亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

Verzeichnis suchen
首頁(yè) 版本說明 從1.3升級(jí)到2.0 編譯時(shí)配置的改變 運(yùn)行時(shí)配置的改變 雜項(xiàng)變化 第三方模塊 從 2.0 升級(jí)到 2.2 編譯時(shí)配置的改變 運(yùn)行時(shí)配置的改變 雜項(xiàng)變化 第三方模塊 Apache 2.1/2.2 版本的新特性 核心增強(qiáng) 模塊增強(qiáng) 程序增強(qiáng) 針對(duì)模塊開發(fā)者的變化 Apache 2.0 版本的新特性 核心的增強(qiáng) 模塊的增強(qiáng) Apache許可證 參考手冊(cè) 編譯與安裝 針對(duì)心急者的概述 要求 下載 解壓 配置源代碼樹 編譯 安裝 配置 測(cè)試 升級(jí) 啟動(dòng) Apache是怎樣啟動(dòng)的 啟動(dòng)時(shí)發(fā)生錯(cuò)誤 隨系統(tǒng)啟動(dòng)時(shí)啟動(dòng) 額外信息 停止與重新啟動(dòng) 簡(jiǎn)介 立即停止 優(yōu)雅重啟 立即重啟 優(yōu)雅停止 附錄:信號(hào)和競(jìng)爭(zhēng)條件 運(yùn)行時(shí)配置指令 主配置文件 配置文件的語法 模塊 指令的作用域 .htaccess文件 配置段 配置段(容器)的類型 文件系統(tǒng)和網(wǎng)絡(luò)空間 虛擬主機(jī) 代理 允許使用哪些指令? 配置段的合并 內(nèi)容緩沖 簡(jiǎn)介 緩沖概述 安全方面的考慮 文件句柄緩沖 內(nèi)存緩沖 磁盤緩沖 服務(wù)器全局配置 服務(wù)器標(biāo)識(shí) 文件定位 限制資源的使用 日志文件 安全警告 錯(cuò)誤日志 訪問日志 日志滾動(dòng) 管道日志 虛擬主機(jī) 其他日志文件 從URL到文件系統(tǒng)的映射 相關(guān)模塊和指令 DocumentRoot DocumentRoot以外的文件 用戶目錄 URL重定向 反向代理 重寫引擎 File Not Found 安全方面的提示 保持不斷更新和升級(jí) ServerRoot目錄的權(quán)限 服務(wù)器端包含 關(guān)于CGI 未指定為腳本的CGI 指定為腳本的CGI 其他動(dòng)態(tài)內(nèi)容的來源 系統(tǒng)設(shè)置的保護(hù) 默認(rèn)配置下服務(wù)器文件的保護(hù) 觀察日志文件 動(dòng)態(tài)共享對(duì)象(DSO) 實(shí)現(xiàn) 用法概要 背景知識(shí) 優(yōu)點(diǎn)和缺點(diǎn) 內(nèi)容協(xié)商 關(guān)于內(nèi)容協(xié)商 Apache中的內(nèi)容協(xié)商 協(xié)商的方法 打亂品質(zhì)值 透明內(nèi)容協(xié)商的擴(kuò)展 超鏈和名稱轉(zhuǎn)換說明 緩沖說明 更多信息 自定義錯(cuò)誤響應(yīng) 行為 配置 自定義錯(cuò)誤響應(yīng)與重定向 地址和端口綁定 概述 針對(duì)IPv6的特殊考慮 怎樣與虛擬主機(jī)協(xié)同工作 多路處理模塊(MPM) 簡(jiǎn)介 選擇一個(gè)MPM 默認(rèn)的MPM 環(huán)境變量 設(shè)置環(huán)境變量 使用環(huán)境變量 用于特殊目的的環(huán)境變量 示例 處理器的使用 什么是處理器? 例子 程序員注意事項(xiàng) 過濾器 Apache2中的過濾器 智能過慮 使用過濾器 CGI腳本的Suexec執(zhí)行 開始之前 suEXEC的安全模型 配置和安裝suEXEC 啟用和禁用suEXEC 使用suEXEC 調(diào)試suEXEC 謹(jǐn)防Jabberwock:警告和舉例 性能調(diào)整 硬件和操作系統(tǒng) 運(yùn)行時(shí)的配置 編譯時(shí)的配置 附錄:蹤跡的詳細(xì)分析 URL重寫指南 mod_rewrite簡(jiǎn)介 實(shí)踐方案 URL的規(guī)劃 內(nèi)容的處理 對(duì)訪問的限制 其他 虛擬主機(jī)文檔 總述 虛擬主機(jī)支持 配置指令 基于主機(jī)名的虛擬主機(jī) 基于域名的虛擬主機(jī)和基于IP的虛擬主機(jī)比較 使用基于域名的虛擬主機(jī) 與舊版瀏覽器的兼容性 基于IP地址的虛擬主機(jī) 系統(tǒng)需求 如何配置Apache 設(shè)置多個(gè)守護(hù)進(jìn)程 配置擁有多個(gè)虛擬主機(jī)的單一守護(hù)進(jìn)程 動(dòng)態(tài)配置大量虛擬主機(jī) 動(dòng)機(jī) 概述 簡(jiǎn)單的動(dòng)態(tài)虛擬主機(jī) 一個(gè)實(shí)際的個(gè)人主頁(yè)系統(tǒng) 在同一個(gè)服務(wù)器上架設(shè)多個(gè)主機(jī)的虛擬系統(tǒng) 更為有效的基于IP地址的虛擬主機(jī) 使用老版本的Apache 使用mod_rewrite實(shí)現(xiàn)簡(jiǎn)單的動(dòng)態(tài)虛擬主機(jī) 使用mod_rewrite的個(gè)人主頁(yè)系統(tǒng) 使用獨(dú)立的虛擬主機(jī)配置文件 虛擬主機(jī)的普通配置示例 在一個(gè)IP地址上運(yùn)行多個(gè)基于域名的web站點(diǎn) 在多于一個(gè)IP的情況下使用基于域名的虛擬主機(jī) 在不同的IP的地址(比如一個(gè)內(nèi)部和一個(gè)外部地址)上提供相同的內(nèi)容 在不同的端口上運(yùn)行不同的站點(diǎn) 建立基于IP的虛擬主機(jī) 混用基于端口和基于IP的虛擬主機(jī) 混用基于域名和基于IP的虛擬主機(jī) 將虛擬主機(jī)和代理模塊一起使用 使用默認(rèn)虛擬主機(jī) 將一個(gè)基于域名的虛擬主機(jī)移植為一個(gè)基于IP的虛擬主機(jī) 使用ServerPath指令 深入討論虛擬主機(jī)的匹配 解析配置文件 虛擬主機(jī)匹配 小技巧 文件描述符限制 關(guān)于DNS和Apache 一個(gè)簡(jiǎn)單示例 拒絕服務(wù) "主服務(wù)器"地址 避免這些問題的小技巧 附錄:進(jìn)一步的提示 常見問題 概述 SSL/TLS 加密 概述 文檔 mod_ssl 緒論 密碼技術(shù) 證書 安全套接字層(SSL) 參考 兼容性 配置指令 環(huán)境變量 自定義日志功能 如何... 加密方案和強(qiáng)制性高等級(jí)安全 客戶認(rèn)證和訪問控制 常見問題解答 About The Module Installation Configuration Certificates The SSL Protocol mod_ssl Support 如何.../指南 概述 認(rèn)證 相關(guān)模塊和指令 簡(jiǎn)介 先決條件 啟用認(rèn)證 允許多人訪問 可能存在的問題 其他認(rèn)證方法 更多信息 CGI動(dòng)態(tài)頁(yè)面 簡(jiǎn)介 配置Apache以允許CGI 編寫CGI程序 程序還是不能運(yùn)行! 幕后是怎樣操作的? CGI模塊/庫(kù) 更多信息 服務(wù)器端包含 簡(jiǎn)介 什么是SSI? 配置服務(wù)器以允許SSI 基本SSI指令 附加的例子 我還能設(shè)置其它什么? 執(zhí)行命令 高級(jí)SSI技術(shù) 總結(jié) .htaccess文件 .htaccess文件 工作原理和使用方法 (不)使用.htaccess文件的場(chǎng)合 指令的生效 認(rèn)證舉例 服務(wù)器端包含(SSI)舉例 CGI舉例 疑難解答 用戶網(wǎng)站目錄 用戶網(wǎng)站目錄 用UserDir設(shè)置文件路徑 限定哪些用戶可以使用此功能 啟用對(duì)每個(gè)用戶都有效的cgi目錄 允許用戶改變配置 對(duì)特定平臺(tái)的說明 概述 Microsoft Windows 其他平臺(tái) 在Microsoft Windows中使用Apache 對(duì)操作系統(tǒng)的要求 下載 Apache for Windows 安裝 Apache for Windows 配置 Apache for Windows 以服務(wù)方式運(yùn)行 Apache for Windows 作為控制臺(tái)程序運(yùn)行Apache 測(cè)試安裝 編譯Windows下的Apache 系統(tǒng)要求 命令行編譯 Developer Studio集成開發(fā)環(huán)境的工作區(qū)編譯 項(xiàng)目組件 在Novell NetWare平臺(tái)上使用Apache Requirements Downloading Apache for NetWare Installing Apache for NetWare Running Apache for NetWare Configuring Apache for NetWare Compiling Apache for NetWare 在HP-UX中運(yùn)行Apache The Apache EBCDIC Port Overview of the Apache EBCDIC Port Design Goals Technical Solution Porting Notes Document Storage Notes Apache Modules' Status Third Party Modules' Status 服務(wù)器與支持程序 概述 httpd 語法 選項(xiàng) ab 語法 選項(xiàng) Bugs apachectl 語法 選項(xiàng) apxs 語法 選項(xiàng) 舉例 configure 語法 選項(xiàng) 環(huán)境變量 dbmmanage 語法 選項(xiàng) Bugs htcacheclean 語法 選項(xiàng) 返回值 htdbm 語法 選項(xiàng) Bugs 返回值 舉例 安全方面的考慮 限制 htdigest 語法 選項(xiàng) htpasswd 語法 選項(xiàng) 返回值 舉例 安全方面的考慮 限制 logresolve 語法 選項(xiàng) rotatelogs 語法 選項(xiàng) Portability suexec 語法 選項(xiàng) 其他程序 log_server_status split-logfile 雜項(xiàng)文檔 概述 相關(guān)標(biāo)準(zhǔn) HTTP推薦標(biāo)準(zhǔn) HTML推薦標(biāo)準(zhǔn) 認(rèn)證 語言/國(guó)家代碼 Apache 模塊 描述模塊的術(shù)語 說明 狀態(tài) 源代碼文件 模塊標(biāo)識(shí)符 兼容性 描述指令的術(shù)語 說明 語法 默認(rèn)值(Default) 作用域(Context) 覆蓋項(xiàng)(Override) 狀態(tài) 模塊(Module) 兼容性(Compatibility) Apache核心(Core)特性 AcceptFilter AcceptPathInfo AccessFileName AddDefaultCharset AddOutputFilterByType AllowEncodedSlashes AllowOverride AuthName AuthType CGIMapExtension ContentDigest DefaultType <Directory> <DirectoryMatch> DocumentRoot EnableMMAP EnableSendfile ErrorDocument ErrorLog FileETag <Files> <FilesMatch> ForceType HostnameLookups <IfDefine> <IfModule> Include KeepAlive KeepAliveTimeout <Limit> <LimitExcept> LimitInternalRecursion LimitRequestBody LimitRequestFields LimitRequestFieldSize LimitRequestLine LimitXMLRequestBody <Location> <LocationMatch> LogLevel MaxKeepAliveRequests NameVirtualHost Options Require RLimitCPU RLimitMEM RLimitNPROC Satisfy ScriptInterpreterSource ServerAdmin ServerAlias ServerName ServerPath ServerRoot ServerSignature ServerTokens SetHandler SetInputFilter SetOutputFilter TimeOut TraceEnable UseCanonicalName UseCanonicalPhysicalPort <VirtualHost> Apache MPM 公共指令 AcceptMutex CoreDumpDirectory EnableExceptionHook GracefulShutdownTimeout Group Listen ListenBackLog LockFile MaxClients MaxMemFree MaxRequestsPerChild MaxSpareThreads MinSpareThreads PidFile ReceiveBufferSize ScoreBoardFile SendBufferSize ServerLimit StartServers StartThreads ThreadLimit ThreadsPerChild ThreadStackSize User Apache MPM beos MaxRequestsPerThread CoreDumpDirectory Group Listen ListenBacklog MaxClients MaxMemFree MaxSpareThreads MinSpareThreads PidFile ReceiveBufferSize ScoreBoardFile SendBufferSize StartThreads User Apache MPM event AcceptMutex CoreDumpDirectory EnableExceptionHook Group Listen ListenBacklog LockFile MaxClients MaxMemFree MaxRequestsPerChild MaxSpareThreads MinSpareThreads PidFile ScoreBoardFile SendBufferSize ServerLimit StartServers ThreadLimit ThreadsPerChild ThreadStackSize User Apache MPM netware MaxThreads Listen ListenBacklog MaxMemFree MaxRequestsPerChild MaxSpareThreads MinSpareThreads ReceiveBufferSize SendBufferSize StartThreads ThreadStackSize Apache MPM os2 Group Listen ListenBacklog MaxRequestsPerChild MaxSpareThreads MinSpareThreads PidFile ReceiveBufferSize SendBufferSize StartServers User Apache MPM prefork 工作方式 MaxSpareServers MinSpareServers AcceptMutex CoreDumpDirectory EnableExceptionHook Group Listen ListenBacklog LockFile MaxClients MaxMemFree MaxRequestsPerChild PidFile ReceiveBufferSize ScoreBoardFile SendBufferSize ServerLimit StartServers User Apache MPM winnt Win32DisableAcceptEx CoreDumpDirectory Listen ListenBacklog MaxMemFree MaxRequestsPerChild PidFile ReceiveBufferSize ScoreBoardFile SendBufferSize ThreadLimit ThreadsPerChild ThreadStackSize Apache MPM worker 工作方式 AcceptMutex CoreDumpDirectory EnableExceptionHook Group Listen ListenBacklog LockFile MaxClients MaxMemFree MaxRequestsPerChild MaxSpareThreads MinSpareThreads PidFile ReceiveBufferSize ScoreBoardFile SendBufferSize ServerLimit StartServers ThreadLimit ThreadsPerChild ThreadStackSize User Apache Module mod_actions Action指令 Script指令 Apache Module mod_alias 處理順序 Alias AliasMatch Redirect RedirectMatch RedirectPermanent RedirectTemp ScriptAlias ScriptAliasMatch Apache Module mod_asis 用法 Apache Module mod_auth_basic AuthBasicAuthoritative AuthBasicProvider Apache Module mod_auth_digest 使用摘要認(rèn)證 配合 MS Internet Explorer 6 工作 AuthDigestAlgorithm AuthDigestDomain AuthDigestNcCheck AuthDigestNonceFormat AuthDigestNonceLifetime AuthDigestProvider AuthDigestQop AuthDigestShmemSize Apache Module mod_authn_alias 示例 <AuthnProviderAlias> Apache Module mod_authn_anon 示例 Anonymous Anonymous_LogEmail Anonymous_MustGiveEmail Anonymous_NoUserID Anonymous_VerifyEmail Apache Module mod_authn_dbd 配置示例 AuthDBDUserPWQuery AuthDBDUserRealmQuery Apache Module mod_authn_dbm AuthDBMType AuthDBMUserFile Apache Module mod_authn_default AuthDefaultAuthoritative Apache Module mod_authn_file AuthUserFile Apache Module mod_authnz_ldap Contents Operation The require Directives 舉例 Using TLS Using SSL Using Microsoft FrontPage with mod_authnz_ldap AuthLDAPBindDN AuthLDAPBindPassword AuthLDAPCharsetConfig AuthLDAPCompareDNOnServer AuthLDAPDereferenceAliases AuthLDAPGroupAttribute AuthLDAPGroupAttributeIsDN AuthLDAPRemoteUserIsDN AuthLDAPUrl AuthzLDAPAuthoritative Apache Module mod_authz_dbm AuthDBMGroupFile AuthzDBMAuthoritative AuthzDBMType Apache Module mod_authz_default AuthzDefaultAuthoritative Apache Module mod_authz_groupfile AuthGroupFile AuthzGroupFileAuthoritative Apache Module mod_authz_host Allow Deny Order Apache Module mod_authz_owner 配置示例 AuthzOwnerAuthoritative Apache Module mod_authz_user AuthzUserAuthoritative Apache Module mod_autoindex Autoindex Request Query Arguments AddAlt AddAltByEncoding AddAltByType AddDescription AddIcon AddIconByEncoding AddIconByType DefaultIcon HeaderName IndexIgnore IndexOptions IndexOrderDefault IndexStyleSheet ReadmeName Apache Module mod_cache Related Modules and Directives 配置示例 CacheDefaultExpire CacheDisable CacheEnable CacheIgnoreCacheControl CacheIgnoreHeaders CacheIgnoreNoLastMod CacheLastModifiedFactor CacheMaxExpire CacheStoreNoStore CacheStorePrivate Apache Module mod_cern_meta MetaDir MetaFiles MetaSuffix Apache Module mod_cgi CGI 環(huán)境變量 CGI 腳本的調(diào)試 ScriptLog ScriptLogBuffer ScriptLogLength Apache Module mod_cgid ScriptSock ScriptLog ScriptLogBuffer ScriptLogLength Apache Module mod_charset_lite Common Problems CharsetDefault CharsetOptions CharsetSourceEnc Apache Module mod_dav Enabling WebDAV Security Issues Complex Configurations Dav DavDepthInfinity DavMinTimeout Apache Module mod_dav_fs DavLockDB Apache Module mod_dav_lock DavGenericLockDB Apache Module mod_dbd Connection Pooling Apache DBD API SQL Prepared Statements DBDExptime DBDKeep DBDMax DBDMin DBDParams DBDPersist DBDPrepareSQL DBDriver Apache Module mod_deflate 配置舉例 啟用壓縮 代理服務(wù)器 DeflateBufferSize DeflateCompressionLevel DeflateFilterNote DeflateMemLevel DeflateWindowSize Apache Module mod_dir DirectoryIndex DirectorySlash Apache Module mod_disk_cache CacheDirLength CacheDirLevels CacheMaxFileSize CacheMinFileSize CacheRoot Apache Module mod_dumpio 啟用dumpio支持 DumpIOInput DumpIOOutput Apache Module mod_echo ProtocolEcho Apache Module mod_env PassEnv SetEnv UnsetEnv Apache Module mod_example Compiling the example module Using the mod_example Module Example Apache Module mod_expires 交替間隔語法 ExpiresActive ExpiresByType ExpiresDefault Apache Module mod_ext_filter 舉例 ExtFilterDefine ExtFilterOptions Apache Module mod_file_cache Using mod_file_cache CacheFile MMapFile Apache Module mod_filter Smart Filtering Filter Declarations Configuring the Chain Examples Protocol Handling FilterChain FilterDeclare FilterProtocol FilterProvider FilterTrace Apache Module mod_headers 處理順序 前處理和后處理 舉例 Header RequestHeader Apache Module mod_ident IdentityCheck IdentityCheckTimeout Apache Module mod_imagemap New Features Imagemap File Example Mapfile Referencing your mapfile ImapBase ImapDefault ImapMenu Apache Module mod_include Enabling Server-Side Includes PATH_INFO with Server Side Includes Basic Elements Include Variables Variable Substitution Flow Control Elements SSIEndTag SSIErrorMsg SSIStartTag SSITimeFormat SSIUndefinedEcho XBitHack Apache Module mod_info 安全問題 選擇哪些信息可以被顯示 已知的局限 AddModuleInfo Apache Module mod_isapi 用法 附加注釋 程序員注記 ISAPIAppendLogToErrors ISAPIAppendLogToQuery ISAPICacheFile ISAPIFakeAsync ISAPILogNotSupported ISAPIReadAheadBuffer Apache Module mod_ldap 示例配置 LDAP 連接池 LDAP 緩沖 使用SSL/TLS SSL/TLS 證書 LDAPCacheEntries LDAPCacheTTL LDAPConnectionTimeout LDAPOpCacheEntries LDAPOpCacheTTL LDAPSharedCacheFile LDAPSharedCacheSize LDAPTrustedClientCert LDAPTrustedGlobalCert LDAPTrustedMode LDAPVerifyServerCert Apache Module mod_log_config 定制日志文件格式 安全考慮 BufferedLogs CookieLog CustomLog LogFormat TransferLog Apache Module mod_log_forensic 定制日志文件格式 安全考慮 ForensicLog Apache Module mod_logio 定制日志文件格式 Apache Module mod_mem_cache MCacheMaxObjectCount MCacheMaxObjectSize MCacheMaxStreamingBuffer MCacheMinObjectSize MCacheRemovalAlgorithm MCacheSize Apache Module mod_mime 帶多擴(kuò)展名的文件 內(nèi)容編碼 字符集和語言 AddCharset AddEncoding AddHandler AddInputFilter AddLanguage AddOutputFilter AddType DefaultLanguage ModMimeUsePathInfo MultiviewsMatch RemoveCharset RemoveEncoding RemoveHandler RemoveInputFilter RemoveLanguage RemoveOutputFilter RemoveType TypesConfig Apache Module mod_mime_magic "Magic文件"的格式 性能問題 注意 MimeMagicFile Apache Module mod_negotiation 類型表 MultiViews CacheNegotiatedDocs ForceLanguagePriority LanguagePriority Apache Module mod_nw_ssl NWSSLTrustedCerts NWSSLUpgradeable SecureListen Apache Module mod_proxy 正向和反向代理 簡(jiǎn)單示例 控制對(duì)代理服務(wù)器的訪問 緩慢啟動(dòng) 局域網(wǎng)代理 協(xié)議調(diào)整 請(qǐng)求體 AllowCONNECT NoProxy <Proxy> ProxyBadHeader ProxyBlock ProxyDomain ProxyErrorOverride ProxyIOBufferSize <ProxyMatch> ProxyMaxForwards ProxyPass ProxyPassReverse ProxyPassReverseCookieDomain ProxyPassReverseCookiePath ProxyPreserveHost ProxyReceiveBufferSize ProxyRemote ProxyRemoteMatch ProxyRequests ProxyTimeout ProxyVia Apache Module mod_proxy_ajp Overview of the protocol Basic Packet Structure Request Packet Structure Response Packet Structure Apache Module mod_proxy_balancer Load balancer scheduler algorithm Request Counting Algorithm Weighted Traffic Counting Algorithm Enabling Balancer Manager Support Apache Module mod_proxy_connect Apache Module mod_proxy_ftp 為什么xxx類型的文件不能從FTP下載? 如何強(qiáng)制文件xxx使用FTP的ASCII形式下載? 我如何使用FTP上傳? 我如何能訪問我自己home目錄以外的FTP文件? 我如何才能在瀏覽器的URL框中隱藏FTP的明文密碼? Apache Module mod_proxy_http Apache Module mod_rewrite 特殊字符的引用 環(huán)境變量 實(shí)用方案 RewriteBase RewriteCond RewriteEngine RewriteLock RewriteLog RewriteLogLevel RewriteMap RewriteOptions RewriteRule Apache Module mod_setenvif BrowserMatch BrowserMatchNoCase SetEnvIf SetEnvIfNoCase Apache Module mod_so 為Windows創(chuàng)建可加載模塊 LoadFile LoadModule Apache Module mod_speling CheckSpelling Apache Module mod_ssl 環(huán)境變量 Custom Log Formats SSLCACertificateFile SSLCACertificatePath SSLCADNRequestFile SSLCADNRequestPath SSLCARevocationFile SSLCARevocationPath SSLCertificateChainFile SSLCertificateFile SSLCertificateKeyFile SSLCipherSuite SSLCryptoDevice SSLEngine SSLHonorCipherOrder SSLMutex SSLOptions SSLPassPhraseDialog SSLProtocol SSLProxyCACertificateFile SSLProxyCACertificatePath SSLProxyCARevocationFile SSLProxyCARevocationPath SSLProxyCipherSuite SSLProxyEngine SSLProxyMachineCertificateFile SSLProxyMachineCertificatePath SSLProxyProtocol SSLProxyVerify SSLProxyVerifyDepth SSLRandomSeed SSLRequire SSLRequireSSL SSLSessionCache SSLSessionCacheTimeout SSLUserName SSLVerifyClient SSLVerifyDepth Apache Module mod_status Enabling Status Support 自動(dòng)更新 Machine Readable Status File ExtendedStatus Apache Module mod_suexec SuexecUserGroup Apache Module mod_unique_id Theory Apache Module mod_userdir UserDir Apache Module mod_usertrack Logging 2-digit or 4-digit dates for cookies? CookieDomain CookieExpires CookieName CookieStyle CookieTracking Apache Module mod_version <IfVersion> Apache Module mod_vhost_alias 目錄名稱的轉(zhuǎn)換 示例 VirtualDocumentRoot VirtualDocumentRootIP VirtualScriptAlias VirtualScriptAliasIP 開發(fā)者文檔 Overview Topics External Resources Apache API notes Basic concepts How handlers work Resource allocation and resource pools Configuration Debugging Memory Allocation in APR Available debugging options Allowable Combinations Activating Debugging Options Documenting Apache 2.0 Apache 2.0 Hook Functions Creating a hook function Hooking the hook Converting Modules from Apache 1.3 to Apache 2.0 The easier changes ... The messier changes... Request Processing in Apache 2.0 The Request Processing Cycle The Request Parsing Phase The Security Phase The Preparation Phase The Handler Phase How Filters Work in Apache 2.0 Filter Types How are filters inserted? Asis Explanations 詞匯和索引 詞匯表 模塊索引 指令索引 指令速查 譯者聲明
Figuren

Apache模塊 mod_proxy_ajp

說明 mod_proxy的擴(kuò)展,提供Apache JServ Protocol支持
狀態(tài) 擴(kuò)展(E)
模塊名 proxy_ajp_module
源文件 proxy_ajp.c
兼容性 僅在 Apache 2.1 及以后的版本中可用

概述

This module requires the service of mod_proxy. It provides support for the Apache JServ Protocol version 1.3 (hereafter AJP13).

Thus, in order to get the ability of handling AJP13 protocol, mod_proxymod_proxy_ajp have to be present in the server.

警告

在您沒有對(duì)您的服務(wù)器采取安全措施之前,不要啟用代理。開放的代理服務(wù)器對(duì)你自己的內(nèi)部網(wǎng)絡(luò)和大規(guī)模的Internet網(wǎng)都是有安全隱患的。

Overview of the protocol

AJP13 protocol is packet-oriented. A binary format was presumably chosen over the more readable plain text for reasons of performance. The web server communicates with the servlet container over TCP connections. To cut down on the expensive process of socket creation, the web server will attempt to maintain persistent TCP connections to the servlet container, and to reuse a connection for multiple request/response cycles.

Once a connection is assigned to a particular request, it will not be used for any others until the request-handling cycle has terminated. In other words, requests are not multiplexed over connections. This makes for much simpler code at either end of the connection, although it does cause more connections to be open at once.

Once the web server has opened a connection to the servlet container, the connection can be in one of the following states:

  • Idle
    No request is being handled over this connection.
  • Assigned
    The connecton is handling a specific request.

Once a connection is assigned to handle a particular request, the basic request informaton (e.g. HTTP headers, etc) is sent over the connection in a highly condensed form (e.g. common strings are encoded as integers). Details of that format are below in Request Packet Structure. If there is a body to the request (content-length > 0), that is sent in a separate packet immediately after.

At this point, the servlet container is presumably ready to start processing the request. As it does so, it can send the following messages back to the web server:

  • SEND_HEADERS
    Send a set of headers back to the browser.
  • SEND_body_CHUNK
    Send a chunk of body data back to the browser.
  • GET_body_CHUNK
    Get further data from the request if it hasn't all been transferred yet. This is necessary because the packets have a fixed maximum size and arbitrary amounts of data can be included the body of a request (for uploaded files, for example). (Note: this is unrelated to HTTP chunked tranfer).
  • END_RESPONSE
    Finish the request-handling cycle.

Each message is accompanied by a differently formatted packet of data. See Response Packet Structures below for details.

Basic Packet Structure

There is a bit of an XDR heritage to this protocol, but it differs in lots of ways (no 4 byte alignment, for example).

Byte order: I am not clear about the endian-ness of the individual bytes. I'm guessing the bytes are little-endian, because that's what XDR specifies, and I'm guessing that sys/socket library is magically making that so (on the C side). If anyone with a better knowledge of socket calls can step in, that would be great.

There are four data types in the protocol: bytes, booleans, integers and strings.

Byte
A single byte.
Boolean
A single byte, 1 = true, 0 = false. Using other non-zero values as true (i.e. C-style) may work in some places, but it won't in others.
Integer
A number in the range of 0 to 2^16 (32768). Stored in 2 bytes with the high-order byte first.
String
A variable-sized string (length bounded by 2^16). Encoded with the length packed into two bytes first, followed by the string (including the terminating '\0'). Note that the encoded length does not include the trailing '\0' -- it is like strlen. This is a touch confusing on the Java side, which is littered with odd autoincrement statements to skip over these terminators. I believe the reason this was done was to allow the C code to be extra efficient when reading strings which the servlet container is sending back -- with the terminating \0 character, the C code can pass around references into a single buffer, without copying. if the \0 was missing, the C code would have to copy things out in order to get its notion of a string.

Packet Size

According to much of the code, the max packet size is 8 * 1024 bytes (8K). The actual length of the packet is encoded in the header.

Packet Headers

Packets sent from the server to the container begin with 0x1234. Packets sent from the container to the server begin with AB (that's the ASCII code for A followed by the ASCII code for B). After those first two bytes, there is an integer (encoded as above) with the length of the payload. Although this might suggest that the maximum payload could be as large as 2^16, in fact, the code sets the maximum to be 8K.

Packet Format (Server->Container)
Byte 0 1 2 3 4...(n+3)
Contents 0x12 0x34 Data Length (n) Data
Packet Format (Container->Server)
Byte 0 1 2 3 4...(n+3)
Contents A B Data Length (n) Data

For most packets, the first byte of the payload encodes the type of message. The exception is for request body packets sent from the server to the container -- they are sent with a standard packet header ( 0x1234 and then length of the packet), but without any prefix code after that.

The web server can send the following messages to the servlet container:

Code Type of Packet Meaning
2 Forward Request Begin the request-processing cycle with the following data
7 Shutdown The web server asks the container to shut itself down.
8 Ping The web server asks the container to take control (secure login phase).
10 CPing The web server asks the container to respond quickly with a CPong.
none Data Size (2 bytes) and corresponding body data.

To ensure some basic security, the container will only actually do the Shutdown if the request comes from the same machine on which it's hosted.

The first Data packet is send immediatly after the Forward Request by the web server.

The servlet container can send the following types of messages to the webserver:

Code Type of Packet Meaning
3 Send Body Chunk Send a chunk of the body from the servlet container to the web server (and presumably, onto the browser).
4 Send Headers Send the response headers from the servlet container to the web server (and presumably, onto the browser).
5 End Response Marks the end of the response (and thus the request-handling cycle).
6 Get Body Chunk Get further data from the request if it hasn't all been transferred yet.
9 CPong Reply The reply to a CPing request

Each of the above messages has a different internal structure, detailed below.

Request Packet Structure

For messages from the server to the container of type Forward Request:

AJP13_FORWARD_REQUEST :=
    prefix_code      (byte) 0x02 = JK_AJP13_FORWARD_REQUEST
    method           (byte)
    protocol         (string)
    req_uri          (string)
    remote_addr      (string)
    remote_host      (string)
    server_name      (string)
    server_port      (integer)
    is_ssl           (boolean)
    num_headers      (integer)
    request_headers *(req_header_name req_header_value)
    attributes      *(attribut_name attribute_value)
    request_terminator (byte) OxFF

request_headers have the following structure: 

req_header_name := 
    sc_req_header_name | (string)  [see below for how this is parsed]

sc_req_header_name := 0xA0xx (integer)

req_header_value := (string)

attributes are optional and have the following structure:

attribute_name := sc_a_name | (sc_a_req_attribute string)

attribute_value := (string)

Not that the all-important header is content-length, because it determines whether or not the container looks for another packet immediately.

Detailed description of the elements of Forward Request

Request prefix

For all requests, this will be 2. See above for details on other Prefix codes.

Method

The HTTP method, encoded as a single byte:

Command Name Code
OPTIONS 1
GET 2
HEAD 3
POST 4
PUT 5
DELETE 6
TRACE 7
PROPFIND 8
PROPPATCH 9
MKCOL 10
COPY 11
MOVE 12
LOCK 13
UNLOCK 14
ACL 15
REPORT 16
VERSION-CONTROL 17
CHECKIN 18
CHECKOUT 19
UNCHECKOUT 20
SEARCH 21
MKWORKSPACE 22
UPDATE 23
LABEL 24
MERGE 25
BASELINE_CONTROL 26
MKACTIVITY 27

Later version of ajp13, will transport additional methods, even if they are not in this list.

protocol, req_uri, remote_addr, remote_host, server_name, server_port, is_ssl

These are all fairly self-explanatory. Each of these is required, and will be sent for every request.

Headers

The structure of request_headers is the following: First, the number of headers num_headers is encoded. Then, a series of header name req_header_name / value req_header_value pairs follows. Common header names are encoded as integers, to save space. If the header name is not in the list of basic headers, it is encoded normally (as a string, with prefixed length). The list of common headers sc_req_header_nameand their codes is as follows (all are case-sensitive):

Name Code value Code name
accept 0xA001 SC_REQ_ACCEPT
accept-charset 0xA002 SC_REQ_ACCEPT_CHARSET
accept-encoding 0xA003 SC_REQ_ACCEPT_ENCODING
accept-language 0xA004 SC_REQ_ACCEPT_LANGUAGE
authorization 0xA005 SC_REQ_AUTHORIZATION
connection 0xA006 SC_REQ_CONNECTION
content-type 0xA007 SC_REQ_CONTENT_TYPE
content-length 0xA008 SC_REQ_CONTENT_LENGTH
cookie 0xA009 SC_REQ_COOKIE
cookie2 0xA00A SC_REQ_COOKIE2
host 0xA00B SC_REQ_HOST
pragma 0xA00C SC_REQ_PRAGMA
referer 0xA00D SC_REQ_REFERER
user-agent 0xA00E SC_REQ_USER_AGENT

The Java code that reads this grabs the first two-byte integer and if it sees an '0xA0' in the most significant byte, it uses the integer in the second byte as an index into an array of header names. If the first byte is not 0xA0, it assumes that the two-byte integer is the length of a string, which is then read in.

This works on the assumption that no header names will have length greater than 0x9999 (==0xA000 - 1), which is perfectly reasonable, though somewhat arbitrary.

注意:

The content-length header is extremely important. If it is present and non-zero, the container assumes that the request has a body (a POST request, for example), and immediately reads a separate packet off the input stream to get that body.

Attributes

The attributes prefixed with a ? (e.g. ?context) are all optional. For each, there is a single byte code to indicate the type of attribute, and then a string to give its value. They can be sent in any order (thogh the C code always sends them in the order listed below). A special terminating code is sent to signal the end of the list of optional attributes. The list of byte codes is:

Information Code Value Note
?context 0x01 Not currently implemented
?servlet_path 0x02 Not currently implemented
?remote_user 0x03
?auth_type 0x04
?query_string 0x05
?jvm_route 0x06
?ssl_cert 0x07
?ssl_cipher 0x08
?ssl_session 0x09
?req_attribute 0x0A Name (the name of the attribute follows)
?ssl_key_size 0x0B
are_done 0xFF request_terminator

contextservlet_path are not currently set by the C code, and most of the Java code completely ignores whatever is sent over for those fields (and some of it will actually break if a string is sent along after one of those codes). I don't know if this is a bug or an unimplemented feature or just vestigial code, but it's missing from both sides of the connection.

remote_userauth_type presumably refer to HTTP-level authentication, and communicate the remote user's username and the type of authentication used to establish their identity (e.g. Basic, Digest).

query_string, ssl_cert, ssl_cipher, and ssl_session refer to the corresponding pieces of HTTP and HTTPS.

jvm_route, is used to support sticky sessions -- associating a user's sesson with a particular Tomcat instance in the presence of multiple, load-balancing servers.

Beyond this list of basic attributes, any number of other attributes can be sent via the req_attribute code 0x0A. A pair of strings to represent the attribute name and value are sent immediately after each instance of that code. Environment values are passed in via this method.

Finally, after all the attributes have been sent, the attribute terminator, 0xFF, is sent. This signals both the end of the list of attributes and also then end of the Request Packet.

Response Packet Structure

for messages which the container can send back to the server.

AJP13_SEND_body_CHUNK :=
  prefix_code   3
  chunk_length  (integer)
  chunk        *(byte)


AJP13_SEND_HEADERS :=
  prefix_code       4
  http_status_code  (integer)
  http_status_msg   (string)
  num_headers       (integer)
  response_headers *(res_header_name header_value)

res_header_name :=
    sc_res_header_name | (string)   [see below for how this is parsed]

sc_res_header_name := 0xA0 (byte)

header_value := (string)

AJP13_END_RESPONSE :=
  prefix_code       5
  reuse             (boolean)


AJP13_GET_body_CHUNK :=
  prefix_code       6
  requested_length  (integer)

Details:

Send Body Chunk

The chunk is basically binary data, and is sent directly back to the browser.

Send Headers

The status code and message are the usual HTTP things (e.g. 200OK). The response header names are encoded the same way the request header names are. See header_encoding above for details about how the the codes are distinguished from the strings.
The codes for common headers are:

Name Code value
Content-Type 0xA001
Content-Language 0xA002
Content-Length 0xA003
Date 0xA004
Last-Modified 0xA005
Location 0xA006
Set-Cookie 0xA007
Set-Cookie2 0xA008
Servlet-Engine 0xA009
Status 0xA00A
WWW-Authenticate 0xA00B

After the code or the string header name, the header value is immediately encoded.

End Response

Signals the end of this request-handling cycle. If the reuse flag is true (==1), this TCP connection can now be used to handle new incoming requests. If reuse is false (anything other than 1 in the actual C code), the connection should be closed.

Get Body Chunk

The container asks for more data from the request (If the body was too large to fit in the first packet sent over or when the request is chuncked). The server will send a body packet back with an amount of data which is the minimum of the request_length, the maximum send body size (8186 (8 Kbytes - 6)), and the number of bytes actually left to send from the request body.
If there is no more data in the body (i.e. the servlet container is trying to read past the end of the body), the server will send back an empty packet, which is a body packet with a payload length of 0. (0x12,0x34,0x00,0x00)

Vorheriger Artikel: N?chster Artikel: