Typically the port number used for http service is 80. Alternate servers usually use numbers in the same range as the standard. For example a second http server may use the port number 810 etc.

The file $TCP:INETD.PORTS is where all servers are declared. The format is as follows:

  80 stream 5 $tcp:httpd         <-- standard http daemon server
  810 stream 5 your_own_file     <-- your own http server

Refer to the section "The Internet Super Server (INETD)" in the MUSIC/SP Administrator's Reference for more details.

Alternate HTTP Server Exec File

The following is a description of how to set up an alternate http server exec file and how to specify values to tailor it.

Use $TCP:HTTPD as a template to create a file like the following:

/SYS NOPRINT,REGION=600,TIME=MAX
/LOAD XMON
httpD N($TCP:httpD.LMOD)
TRACE=F,PORT=N, .....

It is often useful to have a short name for key or often used URLs on your server. For example, if the payroll department has a web page payr:http\index.html, the URL would be yoursitename/payr/http/index.html. Because "index.html" is the default page for a userid, you could abbreviate the URL to yoursitename/payr. If the userid was actually "payroll", the URL would be yoursitename/payroll.

If you can not simplify the URL and make the URL meaningful based on the userid, the site administrator can add an entry to the URL aliases file. This file is called $tcp:http.aliases and is modifiable only by the system administrator.

The syntax for alias entries is quite simple. A character string is paired with a file name using one of these two formats:

Either a URL without the site and port number: payroll /userid/http/index.html

or a correct music file name: payroll userid:http\index.html

where http://yoursitename/payroll will serve the respective file.

Example:

; this is a comment line
;
budgets bgo:http\budgets-2000\budget123.html
beatles /mary/http/beatles.html
ringo mary:http\ringo.html

CGIs are programs that either process form data or some other resource and return a response to the user via the browser. The CGI is typically executed on the owners userid or account. In other words, the URL HTTP://yoursite/JDOE/HTTPEXEC/PROGRAM will execute (launch) the file JDOE:HTTPEXEC\PROGRAM while logged on to the user account JDOE. In this way, a common user can create forms and process those forms via CGIs, but he can not interfere with files and resources belonging to other system users. Such CGIs do not need authorization, they will be allowed to run.

However, there are circumstances where it is preferable to run the CGI directly in the user's space or account. The topic, found in an earlier discussion, "Require (in a limit section)" explains how this works.

Such applications are strictly controlled via the file $TCP:LOGON.PROGS. For such applications, only files listed there are allowed to logon the account of the user who will have been prompted by the browser for his userid/password. This will avoid unauthorized CGIs from damaging other users' accounts.

The format of the file is simply one file name per line. Lines beginning with semicolons (;) are treated as comments.

The Software is sent out with many known MIME and file types at packaging time. It may, however, become necessary to make changes to the list of file types. The list used by the HTTPD server is stored in the file $TCP:MIME.SUPPORT, and looks as follows.

;for type enter either bin or text
;
;type  MIME TYPES                SUFFIXES
;----  --------------------      -----------------
text   text/plain                .txt,.text,.etext
bin    text/plain                .atext, .atxt
text   text/html                 .html, .htm ITS
bin    text/html                 .ahtml, .ahtm
bin    image/gif                 .gif
bin    image/jpeg                .jpg,.jpe,.jpeg
;
bin    audio/wav                 .wav,.wave
bin    audio/au                  .au
bin    audio/x-midi              .mid
bin    image/x-tiff              .tif,.tiff
bin    video/mpeg                .mpg,.mpe,.mpeg
bin    video/quicktime           .mov
bin    video/avi                 .avi
bin    application/postscript    .ps,.eps,.ai
bin    application/x-rtf         .wri
bin    application/octet-stream   EXE bin class
bin    application/winword       .doc

To make changes to the list, edit $tcp:mime.support and make the required change, deletion or addition. The syntax is:

type mime_type suffixes

For example:

bin  application/winword  .doc

Notes:

1. For "type" only bin and text are allowed. This simply flags that the file is either EBCDIC (readable on MUSIC) or binary (not readable on MUSIC). When "bin" is chosen the file contents are sent to the client with no filtering or translations. While "text" indicates that the file contents are to be both translated to ascii and that a CRLF (carriage return/line feed) are to be appended to each line of the file as it is transmitted.

2. "mime_type" should be in lower case.

3. "suffixes" do not need commas or dots. Care should be taken that no standard suffixes are removed or corrupted. This could result in incorrect transmission to the client. Of special note, is the "ITS" suffix. This suffix is internal to MUSIC and is used in naming Indexed-Text-Searchable files.