The document describes the request processing stages in Oracle iPlanet Webserver:
1. Request processing involves multiple stages like authorization, name translation, path checking, determining object type, input, output, routing, service, logging and error handling.
2. Directives are used to invoke server functions at different stages and can be grouped in templates to conditionally process requests.
3. Key stages include name translation to map URLs to files/directories, authorization to validate user credentials, determining the server object type to handle the request, routing the request to the appropriate service, and logging processing results.
The document describes the request processing stages in Oracle iPlanet Webserver. There are predefined stages for the entire request handling process, including AuthTrans, NameTrans, PathCheck, ObjectType, Input, Output, Route, Service, AddLog, and Error. Directives are used to define settings within the web server and invoke functions at various request processing stages. Templates can group directives to process them conditionally.
The document summarizes the request processing flow for Oracle iPlanet Webserver. It describes the various processing stages including authentication, name translation, path checking, object typing, input/output processing, routing, service execution, error handling, and logging. Key directives are executed at each stage to determine how the request is handled. Requests for files in the document root and for web applications are processed differently, with different directives matched at each stage.
Presentation of Wealthfront's Service Framework and Standardized RPC given at Square in March 2012. The majority of the slides comes from an internal presentation I gave in February 2011.
POGen: A Test Code Generator Based on Template Variable Coverage in Gray-Box ...Kazunori Sakamoto
The document discusses testing web applications that use template engines. It proposes:
1. Defining fragments in templates that should be checked as test oracles.
2. Measuring coverage of variable fragments to indicate oracle quality.
3. A tool called POGen that generates skeleton test code to reduce testing costs.
This document discusses building asynchronous services with Service Component Architecture (SCA). It begins with an overview of SCA and why asynchronous services are important. It then covers facilities that support asynchronous services like concurrency classes, JAX-WS, JMS, and BPEL. The document explains how SCA supports asynchronous service interactions through callbacks and bidirectional interfaces. It provides an example of an asynchronous service, client, and composite. Finally, it compares asynchronous services to using events and provides a demo scenario of an asynchronous travel search application built with SCA.
Bitcoin will disrupt many industries by providing improvements over traditional financial and data systems. It can enable instant, nearly fee-less transactions for payments, asset transfers like real estate, and monetization of online content. Industries worth over $500 billion may be impacted as Bitcoin offers solutions without centralized authorities and built-in costs. Its blockchain technology allows direct transfer of value and records in a secure, decentralized network.
Suppressing http headers from web sphere application serverDave Hay
This document discusses suppressing HTTP headers from WebSphere Application Server to reduce security risks. It identifies that WAS returns its version string in HTTP headers, providing too much information to potential attackers. It then explains that WAS allows overriding headers like the Server header through properties like ServerHeaderValue and RemoveServerHeader. The document provides examples of using these properties and references additional documentation on customizing HTTP headers in WAS and IBM HTTP Server.
The document describes the request processing stages in Oracle iPlanet Webserver. There are predefined stages for the entire request handling process, including AuthTrans, NameTrans, PathCheck, ObjectType, Input, Output, Route, Service, AddLog, and Error. Directives are used to define settings within the web server and invoke functions at various request processing stages. Templates can group directives to process them conditionally.
The document summarizes the request processing flow for Oracle iPlanet Webserver. It describes the various processing stages including authentication, name translation, path checking, object typing, input/output processing, routing, service execution, error handling, and logging. Key directives are executed at each stage to determine how the request is handled. Requests for files in the document root and for web applications are processed differently, with different directives matched at each stage.
Presentation of Wealthfront's Service Framework and Standardized RPC given at Square in March 2012. The majority of the slides comes from an internal presentation I gave in February 2011.
POGen: A Test Code Generator Based on Template Variable Coverage in Gray-Box ...Kazunori Sakamoto
The document discusses testing web applications that use template engines. It proposes:
1. Defining fragments in templates that should be checked as test oracles.
2. Measuring coverage of variable fragments to indicate oracle quality.
3. A tool called POGen that generates skeleton test code to reduce testing costs.
This document discusses building asynchronous services with Service Component Architecture (SCA). It begins with an overview of SCA and why asynchronous services are important. It then covers facilities that support asynchronous services like concurrency classes, JAX-WS, JMS, and BPEL. The document explains how SCA supports asynchronous service interactions through callbacks and bidirectional interfaces. It provides an example of an asynchronous service, client, and composite. Finally, it compares asynchronous services to using events and provides a demo scenario of an asynchronous travel search application built with SCA.
Bitcoin will disrupt many industries by providing improvements over traditional financial and data systems. It can enable instant, nearly fee-less transactions for payments, asset transfers like real estate, and monetization of online content. Industries worth over $500 billion may be impacted as Bitcoin offers solutions without centralized authorities and built-in costs. Its blockchain technology allows direct transfer of value and records in a secure, decentralized network.
Suppressing http headers from web sphere application serverDave Hay
This document discusses suppressing HTTP headers from WebSphere Application Server to reduce security risks. It identifies that WAS returns its version string in HTTP headers, providing too much information to potential attackers. It then explains that WAS allows overriding headers like the Server header through properties like ServerHeaderValue and RemoveServerHeader. The document provides examples of using these properties and references additional documentation on customizing HTTP headers in WAS and IBM HTTP Server.
Covers topics like RestApi, Authentication, Authorization, Cacheability, Advantage of RestApi over SOAP and some basics regarding Open Data Protocol(OData).
This document provides an overview of Oracle Service Bus. It discusses key SOA concepts like service enablement, mediation, and orchestration that can be addressed using a service bus. It describes the target audience for learning about OSB and provides a roadmap for the course content, which will cover the OSB architecture, proxy service development, and service management and monitoring capabilities. It also gives examples of how a service bus can provide location transparency, backwards compatibility, message enrichment, and service orchestration.
What is REST?
What is RESTful Webservices
HTTP-REST Request Basics
HTTP-REST Vocabulary
Authentication (OAuth)
OAuth 2.0 Web Server Flow
REST APIs using Apex REST
Resources
This document provides a summary of key concepts related to web application technologies. It discusses HTTP and HTTP requests/responses, including common headers. It also covers client-side technologies like HTML, CSS, JavaScript, and how they interact with the server via HTTP. On the server-side, it discusses programming languages and frameworks like Java, ASP.NET, PHP, and common databases. It also covers concepts like cookies, sessions, and different encoding schemes used to transmit data.
The document provides guidelines and best practices for designing RESTful APIs, including:
- Using JSON over XML and making the API stateless and secure.
- Following conventions for HTTP verbs and status codes.
- Keeping data structures consistent and handling data with modern frameworks.
- Providing comprehensive documentation for data types, methods, and samples.
Web Services Automated Testing via SoapUI ToolSperasoft
soapUI is a tool for testing APIs, including SOAP and REST web services. It allows testing functionality, security, performance, and documentation. Key features include testing API functions with parameters, negative testing, security testing like SQL injection and XSS, load and performance testing, and documentation logging. The tool supports SOAP, REST, and HTTP services. Projects contain elements like WSDL/WADL files, services, test cases, test steps, and property transfers between steps. Test cases validate requests with parameters and assertions. Security tests simulate attacks. Performance tests assess response times and throughput under varying loads. Mock services emulate real services for testing without dependencies.
Windows Communication Foundation Extensionsgabrielcerutti
The document discusses Windows Communication Foundation (WCF) extensions. It describes the extensibility points throughout the WCF runtime that allow customizing service dispatching and client proxy invocation. These include points for parameter inspection, message formatting/inspection, operation selection, and operation invocation. Extensions are implemented using behaviors - classes that extend runtime behavior. Behaviors can be added programmatically or via attributes and configuration.
The document discusses testing REST APIs using Java. It covers creating test cases to test API functionality, parameters, and expected results. It also discusses best practices for organizing test cases and ensuring complete test coverage. The document then describes how to perform automated testing of APIs using Java tools like POJOs, serialization/deserialization, Rest-Assured, and assertion libraries. It provides details on HTTP methods like GET, POST, PUT, DELETE and important HTTP headers.
The document discusses testing REST APIs using Java. It covers creating test cases to test API functionality, parameters, and expected results. It also discusses best practices for organizing test cases and ensuring complete test coverage. The document then describes how to perform automated testing of APIs using Java tools like POJOs, serialization/deserialization, Rest-Assured, and assertion libraries. It provides details on HTTP methods like GET, POST, PUT, DELETE and important HTTP headers.
The document discusses the REST (REpresentational State Transfer) architectural style and how it differs from traditional SOA (Service Oriented Architecture). It outlines the key principles of REST including addressing resources with URIs, using a uniform interface (HTTP methods), stateless communication, and hypermedia as the driver of application state. The document explains how the web exemplifies REST through the use of URLs, HTTP, and standard formats to access and transfer representations of resources.
API Testing with Open Source Code and CucumberSmartBear
Ole Lensmar discusses various ways and tools for testing web APIs, focusing on using Cucumber. Watch the full presentation: https://www.infoq.com/presentations/api-testing-cucumber
REST Assured is a Java library .Which, provides a domain-specific language (DSL) for writing powerful, maintainable tests for Restful APIs.
Library behaves like a headless Client to access REST web services.
The document discusses web servers and their architecture. It begins by defining a web server as specialized software that responds to client requests from web browsers. It then describes the common three-tier architecture of web applications with tiers for the client interface, middle application logic, and database information. The document focuses on how web servers use HTTP to communicate with clients through a request-response protocol and provides examples of GET and POST requests. It also discusses leading web servers like Apache, IIS, and others as well as factors to consider when selecting a web server.
1) The document provides guidance on testing APIs for security weaknesses, including enumerating the attack surface, common tools to use, what to test for (e.g. authentication, authorization, injections), and demo apps to practice on.
2) It recommends testing authentication and authorization mechanisms like tokens, injections attacks on state-changing requests, and how data is consumed client-side.
3) The document also discusses testing for denial of service conditions, data smuggling through middleware, API rate limiting, and cross-origin requests.
The document discusses the Open Data Protocol (OData), which is an open specification that allows the creation of REST-based data services that support built-in operations like CRUD (Create, Read, Update, Delete) and querying capabilities. OData builds on fundamental web standards like HTTP, URI conventions, and XML or JSON for payloads to define a protocol that can be used for exposing and consuming data across systems via REST. The specification also covers addressing schemes, payloads, metadata, batching requests, and how OData can be implemented using technologies like WCF Data Services.
Cloud Foundry Cookbook: Recipes for a Successful Cloud Foundry Deployment in ...VMware Tanzu
Technical Track presented by Vinícius Carvalho, Senior Field Engineer at Pivotal.
Cloud Foundry provides the foundation for your PaaS infrastructure. It streamlines deployment and turns your developers and your ops into super heroes when it comes to time to market. But what about your architecture? How should you build your services (or microservices)? How can you guarantee security is being enforced on every layer of your architecture? How can you solve cross-service dependencies? How can services discover each other? How could developers leverage an API explorer to test your services and build apps on top of it? How could you leverage a data pipeline to solve polyglot persistence and cascading operations on diverse persistence technologies? How can you monetize on top of your public services? How could you use a service registry to boost your models with extended metadata?
This session presents a few recipes to demonstrate how to solve some of the problems found when applying cloud patterns to real business scenarios.
Recipes for a successful production cloudfoundry deployment - CF Summit 2014Vinícius Carvalho
How to be successful on a PCF deployment into production. This deck shows lessons learned while pushing to production a revamped platform on a large media company. It shows a few things I've learned as chief architect while deploying apps using the microservices strategy
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsFelipe Prado
Firmware analysis often involves searching firmware images for known file headers and file systems like SquashFS to extract contained files. Automated binary analysis tools like binwalk can help extract files from images. HTTP interfaces are common targets for security testing since they are often exposed without authentication. Testing may uncover vulnerabilities like XSS, CSRF, SQLi or command injection. Wireless interfaces also require testing to check for issues like weak encryption or exposure of credentials in cleartext.
The document discusses HTTP and the client-server model used for web interactions. [1] The HTTP protocol uses a request-response model where a client like a web browser sends an HTTP request to a server, which holds web content and services. [2] The server then sends an HTTP response back to the client. [3] Key aspects covered include the structure of HTTP requests and responses, common request and response headers, status codes, and methods like GET and POST.
Advanced Server Integration with Data and DirectSencha
Ext.Direct is a framework that allows for remoting of server-side classes to the client-side as if they were local. It handles ajax requests, json encoding/decoding, and invoking the appropriate callbacks automatically. To set it up, developers download a server-side stack, configure which methods can be remotely called, and include an API descriptor on the client-side. This allows for batching of requests, centralized routing, and compatibility with both direct calls and ajax requests. Implementing a stack involves configuring exposed classes/methods, generating an API descriptor, and building a router to handle requests and responses.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
Covers topics like RestApi, Authentication, Authorization, Cacheability, Advantage of RestApi over SOAP and some basics regarding Open Data Protocol(OData).
This document provides an overview of Oracle Service Bus. It discusses key SOA concepts like service enablement, mediation, and orchestration that can be addressed using a service bus. It describes the target audience for learning about OSB and provides a roadmap for the course content, which will cover the OSB architecture, proxy service development, and service management and monitoring capabilities. It also gives examples of how a service bus can provide location transparency, backwards compatibility, message enrichment, and service orchestration.
What is REST?
What is RESTful Webservices
HTTP-REST Request Basics
HTTP-REST Vocabulary
Authentication (OAuth)
OAuth 2.0 Web Server Flow
REST APIs using Apex REST
Resources
This document provides a summary of key concepts related to web application technologies. It discusses HTTP and HTTP requests/responses, including common headers. It also covers client-side technologies like HTML, CSS, JavaScript, and how they interact with the server via HTTP. On the server-side, it discusses programming languages and frameworks like Java, ASP.NET, PHP, and common databases. It also covers concepts like cookies, sessions, and different encoding schemes used to transmit data.
The document provides guidelines and best practices for designing RESTful APIs, including:
- Using JSON over XML and making the API stateless and secure.
- Following conventions for HTTP verbs and status codes.
- Keeping data structures consistent and handling data with modern frameworks.
- Providing comprehensive documentation for data types, methods, and samples.
Web Services Automated Testing via SoapUI ToolSperasoft
soapUI is a tool for testing APIs, including SOAP and REST web services. It allows testing functionality, security, performance, and documentation. Key features include testing API functions with parameters, negative testing, security testing like SQL injection and XSS, load and performance testing, and documentation logging. The tool supports SOAP, REST, and HTTP services. Projects contain elements like WSDL/WADL files, services, test cases, test steps, and property transfers between steps. Test cases validate requests with parameters and assertions. Security tests simulate attacks. Performance tests assess response times and throughput under varying loads. Mock services emulate real services for testing without dependencies.
Windows Communication Foundation Extensionsgabrielcerutti
The document discusses Windows Communication Foundation (WCF) extensions. It describes the extensibility points throughout the WCF runtime that allow customizing service dispatching and client proxy invocation. These include points for parameter inspection, message formatting/inspection, operation selection, and operation invocation. Extensions are implemented using behaviors - classes that extend runtime behavior. Behaviors can be added programmatically or via attributes and configuration.
The document discusses testing REST APIs using Java. It covers creating test cases to test API functionality, parameters, and expected results. It also discusses best practices for organizing test cases and ensuring complete test coverage. The document then describes how to perform automated testing of APIs using Java tools like POJOs, serialization/deserialization, Rest-Assured, and assertion libraries. It provides details on HTTP methods like GET, POST, PUT, DELETE and important HTTP headers.
The document discusses testing REST APIs using Java. It covers creating test cases to test API functionality, parameters, and expected results. It also discusses best practices for organizing test cases and ensuring complete test coverage. The document then describes how to perform automated testing of APIs using Java tools like POJOs, serialization/deserialization, Rest-Assured, and assertion libraries. It provides details on HTTP methods like GET, POST, PUT, DELETE and important HTTP headers.
The document discusses the REST (REpresentational State Transfer) architectural style and how it differs from traditional SOA (Service Oriented Architecture). It outlines the key principles of REST including addressing resources with URIs, using a uniform interface (HTTP methods), stateless communication, and hypermedia as the driver of application state. The document explains how the web exemplifies REST through the use of URLs, HTTP, and standard formats to access and transfer representations of resources.
API Testing with Open Source Code and CucumberSmartBear
Ole Lensmar discusses various ways and tools for testing web APIs, focusing on using Cucumber. Watch the full presentation: https://www.infoq.com/presentations/api-testing-cucumber
REST Assured is a Java library .Which, provides a domain-specific language (DSL) for writing powerful, maintainable tests for Restful APIs.
Library behaves like a headless Client to access REST web services.
The document discusses web servers and their architecture. It begins by defining a web server as specialized software that responds to client requests from web browsers. It then describes the common three-tier architecture of web applications with tiers for the client interface, middle application logic, and database information. The document focuses on how web servers use HTTP to communicate with clients through a request-response protocol and provides examples of GET and POST requests. It also discusses leading web servers like Apache, IIS, and others as well as factors to consider when selecting a web server.
1) The document provides guidance on testing APIs for security weaknesses, including enumerating the attack surface, common tools to use, what to test for (e.g. authentication, authorization, injections), and demo apps to practice on.
2) It recommends testing authentication and authorization mechanisms like tokens, injections attacks on state-changing requests, and how data is consumed client-side.
3) The document also discusses testing for denial of service conditions, data smuggling through middleware, API rate limiting, and cross-origin requests.
The document discusses the Open Data Protocol (OData), which is an open specification that allows the creation of REST-based data services that support built-in operations like CRUD (Create, Read, Update, Delete) and querying capabilities. OData builds on fundamental web standards like HTTP, URI conventions, and XML or JSON for payloads to define a protocol that can be used for exposing and consuming data across systems via REST. The specification also covers addressing schemes, payloads, metadata, batching requests, and how OData can be implemented using technologies like WCF Data Services.
Cloud Foundry Cookbook: Recipes for a Successful Cloud Foundry Deployment in ...VMware Tanzu
Technical Track presented by Vinícius Carvalho, Senior Field Engineer at Pivotal.
Cloud Foundry provides the foundation for your PaaS infrastructure. It streamlines deployment and turns your developers and your ops into super heroes when it comes to time to market. But what about your architecture? How should you build your services (or microservices)? How can you guarantee security is being enforced on every layer of your architecture? How can you solve cross-service dependencies? How can services discover each other? How could developers leverage an API explorer to test your services and build apps on top of it? How could you leverage a data pipeline to solve polyglot persistence and cascading operations on diverse persistence technologies? How can you monetize on top of your public services? How could you use a service registry to boost your models with extended metadata?
This session presents a few recipes to demonstrate how to solve some of the problems found when applying cloud patterns to real business scenarios.
Recipes for a successful production cloudfoundry deployment - CF Summit 2014Vinícius Carvalho
How to be successful on a PCF deployment into production. This deck shows lessons learned while pushing to production a revamped platform on a large media company. It shows a few things I've learned as chief architect while deploying apps using the microservices strategy
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsFelipe Prado
Firmware analysis often involves searching firmware images for known file headers and file systems like SquashFS to extract contained files. Automated binary analysis tools like binwalk can help extract files from images. HTTP interfaces are common targets for security testing since they are often exposed without authentication. Testing may uncover vulnerabilities like XSS, CSRF, SQLi or command injection. Wireless interfaces also require testing to check for issues like weak encryption or exposure of credentials in cleartext.
The document discusses HTTP and the client-server model used for web interactions. [1] The HTTP protocol uses a request-response model where a client like a web browser sends an HTTP request to a server, which holds web content and services. [2] The server then sends an HTTP response back to the client. [3] Key aspects covered include the structure of HTTP requests and responses, common request and response headers, status codes, and methods like GET and POST.
Advanced Server Integration with Data and DirectSencha
Ext.Direct is a framework that allows for remoting of server-side classes to the client-side as if they were local. It handles ajax requests, json encoding/decoding, and invoking the appropriate callbacks automatically. To set it up, developers download a server-side stack, configure which methods can be remotely called, and include an API descriptor on the client-side. This allows for batching of requests, centralized routing, and compatibility with both direct calls and ajax requests. Implementing a stack involves configuring exposed classes/methods, generating an API descriptor, and building a router to handle requests and responses.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
3. Directives
A directive is a statement that defines a setting within the Web Server.
Directives invoke Server Application Functions(SAF) at various request processing
stages.
Format of a Directive:
<Directive> fn=“<function-name>” name1=“value1” ... nameN=“<valueN>”
where,
– <Directive> is the one of the Request Processing stage.
– <function-name> is the name of the function, which is provided by default or loaded using the
load-modules function provided in magnus.conf file.
– Name1,name2,..nameN are the parameters passed to the function.
The Order in which directives appear becomes important if the directives are
conditionally executed.
• The instructions (called directives) that identifies these options are stored in
configuration files.
• Sun Java System Web Server reads the configuration files on startup and
during client requests to map your choices with the desired server activity.
4. Templates
• Directives can be grouped together into Object Tags (also called as
Containers or Templates).
• Templates help in processing the Directives on conditional basis.
• The order in which Templates appear is not important.
• There exists one template with the name “default”.
– The Directives present in default object are used to process every request.
– Directives for standard Request Processing are provided after installation in
default template.
– Server will start without default template, but it will not process the requests.
Default template is mandatory for the Request Processing.
• Each new object that you add or each existing object that you modify
also modifies the behavior of the default object. You can modify and
extend the request handling process by adding or changing directives
in the obj.conf
5. Server Variables
• Web Server variables begin with a dollar sign character ($), followed by either
upper- or lowercase letters as the next character. Subsequent characters can
include any combination of upper- or lowercase alphanumeric characters or
underscores (_).
• Server Variables can be
– Predefined Variables
– Defined at request time through the use of set-variable SAF
– Virtual Server Specific variables defined at <virtual-server> level
– Server variables defined at the <server> level
6. Request Processing Stages
• Webserver has predefined stages for the entire Request Handling Process.
• Set of related functions are grouped together to perform tasks within the
Request Handling Process.
• Server may call many functions to perform the work of Request Processing.
• There might be zero or more Directives within each stage.
• Request Processing Stages are:
– AuthTrans
– NameTrans
– PathCheck
– ObjectType
– Input
– Output
– Route
– Service
– AddLog
– Error
7. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Notes • Authorization info in Request HTTP Header
Directives
Output:
• Status of User Authentication, if Header info available
8. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• AuthTrans stands for Authorization Translation.
Notes • Get User Identity as part of HTTP Header Info.
• Validates the Authenticity of User Credentials .i.e., checks if the username and
Directives password associated with the request are acceptable
• This Phase doesn’t Allow or Deny any Requests.
• When a request arrives, the AuthTrans stage checks whether the Authorization
HTTP header exists; if it does, the AuthTrans stage validates the authenticity of
the user’s credentials.
• If there are more than one AuthTrans directives defined for the object, the
Web Server processes each directive in sequential order until one succeeds in
authorizing the user. As soon as a match occurs, processing within the stage is
completed and subsequent AuthTrans directives are ignored.
9. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
basic-auth: calls a custom function to verify authorization information sent by the
client.
Ex;
Notes
AuthTrans fn=basic-auth auth-type=basic userfn=hardcoded_auth
Userdefined function hardcoded_auth is being used to verify user credentials.
Directives
basic-ncsa: The basic-ncsa function verifies authorization information sent by the
client against a database
Ex;
AuthTrans fn=basic-ncsa auth-type=basic dbm=/netscape/server4/userdb/rs
get-sslid: The get-sslid function retrieves a string that is unique to the current SSL
session, and stores it as the ssl-id variable in the Session->client parameter block.
qos-handler: examines the current quality of service statistics for the virtual server,
virtual server class, and global server, logs the statistics, and enforces the QOS
parameters by returning an error
10. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • Request URI
Directives
Output:
• Related OS File/Directory
11. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• NameTrans stands for Name Translation.
Notes • For the Operating System, it is files and Directories. So, the webserver must
convert the Request URI to the OS related File or Directory.
Directives • NameTrans directives translate virtual URLs to physical directories/files on the
Web server
• NameTrans directives should appear in the default object.
• If there is more than one NameTrans directive in an object, the server executes
each one in order until one succeeds.
12. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & assign-name: specifies the name of an object in obj.conf that matches the current
Output request. The server then processes the directives in the named object in preference to the
ones in the default object.
Comments Ex;
NameTrans fn=assign-name name=myapp from=/zeroproductionincidents
Directives
...
<Object name=myapp>
...additional directives..
</Object>
After processing the NameTrans directive, server looks for an named object myapp in
obj.conf and start processing the objectives in myapp object.
document-root: specifies the root document directory for the server.
Ex;
NameTrans fn=document-root root=/usr/netscape/server4/docs
home-page: specifies the home page for the server.
Whenever a client requests the server's home page (/), they'll get the document specified.
Ex;
NameTrans fn="home-page" path="homepage.html"
13. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & pfx2dir: replaces a directory prefix in the requested URL with a real directory name. It
Output also optionally allows you to specify the name of an object that matches the current
request
Comments Ex;
NameTrans fn=“pfx2dir” from=“/images/banner” dir=“/homepage/defaultimages”
Directives
name=“myimages”
servername/images/banner/logo.gif will be translated to the file
/homepage/defaultimages/logo.gif and server also starts processing the directives in
the object named myimages.
redirect: lets you change URLs and send the updated URL to the client
Ex;
NameTrans fn=“redirect” from=“/” url-prefix=“http://newserver”
Any request for http://server-name/resource is translated to a request for
http://newserver/resource
unix-home: translates user names (typically of the form ~username) into the user's
home directory on the server's Unix machine.
Ex;
NameTrans fn=“unix-home” from=“/~” subdir=“public_html”
servername/~ will be translated to the user subdirectory “public_html” within the user's
home directory.
14. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • OS File/Directory path
Directives
Output:
• Directory / File path removing malicious data
• User Authorization
• Index file, if the request URI is a Directory.
• Welcome-file-list, if the request URI is a web Application.
15. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
PathCheck Directives perform the following tasks on the resulting path:
Notes
• Cleanup any malicious directories (ex;. ,.,.. etc.) and dangerous
Directives elements.
• Determine whether the requested resource is a web application or a
directory in the file system and verification of its existence.
• Access Control Processing to determine whether the user is allowed to
access the requested resource.
16. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
check-acl:
Output • specifies an Access Control List (ACL) to use to check whether the client is allowed to access the
requested resource.
Notes • An access control list contains information about who is or is not allowed to access a resource,
and under what conditions access is allowed.
• You can also specify under what conditions (i.e., client IP address, day of week, or authentication
Directives method) that the access is granted.
• Regardless of the order of PathCheck directives in the object, check-acl functions are executed
first. They cause user authentication to be performed, if required by the specified ACL, and will
also update the access control state. Ex;
PathCheck fn="check-acl" acl="default"
Default acl is applied on the requests, where path for default can be specified in the server.xml
file.
• If an ACL specifies access based on a particular user or group and the user is not known (i.e., has
not authenticated), Web Server responds to the client with a status of 401 (Unauthorized) and
completes the processing of the request.
• This status informs the browser that it needs to open a dialog box to prompt the user for a
username and password.
• The browser sends the credentials, along with the original URL, to the Web Server where they
will then be validated in the AuthTrans stage.
• If access is denied, the server switches to executing directives in the Error stage, where a status
code of 403 (Forbidden) is returned to the client.
17. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
deny-existence: sends a "not found" message when a client tries to access a specified
Output path. The server sends "not found" instead of "forbidden," so the user cannot tell
whether the path exists or not.
Notes Ex;
PathCheck fn=deny-existence path=/mysite/docs/private
Directives
find-index: investigates whether the requested path is a directory.
If it is, the function searches for an index file in the directory, and then changes the path
to point to the index file.
If no index file is found, the server generates a directory listing (if directory listing is
turned on).
Ex;
PathCheck fn=find-index index-names=index.html,home.html
find-links: Searches the current path for symbolic or hard links to other directories or
file systems. If any are found, an error is returned.
Disable -> h is hard links.
s is soft links
o allows symbolic links from user home directories only if the user owns the
target of the link.
Ex;
PathCheck fn=find-links disable=sh dir=/foreign-dir
18. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
deny-existence: sends a "not found" message when a client tries to access a specified
Output path. The server sends "not found" instead of "forbidden," so the user cannot tell
whether the path exists or not.
Notes Ex;
PathCheck fn=deny-existence path=/mysite/docs/private
Directives
find-index: investigates whether the requested path is a directory.
If it is, the function searches for an index file in the directory, and then changes the path
to point to the index file.
If no index file is found, the server generates a directory listing (if directory listing is
turned on).
Ex;
PathCheck fn=find-index index-names=index.html,home.html
find-links: Searches the current path for symbolic or hard links to other directories or
file systems. If any are found, an error is returned.
Disable -> h is hard links.
s is soft links
o allows symbolic links from user home directories only if the user owns the
target of the link.
Ex;
PathCheck fn=find-links disable=sh dir=/foreign-dir
19. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
find-path-info: finds any extra path information after the file name in the URL and
Output stores it for use in the CGI environment variable PATH_INFO.
Ex;
Notes PathCheck fn=find-pathinfo
Directives
find-index-j2ee: Implements welcome file processing for Java web applications.
Welcome files are specified in web.xml file. The list of welcome files in web.xml is used
by the Java web container when the request corresponds to a directory within a Java
web application.
The find-index-j2ee SAF appends each of the partial URIs that specify a welcome file (in
the order in which they are specified in web.xml) to the request URI and sends the
request to the first resource that matches this concatenated URI.
This SAF acts upon only those URIs that map to directories within the Java web
application and even then takes no action when no welcome files are specified in
web.xml or when none of the welcome files match a resource.
20. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
load-config: searches for configuration files in document directories and adds the
Output file's contents to the server's existing configuration. These configuration files specify
additional access control information for the requested resource. Depending on the
Notes rules in the dynamic configuration files, the server might or might not allow the client to
access the requested resource.
Ex;
Directives
<Object ppath="*secret*">
PathCheck fn="load-config" file="checkaccess.nsconfig" basedir=“/docs/wwwi"
descend="1"
</Object>
Whenever the server receives a request for any resource containing the substring
‘secret’ that resides in /docs/www/ or a subdirectory thereof, Server searches for
checkaccess.nsconfig file in the ‘/docs/www/’ and its subdirectories.
It loads each instance of checkaccess.nsconfig that it finds, applying the access control
rules contained therein to determine whether the client is allowed to access the
requested resource or not.
21. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
get-client-cert: gets the authenticated client certificate from the SSL3 session. It can
Output apply to all HTTP methods, or only to those that match a specified pattern. It only works
when SSL is enabled on the server.
Notes Ex;
PathCheck fn="get-client-cert" dorequest="1"
Directives
require-auth: allows access to resources only if the user or group is authorized.
Ex;
PathCheck path=“/www/admin” fn=require-auth auth-type=basic realm=“admin"
auth-group=admin auth-user=(johnM|RamG|RahimA)
Above mentioned users are allowed to access the /www/admin folder and files.
set-virtual-index: specifies a virtual index for a directory, which determines the URL
forwarding.
Ex;
PathCheck fn=set-virtual-index virtual-index=MyLWApp
ssl-check: function is designed to be used together with a Client tag to limit access of
certain directories to non-exportable browsers.
ssl-logout: invalidates the current SSL session in the server's SSL session cache.
22. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • OS File/Directory path
Directives
Output:
• Server determines the Multipurpose Internet Mail Extension (MIME)
type attributes of the resource requested by the client.
23. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
• ObjectType directives determine the MIME type of the file to send to the client in
Input &
Output response to a request. These attributes may be one or more of the following:
type - The type of content being processed
Comments
encoding - How the content is encoded to the client
language - The language to use to read the content
• MIME attributes currently sent are type, encoding, and language.
Directives
• MIME type sent to the client as the value of the content-type header. When the server
sends the response to the client, the type, enc, and lang values are transmitted in the
headers of the response. This tells the client how to process the data.
• On the server side, the type attribute can be used to tell the Web Server which Service
directive to execute to generate the response to the client
• If there is more than one ObjectType directive, the server continues to process all
directives in the order in which they appear even if a match has already occurred.
After a directive sets a MIME attribute (type, enc, lang), further attempts to set the
same attribute are ignored. This continuation of processing allows Web Server the
flexibility to set one attribute in one directive (such as type) and a different attribute in
a different directive (such as lang).
24. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & force-type:
Output
• assigns a type to requests that do not already have a MIME type. This is used to
specify a default object type.
Comments
• The directive that calls this function comes last in the list of ObjectType directives so
that all other ObjectType directives have a chance to set the MIME type first.
Directives • If there is more than one ObjectType directive in an object, all the directives are
applied in the order they appear. If a directive sets an attribute and later directives
try to set that attribute to something else, the first setting is used and the
subsequent ones ignored.
Ex;
ObjectType fn=force-type type=text/plain
ObjectType fn=force-type lang=en_US
set-default-type: allows you to define a default charset, content-encoding, and
content-language for the response being sent back to the client.
Ex;
ObjectType fn="set-default-type" charset="iso_8859-1"
25. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output shtml-hacktype: function changes the content-type of any .htm or .html file to
magnus-internal/parsed-html
Comments Ex;
ObjectType fn=shtml-hacktype exec-hack=true
Directives
type-by-exp: function matches the current path with a wildcard expression. If the two
match, the type parameter information is applied to the file. This is the same as type-by-
extension, except you use wildcard patterns for the files or directories specified in the
URLs.
Ex;
ObjectType fn=type-by-exp exp=*.test type=application/html
type-by-extension: function instructs the server to look in a table of MIME type
mappings to find the MIME type of the requested resource according to the extension
of the requested resource. The MIME type is added to the content-type header sent
back to the client.
Ex;
ObjectType fn=type-by-extension
26. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • HTTP Request
Directives
Output:
• Filters execute on the Entity body, based on the configuration & Type
of filters.
27. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• Before the response is generated, the server or plugin first attempts to
Comments read entity body data from the client and the Input directive is executed.
• The Input directive selects filters that process incoming request data.
Directives • It enables you to invoke the insert-filter SAF to install filters that process
incoming data.
28. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input fn=”insert-filter” filter=”http-decompression”
Comments
The above directive instructs the insert-filter function to add a filter named
Directives httpdecompression to the filter stack. This filter would effectively decompress
incoming HTTP request data before passing it to the next stage in the request
processing.
29. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • Response data
Directives
Output:
• Filters execute on the Response data, based on the configuration &
Type of filters.
30. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• The Output directive selects filters that process outgoing response data
Comments generated by the Service step.
• The Output directive lets you invoke the insert-filter SAF to install filters
Directives that process outgoing data.
• All Output directives are executed when the server (or a plug-in) first
attempts to write entity body data to the client.
31. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
After the Service stage has completed processing and a response has been
Comments generated, you may want to compress the response data before sending it
back to the client. This can be performed in the following Output directive:
Directives
Output fn=”insert-filter” filter=”http-compression”
This directive instructs the insert-filter function to add a filter named http-
compression to the filter stack, which would compress outgoing HTTP
response data.
32. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • NONE
Directives
Output:
• HTTP Request sent to another server
33. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• If a Service directive requires that the HTTP request be sent to another
Comments server, the server executes Route directives to determine how the request
should be routed.
Directives
• Routing a request can involve selecting the server that will ultimately
service the request and selecting a proxy through which the request may
be sent.
34. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
set-origin-server: specifies the origin server that will service the request.
Comments
Ex;
Route fn=”set-origin-server”
Directives
server=”http://myapp.zeroproductionincidents.com:8080”
server=”http://myapp.zeroproductionincidents.com:8090”
35. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • HTTP Request
Directives
Output:
• Generate Response
36. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & • Generate the response to send to the client.
Output
• The server looks at each Service directive to find the first one that matches
Comments
the type, method, and query string. If a Service directive does not specify
type, method, or query string, then the unspecified attribute matches
anything.
Directives
• If there is more than one Service directive, the server applies the first one
that matches the conditions of the request and ignores all remaining
Service directives.
• After the server has determined what type of resource the client is
requesting in the ObjectType stage, it then needs to call the appropriate
SAF to generate a response to the client. This determination is made and
the action is performed in the Service stage.
37. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & add-footer: This function appends a footer to an HTML file that is sent to the client.
Output
The footer is specified either as a filename or a URI -- thus the footer can be dynamically
generated. To specify static text as a footer, use the append-trailer function.
Comments
Service type=text/html method=GET fn=add-footer file="footers/footer1.html"
Directives add-header: This function prepends a header to an HTML file that is sent to the client.
The header is specified either as a filename or a URI -- thus the header can be
dynamically generated.
Ex;
Service type=text/html method=GET fn=add-header file="headers/header1.html"
append-trailer: The append-trailer function sends an HTML file and appends text to
the end. It only appends text to HTML files. This is typically used for author information
and copyright text. The date the file was last modified can be inserted
Ex;
# Add a trailer with the date in the format: MM/DD/YY
Service type=text/html method=GET fn=append-trailer timefmt="%D" trailer="<HR>File
last updated on: :LASTMOD:"
38. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & Image-map: The imagemap function responds to requests for imagemaps. Imagemaps
Output are images which are divided into multiple areas that each have an associated URL. The
information about which URL is associated with which area is stored in a mapping file.
Comments Ex;
Service type=magnus-internal/imagemap method=(GET|HEAD) fn=imagemap
Directives
Index-common: generates a fancy (or common) list of files in the requested directory.
The list is sorted alphabetically.
Ex;
Service fn=index-common type=magnus-internal/directory method=(GET|HEAD)
header=hdr readme=rdme.txt
Index-simple: generates a simple index of the files in the requested directory. It scans
a directory and returns an HTML page to the browser displaying a bulleted list of the
files and directories in the directory.
Ex;
Service type=magnus-internal/directory fn=index-simple
39. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
key-toosmall: The key-toosmall function returns a message to the client specifying
Output that the secret key size for SSL communications is too small. This function is designed to
be used together with a Client tag to limit access of certain directories to non-
Comments exportable browsers.
<Object ppath=/mydocs/secret/*>
Service fn=key-toosmall
Directives
</Object>
list-dir : The list-dir function returns a sequence of text lines to the client in response to
a request whose method is INDEX.
Service fn=list-dir method="INDEX"
make-dir: creates a directory when the client sends a request whose method is
MKDIR. The function can fail if the server can't write to that directory.
Service fn="make-dir" method="MKDIR"
query-handler: runs a CGI program instead of referencing the path requested.
Service query=* fn=query-handler path=/http/cgi/do-grep
40. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
remove-dir : removes a directory when the client sends an request whose method is
Output RMDIR. The directory must be empty (have no files in it). The function will fail if the
directory is not empty or if the server doesn't have the privileges to remove the
Comments directory.
Service fn="remove-dir" method="RMDIR"
Directives
remove-file: deletes a file when the client sends a request whose method is DELETE. It
deletes the file indicated by the URL if the user is authorized and the server has the
needed file system privileges.
Service fn="remove-file" method="DELETE"
rename-file: renames a file when the client sends a request with a New-URL header
whose method is MOVE. It renames the file indicated by the URL to New-URL within the
same directory if the user is authorized and the server has the needed file system
privileges.
Service fn="rename-file" method="MOVE"
41. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
send-cgi: sets up the CGI environment variables, runs a file as a CGI program in a new
Output process, and sends the results to the client
<Object name="default">
Comments NameTrans fn="pfx2dir" from="/cgi-bin" dir="/home/foo.com/public_html/cgi-
bin" name="cgi"
</Object>
Directives
<Object name="cgi">
ObjectType fn="force-type" type="magnus-internal/cgi"
Service fn="send-cgi" user="$user" group="$group" dir="$dir" chroot="$chroot"
</Object>
send-file: sends the contents of the requested file to the client. It provides the content-
type, content-length, and last-modified headers.
Service type="*~magnus-internal/*" method="(GET|HEAD)" fn="send-file"
<Object name=default>
...
NameTrans fn="pfx2dir" from="/myurl" dir="/export/mydir", name="myname"
...
Service method=(GET|HEAD|POST) type=*~magnus-internal/* fn=send-file
</Object>
<Object name="myname">
Service method=(GET|HEAD) type=*~magnus-internal/* fn=send-file nocache=""
</Object>
42. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
send-range: When the client requests a portion of a document, by specifying HTTP
Input &
Output
byte ranges, the send-range function returns that portion.
Service fn=send-range
Comments
send-shellcgi: For Windows NT only. The send-shellcgi function runs a file as a shell
CGI program and sends the results to the client.
Directives Service fn=send-shellcgi
Service type=magnus-internal/cgi fn=send-shellcgi
send-wincgi : For Windows NT only. The send-wincgi function runs a file as a Windows
CGI program and sends the results to the client.
Service fn=send-wincgi
Service type=magnus-internal/cgi fn=send-wincgi
service-dump: The service-dump function creates a performance report based on
collected performance bucket data. To read the report, use :
http://server_id:port/.perf
<Object name=default>
NameTrans fn="assign-name" from="/.perf" name="perf"
</Object>
<Object name=perf>
Service fn="service-dump"
</Object>
43. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
shtml_send: parses an HTML document, scanning for embedded commands. These
Input &
Output
commands may provide information from the server, include the contents of other files,
or execute a CGI program. The shtml_send function is only available when the Shtml
plugin (libShtml.so on Unix libShtml.dll on Windows NT) is loaded.
Comments
Service type=magnus-internal/shtml_send method=(GET|HEAD) fn=shtml_send
Directives stats-xml: creates a performance report in XML format. If performance buckets have
been defined, this performance report includes them.
you do need to initialize this function using the stats-init function in magnus.conf, then
use a NameTrans function to direct requests to the stats-xml function.
The report is generated here:
http://server_id:port/stats-xml/iwsstats.xml
In magnus.conf
Init fn="stats-init" update-interval="5" virtual-servers="2000" profiling="yes"
In obj.conf
<Object name="default">
...
NameTrans fn="assign-name" from="/stats-xml/*" name="stats-xml"
...
</Object>
<Object name="stats-xml">
Service fn="stats-xml"
</Object>
44. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
upload-file: The upload-file function uploads and saves a new file when the client
Input &
Output
sends a request whose method is PUT if the user is authorized and the server has the
needed file system privileges.
Comments
Service fn=upload-file
Directives
45. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • NONE
Directives
Output:
• Add entries to log files
46. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
• After the Web Server has generated a response and has sent it to the client
Comments in the Service stage, it then executes any AddLog directives it finds to add
entries to the appropriate log file(s).
Directives
• You can have multiple AddLog directives, thus enabling you to add entries
to multiple log files.
• AddLog directives are processed after the response has been sent to the
client. This minimizes the amount of time it takes to process a request from
the client’s perspective because it does not need to wait for Web Server to
write information to log files.
47. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
An example of the default AddLog directive immediately after installation is as
Comments follows:
AddLog fn=”flex-log”
Directives
This directive uses the flex-log SAF to log information about the current
request.
The data is sent to the file specified in the <access-log> element defined in the
server.xml as follows:
<access-log>
<file>../logs/access</file>
</access-log>
48. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input &
Output
Input:
Comments • Error during Request Processing
Directives
Output:
• Sends the relevant HTTP Status Code and the Error Page to the client
49. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & • If an error occurs during the request handling process then the currently executing
Output
SAF sets the HTTP response status code and then indicates that an error has
occurred by returning the appropriate return code.
Comments
• When this occurs, the server stops processing the request and begins searching for
an Error directive that has a reason attribute that matches either of the following
Directives two conditions:
• HTTP response status code (for example, 403)
• Its associated reason phrase (for example, Unauthorized)
• If the Web Server finds a match, then it returns the document specified in the path
variable. If the Web Server does not find a matching Error directive, it simply returns
the response status code to the client.
50. Auth Name Path Object Add
Input Output Route Service Error
Trans Trans Check Type Log
Input & send-error: Define an Error directive to return a customized error message rather than
Output
a generic error code response:
Error fn=”send-error” reason=”Unauthorized” path=”/sun/MyDocs/errors/unauthorized.html”
Comments
error-j2ee: handles errors that occur during execution of web applications deployed
Directives to the Web Server individually or as part of full Java EE applications.
qos-error: returns an error page stating the quality of service that caused the
error, and the value of the QOS statistic.
Error fn="qos-error" code="503"
51. Request Processing Stages - Summary
AuthTrans
Objective Task Directive
calls a custom function to verify user name and password basic-auth
Verify User
Authentication verifies user name and password against an NCSA-style or system basic-ncsa
DBM database
Retrieves SSL retrieves a string that is unique to the current SSL session and stores get-sslid
Session it as the ssl-id variable
Quality of Services handles the current quality of service statistics qos-handler
52. Request Processing Stages - Summary
NameTrans
Objective Task Directive
Override default tells the server to process directives in a named object assign-name
Directives
translates a URL into a file system path document-root
Translates URL translates server's root home page (/) to a specific file home-page
translates URL beginning with given prefix to file system directory pfx2dir
translates user names into user's home directory on Unix machine unix-home
Redirection Redirects to a different url redirect
removes embedded semicolon-delimited parameters from path strip-params
53. Request Processing Stages - Summary
PathCheck
Objective Task Directive
Remove Malicious Directories & Clean up the URI uri-clean
Dangerous elements
Directory Listing Locates a default file when directory is requested find-index
Virtual Index specifies a virtual index for a directory Set-virtual-index
Send resource not found to client deny-existence
Denies access to directories with certain file system links find-links
Authorization
specify additional access control information for the load-config
requested resource
Check access control list check-acl
denies access to unauthorized users or groups require-auth
denies access to requests with unsafe path names by Unix-uri-clean
indicating not found
Assign CGI environment variable locates extra path info beyond the file name for the find-pathinfo
PATH_INFO CGI environment variable
Checks the Secret Keysize ssl-check
SSL invalidates the current SSL session in the server's SSL session Ssl-logout
cache
gets the authenticated client certificate get-client-cert
54. Request Processing Stages - Summary
ObjectType
Objective Task Directive
based on Request Type Force-type
Sets Response
Sets default type Set-default-type
MIME Attribute
(Content-Type) Special parsing for html & htm files Shmtl-hacktype
based on Requested path Type-by-exp
based on files extension & MIME Types Type-by-extension
55. Request Processing Stages - Summary
Input
Objective Task Directive
Insert Filter Insert Filter Insert-filter
Output
Objective Task Directive
Insert Filter Insert Filter Insert-filter
Route
Objective Task Directive
Set the Server Set Origin Server set-origin-server
56. Request Processing Stages - Summary
Service
Objective Task Directive
Appends Footer add-footer
Manipulate Response Prepends Header add-header
Appends Text to the end of HTML file append-trailer
Directory Listing generates a fancy list of the files and directories Index-common
generates a simple list of files and directories Index-simple
Lists contents of a directory List-dir
SSL indicates to the client that the provided certificate key size is Key-toosmall
too small to accept
Creates a directory Make-dir
Directory & File Manipulation Deletes an empty directory Remove-dir
Deletes a file Remove-file
Renames a file Rename-file
Uploads and Saves new file Upload-file
57. Request Processing Stages - Summary
Service
Service Task Directive
sets up environment variables, launches a CGI program, and send-cgi
sends the response to the client
sends a local file to the client. send-file
sends a range of bytes of a file to the client. send-range
Send Response
sets up environment variables, launches a shell CGI program, send-shellcgi
and sends the response to the client.
sets up environment variables, launches a WinCGI program, send-wincgi
and sends the response to the client.
handles server-side image maps imagemap
runs a CGI program instead of referencing the path query-handler
requested
parses an HTML file for server-parsed html commands shtml-send
creates a performance report based on collected Service-dump
Performance Reports performance bucket data
creates a performance report in XML format. Stats-xml
58. Request Processing Stages - Summary
AddLog
Objective Task Directive
Add Log Add Log entries flex-log
Error
Objective Task Directive
Send the Error response to the client Send-error
Send Error Handles errors that occur during execution of web applications error-j2ee
Returns an error page stating the quality of service that caused the qos-error
Error