0179-0182

Previous page
Table of content
Next page
Previous Table of Contents Next

Page 179

CHAPTER 9

Oracle Web Application Server 3.0

IN THIS CHAPTER

  • Architectural Overview 180
  • Component Interaction 183
  • Installation and Configuration 187
  • Using Supplied Cartridges 191
  • Developing Cartridges with the WRB API 200

Page 180

Oracle Web Application Server 3.0 is much more than just another Web server. In addition to providing the standard HTTP and CGI services, Oracle Web Application Server lets you develop full-featured applications using reusable building blocks called cartridges. Cartridges can be distributed across the network and have persistence mechanisms that are far superior to anything available through CGI. In addition to a distributed, component-based programming model, the multi-process architecture of Oracle Web Application Server provides the performance, scalability, and fault tolerance of true distributed processing. This chapter provides an overview of this architecture and describes how it is deployed and used to build robust, Web-enabled applications.

Architectural Overview

The architecture of the Oracle Web Application Server is based on the distributed computing model. It is open and standards-based, providing a scalable and fault-tolerant foundation for Web-based applications. The primary features of the Web Server architecture are a robust HTTP server, the Web Request Broker, and server extensions called cartridges. This section describes these components , the services they provide, and the interactions between them.

HTTP Server

The HTTP server consists of two processes: the listener and the dispatcher. The supplied Spyglass listener uses a virtual file system in which the logical paths used in Universal Resource Locators (URLs) are mapped to physical directories in the file system of the host machine. It also has the capability to maintain and identify different versions of HTML files (in different languages, for example) and handle any number of defined MIME types. To improve performance, the listener takes advantage of the host operating system's memory-mapped file capabilities and supports configurable file caching. In addition to supporting SSL (Secure Sockets Layer) encryption and authentication, the listener can also provide security through any of the following methods :

  • Basic authentication requires users to enter an ID and password to access a URL. You should use this only in conjunction with SSL, or IDs and passwords will be passed unencrypted over the network. IDs and passwords are stored in an encrypted file on the host.
  • Digest authentication is essentially the same as basic authentication, except that the password is encrypted. Some popular browsers do not support this authentication method.
  • IP address restriction restricts connections to clients with specific IP addresses or more general network masks. You should use this method for intranets only.
  • Domain name restriction restricts connections to clients with specific domain names . This is, in effect, equivalent to IP address restriction but provides a more readable address or mask representation.

Page 181

Secure Socket Layer (SSL)

You can use any of these four security methods in conjunction with SSL's server certificate authentication and data encryption to provide secured access to specific paths or files in the virtual file system.

The listener is involved in all interactions with the client. It accepts HTTP connections from clients and processes their requests. If a client requests an HTML page, the listener locates it, reads it, and sends it to the client. Similarly, the listener processes CGI requests by executing a script or program and returns the results to the client. Cartridge requests are forwarded to the dispatcher.

The dispatcher is responsible for queuing and executing requests for cartridge services. It relies on the services provided by the Web Request Broker to load and execute cartridges. First, it uses the Virtual Path Management service to identify the cartridge to use based on the URL. It then uses the Authentication Service to determine whether the client is authorized to use the requested cartridge. If the user is successfully authenticated, it then requests an instance of the cartridge from the Web Request Broker. The Web Request Broker loads the cartridge and notifies the dispatcher of the available instance. Finally, the dispatcher accesses the cartridge to process the request, returning the results to the client. Once the dispatcher has an instance of the cartridge, it communicates directly with the cartridge to process additional client requests. Note that the dispatcher and the listener make up a single process and that you can employ multiple listener/dispatcher instances to improve performance. However, the dispatcher interface is not completely integrated with the provided Spyglass listener. Its interface is accessible to other listeners, which allows other Web servers such as Microsoft IIS and Netscape Commerce Server to use the Oracle Web Request Broker and cartridge services.

Web Request Broker

The Web Request Broker (WRB) is the core of the Web Application Server, providing services to both the dispatcher and to cartridges. It provides all the following services:

  • Virtual Path Management Services maintains the logical-to-physical path mappings that the listener will use to locate HTML files and CGI scripts and that the WRB will use to locate a cartridge.
  • Authentication Services provides multiple levels of security.
  • Logging Services logs WRB- and cartridge-specific information to either the database or a text file in one of two levels of detail.
  • Configuration Provider Services allows cartridges to read and update configuration information.

Page 182

  • Intercartridge Exchange (ICX) Services allows cartridges to communicate with each other and access each other's services.
  • Transaction Services provides a means for handling multiple HTTP requests involving database updates as a single transaction. (This feature is available with the advanced version only.)
  • Content Services provides a document repository to assist in organizing HTML pages and managing versions and revisions. (This feature is available with the advanced version only.)

Security is a critical component of any Web server, and the WRB can provide one or more additional layers of security (beyond those provided by the listener) through its authentication services. You can use authentication services to restrict access by the dispatcher, by an individual cartridge, or both. The Authentication Server is a separate process that you can run in either of two different modes:

  • In Memory mode: A separate instance of Authentication Server is loaded for each dispatcher and cartridge that requests it.
  • ORB mode: A single instance of Authentication Server is used to handle all requests.

In Memory mode provides better performance but obviously consumes considerably more memory on the WRB. ORB mode can cause bottlenecks if the Authentication Server is accessed by many cartridge instances, but it uses fewer resources. When in ORB mode, the Authentication Server can reside on a separate server from the rest of the WRB core. Although this configuration distributes processing, depending on the network configuration, it can have a negative impact on performance.

The Authentication Server uses the same security schemes as the listener and can also use database authentication for cartridges that access an Oracle database. The WRB implements database security through data access descriptors (DADs). Data access descriptors are used to prevent database usernames and passwords from being sent from the client. They accomplish this by associating a descriptor with a specific Oracle instance, username, and password. At least two DADs are defined for an installation: one for Oracle Database administrators and one to be used as the default to handle requests that do not supply one. The DADs are used by the PL/SQL agent, which is the primary means by which cartridges communicate with an Oracle database.

Cartridges

A cartridge is an application that exposes a set of standard interfaces that allow it to be accessed by WRB clients and other cartridges through the intercartridge exchange. Cartridges are typically designed to encapsulate a small set of generic services, providing a modular approach to

Previous Table of Contents Next

Previous page
Table of content
Next page
Oracle Unleashed
Oracle Development Unleashed (3rd Edition)
ISBN: 0672315750
EAN: 2147483647
Year: 1997
Pages: 391
Authors: Advanced Information Systems
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
FileMaker 8 Functions and Scripts Desk Reference
Python Programming for the Absolute Beginner, 3rd Edition
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy