SlideShare a Scribd company logo
Web Servers Web   Protocols   and   Practice Chapter 4
Topics Web   Protocols   and   Practice WEB SERVERS Web Server Definition Web Site versus Web Server Steps in Handling a Client Request Access Control Dynamically Generated Responses Passing Data to/from the Script Creating and Using Cookies Sharing Information Across Requests Server Architecture Server Hosting Case Study of the Apache Web Server
Web Server Definition Web   Protocols   and   Practice WEB SERVERS A Web server is a program that generates and transmits responses to client requests for Web resources. Handling a client request consists of several key steps:   Parsing the request message Checking that the request is authorized Associating the URL in the request with a file name Constructing the response message Transmitting the response message to the requesting client
Web Server Definition Web   Protocols   and   Practice WEB SERVERS The server can generate the response message in a variety of ways: The server simply retrieves the file associated with the URL and returns the contents to the client. The server may invoke a script that communicates with other servers or a back-end database to construct the response message.
Web Site versus Web Server Web   Protocols   and   Practice WEB SERVERS Web site  and  Web server  are different: A  Web site  consists of a collection of Web pages associated with a particular hostname.  A  Web server  is a program to satisfy client requests for Web resources.
Steps in Handling a Client Request Web   Protocols   and   Practice WEB SERVERS A Web server proceeds through the following steps in handling an HTTP request: Read and parse the HTTP request message for example GET the resource /foo.htm Translate the URL to a file name for example the resource be located in the base directory such as /www, where the URL  http://www.bar.com/foo/index.html corresponds to  the file of www/foo/index.html Determine whether the request is authorized Generate and transmit the response that includes header to show the status information
Access Control Web   Protocols   and   Practice WEB SERVERS A Web server may limit which users can access certain resources. Access control requires a combination of  authentication  and  authorization .  Authentication  identifies the user who originated the request. Authorization  determines which users have access to a particular resource.
AUTHENTICATION Web   Protocols   and   Practice WEB SERVERS Most client-server systems authenticate a user by asking for a name and password. Web server must perform authentication for  every  request for a resource that has access restrictions.  The server returns an HTTP response that indicates that the request requires authorization.  The response also identifies what kind of authentication is required.  The response also identifies the  realm a string that associates a collection of resources at the server
AUTHORIZATION Web   Protocols   and   Practice WEB SERVERS To control access to Web resources, the server must employ an authorization policy. A policy typically expressed in terms of an access control list that enumerates the users who are granted or denied access to the resources. In addition to checking the user name, the server may allow or deny access to the resource based on other information associated with the HTTP request, such as the host name or IP address of the requesting client.  Authenticating HTTP requests can impose a heavy load on the Web server.
Dynamically Generated Responses   Web   Protocols   and   Practice WEB SERVERS This feature differentiates the Web from earlier file transfer services on the Internet. Dynamically generated responses are created in a variety of ways: Server-side include  Server script
Server-Side Include Web   Protocols   and   Practice WEB SERVERS A  server-side include  instructs the Web server to customize a static resource based on directives in an HTML-like file.
Server Script Web   Protocols   and   Practice WEB SERVERS A  server script  is a separate program that generates the request resource.  The program may run as  Part of the server  A separate process  The main role of the Web server is  To associate the requested URL with the appropriate script To pass data to/from the script The main role of the script is  To process the input from the server  To generate the content to the client
Server Script Web   Protocols   and   Practice WEB SERVERS The server can interact with the script in several different ways: Separate process invoked by the server Software module in the same process Persistent process contacted by the server
Passing Data to/from the Script Web   Protocols   and   Practice WEB SERVERS Decoupling the scripts from the Web server requires a well-defined interface for passing data between the two pieces of software.  Common Gateway Interface (CGI) defines interfaces for a variety of operating system platforms.  Table 4.1
Table 4.1.   Example CGI environment variables Web   Protocols   and   Practice WEB SERVERS 10.9.57.188 users.berkeley.edu REMOTE_ADDR REMOTE_HOST Client www.bar.com Apache/10206 HTTP/1.0 80 /www CGI/2.0 SERVER_NAME SERVER_SOFTWARE SERVER_PROTOCOL SERVER_PORT DOCUMENT_ROOT GATEWAY_INTERFACE Server Text/html 158 GET NAME=Noam+Chomsky De-CH Mozilla/2.0 CONTENT_TYPE CONTENT_LENGTH REQUEST_METHOD QUERY_STRING ACCEPT_LANGUAGE HTTP_USER_AGENT Request Example Variable Type
Creating and Using Cookies Web   Protocols   and   Practice WEB SERVERS Cookies are typically created, used, and modified by scripts invoked to generate dynamic responses, rather than by the Web server.  The browser can be instructed to include a unique cookie in each HTTP request.  If the request does not include cookie, the script create a new cookie and include the cookie in the header of the response message Set-Cookie: Customer="user17"; Version="1"; Path="/book" Subsequent requests from the user would include the cookie Cookie: Customer="user17"; Version="1"; Path="/book"
Creating and Using Cookies Web   Protocols   and   Practice WEB SERVERS A script can use a cookie as a user identifier in interacting with a back-end database.  Storing history information in the cookie may obviate the need to retain information about the user in a back-end database.
Sharing Information Across Requests Web   Protocols   and   Practice WEB SERVERS A Web server may retain some information to reduce  the overhead of handling future requests by: Sharing HTTP responses across requests Sharing metadata across requests
Sharing HTTP Responses Across Requests Web   Protocols   and   Practice WEB SERVERS In server-side caching, data from the disk is cached in main memory at the server.  A Web server cache can be Static files Dynamically generated responses  the server would need to ensure that the cached result is consistent with the primary copy of the information.
Sharing Metadata Across Requests Web   Protocols   and   Practice WEB SERVERS The server could store the information generated in the process such as: Translation of URL to file name Control information about the resource HTTP response headers The server could cache certain information across requests for different resources: Current date/time Client name
Server Architecture Web   Protocols   and   Practice WEB SERVERS Some techniques for allocating system resources among competing client requests are : Event-driven server architecture Process-driven server architecture Hybrid server architecture
Event-Driven Server Architecture Web   Protocols   and   Practice WEB SERVERS An  event-driven  server  Has a single process that alternates between servicing different requests  Allows the server to serialize operations that modify the same data Performs nonblocking system calls Not used in Most high-end Web servers
Process-Driven Server Architecture Web   Protocols   and   Practice WEB SERVERS A  process-driven  server   Allocates each request to a separate process One master process listens for new connection  The master process creates, or forks, a separate process for each new connection  Terminates the process after parsing the client request and transmitting the response   To prevent memory leak Introduces overhead for switching from one process to another
Hybrid Server Architecture Web   Protocols   and   Practice WEB SERVERS In  Hybrid  server architectures  The strengths of the event-driven and process-driven models are combined Each process would become an event-driven server that alternates between a small collection of requests A single process has multiple independent  threads   Main process instructs a separate helper process to perform time-consuming operations
Server Hosting Web   Protocols   and   Practice WEB SERVERS Multiple Web sites on a single machine Multiple machine for a single Web site Figure 4.1.
Web   Protocols   and   Practice www.foo.com www.bar.com www.big.com www.big.com www.mid.com Surrogate 1 2 3 4 To/From Internet Figure 4.1.  Hosting complex with surrogate in front of four server machines WEB CLIENTS
Apache Web Server Web   Protocols   and   Practice WEB SERVERS The Apache server follows the process-driven model, with a parent process that assigns a process to each new connection.
Table 4.2  Key configuration directives for child processes and network connection Web   Protocols   and   Practice WEB CLIENTS Initial number of child processes (5) Maximum number of child processes (256) Target Minimum number of idle children (5) Target Maximum number of idle children (10) Maximum number of requests per child (30) Maximum number of pending connections (511) Size of the TCP send buffer (OS default) Max number of requests per connection (100) Maximum idle time for connection (15 sec) StartServers MaxClients MinSpareServers MaxSpareServers MaxRequestsPerChild ListenBacklog SendBufferSize MaxKeepAliveRequests KeepAliveTimeout Definition (default value in Apache 1.3.3) Directive
Apache Web Server Web   Protocols   and   Practice WEB SERVERS Apache has a collection of handlers that perform an action using the requested file, as shown in  Table 4.3.
Table 4.3  Built-in handlers in Apache server and default file extension Web   Protocols   and   Practice WEB CLIENTS Send the file as static content Send the file as an HTTP response message (.asis) Invoke the file as a CGI script (.cgi) Treat the file as a server-side include (.shtml) Treat the file as an imagemap rule file (.imap) Treat the file as a map for content negotiation (.var) Get the server’s configuration information Get the server’s status report Default-handler Send-as-is Cgi-script Server-parsed Imap-file Type-map Server-info Server-status Purpose (file extension) Handler

More Related Content

What's hot

Web server
Web serverWeb server
Web server
Nirav Daraniya
 
Web servers – features, installation and configuration
Web servers – features, installation and configurationWeb servers – features, installation and configuration
Web servers – features, installation and configuration
webhostingguy
 
Web server
Web serverWeb server
Web server
Ankit Raj
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
Hema Dhariwal
 
uniform resource locator
uniform resource locatoruniform resource locator
uniform resource locator
rajshreemuthiah
 
Configuring the Apache Web Server
Configuring the Apache Web ServerConfiguring the Apache Web Server
Configuring the Apache Web Server
webhostingguy
 
Types of server
Types of serverTypes of server
Types of server
Muhammad Mudarrak
 
Web technology
Web technologyWeb technology
Web technology
Selvin Josy Bai Somu
 
Web server
Web serverWeb server
Web server
Touhid Arastu
 
introduction to Web system
introduction to Web systemintroduction to Web system
introduction to Web system
hashim102
 
Application layer protocols
Application layer protocolsApplication layer protocols
Application layer protocols
JUW Jinnah University for Women
 
Webservices
WebservicesWebservices
Webservices
Gerard Sylvester
 
Dns
DnsDns
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
Shashidhara Vyakaranal
 
Web app presentation
Web app presentationWeb app presentation
Web app presentation
zahid6
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http response
Nuha Noor
 
Php Presentation
Php PresentationPhp Presentation
Php Presentation
Manish Bothra
 
web server
web serverweb server
web server
nava rathna
 
Web Application
Web ApplicationWeb Application
Web Application
Sameer Poudel
 
Web server
Web serverWeb server
Web server
Sajan Sahu
 

What's hot (20)

Web server
Web serverWeb server
Web server
 
Web servers – features, installation and configuration
Web servers – features, installation and configurationWeb servers – features, installation and configuration
Web servers – features, installation and configuration
 
Web server
Web serverWeb server
Web server
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
 
uniform resource locator
uniform resource locatoruniform resource locator
uniform resource locator
 
Configuring the Apache Web Server
Configuring the Apache Web ServerConfiguring the Apache Web Server
Configuring the Apache Web Server
 
Types of server
Types of serverTypes of server
Types of server
 
Web technology
Web technologyWeb technology
Web technology
 
Web server
Web serverWeb server
Web server
 
introduction to Web system
introduction to Web systemintroduction to Web system
introduction to Web system
 
Application layer protocols
Application layer protocolsApplication layer protocols
Application layer protocols
 
Webservices
WebservicesWebservices
Webservices
 
Dns
DnsDns
Dns
 
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
 
Web app presentation
Web app presentationWeb app presentation
Web app presentation
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http response
 
Php Presentation
Php PresentationPhp Presentation
Php Presentation
 
web server
web serverweb server
web server
 
Web Application
Web ApplicationWeb Application
Web Application
 
Web server
Web serverWeb server
Web server
 

Similar to Web Servers (ppt)

0_Leksion_Web_Servers (1).pdf
0_Leksion_Web_Servers (1).pdf0_Leksion_Web_Servers (1).pdf
0_Leksion_Web_Servers (1).pdf
Zani10
 
Distributed web based systems
Distributed web based systemsDistributed web based systems
Distributed web based systems
Reza Gh
 
Ch-1_.ppt
Ch-1_.pptCh-1_.ppt
Ch-1_.ppt
berihunmolla2
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
Raghunathan52
 
Webbasics
WebbasicsWebbasics
Webbasics
patinijava
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
sanjoysanyal
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer Protocol
Rajan Pandey
 
web-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
web-servers3952 (1)qwjelkjqwlkjkqlwe.pptweb-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
web-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
20521742
 
Intro webapps
Intro webappsIntro webapps
Intro webapps
Howard Mao
 
ASP.NET WEB API Training
ASP.NET WEB API TrainingASP.NET WEB API Training
ASP.NET WEB API Training
Chalermpon Areepong
 
WWW & HTTP
WWW & HTTPWWW & HTTP
Anintroductiontojavawebtechnology 090324184240-phpapp01
Anintroductiontojavawebtechnology 090324184240-phpapp01Anintroductiontojavawebtechnology 090324184240-phpapp01
Anintroductiontojavawebtechnology 090324184240-phpapp01
raviIITRoorkee
 
Rest WebAPI with OData
Rest WebAPI with ODataRest WebAPI with OData
Rest WebAPI with OData
Mahek Merchant
 
21. Application Development and Administration in DBMS
21. Application Development and Administration in DBMS21. Application Development and Administration in DBMS
21. Application Development and Administration in DBMS
koolkampus
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
 Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
WebStackAcademy
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
Cathie101
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
Cathie101
 
Unit5 servlets
Unit5 servletsUnit5 servlets
Unit5 servlets
Praveen Yadav
 
Servlets api overview
Servlets api overviewServlets api overview
Servlets api overview
ramya marichamy
 

Similar to Web Servers (ppt) (20)

0_Leksion_Web_Servers (1).pdf
0_Leksion_Web_Servers (1).pdf0_Leksion_Web_Servers (1).pdf
0_Leksion_Web_Servers (1).pdf
 
Distributed web based systems
Distributed web based systemsDistributed web based systems
Distributed web based systems
 
Ch-1_.ppt
Ch-1_.pptCh-1_.ppt
Ch-1_.ppt
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
 
Webbasics
WebbasicsWebbasics
Webbasics
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
 
Hypertext Transfer Protocol
Hypertext Transfer ProtocolHypertext Transfer Protocol
Hypertext Transfer Protocol
 
web-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
web-servers3952 (1)qwjelkjqwlkjkqlwe.pptweb-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
web-servers3952 (1)qwjelkjqwlkjkqlwe.ppt
 
Intro webapps
Intro webappsIntro webapps
Intro webapps
 
ASP.NET WEB API Training
ASP.NET WEB API TrainingASP.NET WEB API Training
ASP.NET WEB API Training
 
WWW & HTTP
WWW & HTTPWWW & HTTP
WWW & HTTP
 
Anintroductiontojavawebtechnology 090324184240-phpapp01
Anintroductiontojavawebtechnology 090324184240-phpapp01Anintroductiontojavawebtechnology 090324184240-phpapp01
Anintroductiontojavawebtechnology 090324184240-phpapp01
 
Rest WebAPI with OData
Rest WebAPI with ODataRest WebAPI with OData
Rest WebAPI with OData
 
21. Application Development and Administration in DBMS
21. Application Development and Administration in DBMS21. Application Development and Administration in DBMS
21. Application Development and Administration in DBMS
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
 Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 4...
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
 
Web Services 2009
Web Services 2009Web Services 2009
Web Services 2009
 
Unit5 servlets
Unit5 servletsUnit5 servlets
Unit5 servlets
 
Servlets api overview
Servlets api overviewServlets api overview
Servlets api overview
 

More from webhostingguy

File Upload
File UploadFile Upload
File Upload
webhostingguy
 
Running and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test FrameworkRunning and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test Framework
webhostingguy
 
MySQL and memcached Guide
MySQL and memcached GuideMySQL and memcached Guide
MySQL and memcached Guide
webhostingguy
 
Novell® iChain® 2.3
Novell® iChain® 2.3Novell® iChain® 2.3
Novell® iChain® 2.3
webhostingguy
 
Load-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web serversLoad-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web servers
webhostingguy
 
SQL Server 2008 Consolidation
SQL Server 2008 ConsolidationSQL Server 2008 Consolidation
SQL Server 2008 Consolidation
webhostingguy
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
webhostingguy
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
webhostingguy
 
Master Service Agreement
Master Service AgreementMaster Service Agreement
Master Service Agreement
webhostingguy
 
Notes8
Notes8Notes8
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
webhostingguy
 
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
webhostingguy
 
Managing Diverse IT Infrastructure
Managing Diverse IT InfrastructureManaging Diverse IT Infrastructure
Managing Diverse IT Infrastructure
webhostingguy
 
Web design for business.ppt
Web design for business.pptWeb design for business.ppt
Web design for business.ppt
webhostingguy
 
IT Power Management Strategy
IT Power Management Strategy IT Power Management Strategy
IT Power Management Strategy
webhostingguy
 
Excel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for MerchandisersExcel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for Merchandisers
webhostingguy
 
OLUG_xen.ppt
OLUG_xen.pptOLUG_xen.ppt
OLUG_xen.ppt
webhostingguy
 
Parallels Hosting Products
Parallels Hosting ProductsParallels Hosting Products
Parallels Hosting Products
webhostingguy
 
Microsoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 MbMicrosoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 Mb
webhostingguy
 
Reseller's Guide
Reseller's GuideReseller's Guide
Reseller's Guide
webhostingguy
 

More from webhostingguy (20)

File Upload
File UploadFile Upload
File Upload
 
Running and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test FrameworkRunning and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test Framework
 
MySQL and memcached Guide
MySQL and memcached GuideMySQL and memcached Guide
MySQL and memcached Guide
 
Novell® iChain® 2.3
Novell® iChain® 2.3Novell® iChain® 2.3
Novell® iChain® 2.3
 
Load-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web serversLoad-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web servers
 
SQL Server 2008 Consolidation
SQL Server 2008 ConsolidationSQL Server 2008 Consolidation
SQL Server 2008 Consolidation
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
 
Master Service Agreement
Master Service AgreementMaster Service Agreement
Master Service Agreement
 
Notes8
Notes8Notes8
Notes8
 
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
 
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
 
Managing Diverse IT Infrastructure
Managing Diverse IT InfrastructureManaging Diverse IT Infrastructure
Managing Diverse IT Infrastructure
 
Web design for business.ppt
Web design for business.pptWeb design for business.ppt
Web design for business.ppt
 
IT Power Management Strategy
IT Power Management Strategy IT Power Management Strategy
IT Power Management Strategy
 
Excel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for MerchandisersExcel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for Merchandisers
 
OLUG_xen.ppt
OLUG_xen.pptOLUG_xen.ppt
OLUG_xen.ppt
 
Parallels Hosting Products
Parallels Hosting ProductsParallels Hosting Products
Parallels Hosting Products
 
Microsoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 MbMicrosoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 Mb
 
Reseller's Guide
Reseller's GuideReseller's Guide
Reseller's Guide
 

Web Servers (ppt)

  • 1. Web Servers Web Protocols and Practice Chapter 4
  • 2. Topics Web Protocols and Practice WEB SERVERS Web Server Definition Web Site versus Web Server Steps in Handling a Client Request Access Control Dynamically Generated Responses Passing Data to/from the Script Creating and Using Cookies Sharing Information Across Requests Server Architecture Server Hosting Case Study of the Apache Web Server
  • 3. Web Server Definition Web Protocols and Practice WEB SERVERS A Web server is a program that generates and transmits responses to client requests for Web resources. Handling a client request consists of several key steps: Parsing the request message Checking that the request is authorized Associating the URL in the request with a file name Constructing the response message Transmitting the response message to the requesting client
  • 4. Web Server Definition Web Protocols and Practice WEB SERVERS The server can generate the response message in a variety of ways: The server simply retrieves the file associated with the URL and returns the contents to the client. The server may invoke a script that communicates with other servers or a back-end database to construct the response message.
  • 5. Web Site versus Web Server Web Protocols and Practice WEB SERVERS Web site and Web server are different: A Web site consists of a collection of Web pages associated with a particular hostname. A Web server is a program to satisfy client requests for Web resources.
  • 6. Steps in Handling a Client Request Web Protocols and Practice WEB SERVERS A Web server proceeds through the following steps in handling an HTTP request: Read and parse the HTTP request message for example GET the resource /foo.htm Translate the URL to a file name for example the resource be located in the base directory such as /www, where the URL http://www.bar.com/foo/index.html corresponds to the file of www/foo/index.html Determine whether the request is authorized Generate and transmit the response that includes header to show the status information
  • 7. Access Control Web Protocols and Practice WEB SERVERS A Web server may limit which users can access certain resources. Access control requires a combination of authentication and authorization . Authentication identifies the user who originated the request. Authorization determines which users have access to a particular resource.
  • 8. AUTHENTICATION Web Protocols and Practice WEB SERVERS Most client-server systems authenticate a user by asking for a name and password. Web server must perform authentication for every request for a resource that has access restrictions. The server returns an HTTP response that indicates that the request requires authorization. The response also identifies what kind of authentication is required. The response also identifies the realm a string that associates a collection of resources at the server
  • 9. AUTHORIZATION Web Protocols and Practice WEB SERVERS To control access to Web resources, the server must employ an authorization policy. A policy typically expressed in terms of an access control list that enumerates the users who are granted or denied access to the resources. In addition to checking the user name, the server may allow or deny access to the resource based on other information associated with the HTTP request, such as the host name or IP address of the requesting client. Authenticating HTTP requests can impose a heavy load on the Web server.
  • 10. Dynamically Generated Responses Web Protocols and Practice WEB SERVERS This feature differentiates the Web from earlier file transfer services on the Internet. Dynamically generated responses are created in a variety of ways: Server-side include Server script
  • 11. Server-Side Include Web Protocols and Practice WEB SERVERS A server-side include instructs the Web server to customize a static resource based on directives in an HTML-like file.
  • 12. Server Script Web Protocols and Practice WEB SERVERS A server script is a separate program that generates the request resource. The program may run as Part of the server A separate process The main role of the Web server is To associate the requested URL with the appropriate script To pass data to/from the script The main role of the script is To process the input from the server To generate the content to the client
  • 13. Server Script Web Protocols and Practice WEB SERVERS The server can interact with the script in several different ways: Separate process invoked by the server Software module in the same process Persistent process contacted by the server
  • 14. Passing Data to/from the Script Web Protocols and Practice WEB SERVERS Decoupling the scripts from the Web server requires a well-defined interface for passing data between the two pieces of software. Common Gateway Interface (CGI) defines interfaces for a variety of operating system platforms. Table 4.1
  • 15. Table 4.1. Example CGI environment variables Web Protocols and Practice WEB SERVERS 10.9.57.188 users.berkeley.edu REMOTE_ADDR REMOTE_HOST Client www.bar.com Apache/10206 HTTP/1.0 80 /www CGI/2.0 SERVER_NAME SERVER_SOFTWARE SERVER_PROTOCOL SERVER_PORT DOCUMENT_ROOT GATEWAY_INTERFACE Server Text/html 158 GET NAME=Noam+Chomsky De-CH Mozilla/2.0 CONTENT_TYPE CONTENT_LENGTH REQUEST_METHOD QUERY_STRING ACCEPT_LANGUAGE HTTP_USER_AGENT Request Example Variable Type
  • 16. Creating and Using Cookies Web Protocols and Practice WEB SERVERS Cookies are typically created, used, and modified by scripts invoked to generate dynamic responses, rather than by the Web server. The browser can be instructed to include a unique cookie in each HTTP request. If the request does not include cookie, the script create a new cookie and include the cookie in the header of the response message Set-Cookie: Customer="user17"; Version="1"; Path="/book" Subsequent requests from the user would include the cookie Cookie: Customer="user17"; Version="1"; Path="/book"
  • 17. Creating and Using Cookies Web Protocols and Practice WEB SERVERS A script can use a cookie as a user identifier in interacting with a back-end database. Storing history information in the cookie may obviate the need to retain information about the user in a back-end database.
  • 18. Sharing Information Across Requests Web Protocols and Practice WEB SERVERS A Web server may retain some information to reduce the overhead of handling future requests by: Sharing HTTP responses across requests Sharing metadata across requests
  • 19. Sharing HTTP Responses Across Requests Web Protocols and Practice WEB SERVERS In server-side caching, data from the disk is cached in main memory at the server. A Web server cache can be Static files Dynamically generated responses the server would need to ensure that the cached result is consistent with the primary copy of the information.
  • 20. Sharing Metadata Across Requests Web Protocols and Practice WEB SERVERS The server could store the information generated in the process such as: Translation of URL to file name Control information about the resource HTTP response headers The server could cache certain information across requests for different resources: Current date/time Client name
  • 21. Server Architecture Web Protocols and Practice WEB SERVERS Some techniques for allocating system resources among competing client requests are : Event-driven server architecture Process-driven server architecture Hybrid server architecture
  • 22. Event-Driven Server Architecture Web Protocols and Practice WEB SERVERS An event-driven server Has a single process that alternates between servicing different requests Allows the server to serialize operations that modify the same data Performs nonblocking system calls Not used in Most high-end Web servers
  • 23. Process-Driven Server Architecture Web Protocols and Practice WEB SERVERS A process-driven server Allocates each request to a separate process One master process listens for new connection The master process creates, or forks, a separate process for each new connection Terminates the process after parsing the client request and transmitting the response To prevent memory leak Introduces overhead for switching from one process to another
  • 24. Hybrid Server Architecture Web Protocols and Practice WEB SERVERS In Hybrid server architectures The strengths of the event-driven and process-driven models are combined Each process would become an event-driven server that alternates between a small collection of requests A single process has multiple independent threads Main process instructs a separate helper process to perform time-consuming operations
  • 25. Server Hosting Web Protocols and Practice WEB SERVERS Multiple Web sites on a single machine Multiple machine for a single Web site Figure 4.1.
  • 26. Web Protocols and Practice www.foo.com www.bar.com www.big.com www.big.com www.mid.com Surrogate 1 2 3 4 To/From Internet Figure 4.1. Hosting complex with surrogate in front of four server machines WEB CLIENTS
  • 27. Apache Web Server Web Protocols and Practice WEB SERVERS The Apache server follows the process-driven model, with a parent process that assigns a process to each new connection.
  • 28. Table 4.2 Key configuration directives for child processes and network connection Web Protocols and Practice WEB CLIENTS Initial number of child processes (5) Maximum number of child processes (256) Target Minimum number of idle children (5) Target Maximum number of idle children (10) Maximum number of requests per child (30) Maximum number of pending connections (511) Size of the TCP send buffer (OS default) Max number of requests per connection (100) Maximum idle time for connection (15 sec) StartServers MaxClients MinSpareServers MaxSpareServers MaxRequestsPerChild ListenBacklog SendBufferSize MaxKeepAliveRequests KeepAliveTimeout Definition (default value in Apache 1.3.3) Directive
  • 29. Apache Web Server Web Protocols and Practice WEB SERVERS Apache has a collection of handlers that perform an action using the requested file, as shown in Table 4.3.
  • 30. Table 4.3 Built-in handlers in Apache server and default file extension Web Protocols and Practice WEB CLIENTS Send the file as static content Send the file as an HTTP response message (.asis) Invoke the file as a CGI script (.cgi) Treat the file as a server-side include (.shtml) Treat the file as an imagemap rule file (.imap) Treat the file as a map for content negotiation (.var) Get the server’s configuration information Get the server’s status report Default-handler Send-as-is Cgi-script Server-parsed Imap-file Type-map Server-info Server-status Purpose (file extension) Handler