Browser/Environment Variables Oracle Application Server Tips by Burleson Consulting

OHS has the capability to modify how it talks to different browser types.  Each browser has different implementations and some have bugs that require special attention.  OHS uses the module mod_setenvif to add this functionality.   OHS gets this information from the request?s header.  The directive BrowserMatch is used to set variables based on the requester?s browser.

    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

Here, OHS will inactivate the keepalive feature because Mozilla does not support it.   This version of Internet Explorer has a faulty implementation of HTTP 1.1, so OHS downgrades its responses to HTTP 1.0.  The directive BrowserMatchNoCase is functionally equivalent to BrowserMatch but is case insensitive.  Mod_setenvif also contains the SetEnvIf and SetEnvIfNoCase directives.  The SetEnvIf directive is used to check current variables and if they match, set a custom variable. 

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

If the user-agent from the request header contains MSIE, then the variables nokeepalive and ssl_unclean_shutdown are set to true. 

Proxy Server

Apache implements a proxy server and caching with mod_proxy.  Oracle9iAS and OHS use Web Cache and so does not implement mod_proxy.  If you need to implement this feature, please refer to the Apache documentation. (Google ?Apache mod_proxy?).

Virtual Host

One of the most powerful capabilities of the Apache Web Server, and hence OHS, is the ability to host more than one complete web site with its own domain name, as if it were on a stand-alone machine.  The ability to support multiple web sites from one server is called Virtual Hosting. Virtual Hosts are easy to set up in the httpd.conf file and OHS uses a Virtual Host to support the Secure HTTP connection. 

Listen 4446
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/home/oracle/oraportal904/Apache/Apache/
                      logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
SSLMutex file:/home/oracle/oraportal904/Apache/Apache/logs/ssl_mutex
SSLLog /home/oracle/oraportal904/Apache/Apache/logs/ssl_engine_log
SSLLogLevel warn
<VirtualHost _default_:4446>
        DocumentRoot "/home/oracle/oraportal904/Apache/Apache/htdocs"
        ServerName appsvr.localdomain.com
        ServerAdmin you@your.address
        ErrorLog /home/oracle/oraportal904/Apache/Apache/
                  logs/error_log
        TransferLog /home/oracle/oraportal904/Apache/Apache/
                   logs/access_log
        Port 4445
        SSLEngine on
        SSLCipherSuite
SSL_RSA_WITH_RC4_128_MD5:SSL_RSA_WITH_RC4_128_SHA:SSL_RSA_WITH_3DES_EDE_CBC_SHA:SSL_RSA_
WITH_DES_CBC_SHA:SSL_RSA_EXPORT_WITH_RC4_40_MD5:SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
        SSLWallet file:/home/oracle/oraportal904/Apache/Apache/
                        conf/ssl.wlt/default
        <Files ~ "\.(cgi|shtml)$">
            SSLOptions +StdEnvVars
        </Files>
        <Directory "/home/oracle/oraportal904/Apache/Apache/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-
                     shutdown
        CustomLog /home/oracle/oraportal904/Apache/Apache/
                   logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x
                   %{SSL_CIPHER}x \"%r\" %b"
    </VirtualHost>

This looks like a lot, but most of it has already been covered.  So let?s walk through the code. 

First, come the server level directives.  OHS is directed to listen on port 4446.  Although we will cover Secure Socket Layers in detail in the chapter on Oracle9iAS Security, from what we already covered we can see that there are a number of log files identified and the SSLLOGLEVEL is set to warn. 

Once the server level directives are through we are ready to define the Virtual Host. Virtual Hosts can have separate hostnames, IP addresses, or ports.  Anything not defined within the Virtual Host block directives will be inherited from the default server parameters.    The first five parameters are explicitly defined.  They actually point to the same files as the default server because the Virtual Host is designed to replicate the default server, using Secure Socket Layer (SSL) for security. 

One important directive is the ServerName.  The ServerName is used to redirect links to other files, and if it is not defined, the OHS will have to hit the DNS to determine the server name for the Virtual Host?s IP. 

Through the remaining code you can see examples of Directory Container directives, Files Container directives, TransferLog and CustomLog.  Almost every default server parameter can be redefined for a Virtual Host.  Directives that establish the overall OHS server cannot be changed in a Virtual Host such as MinSpareServers, MaxSpareServers, StartServers etc.

The example Virtual Host is IP-based, using the default IP.  Another option is to use a Name-Based Virtual Host.  Name-based Virtual Hosts allow you to operate multiple hosts on the same IP address.  This must be supported by your DNS.  When the browser submits a request, it contains the server name it is requesting the document from.  OHS will accept the request and pass it to the named Virtual Host for servicing.  To use this feature, you must add the NameVirtualHost directive that identifies the communal IP, before any Virtual Host directives.

NamedVirtualHost 192.168.2.101
<VirtualHost 192.168.2.101>
    ServerName bigdata.oracle.com
    ServerAlias bigdata
</VirtualHost>

The example above introduces another directive, ServerAlias.  ServerAlias is used when the server needs to be accessible using more than one name.  This directive identifies multiple names for the same Virtual Host.  Local users can access the host by just using big data as the server name.  More commonly, ServerAlias is used to direct multiple host names to the same Virtual Host.

Dynamic Content

Since you are using Oracle9i Application Server, you will be using OHS to connect to your application to generate dynamic content.  The Oracle HPPT Server has the capability to generate dynamic content within the server using CGI and SSIs. 

CGI, or Common Gateway Interface, defines a method of communication used between the web server and various programs and scripts that generate the dynamic content.  Called CGI programs, they are in fact written in any language from Perl to C, or even a Korn script.  The only requirement for OHS to execute the program is that the OHS user must have execute rights on the program.  OHS uses the mod_cgi module to handle CGI scripts, including loading and executing operating system programs. 

We have already seen the use of the ScriptAlias directive to identify locations of CGI programs.  If the CGI program is located in a directory other than the those pointed to by ScriptAlias, that directory must have the ExecCGI enabled in either the .htaccess file or in the Directory directives for the directory in the httpd.conf file. 

The second method of including dynamic content is SSI or Server Side Includes.  SSI are directives in the HTML page that are parsed as the page is served to the client.  Instead of having a CGI program serve the entire page, SSI can be used to embed dynamic content from other documents.  These include other documents, CGI program scripts, or server environment variables, such as the current time, as the page is being served.  Since SSI requires that the pages be parsed as they are served, you must tell OHS which files to parse.  You do this by adding directives to the httpd.conf file.

AddType text/html  .shtml
AddHandler server-parsed .shtml

OHS will now parse all .shtml files as they are served, provided that the Directory directives for the location of the .shtml file has Includes enabled.  This option can also be set in the .htaccess file. 

This is a brief introduction to CGI and SSL to set the stage for later chapters.

 

This is an excerpt from "Oracle 10g Application Server Administration Handbook" by Don Burleson and John Garmany.