Table of Contents
This chapter describes how to configure the WebtoB environment and basic settings.
For the WebtoB environment, configure the WebtoB domain, node, and web server operation.
WebtoB environment configuration consists of section definition, name, and items.
# Comment
*Section
Name
# Comment
Item = Configuration value, # Comment
...,
Item = Configuration value
The start of each section is followed by the section name and then configuration items.
The following describes the sections that must be configured in WebtoB.
| Section | Description |
|---|---|
| DOMAIN | Domain settings. |
| NODE | Node settings. |
| VHOST | Virtual host settings. |
| HTH_THREAD | Threads of the HTH process. |
| SVRGROUP | Logical groups of server processes for accessing application server processes through WebtoB. |
| SERVER | Sever process settings for processing requests. |
| SERVICE | Service settings to execute business logic through WebtoB. |
| DIRECTORY | Directory settings. |
| URI | Client request URI (Uniform Resource Identifier) used to determine the service to process the request. |
| ALIAS | Alias for the physical server path and URI. |
| DIRINDEX | Indexing method, icon, etc. |
| LOGGING | Logging format for client requests. |
| ACCESS | Client access control based on IP, network/netmask, and header information. |
| AUTHENT | Authentication control at the user and group levels for client access control. |
| EXT | Maps a client request to a specific process based on the requested file extension. |
| SSL | SSL to use on WebtoB. |
| PROXY_SSL | SSL to use when WebtoB is used as a proxy. |
| ERRORDOCUMENT | Error response actions. |
| EXPIRES | Expiry date of the server response specified in the server response header. |
| TCPGW | TCPGW that acts as a proxy that forwards a TCP connection request sent to a specific Port or IP to another server. |
| REVERSE_PROXY_GROUP | Reverse proxy group settings. |
| REVERSE_PROXY | HTTP Proxy settings used to forward a request from an external server that has no access to the internal server. |
| LOGLEVEL | Logging level for system log messages. |
| HEADERS | Settings for mapping specific HTTP header to a client request or response. |
| PRECEDING_COMMAND | Commands that perform preparation tasks, such as setting CPU Affinity for each process, at WebtoB startup. |
| FILTER | Filter module. Set the defined filter in a NODE, VHOST, or SVRGROUP section. |
| USERLOGFORMAT | Common logging format. |
| DISK_CACHE | Disk caching settings. |
The DOMAIN, NODE, and HTH_THREAD sections are required.
Section must conform to the following rules:
The name of each section starts with an asterisk (*).
The first line of each section starts with an asterisk (*) and the section name must be all in upper case.
The starting line of a section must have at least one item configured. Only related items are allowed.
The items that follow the section name are regarded as part of the section configuration until the end of the file or another section starts.
The order in which sections are defined is not important.
A section can be divided into multiple sections.
Section name must be defined to identify the section. Section names must conform to the following rules:
A section name must start from the first column of the first line.
For section names, alphabetical characters, numbers, hyphens (-), and underlines (_) can be used. However, for SERVICE section names, hyphens (-) cannot be used.
Name must be unique among the same sections.
After the section name, define items as follows:
*Section
Name
Item 1 = value,
Item 2 = value,
...,
Item n = value
Configure each item according to the following rules:
Separate multiple items with a comma (,) as a delimiter.
If an item ends with a comma (,), the next line contains additional items to configure. The last item cannot end with a comma (,).
An item name is not case sensitive.
An item cannot start from the first column of a line.
An item must start after one or more blank spaces.
Multiple items can be defined on the same line.
An item can be defined multiple times depending on the item.
An item can be required or optional.
The value of an item can be one of the following types: Numeric, String, Literal, or Boolean. The following describes each value type.
| Type | Description |
|---|---|
| Numeric | Number. If the value begins with '0', e.g., 0700, it is processed as an octal number. If the value starts with '0x', e.g., 0xff, it is processed as a hexadecimal number. |
| String | Character string. |
| Literal | Character string. The literal type must be embraced with double quotation marks (" "). |
| Boolean | Y/N or YES/NO. |
Any text following the hash symbol (#) and up to the EOL character, is considered a comment.
*DOMAIN
webtob
*NODE
mynode
WebtoBDir = "$WEBTOBDIR",
SHMKEY = 54000
# Port = "80" is default
*HTH_THREAD
hworker
WorkerThreads = 8
*SVRGROUP
cgig
SvrType = CGI
*SERVER
cgis
SvgName = cgig
# MinProc = 1, MaxProc = 1 is default
Before starting WebtoB, the test configuration file must be compiled using the wscfl command to generate a binary configuration file that can be used by WebtoB.
In general, the text configuration file is named "http.m" and the binary configuration file is named "wsconfig". During the compilation process, wscfl checks the text file for syntax or system configuration errors.
The following command is an example of compiling the text configuration file "$WEBTOBDIR/config/http.m".
wscfl -i http.m
To use a binary configuration file name instead of the default name of "wsconfig", use the environment variable WEBTOB_CONFIG or use the option to specify the file name when executing the program, such as wscfl, wsadmin, wsboot, or wsdown.
The next section covers the configuration items of each section. You must understand the following rules before reading the item descriptions.
An item starting with the hash symbol (#) before its name is an optional item.
For a string or literal variable, specify the buffer length enclosed in square brackets ( [ ] ).
For example, the length of a string[n] or literal[n] is limited to n -1.
If a default value exists, specify the value after the hash symbol.
For a numeric variable, use parentheses to display the valid range.
If the maximum limit does not exist, omit the range. The maximum value must be less than or equal to INT_MAX (2147483647).
"$ENV" means the environment variable can be referenced.
"R.PATH" means that a relative path, if specified, is relative to $WEBTOBDIR.
"LIST" means that you can specify multiple values separated by a comma (,) delimiter. If LIST[n] is specified, up to n values can be set. If [n] is omitted, there is no limit as long as the total length is smaller than the buffer size.
"PM.LIST" means that you can use plus and minus symbols in front of the value to enable (+) or disable (-) the specified element. The plus symbol can be omitted.
"MULTI" means the same item can be configured multiple times. "MULTI[n]" means that the same value can be specified up to n times.
If "LIST" and "MULTI" are specified together, you can specify multiple values and duplicate values. In this case, the maximum number of values is limited to n in LIST[n].
The DOMAIN section configures the WebtoB domain. This section must be configured only once.
The following is the environment configuration format of the DOMAIN section.
*DOMAIN
name # String[32]
#DomainID = Numeric, # 0 (0-255)
#MaxSvc = Numeric, # 512 (1-0xffff)
#NHthChkTime = Numeric, # 30 (0-)
#CloudDasAddress = Literal[256], #"$DASURL", $ENV
#CloudServiceGroupId = String[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the DOMAIN section configuration items.
Type: String
Range: Up to 31 characters
Specifies WebtoB domain name.
Type: Numeric
Range: 0 to 255
Specifies the domain ID.
The specified ID is used to distinguish domains in WebtoB internal communication.
The values, 254 and 255, have special meanings.
| Value | Description |
|---|---|
| 254 | Worker thread always processes "304 Not Modified". Processing the 304 response is not recommended due to slow processing time. |
| 255 | HTH always responds with "304 Not Modified" to a conditional-get request. The use of this value is not recommended because the browser or proxy may use old resource(s) even after the resources have been modified. |
Type: Numeric
Range: 1 to 65535(0xffff)
Default value: 512
Changes the maximum number of services that can be configured.
Services include the URI and EXT sections as well as the SERVICE section.
The URI and EXT sections are automatically registered in the SERVICE section.
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 30
Alive check time for HTH to check if HTH is being blocked.
After setting the NHthChkTime, if no response is received for two consecutive requests, an abnormal state is assumed and the HTH is restarted.
Type: Literal
Range: Up to 255
IP address and port number of DAS used by WebtoB and JEUS to detect the other's events for Auto Scaling in a cloud environment.
Environment variable can be used for convenience, especially when creating a cloud image.
Type: String
Range: Up to 31 characters
ID to identify WebtoB per cloud service.
The NODE section configures each node that composes WebtoB. This section affects all operations related to the node. If a virtual host is configured via the VHOST section, the NODE section configuration operates as a basic host.
In the NODE section the following can be defined:
WebtoB system path
Top-level directory where documents for services are located (document root)
Key value of shared memory
Service IP and Port number configuration
Other system configurations
The following is the environment configuration format of the NODE section.
*NODE
name # String[128]
WebtobDir = Literal[256], # $ENV
ShmKey = Numeric, # (32768-262143)/(0x8000-0x3FFFF)
#Nodename = Literal[128], # "<*NODE.Name>", $ENV
#User = String[32],
#Group = String[32],
#Hostname = Literal[128], # "<OS hostname>"
#DocRoot = Literal[256], # "docs/", $ENV, R.PATH
#SvrRoot = Literal[256], # "$WEBTOBDIR", $ENV
#Method = Literal[256], # "GET,POST,HEAD,OPTIONS", PM.LIST
#Hth = Numeric, # 1 (1-100)
#HthQTimeout = Numeric, # 0 (0-)f
#Port = Literal[1024], # "80" or "443" (1-65535), LIST[100]
#JsvPort = Numeric, # 9999 (1-65535)
#JsvSslPort = Numeric, # 0 (1-65535)
#JsvSslFlag = Boolean, # N
#JsvSslName = String[32],
#RacPort = Numeric, # 3333 (1-65535)
#SslFlag = Boolean, # N
#SslName = String[32],
#Timeout = Numeric, # 300 (1-)
#InitialConnectionTimeout = Numeric, # 0 (0-)
#RequestHeaderTimeout = Numeric, # 60 (0-)
#RequestBodyTimeout = Numeric, # 0 (0-)
#CacheKey = String[32], # HOST_URI (HOST_URI, REAL_PATH)
#CacheEntry = Numeric, # 1024 (0-)
#MaxCacheMemorySize = Numeric, # 100 (0-)
#CacheMaxFileSize = Numeric, # 8192 (0-)
#CacheMaxCompressSize = Numeric, # 0 (0-)
#CacheRefreshImage = Numeric, # 3600 (0-)
#CacheRefreshHtml = Numeric, # 3600 (0-)
#CacheRefreshJsv = Numeric, # 3600 (0-)
#CacheRefreshRproxy = Numeric, # 3600 (0-)
#DiskCache = String[32],
#Keepalive = Boolean, # Y
#KeepaliveTimeout = Numeric, # 60 (1-)
#KeepaliveMax = Numeric, # 0 (0-)
#MaxUser = Numeric, # <auto> (1-)
#AppDir = Literal[256], # $ENV, R.PATH
#PathDir = Literal[256], # "path/", $ENV, R.PATH
#UsrLogDir = Literal[256], # "log/usrlog/", $ENV, R.PATH
#IconDir = Literal[256], # $ENV, R.PATH
#UserDir = Literal[256], # MULTI
#IndexName = Literal[256], # "index.html", LIST
#DirIndex = Literal[32],
#Options = Literal[256], # "HTML,CGI,SSI,PHP,JSV", PM.LIST
#ErrorDocument = Literal[256], # LIST[64]
#Logging = Literal[256], # LIST[4]
#ErrorLog = Literal[256], # LIST
#Filter = Literal[256], # LIST[64]
#Listen = Literal[1024], # LIST[100]
#IpcPerm = Numeric, # 0700 (0600-0777)
#ListenBacklog = Numeric, # <auto> (1-)
#SendBufferSize = Numeric, # <auto> (0-)
#RecvBufferSize = Numeric, # <auto> (0-)
#IpcSendBufferSize = Numeric, # <auto> (0-)
#IpcRecvBufferSize = Numeric, # <auto> (0-)
#HthIpcSendBufferSize = Numeric, # <auto> (0-)
#HthIpcRecvBufferSize = Numeric, # <auto> (0-)
#SvrIpcSendBufferSize = Numeric, # <auto> (0-)
#SvrIpcRecvBufferSize = Numeric, # <auto> (0-)
#MimetypesConfig = Literal[256], # "config/mime.types", $ENV, R.PATH
#DefaultMimetype = Literal[128], # "text/html"
#RPAFHeader = Literal[256],
#TimeOutStatus = Numeric, # 500 (511-599)
#Expires = Literal[256], # LIST[64]
#LimitRequestBody = Numeric, # 0 (0-)
#LimitRequestFields = Numeric, # 100 (0-)
#LimitRequestFieldSize = Numeric, # 8190 (0-16382)
#LimitRequestLine = Numeric, # 8190 (0-16382)
#ServerTokens = Literal[256], # "Off"
#ServiceOrder = Literal[256], # "uri,ext"
#IPCBasePort = Numeric, # 6666 (1-65535)
#TcpGW = Literal[1024], # LIST[64]
#DefaultCharset = Literal[32], # "Off"
#JsvAccessName = String[32],
#UseEtag = Boolean, # Y
#TerminateCgiUponClientClose = Boolean, # Y
#URLRewrite = Boolean, # N
#URLRewriteConfig = Literal[256], # R.PATH
#LogPerm = Numeric, # 0600 (0600-0777)
#SysLog = Literal[256], # "default_syslog"
#KeepAliveErrorStatusCode = Literal[256], # (HTTP status code), LIST
#MaxDechunkSize = Numeric, # 10485760(10MB) (0-)
#HtmlsForbidsWEBINF = Boolean, # Y
#HtlHthSendSocketBufferSize = Numeric, # 0 (0-)
#HtlHthRecvSocketBufferSize = Numeric, # 0 (0-)
#TraceAccessLog = Boolean, # N
#CheckURL = Boolean, # N
#CheckURLFrom = Literal[32], # "utf-8"
#CheckURLTo = Literal[32]
#CheckUrlJsvExcept = Boolean, # N
#SSIMaxDepth = Numeric, # 16 (1-)
#ForceCacheModificationCheck = Boolean, # N
#DebugHTHMemory = Boolean, # N
#Headers = Literal[256], # LIST[15]
#DOSBlock = Boolean, # N
#DOSBlockTableSize = Numeric, # 3097 (1-)
#DOSBlockPageCount = Numeric, # 5 (0-)
#DOSBlockPageInterval = Numeric, # 1 (1-)
#DOSBlockSiteCount = Numeric, # 50 (0-)
#DOSBlockSiteInterval = Numeric, # 1 (1-)
#DOSBlockPeriod = Numeric, # 30 (1-)
#DOSBlockWhiteList = Literal[256], # LIST[256], MULTI
#BindIPv6Only = Boolean, # <OS default>
#JsvListen = Literal[1024], # LIST[10]
#JsvSslListen = Literal[1024], # LIST[10]
#UpperDirRestrict = Boolean, # N
#CheckPingTimeoutStatus = Numeric # 503 (511-599)
Refer to "3.1.3. Configuration Item Description Rules" for more information on the symbols and details of the NODE section configuration items.
Type: String
Range: Up to 127 characters
Specifies the node name.
Type: Literal
Range: Up to 255 characters
Specifies the absolute WebtoB installation path, the home directory.
Environment variables can be used. Set this to $WEBTOBDIR for convenience.
Type: Numeric
Range: 32768 to 262143 / 0x8000 ~ 0x3FFFF
Specifies the shared memory segment. WebtoB internal processes use shared memory to share information.
Three keys are used as follows:
ShmKey
(ShmKey + 1)
(ShmKey + 2)
The key values must be different from any other key values used by other programs or applications. If the key values are used elsewhere, conflicts can occur with those programs or applications during WebtoB start up. WebtoB may fail to start due to shared memory conflicts.
Shared memory can be checked with the command "ipcs" in UNIX/Linux. Only when shared memory remains and is not returned after forcibly terminating WebtoB, can the shared memory be returned manually through the command "ipcrm".
Type: Literal
Range: Up to 127 characters. Environment variables ($NODENAME) can be used.
Default value: NODE section name
The physical name of the node that defines the name identified by the operating system.
UNIX/Linux: "uname -n" or "hostname" command
Windows: "hostname.exe" command
The specified node name must be registered in the file.
UNIX/Linux: /etc/hosts
Windows: %SystemRoot%\system32\drivers\etc\hosts
Type: String
Range: Up to 31 characters
Operates WebtoB with a configured account privilege.
Users can be configured only in UNIX/Linux. It is recommended to use a general account instead of the root account when configuring system security.
Type: String
Range: Up to 31 characters
Operates WebtoB with a configured group privilege.
Group can be configured only in UNIX/Linux. It is recommended to use a general group instead of the root group for system security.
Type: Literal
Range: Up to 127 characters
Default value: System host name
Specifies the system host name for the host name field of HTTP response header.
Hostname is used as the "SERVER_NAME" variable in CGI/PHP. Use this value instead when processing HTTP/1.0 requests that do not have the "Host" item.
Type: Literal
Range: Up to 255 characters
Default value: "docs/"
Specifies the absolute root directory of the documents served by WebtoB.
Environment variables can be used. If DocRoot is a relative path, it is changed to an absolute path using $WEBTOBDIR.
Directory configuration pattern can be specified dynamically by using the following directives.
| Directive | Description |
|---|---|
| %p | Replaces the requested port number. |
| %n | Replaces the Hostname or the Nth element of the IP address. If n is set to 0, the entire string is used. If the value starts with a minus symbol (-), count from the end of Hostname or IP address. If a plus symbol (+) follows, the rest of the Hostname or IP address is used. |
| %n.m | Replaces the Mth character of the Nth element. Minus (-) and plus (+) symbols can be used as previously described. |
| %% | Replaces a single percent symbol (%). |
If a directive is used, DocRoot must be set as an absolute path. When an environment variable is used, the previously mentioned directives can be used only when the changed path is an absolute path.
Type: Literal
Range: Up to 255 characters
Default value: "$WEBTOBDIR"
If RealPath of the ALIAS section is set as a relative path, this item is specified as the root directory.
Environment variables can be used. If SvrRoot is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
Type: Literal
Range: Up to 255 characters
Default value: "GET,POST,HEAD,OPTIONS"
Specifies the HTTP request method. If the method is not specified in the client request, the request will not be processed.
Supports GET, POST, HEAD, OPTIONS, CONNECT, TRACE, PROPFIND, PUT, DELETE, MKCOL, COPY, and MOVE.
If a specific method is not serviced, add a hyphen (-) in front of the method name like "–OPTIONS".
Type: Numeric
Range: 1 to 100
Default value: 1
The number of concurrent users that one HTH process can handle is limited. In order to increase the number, set the desired value.
The number of concurrent users that one HTH process can handle can be checked from the output of the "wscfl" command or "wsboot" execution.
$ wscfl -i http.m
Current configuration:
Number of client handler(HTH) = 4
Supported maximum user per node = 32552
Supported maximum user per handler = 8138
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 0
Specifies the timeout for user requests in a server queue.
When a request cannot be processed due to a large volume of user requests, the request waits in the server queue until a server process becomes available. If a request waits longer than the specified time, remove the request from the queue and respond with "503 Service Unavailable".
Type: Literal
Range: Up to 1023 characters, 1 to 65535
Default value: "80" or "443" (If the SSLFlag is set to Y, "443" is the default value.)
Specifies the port through which WebtoB listens.
Up to 100 ports can be specified using a comma (,) as a delimiter.
If both the Port and Listen items are configured, the port configuration is ignored.
Type: Numeric
Range: 1 to 65535
Default value: 9999
Specifies the port number used to connect WebtoB with a server that executes servlets.
If WebtoB opens the port, JEUS connects to the port using the following configuration in WEBMain.xml.
<?xml version="1.0"?>
<web-container xmlns="http://www.tmaxsoft.com/xml/ns/jeus" version="6.0">
<context-group>
<group-name>MyGroup</group-name>
<webserver-connection>
<webtob-listener>
<listener-id>webtob1</listener-id>
<port>9900</port>
<output-buffer-size>8192</output-buffer-size>
<thread-pool>
<min>5</min>
<max>5</max>
<step>5</step>
<max-idle-time>30000</max-idle-time>
</thread-pool>
<webtob-address>__webtob_address__</webtob-address>
<registration-id>__webtob_server_name__</registration-id>
<disable-pipe>true</disable-pipe>
</webtob-listener>
</webserver-connection>
</context-group>
</web-container>
Type: Numeric
Range: 1 to 65535
Specifies the service port used for SSL communication between WebtoB and JEUS.
When WebtoB opens the port, JEUS uses the following setting in "WEBMain.xml" to connect with WebtoB.
<?xml version="1.0"?>
<web-container xmlns="http://www.tmaxsoft.com/xml/ns/jeus" version="6.0">
<context-group>
<group-name>MyGroup</group-name>
<webserver-connection>
<webtob-listener>
<listener-id>webtob1</listener-id>
<port>10443</port> <!-- JsvSslPort -->
<output-buffer-size>8192</output-buffer-size>
<thread-pool>
<min>5</min>
<max>5</max>
<step>5</step>
<max-idle-time>30000</max-idle-time>
</thread-pool>
<webtob-address>__webtob_address__</webtob-address>
<registration-id>__webtob_server_name__</registration-id>
<disable-pipe>true</disable-pipe>
<secure>
<!-- Convert the authentication certificate specified in the WebtoB *SSL section
into a Java KeyStore(JKS) format and use it as the trust store file-->
<trust-store-file-path>
__server_certstore.jks__
</trust-store-file-path>
<trust-store-file-password>
__xxxx__
</trust-store-file-password>
</secure>
</webtob-listener>
</webserver-connection>
</context-group>
</web-container>
Type: Boolean
Default value: N
Specifies whether to use the SSL/TLS protocol to connect to JEUS.
SSL section item can be set in JsvSslName.
Type: String
Range: 31 characters or less
Specifies the SSL item when JsvSslFlag is set to 'Y'.
Type: Numeric
Range: 1 to 65535
Default value: 3333
Specifies the port number used for inter-node communication needed for node management in a multi-node configuration. Unlike NodePort, RacPort is used by the wsracd daemon, which is a management process.
Type: Boolean
Default value: N
Specifies the option to use the SSL/TLS protocol for service port.
The SSL section item that will be used as the SSLName configuration can be specified.
Type: String
Range: Up to 31 characters
SSL section name. Valid only when SSLFlag is set to Y.
Type: Numeric
Unit: Second
Range: 1 to INT_MAX
Default value: 300
Specifies the timeout to read/write data to/from a user socket.
The Timeout value is applied when the user request is processed. If the user does not write to or read from the socket during the specified time, the socket is closed.
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 0
Specifies the timeout for receiving the first request from the user.
Closes the socket if the user does not send any requests after the TCP connection is made. This is not applicable if the user is currently sending a request or has previously sent one or more requests.
This also applies to SSL connections. The socket will be closed if the user does not complete SSL connection within the timeout period or fails to send the first request after the connection is established.
If set to 0, no timeout period is applied.
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 60
Specifies the amount of time to wait for the HTTP Request Header.
This configuration is applied when a user is sending a request. If the user does not send the requested HTTP Request Header(s) during this time, a "408 Request Timeout" error is sent to the user.
In the case of a Pipelined Request (or if a new request comes before the response to the previous request is complete), the start time of the next request is immediately after the completion of the response to the prior request.
If RequestHeaderTimeout is set to 0, there is no limit to the HTTP Request Header send time.
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 0
Specifies the amount of time to wait for the Body when an HTTP Request Body exists.
This configuration is applied when a user is sending a request. If the user does not send the requested HTTP Request Body during this time, a "408 Request Timeout" error is sent to the user.
If RequestBodyTimeout is set to 0, there is no limit to the HTTP Request Body send time.
Type: String
Range: Up to 31 characters
Default value: HOST_URI
Specifies the value to be used when a Key for caching is created.
The following describes the settings.
| Settings | Description |
|---|---|
| HOST_URI | Uses the Request URI and the HOST value of Request Header to create a Key. Even if REQUEST_URI is the same, VHOST depends on HTTP_HOST. This means that the actual path can be different. Although VHOST is different, the same actual path can cause duplicate caching. This means that a response can be made for the same request with files that are cached differently depending on the host. If DocRoot differs by VHOST, it is better to use this value (HOST_URI). The response is faster than using REAL_PATH because the real path does not need to be calculated. Since responses handled by JEUS or Reverse Proxy cannot be calculated, HOST_URI value is used. |
| REAL_PATH | Uses the request URI's real path to create a Key. This value is applied when SVRTYPE is HTML. It helps to balance out problems that can occur when HOST_URI is used. Although HTTP_HOST is different, the actual path of the file with the same request can be the same. In this case, because only one file is cached regardless of HTTP_HOST, memory is not wasted. Because the actual path needs to be calculated, the response can be a little slower than using HOST_URI. |
Type: Numeric
Range: 0 to INT_MAX
Default value: 128
Specifies the HTH cache hash table size.
If set to 0, the response is not cached.
Type: Numeric
Unit: Mbytes
Range: 0 to INT_MAX
Default value: 100
Specifies the maximum amount of memory used by a HTH process for caching.
MaxCacheMemorySize is not the total memory size that all HTH processes use. MaxCacheMemorySize applies to each HTH process.
If cache items are larger than the maximum memory size, cache items seldom accessed by clients are deleted, and the administrator is informed by syslog.
If set to 0, the response is not cached.
Type: Numeric
Unit: bytes
Range: 0 to INT_MAX
Default value: 8192
Specifies the maximum size of a response (Response Header + Response Body) that can be cached.
If set to 0, the response is not cached.
Type: Numeric
Unit: bytes
Range: 0 to INT_MAX
Default value: 0
Specifies the maximum size of a compressed response (Response Header + Response Body) to be cached.
If set to 0, the compressed response is not cached.
Type: Numeric
Unit: Second
Range: 0 to INT_MAX
Default value: 3600
Specifies the timeout for deleting a response, which has "Content-Type" of "text/html", from the cache (when SVRTYPE is HTML). This means that a "text/html" response remains valid for the timeout period (sec) after being cached.
If set to 0, the response remains valid without a timeout.
A conditional-GET request or a request with the ForceCacheModificationCheck setting enabled checks to see if the cached response has been modified. If it has been modified, the cache is updated with the new version.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 3600
Specifies the timeout for deleting a response, which does not have "Content-Type" of "text/html", from the cache (when SVRTYPE is HTML). This means that a non-text/html response remains valid for the timeout period (sec) after being cached.
If set to 0, the response remains valid without a timeout.
A conditional-GET request or a request without response timeout set checks to see if the cached response has been modified. If it has been modified, the cache is updated with the new version.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 3600
Specifies the value used to calculate the time a cached response is valid for when a response from JEUS is cached.
For a client's request, WebtoB determines whether the cached content is valid by referring to the specified value (valid time).
First, if the Cache-Control:max-age value is in the Response Header when the header is being cached, the header is specified to be valid for the max-age period (second).
Second, if the Expires value is in the Response Header when the header is being cached, the header is specified to be valid for the Expires period (hour).
Third, if the two previously mentioned Headers are not in the Response Header when it is being cached, the header is specified to be valid for the CacheRefreshJsv period (second). This means that if the Cache-Control:max-age and Expires values are not in the Response Header, the cached content is valid for the CacheRefreshJsv value (second) after a response from JEUS is cached.
When specifying the valid time, priority is as follows.
Cache-Control:max-age > Expires > CacheRefreshJsv
If set to 0 (Cache-Control:max-age and Expires values of the Response Header value do not exist), the cached response remains valid without a timeout. This means that if set to 0 (Cache-Control:max-age and Expires values of the Response Header values do not exist), the response is refreshed only when receiving a modified response from JEUS due to a Conditional-GET request.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 3600
Specifies the value to calculate the time a cached response is valid when a response handled by RefreshProxy is cached.
For a client's request, WebtoB determines whether the cached content is valid by referring to the specified value (valid time).
First, if the Cache-Control:max-age value is in the Response Header when the header is being cached, the header is specified to be valid for the max-age value (second).
Second, if the Expires value is in the Response Header when the header is being cached, the header is specified to be valid until the Expires value (hour).
Third, if the two previously mentioned Headers are not in the Response Header when it is being cached, the header is specified to be valid for the CacheRefreshJsv value (second). This means that if the Cache-Control:max-age and Expires values are not in the Response Header, the cached content is valid for the CacheRefreshJsv value (second) after a response handled by ReverseProxy is cached.
When configuring the valid time, priority is as follows.
Cache-Control:max-age > Expires > CacheRefreshRproxy
If set to 0 (the Cache-Control:max-age and Expires values of the Response Header value do not exist), the cached response remains valid without a timeout. This means that if set to 0 (the Cache-Control:max-age and Expires values of the Response Header value do not exist), the response is refreshed only when receiving a modified response handled by ReverseProxy due to the Conditional-GET request.
Type: String
Range: Up to 31 characters
Specifies the DISK_CACHE section.
Type: Boolean
Default value: Y
Specifies whether to use Keepalive (HTTP persistent connection).
| Value | Description |
|---|---|
| Y | The user can reuse a connection to allow a connection to process multiple requests. |
| N | The user must open a socket when a user request is received. |
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: 60
Specifies the timeout to wait for the next request.
After the user request has been processed, the connection is disconnected after the specified time .
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the number of requests that are processed before a connection is closed
If set to 0, request count is not limited.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: Differs depending on the license and environment configuration. Generally the value is between 7000 ~ 8000.
Specifies the maximum number of concurrent users that can access the node.
MaxUser can be calculated as follows.
MaxUser= MIN(<openfile limit per operating system process>,
<WebtoB's FD limit, usually 16384>) *
<HTH count> -
<Number of FD for internal communication,
SERVER section's total sum of MaxProc +
HTH cout + 2(WSM, HTL)>
Type: Literal
Range: Up to 255 characters
Specifies the location of the server executable file written in WBAPI.
Environment variables can be used. If AppDir is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
If AppDir is set in the SVRGROUP section, use the configuration of the SVRGROUP.
Type: Literal
Range: Up to 255 characters
Default value: "path/"
Specifies the path to the "webtob.pid" file, which records named-pipe for internal communication and each process pid.
Environment variables can be used. If PathDir is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
Type: Literal
Range: Up to 255 characters
Default value: "log/usrlog/"
Specifies the path of user logs.
Environment variables can be used. If UsrLogDir is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
UsrLogDir uses the first configured value from among the SERVER, SVRGROUP, and NODE sections.
Type: Literal
Range: Up to 255 characters
Specifies the path where icon, which is used in the Directory indexing function, is located.
IconDir must be set as a relative path relative to (/) and DocRoot since it is used in an html tag.
Type: Literal
Range: Up to 255 characters
The following three options can be used when configuring a directory for each user.
<per-user-home-directory> configuration
disabled [<user-list>]
enable [<user-list>]
In order to configure "~/public_html" as the user specified directory and allow only specified users (user1, user2, and user3) to access to the directory, see the following example.
*NODE
mynode
...,
UserDir = "public_html",
UserDir = "disabled", # globally disabled
UserDir = "enable user1 user2 user3",
...
Type: Literal
Range: Up to 255 characters
Default value: "index.html"
Specifies the index page name for a service directory request.
For example, If the request from client is "/somedir/"; the path "/somedir/index.html" is serviced.
Type: Literal
Range: 31 characters
Specifies the directory index name set in the DIRINDEX section.
In order to use the directory indexing function, "INDEX" must be added to options. The DIRINDEX section configuration can modify the directory indexing function operations.
Type: Literal
Range: Up to 255 characters
Default value: "HTML,CGI,SSI,PHP,JSV,USER"
Specifies services and other operation methods provided by WebtoB.
If a certain option is not used, input a hyphen (-) preceding the option name.
For example, "CGI" means WebtoB does not use CGI server and hence any client requests requiring CGI server are denied.
The following describes the available options.
| Option | Description |
|---|---|
| HTML | Uses the HTML server. |
| CGI | Uses the CGI server. |
| PHP | Uses the PHP server. |
| SSI | Uses the SSI server. |
| JSV | Uses the JSV (JEUS) server. |
| INDEX | When a client sends a request to a directory without specifying a file name, this option shows directory content. For example, for a "/docroot/dir/" request, the file name and information in the directory are sent to the client. |
| ALL | "HTML,CGI,PHP,SSI,JSV,INDEX", which is the same as the default value. |
| StrictAuthorizationHdrFormat | For HTTP requests, the Authorization header item format is checked when authenticating through the AUTHENT section. If the format of the HTTP request Authorization header item does not match the format defined in HTTP 1.1, or the authentication type is not "Basic" or "Digest", an error is sent to the user. If a hyphen (-) is set, the format of the Authorization header item is checked. If there is no authentication type, the type is considered to be "Basic". For example, if a hyphen is set when the Authorization header item value is "YXV0aDIucGFzczp0bWF4MTIzNA==" without an authentication type, the type is considered to be "Basic" and authentication proceeds. If a hyphen is not set, an error is sent to the user without performing the authentication process. |
| IgnoreExpect100Continue | If "Expect: 100-continue" is included in a request header when requesting HTTP/1.1, it is ignored. Do not respond to the "Expect:100-continue" statement with "100 Continue". |
| ProcessIncompleteRequest | Sends the client message body to the server before receiving the entire amount of the POST request body content specified by the Content-Length. |
| ExcludeAllowHeaderOnError | Excludes "Allow" header when sending an error response for a request that calls a method that has been disabled via *NODE.Method setting. |
Type: Literal
Range: Up to 255 characters
Specifies the use of a user specified page instead of the HTTP error page. Configure the names in the ERRORDOCUMENT section.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Specifies the access log name set in the LOGGING section.
Up to 4 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Specifies the error log name set in the LOGGING section.
Type: Literal
Range: Up to 255 characters
Specifies the FILTER section name to be used.
Up to 64 items can be configured by separating each item with a comma (,).
If Filter from the NODE section is set, it is applied to all requests.
Type: Literal
Range: Up to 1023 characters
Specifies IP address and port number pairs to listen for incoming requests.
Up to 100 items can be configured by separating each item with a comma (,).
Listen has a higher priority than Port. If Listen is set, Port is ignored.
Type: Numeric
Range: 0600 ~ 0700
Default value: 0700
Specifies the access permissions for WebtoB internal processes including WSM, HTL, HTH, HTMLS, and CGIS.
Can be used only in UNIX/Linux.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 511 (UNIX/Linux), <OS default> (Windows)
Specifies the maximum number of queued pending connections. This limits the number of sockets concurrently trying to access the service port.
May be related to the number of sockets in SYN_RECVD state in the netstat command.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the TCP transfer buffer size.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the TCP receiving buffer size.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the send buffer for messaging between internal processes.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the receive buffer for messaging between internal processes.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the send buffer for HTH messages.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the receive buffer for HTH messages.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the send buffer for server process messages.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: OS default
Specifies the size of the receive buffer for server process messages.
Type: Literal
Range: Up to 255 characters
Default value: "config/mime.types"
Specifies the path for "MIME-Type" configuration file that maps MIME-Type and extensions.
An absolute or a relative path from "$WEBTOBDIR" can be specified.
If set to nothing(""), the function is not used.
Set the MIME-Type configuration file as follows.
# The line starting with '#' is recognized as comment. # Configure MIME-Type and the extension to map by separating them with blank space. # Multiple extensions can be set by seperating each extension with a blank space. # MIME-Type Extensions text/html html htm image/jpeg jpeg jpg jpe
Type: Literal
Range: Up to 127 characters
Default value: "text/html"
Specifies the Default Content-Type for documents that cannot decide the MIME-Type.
If the item is configured in the DIRECTORY section, it is used first. The next to be used is the item in the SVRGROUP section. If both are not configured, the configuration in the VHOST or NODE section is used.
Type: Literal
Range: Up to 255 characters
Sets the remote IP that was changed by a proxy server to the IP of the host that sent the request.
Allows users to specify a header by adding RPAFHeader (RPAFHeader = "X-Forwarded-For")
If a header set with RPAFHeader is contained, a remote IP will be changed to the header IP.
Type: Numeric
Range: 511~599
Default value : 500
If a timeout occurs, this value is returned in HTTP Status Code.
Type: Literal
Range: Up to 255 characters
Specifies the EXPIRES section name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Numeric
Unit: bytes
Range: 0 ~ LONG_MAX
Default value: 0
Specifies the client request body size supported by the server through the HTTP protocol.
Base the value on the "Content-Length" value in the HTTP Request Header. If the body size is larger than the configured value, responds with "413 Request Entity Too Large".
HTTP Request Body 2G (Long type), It can be processed from a later version of JEUS 7.
In the case of a chunked-request, the MaxDechunkSize configuration is used.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 100
Specifies the maximum number of a client request’s HTTP header fields.
If set to 0, the field count is not limited.
Type: Numeric
Unit: bytes
Range: 0 ~ 16382
Default value: 8190
Specifies the maximum size of a client request’s HTTP header field.
"WJPv2" must be used for over 10000 bytes of request Header.
Type: Numeric
Unit: bytes
Range: 0 ~ 16382
Default value: 8190
Specifies the maximum size of a client request’s HTTP line.
"WJPv2" must be used for over 10000 bytes of request lines.
Type: Literal
Range: Up to 255 characters
Default value: "Off"
Configures the server HTTP response header.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| Off | Do not use the "Server" item of Response Header. |
| Prod[uctOnly] | "WebtoB" |
| Min[imal] | "WebtoB/4.1.3" |
| OS | Example: "WebtoB/4.1.3 LINUX-K2.6_x86 libc2.3" |
| Full | Example: "WebtoB/4.1.3 LINUX-K2.6_x86 libc2.3" |
| Custom | user-specified-name |
Type: Literal
Range: Up to 255 characters
Default value: "uri,ext"
Specifies the priority of the URI and EXT sections for determining the server and service to process an HTTP request.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| uri, ext | Checks the URI section configuration. If the configuration does not exist, checks the EXT section configuration. |
| ext, uri | Checks the EXT section configuration. If the configuration does not exist, checks the URI section configuration. |
If neither option is specified, the default HTML service (worker thread) processes the request.
Type: Numeric
Range: 1 ~ 65535
Default value: 6666
Specifies the base port used for communication between WebtoB internal processes. Valid only in Windows. (PIPE communication for UNIX)
WSM uses (IPCBasePort + 1). HTL uses (IPCBasePort + 2). HTH uses (IPCBasePort + 4 + <hth-id>).
Type: Literal
Range: Up to 1024 characters
Specifies the TCPGW section name.
Up to 1024 items can be configured by separating each item with a comma (,) or setting multiple times.
Type: Literal
Range: Up to 32 characters
Default value: "Off"
Specifies the charset of the response when charset is not included in the request content-type.
| Value | Description |
|---|---|
| On | Specifies "ISO-8859-1" as the default value. |
| Off | Charset is not added. |
| <custom-charset> | Uses the specified <custom-charset> as the default value. |
While DefaultCharset can be specified in multiple section, only one definition is used. The DIRECTORY, SVRGROUP, VHOST, and NODE sections are searched sequentially. The first specified DefaultCharset value to be found is used.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name to be used for access control of JsvPort.
Type: Boolean
Default value: Y
Specifies the option to use HTTP ETag. If set to Y, ETag, if possible, is added to HTTP response and ETag of HTTP request is used. If set to N, ETag is not added to HTTP response and ETag of HTTP request is ignored.
Type: Boolean
Default value: Y
Specifies the option to forcibly terminate a running CGI or PHP process when a client ends a connection while the CGI or PHP request is being processed. If set to Y, the process is forcibly terminated. If set to N, the request is processed and then the process is terminated.
Type: Boolean
Default value: N
Specifies the option to use the URLRewrite function.
To use this, URLRewriteConfig must be set.
Type: Literal
Range: Up to 255 characters
Specifies the path to the configuration file for the URLRewrite function. Refer to "4.7. URLRewrite" for more information.
Type: Numeric
Range: 0600 ~ 0777
Default value: 0600
Specifies the permission to access WebtoB log files (system log, access log, error log)
LogPerm configuration is the same as the file access permissions used in UNIX. This configuration can be used only in a UNIX/Linux environment.
Type: Literal
Range: Up to 255 characters
Default value: "default_syslog"
Specifies the system log name set in the LOGGING section.
If the default value (default_syslog) is used, the FileName of the LOGGING section is "log/system_%Y%%M%%D%.log".
Type: Literal
Range: Up to 255 characters
After sending an error response, the user connection is kept alive (persistent connection, keep-alive) and the corresponding HTTP Status Code is configured.
Multiple status codes can be specified by separating each code with a comma (,).
Normally, if WebtoB sends an error response with status code of 3xx (excluding "304 Not Modified"), 4xx, or 5xx, the client connection is closed. However, if WebtoB sends a status code specified in this option, the client connection is maintained.
The following is an example of WebtoB keeping the connection with client alive after responding with either a "302 Found" or "404 Not Found" message.
*NODE
mynode
...,
KeepAliveErrorStatusCode = "302,404",
...
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 10485760
Specifies the maximum body size of a non-chunked request that is converted from a chunked request by HTH.
Respond with "500 Internal Server Error" to the request whose chunk body is larger than the configured value.
Type: Boolean
Default value: Y
Decides the option to send the "403 Forbidden" response if a user request includes /WEB-INF/ (case-insensitive).
If set to Y, users cannot access configuration files of the application server such as JEUS.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 0 (0 means the default value of the OS where WebtoB is installed.)
Specifies the buffer size for a socket used between HTL and HTH, WebtoB internal processes.
This configuration is added due to the sendmsg() bug in the HP-UX environment. HtlHthSendSocketBufferSize configures the buffer size to be used to call sendmsg() through the UNIX domain socket (named-pipe).
Specify the value to be smaller than the value of HtlHthRecvSocketBufferSize.
In general, the user does not need to configure this.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 0 (0 means the default value of the OS where WebtoB is installed.)
Configures the socket buffer size (receiver buffer) that is used for communication between WebtoB internal processes: HTL and HTH.
In general, the user does not need to configure this.
Type: Boolean
Default value: N
If set to Y, client request process procedures are recorded to the access log.
| Log Item | Description |
|---|---|
| [ARRIVED] | The point when the request is received in HTH. |
| [SEND-TO-SERVER <type> <server-index>] | The point when the request is sent to the server. |
| [QUEUED <type> <server-name>] | The point when the request enters the server queue. |
| [JSV SUSPEND FAILOVER] | When the request, which was in the queue at the point when JSV server was suspended, is allocated to another JSV server. |
If set to Y, access logs will be two or three times the usual number.
Type: Boolean
Default value: N
Specifies the option to convert the charset of HTTP request URL path.
Charset is a combination of CCS (Coded Character Set) and CES (Character Encoding Scheme). Korean characters generally use the EUC-KR or UTF-8 character set.
If the charset used by a request's URL path differs from the charset used by server, convert the charset by using CheckURL.
If set to Y, CheckURLFrom and CheckURLTo must be set.
Only "EUC-KR" and "UTF-8" are supported.
Type: Literal
Range: Up to 31 characters
Default value: "UTF-8"
Specifies the charset used by the HTTP request URL path.
Only "EUC-KR" and "UTF-8" are supported.
Type: Literal
Range: Up to 31 characters
Specifies the charset used by the server.
Type: Boolean
Default value: N
Option to disable CheckURL setting when forwarding requests to JEUS.
If set to Y, request URI is not converted when sent to JEUS.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 16
Specifies the depth limit of nested-include statements when a SSI (server-side include) request is processed.
SSI can include other SSI resources by using the include directive. Using the include directive on an already included SSI resource may cause a loop to occur. Proper configuration of include depth can prevent wasting server resources from an infinite loop.
Type: Boolean
Default value: N
Specifies whether to always check if the cached response is valid even when the request is not Conditional-Get (when SVRTYPE is HTML).
HTH cache verifies the cached response is valid only when a Conditional-Get request comes in.
If set to Y, a stat() system call occurs for every request to verify the cached response is valid, lowering performance.
Type: Boolean
Default value: N
Set to Y to monitor HTH memory usage.
In order to use the command "wsadmin -C hthmem", DebugHTHMemory must be set to Y.
Type: Literal
Range: Up to 255 characters
Specifies the HEADERS section name.
Up to 15 items can be configured by separating each item with a comma (,).
Type: Boolean
Default value: N
Set to Y to use DoS attack prevention configuration.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 3097
Specifies the hash table size used internally in DoS attack prevention functions.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 5
Blocks the user IP that requests the same page more than the specified value in DOSBlockPageInterval during the time specified in DOSBlockPeriod.
If set to 0, DoS attack on the same page is not checked.
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: 1
Specifies the period to check for a DoS attack on the same page.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 50
Blocks the user IP that requests the site more than the specified value in DOSBlockSiteInterval during the time specified in DOSBlockPeriod.
If set to 0, DoS attack on the site request is not checked.
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: 1
Specifies the period to check for a DoS attack on the site.
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: 30
Specifies the length of time to block the IP suspected of a DoS attack.
Type: Literal
Range: Up to 255 characters
Specifies the IPs to exclude from DoS attack prevention. If a Proxy server is used, specify the server IP.
Multiple IPs can be specified by separating each IP address with a comma (,). If a large number of IPs are to be specified, define DOSBlockWhiteList multiple times.
Up to 256 IPs can be configured.
Type: Boolean
Default value: <OS default>
Specifies the range of the address to bind when IPv6 is used. If not set, the OS default configuration is used.
| Settings | Description |
|---|---|
| Y | When IPv6 is used, binds the iPv6 address only. |
| N | When IPv6 is used, binds both IPv4 and IPv6 so they are used for dual-stack. |
Type: Literal
Range: Up to 1023 characters
If the JSV service port is supposed to be open only for a specific IP, set to "<IP>:<Port>".
Up to 10 items can be specified by using a comma (,) as the delimiter.
Overrides the JsvPort configuration. If JsvListen is configured, the JsvPort configuration is ignored.
Type: Literal
Range: Up to 1023 characters
If the JSVSsl service port is supposed to be open only for a specific IP, set to "<IP>:<Port>".
Up to 10 items can be specified by using a comma (,) as the delimiter.
Overrides the JsvSslPort configuration. If JsvSslListen is configured, the JsvSslPort configuration is ignored.
Type: Boolean
Default value: N
If set to Y, this returns a 403 Forbidden error if the request URI includes '/' to move up to the parent directory.
Type: Numeric
Range: 511~599
Default value: 503
HTTP status code to return if a ping request sent to the JSV server times out.
The following is an example configuration of the NODE section.
*NODE
mynode
WebtoBDir = "$WEBTOBDIR", # Refer to environment variable WEBTOBDIR.
SHMKEY = 0x8000, # Can configure as hex number by adding Ox at front
Docroot="docs/", # Same meaning with "$WEBTOBDIR/docs/"
Port = "8080", # Note! Not Numeric but Literal type
JsvPort = 9900,
HTH = 1,
Logging = "access_log",
ErrorLog = "error_log",
SysLog = "system_log"
The VHOST section configures environment for using virtual hosting with WebtoB. Virtual hosting allows a single WebtoB server to service different URLs with different document directories so it appears as there are multiple web servers.
The following are defined in VHOST section.
Node name of a Virtual Host
Host name of a Virtual Host
Top-level directory that includes HTML documents for a virtual host
The following configurations defined in NODE section, can be re-defined..
Paths to various log message directories.
Indexing mechanism and path to the directory icon
Configuration items defined in the NODE section are overwritten when redefined in the VHOST section. Method, Expires, UsrLogDir, EnvFile, ErrorDocument, Logging Option items behave the same as in the NODE section
The following is the environment configuration format of the VHOST section.
*VHOST
name # String[32]
Hostname = Literal[128],
#HostAlias = Literal[1024], # LIST
#DocRoot = Literal[256], # <*NODE's>, $ENV, R.PATH
#Method = Literal[256], # "GET,POST,HEAD,OPTIONS", PM.LIST
#Port = Literal[1024], # "80" or "443", 1 ~ 65535, LIST[100]
#Listen = Literal[1024], # LIST[100]
#SslFlag = Boolean, # N
#SslName = String[32],
#IconDir = Literal[256], # $ENV, R.PATH
#UserDir = Literal[256], # MULTI
#EnvFile = String[256], # $ENV, R.PATH
#IndexName = Literal[256], # "index.html", LIST
#DirIndex = Literal[32], # LIST
#Options = Literal[256], # "HTML,CGI,SSI,PHP,JSV", PM.LIST
#ErrorDocument = Literal[256], # LIST[64]
#Logging = Literal[256], # LIST[4]
#ErrorLog = Literal[256], # LIST
#Filter = Literal[256], # LIST[64]
#DefaultMimetype = Literal[128],
#Expires = Literal[256], # LIST[64]
#ServiceOrder = Literal[256], # <*NODE's>
#Keepalive = Boolean, # <*NODE's>
#KeepaliveTimeout = Numeric, # <*NODE's> (1-)
#KeepaliveMax = Numeric, # <*NODE's> 0 (0-)
#Timeout = Numeric, # <*NODE's> (1-)
#DefaultCharset = Literal[32],
#URLRewrite = Boolean, # N
#URLRewriteConfig = Literal[256], # R.PATH
#Headers = Literal[256] # LIST[15]
Type: String
Range: Up to 31 characters
Specifies the VHOST section name.
Up to 64 items can be specified in VHOST.
Type: Literal
Range: Up to 127 characters
Specifies the host name used to access the virtual host.
When using name-based virtual hosting, each VHOST section must have unique host name used as an identifier.
Type: Literal
Range: Up to 1023 characters
When adding a host in addition to Hostname, register the new host with Host Alias.
Multiple hosts can be configured by separating each host with a comma (,). Asterisks (*) and question marks (?) can also be used. "*" means all hosts.
Type: Literal
Range: Up to 255 characters
Specifies path to the top-level directory that contains HTML documents serviced by a virtual host.
If not set, DocRoot of the NODE section is used.
Directory configuration pattern can be configured dynamically by using the following directives.
| Directive | Description |
|---|---|
| %p | Replaces with the requested port number. |
| %n | Replaces with the Hostname or the Nth element of the IP address. If n is set to 0, the entire string is used. If the value starts with a minus symbol (-), count from the end of Hostname or IP address. If a plus symbol (+) follows, the rest of the Hostname or IP address is used. |
| %n.m | Replaces with the Mth character of Nth element. Minus (-) or plus (+) symbols can be used as previously described. |
| %% | Replaces with a single percent (%) symbol. |
If a directive is used, DocRoot must be set as an absolute path. When an environment variable is used, the previously mentioned directives can be used only when the changed path is an absolute path.
Type: Literal
Range: Up to 255 characters
Default value: "GET,POST,HEAD,OPTIONS"
Specifies the HTTP Request method. If the method is not specified in the client request, the request will not be processed.
Supports GET, POST, HEAD, OPTIONS, and CONNECT, TRACE, PROPFIND, PUT, DELETE, MKCOL, COPY, and MOVE.
If a specific method is not serviced, add hyphen (-) in front of the method name like "–OPTIONS".
Type: Literal
Range: Up to 1023 characters, 1 ~ 65535
Default value: "80" or "443" (If the SSLFlag is set to Y, "443" is the default value.)
Specifies the service port that can be accessed by the user.
Up to 100 elements can be specified by separating each element with a comma (,).
If both the Port and Listen items are configured, the Port item is ignored.
Type: Literal
Range: Up to 1023 characters
Set as "<IP>:<Port>" to open the service port only for specific IPs.
Up to 100 items can be configured by separating each item with a comma (,).
Listen has a higher priority than Port. If Listen is configured, Port is ignored.
Type: Boolean
Default value: N
Specifies whether to use the SSL/TLS protocol for service port.
The SSL section item that will be used as the SSLName configuration can be specified.
Type: String
Range: Up to 31 characters
SSLName can be used when SSLFlag is set to Y. Specifies the SSL section item to be used.
Type: Literal
Range: Up to 255 characters
Specifies the path where icon, which is used in the directory indexing function, is located.
IconDir must be set as a relative path relative to (/) and DocRoot since it its used in an html tag.
Type: Literal
Range: Up to 255 characters
Used when configuring per user directories.
Three options for configuring per user directories are:
<per-user-home-directory>
disabled [<user-list>]
enable [<user-list>]
Type: String
Range: Up to 255 characters
When transferring environment variables before starting the server process, specify the path to the file where environment variables are configured.
If EnvFile item is configured in the SVRGROUP section, the VHOST section configuration is ignored.
Environment variables can be used. If EnvFile is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
The EnvFile item configuration in the NODE section affects the entire WebtoB system. However, the VHOST and SVRGROUP section configurations only affect server processes.
Type: Literal
Range: Up to 255 characters
Default value: "index.html"
Specifies the default document name to be processed when a directory request comes in.
Type: Literal
Range: Up to 31 characters
Specifies the DIRINDEX section name.
In order to use directory indexing function, "INDEX" must be added to Options item. The DIRINDEX section configuration can modify the directory indexing function operations.
Type: Literal
Range: Up to 255 characters
Default value: "HTML,CGI,SSI,PHP,JSV,USER"
Specifies services and other operating methods provided by VHOST.
If an option is not used, input a hyphen (-) preceding the option name.
The following are descriptions of configurable options.
| Option | Description |
|---|---|
| HTML | HTML services. |
| CGI | Uses the CGI server. |
| PHP | Uses the PHP server. |
| SSI | Uses the SSI server. |
| JSV | Uses the JSV (JEUS) server. |
| INDEX | When a client sends a request to a directory without specifying a file name, this option shows directory content. For example, for a "/docroot/dir/" request, the file name and information in the directory are sent to the client. |
| ALL | "HTML,CGI,PHP,SSI,JSV,INDEX", which is the same as the default value. |
Type: Literal
Range: Up to 255 characters
Specifies the use of a user specified page instead of the HTTP error page. Configure the names in the ERRORDOCUMENT section.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Default value: <NODE section configuration>
Specifies the LOGGING section name corresponding to the access log.
Up to 4 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Default value: <NODE section configuration>
Specifies the LOGGING section name corresponding to the error log.
Type: Literal
Range: Up to 255 characters
Specifies the FILTER section name to be used.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 127 characters
Default value: <NODE section configuration>
Specifies the Default Content-Type for documents that cannot decide the MIME-Type.
If the item is configured in the DIRECTORY section, it is used first. The next to be used is the item in the SVRGROUP section. If both are not configured, the configuration in the VHOST or NODE section is used.
Type: Literal
Range: Up to 255 characters
Specifies the EXPIRES section name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Default value: <NODE section configuration>
Specifies the priority of the URI and EXT sections when selecting the server and services to process the user request.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| uri,ext | Checks the URI section configuration first. If the configuration does not exist, check the EXT section configuration. |
| ext,uri | Checks the EXT section configuration first. If the configuration does not exist, check the URI section configuration. |
If neither option is specified, the default HTML service processes the request.
Type: Boolean
Default value: <NODE section configuration>
Specifies whether to use Keepalive (HTTP persistent connection).
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| Y | User can reuse a connection allowing a connection to process multiple requests. |
| N | User must open a socket when a user request comes in. |
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: <NODE section configuration>
After the user request has been processed, the connection is disconnected after the specified time .
Type: Numeric
Range: 0 ~ INT_MAX
Default value: <NODE section configuration>
Specifies when to limit the Keepalive request count.
If set to 0, request count is not limited.
Type: Numeric
Unit: Second
Range: 1 ~ INT_MAX
Default value: <NODE section configuration>
Specifies the timeout value when reading or writing data from the user connected socket.
The configuration is applied when the user request is processed. If the user does not write to or read from the socket during the specified time, the socket is closed.
Type: Literal
Range: Up to 32 characters
Specifies the default value of "charset=<value>" to add to the "Content-Type" item in HTTP Response Header.
| Value | Description |
|---|---|
| On | Use "ISO-8859-1" as the default value. |
| Off | Charset is not added. |
| <custom-charset> | Uses the specified "<custom-charset>" as the default value. |
While DefaultCharset can be specified in multiple sections, only one definition is used. The DIRECTORY, SVRGROUP, VHOST, and NODE sections are searched sequentially. The first specified DefaultCharset value to be found is used.
Type: Boolean
Default value: N
Specifies whether to use the URLRewrite function.
In order to use this function, specify the configuration file path in URLRewriteConfig.
Type: Literal
Range: Up to 255 characters
Specifies the file path to use the URLRewrite function. Refer to "4.7. URLRewrite" for more information.
Type: Literal
Range: Up to 255 characters
Specifies the HEADERS section name.
Up to 15 items can be configured by separating each item with a comma (,).
The HTH_THREAD section configures threads of the HTH process. This section must be configured only once.
The following is the environment configuration format of the DOMAIN section.
*HTH_THREAD
name # String[32]
WorkerThreads = Numeric # 8 (1-100)
#ReadBufSize = Numeric, # 1048576 (65536-)
#SendfileThreads = Numeric, # 4 (0-100)
#SendfileThreshold = Numeric, # 32768 (0-)
#AccessLogThread = Boolean, # Y
#HtmlsCompression = Literal[256] # LIST[32], MULTI
#HtmlsCompressionMinSize = Numeric # 1 (1-)
Refer to "3.1.3. Configuration Item Description Rules" for more information on the symbols and details of the SVRGROUP section configuration items
Type: String
Range: Up to 31 characters
Specifies the HTH_THREAD name.
Type: Numeric
Range: 1 ~ 100
Default value: 8
Specifies the number of worker threads.
Worker threads process static files, SSL/TLS (handshake, encryption, and decryption), compression, and HTTP authentication.
Type: Numeric
Unit: bytes
Range: 65536 ~ INT_MAX
Default value: 1048576
Specifies the read buffer size used by worker threads to read static files.
Type: Numeric
Range: 0 ~ 100
Default value: 4
Specifies the number of sendfile threads.
Sendfile threads are for the async sendfile function (in blocking mode), an OS-specific function, to process static files.
Valid only in UNIX and Linux.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 32768
Specifies the file size threshold. If a requested file size is greater than this threshold, the sendfile function is used.
If set to 0, the sendfile function is not used.
Valid only in UNIX and Linux.
Type: Boolean
Default value: Y
Specifies the option to use a thread to record access log after HTH completes user request processing.
If set to N, WSM records the access log.
Valid only in UNIX and Linux.
Type: Literal
Range: Up to 255 characters
Specifies the MIME-types (content-types) of files to compress in the response to the static files processed by a worker thread.
The worker thread uses GZIP to compress the response before sending it to the client.
Up to 32 MIME types delimited by commas can be set.
Compression can reduce the network traffic but also the server performance. Files with low compression ratio, such as zip or jpeg, should not be compressed if possible to avoid server overhead.
Compression can only be used for requests with Accept-Encoding set to GZIP or deflate in the HTTP request header.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 1
Specifies the minimum size of the response to compress.
If the requested file size is greater than the set size, the response is compressed.
When accessing an application server process through WebtoB, it is required to manage the server processes as a group according to their logical relationships. The SVRGROUP section configures the group.
SVRGROUP section defines the following:
Name of the node that a server group belongs to.
Type of service provided by a server group.
In addition, items defined in the NODE and VHOST sections can be defined again per server group. If the database is being used, database access information can be defined as well.
The following is the environment configuration format of the SVRGROUP section.
*SVRGROUP
name # String[32]
SvrType = String[32],
#VhostName = String[1024], # LIST[64], MULTI
#AppDir = Literal[256], # <*NODE/VHOST's>, $ENV, R.PATH
#UsrLogDir = Literal[256], # $ENV, R.PATH
#EnvFile = String[256], # $ENV, R.PATH
#AuthentName = String[32],
#Logging = Literal[256], # LIST[4]
#ScriptLoc = Literal[256],
#ScriptArgs = Literal[256],
#Filter = Literal[256], # LIST[64]
#DefaultMimetype = Literal[128],
#Expires = Literal[256], # LIST[64]
#DefaultCharset = Literal[32],
#LBServers = Literal[256], # LIST[32]
#LBType = String[16], # Dynamic, Dynamic | Static
#LBBackup = Literal[32],
#Headers = Literal[256], # LIST[15]
#UserAgentRegExp = String[256]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the SVRGROUP section configuration items.
Type: String
Range: Up to 31 characters
Specifies the server group name.
Each logical server group name must be unique in the SVRGROUP section.
Type: String
Range: Up to 31 characters
Specifies the server type supported by the server group.
The following are descriptions of server type values.
| Value | Description |
|---|---|
| HTML | Server type that services HTML requests. |
| CGI | Server type that services CGI requests. |
| PHP | Server type that services PHP requests. |
| SSI | Server type that services SSI requests. |
| JSV | Server type that integrates with JEUS and services JSP and servlet requests . |
| WEBSTD | Server type that services server requests written in WBAPI. |
Type: Literal
Range: Up to 1023 characters
Specifies the VHOST section name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Default value: <Corresponding NODE or VHOST section AppDir value>
Specifies the WBAPI application directory.
Environment variables can be used. If AppDir is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
Type: Literal
Range: Up to 255 characters
Specifies the directory path of user logs.
Related to the "-e <stderr-log-file> -o <stdout-log-file>" options of the Clopt configuration, the log is set as the name of the configuration path.
UsrLogDir uses the first configured value from among the SERVER, SVRGROUP, and NODE sections.
Type: String
Range: Up to 255 characters
Specifies the file path of the environment variables used by WebtoB, when transferring environment variables before starting up the server process.
Environment variables can be used. If EnvFile is a relative path, it is changed to an absolute path based on $WEBTOBDIR.
The EnvFile item configuration of the NODE section affects the entire WebtoB system, but VHOST and SVRGROUP section configurations affect only server processes.
Type: String
Range: Up to 31 characters
Specifies the AUTHENT section name.
The AuthentName configuration can configure the DIRECTORY, URI, EXT, and SVRGROUP sections. The configured values are applied in sequential order.
Type: Literal
Range: Up to 255 characters
Specifies the LOGGING section name that corresponds to the access log.
Up to 4 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Specifies the path for PHP execution module used to configure PHP-related server groups.
Specifies a relative path based on $WEBTOBDIR.
Specifies the path to "php-cgi" among PHP execution modules. In a UNIX/Linux environment, use a symbolic link to use the path under $WEBTOBDIR.
Type: Literal
Range: Up to 255 characters
Specifies the PHP execution module's parameters used to configure PHP-related server groups.
For path options, use an absolute path as the set value is used directly as the parameter value.
Type: Literal
Range: Up to 255 characters
Specifies the FILTER section name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 127 characters
Specifies the default content-type for documents whose MIME type cannot be decided.
Section priority for DefaultCharset is as follows: DIRECTORY, SVRGROUP, VHOST, and NODE.
Type: Literal
Range: Up to 255 characters
Specifies the EXPIRES section name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 32 characters
Specifies the charset of the response when charset is not included in the request content-type.
| Value | Description |
|---|---|
| On | Use "ISO-8859-1" as the default value. |
| Off | Charset is not added. |
| <custom-charset> | Uses the configured "<custom-charset>" as the default value. |
Section priority for DefaultCharset is as follows: DIRECTORY, SVRGROUP, VHOST, and NODE.
Type: Literal
Range: Up to 255 characters
Specifies the list of servers that will participate in load balancing.
Up to 32 servers can be configured by separating each server by a comma (,).
Type: String
Range: Up to 15 characters
Default value: Dynamic
Specifies the load balancing type for servers set in LBServers.
| Value | Description |
|---|---|
| Dynamic | Distributes the load in Round-robin style except when the number of requests waiting in a server queue is greater than the current server processes in the applicable server. If all server queues contain a request, distribute any new requests using Round-robin. |
| Static | Distributes the load so that a server can handle requests in proportion to LBFactor of the SERVER section. |
Type: Literal
Range: Up to 31 characters
Specifies the backup server for the servers set in LBServers.
Type: Literal
Range: Up to 255 characters
Specifies the HEADERS section name.
Up to 15 names can be specified by using a comma(,) as the delimiter.
Type: String
Range: Up to 255
JEUS server to process requests received via USER-AGENT.
Requests received via this agent is processed by a server in the server group.
The following is an example configuration of the SVRGROUP section.
*SVRGROUP
htmlg
SvrType = HTML
phpg
SvrTYpe = PHP,
ScriptLoc = "bin/php-cgi"
ScriptArgs = "-c /php_conf/php.ini"
cgig
SvrType = CGI
ssig
SvrType = SSI
jsvg
SvrType = JSV,
LBServers = "jsv1, jsv2, jsv3",
LBType = Static,
LBBackup = "jsv4"
wbapg
SvrType = WEBSTD
The SERVER section configures the services provided by WebtoB. When a new server application is added, it must be registered in SERVER section of the environment file.
Most of the services can be registered in the SERVER section. Some services whose business logic is called directly by WebtoB must be registered in the SERVICE section. Servers are categorized in the service types (CGI, JSV, etc.) defined in the SERVER section. Additionally, the SERVER section defines a server group name and the maximum number of available processes.
Since all HTML services are processed by HTH worker threads, servers for HTML do not need to be configured.
The following is the environment configuration format of the SERVER section.
*SERVER
name # String[32]
SvgName = String[32],
#Clopt = Literal[256],
#MinProc = Numeric, # 1 (1-)
#MaxProc = Numeric, # <MinProc> (1-)
#WSProc = Numeric, # 0 (0-)
#UsrLogDir = Literal[256], # $ENV, R.PATH
#MaxQCount = Numeric, # 0 (0-)
#MaxQUrl = Literal[256],
#MaxQUrlRedirectStatus = String[8],
#ASQCount = Numeric, # 0 (0-)
#FlowControl = Numeric, # 50 (1-)
#MaxRestart = Numeric, # 20 (0-)
#SvrCPC = Numeric, # 1 (1-)
#SvrType = String[32],
#HttpOutBufSize = Numeric, # 8192 (0-)
#HttpInBufSize = Numeric, # 8192 (0-)
#MaxRequests = Numeric, # 0 (0-)
#SvrChkTIme = Numeric, # 0 (0-)
#Schedule = String[256], # "RR"
#Options = Literal[256], # PM.LIST
#SessionIdCookieKey = Literal[256],
#FlexibleStickySessionRouting = Boolean, # N
#Compression = Literal[256], # LIST[32], MULTI
#CompressionMinSize = Numeric, # 1 (1-)
#VhostName = String[1024], # LIST[64], MULTI
#FcgiInitEnv = Literal[256], # MULTI[32]
#FcgiKillTimeout = Numeric, # 0 (0-)
#FcgiKillMaxRequest = Numeric, # 0 (0-)
#Headers = Literal[256], # LIST[15]
#LBFactor = Numeric, # 1 (1-1000)
#MaxJengineCount = Numeric, # 32 (0-)
#RequestLevelPing = Boolean, # N
#RequestLevelPingTimeout = Numeric, # 3 (0-)
#RequestLevelPingRetryCount = Numeric # 0 (0-)
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the SERVER section configuration items.
Type: String
Range: Up to 31 characters
Specifies the unique server executable file name. A server name can be defined in the SERVER section only once. If duplicate names are defined, an error occurs during the environment file compilation.
If the server type is JSV, the server name can be up to 15 characters long. If the 15 character limit is exceeded, communication with JEUS is impossible.
Type: String
Range: Up to 31 characters
Specifies the server group name of the server.
The specified server group must be also defined in the SVRGROUP section.
This reference between a server and the SVRGROUP section allows WebtoB to determine the server's node location, type of resource manager (database) to be used, and parameters required when accessing the resource manager.
Type: Literal
Range: Up to 255 characters
Specifies the command options passed to the server process at startup.
Server options are specified before '--', and user options are specified after '--'.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 1
Specifies the number of server processes that starts at WebtoB startup.
In the older server-client model, a single server process is created for each client. However, WebtoB has a more efficient design that fixes the number of server processes so that each server process can handle multiple client requests.
MinProc specifies the number of server processes. It is recommended that the user sets the MinProc value based on previous experience. MinProc sets the minimum number of server processes in WebtoB, which is equivalent to the number of server processes WebtoB starts with.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: <MinProc>
Specifies the maximum number of server processes that can be started.
When WebtoB starts, the number of active server processes is equal to MinProc. As system load increases, the number of server processes automatically increases to MaxProc.
Related to the "-e <stderr-log-file> -o <stdout-log-file>" options of the Clopt configuration, the log is set as the name of the configuration path.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Reverse connection setting between WebtoB and JEUS for a WebSocket request.
Only for JSV servers.
If this is not set, reverse connection cannot be used for WebSocket requests (reverse proxy can be used).
This can be set per JEUS Managed Server that uses WebSocket.
Type: Literal
Range: Up to 255 characters
Specifies the directory path of user logs.
Related to the "-e <stderr-log-file> -o <stdout-log-file>" options of the Clopt configuration, the log is set as the name of the configuration path.
UsrLogDir uses the first configured value from among the SERVER, SVRGROUP, and NODE sections.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the maximum number of enqueued client requests. If a new client request arrives after the maximum number is reached, then an error is returned to the client.
MaxQCount sets the request queue size. MaxQCount is the number of user requests that can be stored in the queue while WebtoB finishes processing other requests. If MaxQCount is very large, all client requests will be processed but an unknown amount of time may pass before responding back to the client.
Type: Literal
Range: Up to 255 characters
Specifies the URL of the page that says that a server queue is full. If the server queue is full, a new request is not enqueued and a redirection response is returned. If the server that sends the response and the server that receives it are the same, redirection can occur infinitely.
Type: String
Range: Up to 7 characters
Specifies the Redirect Status Code when MaxQUrl is specified.
The following values can be used.
| Value | Alias | Description |
|---|---|---|
| 301 | permanent | Responds as "301 Moved Permanently". |
| 302 | found | Responds as "302 Found". |
| 303 | seeother | Responds as "303 See Other". |
| 305 | useproxy | Responds as "305 Use Proxy". |
| 307 | temp | Responds as "307 Temporary Redirect". |
| 410 | gone | Responds as "410 Gone". |
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
When the number of enqueued requests exceeds this threshold, a new server process is added automatically (if configured). The number of server processes increases from MinProc up to MaxProc.
If set to 0, the number of server processes remains at MinProc.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 50
Specifies the unit used for flow control when configuring the buffer size for HTH to read a response from the server.
Maximum flow control buffer size = FlowControl * HttpOutBufSize.
If set to 0, the default value is used.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 10
Specifies the maximum number of times a server process can restart.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 1
Specifies the number of channels for parallel communication between server process and HTH process.
The parallel communication is used when there is too much load for the server process to handle with one channel.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 8192
Specifies the buffer size used when the server responds to a user request.
If the buffer size is set to 0 or greater than 16777216 (16 MB), the buffer is set to 16777216 (16 MB) for server processes. HTH uses the default size of 8192 needed to create the flow control buffer.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 8192
Specifies the buffer size used when the server receives user requests.
If value is set to 0 or greater than 16777216 (16 MB), the value 16777216 (16 MB) is used.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0 (0 means limitless.)
Specifies the maximum number of requests that can be processed by each server process. Each server process reboots automatically after processing this number of requests.
Useful when AP has a memory related bug on a WEBSTD server written in WBAPI.
If there are a large number of services running, a number of requests greater than MaxRequest may be processed before rebooting to provide seamless service.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0 (In case of JSV: 60)
Specifies the interval at which a server connection is checked. SvrChkTime is often used to check the connection with JEUS if a firewall exists in between WebtoB and JEUS.
After SvrChkTime has been set, the connection is in Ready state, and there are no service requests. If the target host does not respond to the keepAlive request for two consecutive SvrChkTime periods, a connection problem is declared. When the connection problem is found, the connection is disconnected and removed from the service distribution list.
Type: String
Range: RR | FA
Default value: RR
Configures the scheduling method that assigns a request to a server process, when processing client requests.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| RR | Request is scheduled to an idle process in a round robin method. |
| FA | Request is scheduled to an idle process with a high index in the first assign method. |
Type: Literal
Range: Up to 255 characters
Specifies the options applied to the server:
| Option | Description |
|---|---|
| {+|-}Cache | Option to cache the content. Valid only for HTML and JSV servers. |
| BlockListen | Blocks the port to prevent client access when the server cannot provide services. Once the server is restored, the ports begin accepting clients, and processes new client requests. In a multi-node system using L4 equipment, blocking the ports of problematic nodes enables L4 equipment to distribute requests to available nodes. When multiple virtual hosts use the same service port, the virtual hosts are split among the available service ports. Blocking a service port prevents it and related virtual hosts from providing services. |
| BlockListenCloseClients | BlockListenCloseClients should be specified when clients that are linked to ports are supposed to be closed while closing service ports with the BlockListen option. Disconnects a client whose request, which is being processed, completes. A client that maintains a connection with keepalive is immediately disconnected. |
| NotifyClientClose | Specifies whether to notify the server when a user disconnects while a request is processing. JEUS disconnects the connection that was processing the request and notifies the server. |
| SecurityHolePassAuthorization | Passes authorization or proxy-authorization header to the CGI/PHP environment variable. Caution: User information can be exposed to CGI/PHP. |
| 503ResponseOnSuspend | Responds with the "503 Service Temporarily Unavailable" message to requests if the server cannot provide the service due to tthe suspend command. If this option is not used in the case mentioned above, requests that the server must process are queued. |
| PassOriginalUriAfterFilters | Sends the original client request when forwarding the request to JSV server (or another server process) after the FILTERS process handles the request. This option should be used by considering that the request URL can be modified during FILTERS processing due to URL encoding, etc. |
| AllServers | Option to use FILTERS process to process Filter module for an HTMLS request. |
Type: Literal
Range: Up to 255 characters
Default value: "JSESSIONID"
Specifies the HTTP cookie key name used for session routing when the server type is JSV (JEUS).
Type: Boolean
Default value: N
When the server type is JSV, session routing occurs. Specifies whether flexible routing is used.
The following table describes the values.
| Value | Description |
|---|---|
| Y | When server processes with the same jengineid are in the RUN state, the sessions are not queued. The sessions are routed to another process with a different jengineid within the same server. |
| N (default value) | Sticky Session routing is used (the same as the previous version). Sessions are routed to the server processes with the same jengineid. If the server processes are in the RUN state, the sessions are queued. |
When using flexible routing, multiple clients with the same JSESSIONID can be each routed to different servers. It is recommended to use the default value.
Type: Literal
Range: Up to 255 characters
Specifies the response content-type to compress.
Specifies the MIME-Type to be compressed. Content-Type of the response is used. The target response is compressed with GZIP then sent to the client.
Up to 32 MIME-Types can be configured by separating each item with a comma (,).
If compression is used, network traffic can be reduced but server performance may decline.
When compressing files that have a low compressing rate, such as .zip file or .jpeg image, it only creates a burden on the server. Verify that the MIME-Type to be compressed is not low-compression rate files.
The compression function is applied only to the requests where Accept-Encoding is specified as GZIP or deflate in the HTTP Request Header.
Type: Numeric
Range: 1 ~ INT_MAX
Default value: 1
Specifies the minimum response size when the compression option is set.
If the Content-Length of the response header is greater than the set size, the response is compressed. This does not apply to a chunked response whose size is difficult to determine.
Type: Literal
Range: Up to 1023 characters
Specifies the virtual host name when using the server as a virtual host.
A virtual host name can also be set for a server group. If the name is set for both the server and server group, they must be identical.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Adds the environment variables required to execute FastCGI applications. Configuration format is NAME=VALUE.
FcgiInitEnv = "LOGFILE=/wb-413/log/myapp.log"
# myapp.log example FAST_CGI_ENV_TEST="sample fast cgi environment variable"
Multiple environment variables can be configured by using one or more FcgiInitEnv statements.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0 (0 means limitless.)
Specifies whether to kill the application process after a FastCGI request is processed.
If the time since the application process began is greater than the time specified in FcgiKillTimeOut, the server forcibly terminates the application process after the request is processed.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0 (0 means limitless.)
Specifies whether to terminate the application process after a FastCGI request is processed.
If the number of requests processed since the start of the application process is greater than the value specified in FcgiKillMaxRequest, after the server processes the request, the server forcibly terminates the application process.
Type: Literal
Range: Up to 255 characters
Specifies the HEADERS section name.
Up to 15 items can be configured by separating each item with a comma (,).
Type: Numeric
Range: 1 ~ 1000
Default value: 1
Specifies the ratio the request is to be processed with when LBType is static for servers that are set to LBServers in the SVRGROUP section.
The value can be dynamically changed using the set -v
<server_name> lbf <value> command in
wsadmin.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 32
The default value is 32 for JSV servers and 0 for all others.
Specifies the allowed maximum number of Jengines per server.
Type: Boolean
Default value: N
Specifies whether to send a ping before forwarding a request when the target server type is JSV.
If set to Y, a request is only forwarded to JSV server after sending a ping and receiving a response.
This is useful when connected to multiple JSV servers and a server may fail to respond due to reasons like OOM (Out Of Memory).
This may cause performance issues as a ping is sent and a response is received for all requests. It is recommended to use the default value.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 3
Waiting time for receiving a response for a ping sent to a scheduled JSV server.
If no response is received during the waiting time, the connection is terminated and another JSV server is scheduled and pinged.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the retry count for sending another round of pings to all Jengines in the JSV server.
The following is an example configuration of the SERVER section.
*SERVER
cgi
SvgName = cgig,
MinProc = 1,
MaxProc = 5
ssi
SvgName = ssig,
MinProc = 1,
MaxProc = 2
jsv1
SvgName = jsvg,
MinProc = 1,
MAXProc = 10,
LBFactor = 10
jsv2
SvgName = jsvg,
MinProc = 1,
MAXProc = 10
LBFactor = 5
jsv3
SvgName = jsvg,
MinProc = 1,
MAXProc = 10
LBFactor = 1
jsv4
SvgName = jsvg,
MinProc = 1,
MAXProc = 10
wbaps
SvgName = wbapg,
MinProc = 2,
MAXProc = 5,
Schedule = "FA"
SvgName is jsvg. jsv1, jsv2, and jsv3 set to LBServers in the *SVRGROUP section run with the load balancing server and distribute requests in a ratio of 10, 5, and 1(LBFactor is meaningful only when LBType is static). jsv4 (LBBackup) processes requests when jsv1, jsv2, and jsv3 are not available.
The SERVICE section needs to be configured only when WebtoB directly executes business logic. In this situation, the server type of the service is often set to WEBSTD and standard CGI functions are substituted with equivalent WebtoB functions. Finally, transformed business logic is executable on WebtoB as a new service.
The following items are configurable in the SERVICE section:
Server processes that provides a service.
Service priority order.
Service processing time limit.
The following is the environment configuration format of the SERVICE section.
*SERVICE
name # String[16]
SvrName = String[32],
#Priority = Numeric, # 50 (0-100)
#SvcTime = Numeric # 0 (0-)
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the SERVICE section configuration items.
Type: String
Range: Up to 15 characters
Specifies the service routine name of the server program that implements the business logic executed by WebtoB.
The name must be unique in the SERVICE section, and can be up to 15 characters.
Type: String
Range: Up to 31 characters
Specifies the name of the server process that provides the service. Specifies the executable file name of the server program that has the service routine.
Server process must be defined in the SERVER section.
Type: Numeric
Range: 0 ~ 100
Default value: 50
Specifies the client request priority between 1 (the lowest) and 100 (the highest).
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0 (0 means limitless.)
Specifies the maximum period of time to process a service. Once a service starts, it must finish within the specified time. If the service cannot finish its processing within the time limit, the server process stops the service and sends an error response to the client.
The DIRECTORY section configures a directory of a node. Configurable items are AuthentName, which grants access to a directory; ForceMimetype, which sets file extension to the files in a directory; and DefaultMimetype. Moreover, directory access history logs can be configured.
The following is the environment configuration format of the DIRECTORY section.
*DIRECTORY
name # String[32]
Directory = Literal[256], # $ENV, R.PATH
#DefaultMimetype = Literal[128],
#ForceMimetype = Literal[128],
#VhostName = String[1024], # LIST[64], MULTI
#AccessName = String[32],
#AuthentName = String[32],
#Options = Literal[256], # PM.LIST
#DefaultCharset = Literal[32],
#ErrorDocument = Literal[256], # LIST[64]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the DIRECTORY section configuration items.
Type: String
Range: Up to 31 characters
Specifies the directory name.
Type: Literal
Range: Up to 255 characters
Specifies the directory path. The path can be either an absolute path or a relative path from WEBTOBDIR.
Type: Literal
Range: Up to 127 characters
Specifies the default content-type for documents whose MIME type cannot be decided.
The following is the order of priority applied to various sections.
DefaultMimetype configured in the DIRECTORY section.
DefaultMimetype configured in the SVRGROUP section.
DefaultMimetype configured in the NODE or VHOST section.
Type: Literal
Range: Up to 127 characters
Specifies the default MIME type for all resources in the directory.
For example, if ForceMimetype is set to CGI, all resources in the directory process client requests as CGI, which means that the server in charge of CGI handles the services.
Type: Literal
Range: Up to 1023 characters
Specifies the virtual host name. Configurations in the DIRECTORY section are applied only to the specified virtual host.
Up to 64 elements can be configured by separating each element with a comma (,).
If the VhostName item is not set, this item can be applied to all Virtual Hosts.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name. Accesses can be restricted according to this setting.
Type: String
Range: Up to 31 characters
Specifies the name of AUTHENT section to apply to the directory. If the server type is JSV, authentication can be applied only to the SVRGROUP section.
Type: Literal
Range: Up to 255 characters
The following are descriptions of configurable options.
| Option | Description |
|---|---|
| {+|-}Cache | Enables or disables the cache (+|-) of the selected content |
| SSLRequireSSL | Processes SSL requests only. Responds to non-SSL requests with the 403 Forbidden message. |
| SSLDenySSL | Processes non-SSL requests only. Responds to SSL requests with the 403 Forbidden message. |
Type: Literal
Range: Up to 31 characters
Specifies the charset of the response when charset is not included in the request content-type.
| Value | Description |
|---|---|
| On | Specifies "ISO-8859-1" as the default value. |
| Off | Charset is not added. |
| _charset_ | Specifies the user specified _charset_ |
The following is the order of priority applied to various sections.
DefaultCharset configured in the DIRECTORY section.
DefaultCharset configured in the SVRGROUP section.
DefaultCharset configured in the NODE or VHOST section.
Type: Literal
Range: Up to 255 characters
Specifies the use of a user specified page instead of the HTTP error page. Configures the names in the ERRORDOCUMENT section.
Up to 64 items can be configured by separating each item with a comma (,).
The URI section is used to provide an appropriate service according to the Uniform Resource Identifier (URI) of a client request. This section is often used for CGI services.
For example, if the address http://www.tmax.co.kr/cgi-bin/test.cgi is requested, the "/cgi-bin/" URI can be configured and used as a CGI service.
In the following the example, the URI section must be configured for <first> or a URI that starts with <first> must be used.
http://<hostname>:<port>/<first>/<second>/index.html
The following is the environment configuration format of the URI section.
*URI
name # String[32]
URI = Literal[256],
SvrType = String[32],
#SvrName = String[32],
#SvcName = String[16],
#Redirect = Literal[256],
#RedirectStatus = String[32], # 302
#VhostName = String[1024], # LIST[64], MULTI
#AccessName = String[32],
#AuthentName = String[32],
#Options = Literal[256], # PM.LIST
#SCGI = Boolean, # N
#SCGIServer = Literal[256],
#Match = Literal[256], # "prefix"
#Priority = Numeric, # 50 (0-100)
#FCGI = Boolean, # N
#RedirectNoSub = Boolean, # N
#Ext = String[256], # LIST, MULTI
#GotoEXT = Boolean, # N
#StopIfNoEXT = Boolean, # Y
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of URI section configuration items.
Type: String
Range: Up to 31 characters
The URI section name string can hold any character.
Type: Literal
Range: Up to 255 characters
Specifies the pattern that matches the HTTP request path. Once matched, the URI section configuration is applied to the request.
WebtoB supports a variety of pattern types. Pattern type is configured in the Match item.
Type: String
Range: Up to 31 characters
Specifies the server type that processes the request that includes the specified URI.
I.e., specifies the JSV server type for a server that processes a request containing the URI "/jsv/".
Type: String
Range: Up to 31 characters
Specifies the server name of the service.
In WebtoB, service objects that have the same server type are called a server group. Each server in a server group has a minimum and maximum number of processes allocated for service.
The URI section allows micro management service control, which can assign a server for a service.
Type: String
Range: Up to 15 characters
Specifies the service name that processes the URI.
Type: String
Range: Up to 255 characters
Maps a request for the specified URI to another URI. Depending on the value specified in RedirectStatus, the value specified in Redirect is specified in the Location Header item of the HTTP response to be sent to user.
If the value of RedirectStatus is omitted and only Redirect is used, RedirectStatus is set to 302 Found.
Type: String
Range: Up to 31 characters
Default value: 302
Specifies the HTTP status generated when using redirection.
The following values can be used.
| Value | Alias | Description |
|---|---|---|
| 301 | permanent | Responds as "301 Moved Permanently". |
| 302 | found | Responds as "302 Found". |
| 303 | seeother | Responds as "303 See Other". |
| 305 | useproxy | Responds as "305 Use Proxy". |
| 307 | temp | Responds as "307 Temporary Redirect". |
| 410 | gone | Responds as "410 Gone". |
Type: Literal
Range: Up to 1023 characters
Specifies the virtual host name for a URI or each server types that share the same URI.
Up to 64 items can be set to the same URI by using a comma as a delimiter.
Type: String
Range: Up to 31 characters
Specifies in the ACCESS section whether to allow or deny a request coming from a specific IP address.
Type: String
Range: Up to 31 characters
Enables authentication of the URI section. Specifies the name of authentication applied to the URI section. However, if the server type is JSV, authentication can be applied in the SVRGROUP section.
Type: Literal
Range: Up to 255 characters
The following are descriptions of configurable options.
| Option | Description |
|---|---|
| {+|-}Cache | Enables or disables the cache (+|-) of the selected content |
| SSLRequireSSL | Processes SSL requests only. Responds to non-SSL requests with the 403 Forbidden message. |
| SSLDenySSL | Processes non-SSL requests only. Responds to SSL requests with the 403 Forbidden message. |
Type: Boolean
Default value: N
Specifies whether the request is SCGI when SvrType is set to CGI
If set to Y, the SCGI server address is also required.
Type: Literal
Range: Up to 255 characters
Specifies the SCGI server address in the "server_name[IP_address]:port_number" format.
SCGIServer = "172.16.1.100:9001"
Type: Literal
Range: Up to 255 characters
Default value: "prefix"
Specifies the matching pattern type. A pattern set in the Uri item is used as the prefix for the request URL by default.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| prefix | The pattern specified in the URI is the HTTP Request URL's prefix. For example, pattern "/uri/" is matched with the request path "/uri/a/", "/uri/a/b/", "/uri/a/b/c", etc. |
| exact | The pattern specified in the URI matches the HTTP Request URL. For example, pattern "/uri/" only matches when the Request path is "/uri/". Other request paths do not match. |
| fn | The pattern specified in the URI is the FNMATCH pattern used in a UNIX shell. Wild card such as an asterisk (*) and a question mark (?) can be used. For example, pattern "/uri/*/*/" is matched with the request path "/uri/a/b/", "/uri/c/d/", etc. |
| regexp | The pattern specified in the URI is the regular expression used in Perl. For example, pattern "/uri.*" is matched with the request path "/uri", "/uri/", "/uri1", etc. |
Depending on the pattern type, the matching method with the HTTP Request path differs.
Type: Numeric
Range: 0 ~ 100
Default value: 50
Prioritizes queued client requests. Priority is between 1 (lowest) and 100 (highest).
Type: Boolean
Default value: N
Specifies whether the request is FastCGI when SvrType is set to CGI.
If set to Y, the request is processed as Fast CGI.
Type: Boolean
Default value: N
When configuring redirect, if prefix is used to match, specifies whether to attach the rest of the request URL to the specified URL and then redirect.
Type: Literal
Range: Up to 255 characters
When matching a URI, match to the additionally configured extension.
Use this item when applying the URI section to certain extensions under a certain path.
Multiple extensions can be configured by using commas (,) or configuring multiple times.
Type: Boolean
Default value: N
Decides whether to match the EXT section additionally when performing the URI matching first. Note that if an EXT match is found and selected the previously matched URI setting is ignored.
Type: Boolean
Default value: Y
Applied when 'GotoExt = Y'.
The following describes the values.
| Value | Description |
|---|---|
| Y | Stops matching when the matched EXT section configuration item does not exist. |
| N | Searches the next URI section configuration. |
The ALIAS section maps a URI to a physical directory path on the server regardless of the document root. Aliasing can map a directory regardless of the Document Root, which is convenient from a management perspective.
The following is the environment configuration format of the ALIAS section.
*ALIAS
name # String[32]
URI = Literal[256],
RealPath = Literal[256], # $ENV, R.PATH
#VhostName = String[1024] # LIST[64], MULTI
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the ALIAS section configuration items.
Type: String
Range: Up to 31 characters
Specifies the ALIAS section name.
Type: Literal
Range: Up to 255 characters
Specifies the URI alias.
Type: Literal
Range: Up to 255 characters
Specifies the physical directory path on the server.
When using a large number of virtual hosts, the directory configuration pattern can be configured dynamically by using the following directives.
| Directive | Description |
|---|---|
| %p | Replaces with the requested port number. |
| %n | Replaces with the Hostname or the Nth element of the IP address. If n is set to 0, the entire string is used. If the value starts with a minus symbol (-), count from the end of Hostname or IP address. If a plus symbol (+) follows, the rest of the Hostname or IP address is used. |
| %n.m | Replaces with the Mth character of the Nth element. Minus (-) or plus (+) symbols can be used as previously described. |
| %% | Replaces with a single percent symbol (%). |
Type: Literal
Range: Up to 1023 characters
Specifies the maximum number of virtual hosts that apply to the ALIAS section.
Up to 64 items can be configured by separating each item with a comma (,).
In general, when a client request URL specifies a directory, the directory's index.html file is returned. However, if the index.html file is missing, a directory listing page can be shown. This section can enable or disable the directory listing feature and configures the indexing mechanism and icons used in the directory listing.
The following is the environment configuration format of the DIRINDEX section.
*DIRINDEX
name # String[32]
Options = Literal[256], # "Fancy,EncodeURL", PM.LIST
#Ignore = Literal[256], # LIST
#DefaultIcon = String[32],
#Description = Literal[256],
#HeaderFile = String[32],
#TailFile = String[32],
#IconExt = Literal[256]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the DIRINDEX section configuration items.
To use the DIRINDEX section, some items must be first configured in the NODE section. The required previously configured items are as follows.
| Item | Description |
|---|---|
| Options | "+Index" displays directory information. |
| DirIndex | Specifies the DIRINDEX name. |
Type: String
Range: Up to 31 characters
Specifies the DIRINDEX section name.
Type: Literal
Options can be used to specify the indexing method.
The following describes the options.
| Option | Description |
|---|---|
| {+|-}Fancy | Option to use Fancy Indexing. Fancy Indexing, provided by WebtoB, displays links sorted by the file name, last modified time, or file size. |
| {+|-}EncodeURL | Option to use URL encoding for non-ASCII characters used for URLs on the page. If set to "-EncodeURL", Korean file links are displayed in Korean. The file may not be found depending on browser settings. |
Type: Literal
Range: Up to 255 characters
Specifies the files to exclude from the index list. Filenames can be explicitly specified or an asterisk(*) can be used to filter files.
Type: String
Range: Up to 31 characters
Specifies the icon for unknown file types.
Type: Literal
Range: Up to 255 characters
Configures the description file path. This configuration shows the description of each file when the directory structure is displayed.
For example, when a.html, b.html, c.html, etc. exist in the directory, write the contents of the des.txt file as follows to display the description. Configure as Description = "des.txt".
a.html The description of a.html b.html The description of b.html c.html The description of c.html ...
Type: String
Range: Up to 31 characters
Specifies the header file name that will be inserted at the top of the listing. Filename uses a relative path from the indexing directory.
Type: String
Range: Up to 31 characters
Specifies the tail file name that will be inserted at the bottom of the listing. Filename uses a relative path from the indexing directory.
Type: Literal
Range: Up to 255 characters
Specifies the file extension to map to icon file URL.
The MIME-Type and the URL of the icon file are mapped.
The LOGGING section configures client request log. Access log and error log are recorded separately, and their format can be configured. To use the LOGGING section, the Logging and ErrorLog items must be set in the NODE section.
The following is the environment configuration format of the LOGGING section.
*LOGGING
name # String[32]
FileName = Literal[256], # $ENV, R.PATH
Format = Literal[256],
#Option = Literal[256], # PM.LIST
#RotateBySeconds = Numeric, # 0 (0-)
#ExcludeByExt = Literal[1024], # LIST
#ArchiveFileName = Literal[256], # $ENV
#ValidHours = Numeric # 0 (0-23)
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the LOGGING configuration items.
The following are the NODE section items that are related to the LOGGING section configuration. The Logging and Errolog items (not Syslog) can be specified in both the VHOST and NODE sections.
| Item | Description |
|---|---|
| SysLog | Specifies system log name. |
| Logging | Specifies access log name. |
| Errorlog | Specifies error log name. |
Type: String
Range: Up to 31 characters
Specifies the LOGGING section name.
Type: Literal
Range: Up to 255 characters
Specifies the log file path and name.
A relative path that starts without a slash (/) is automatically replaced by "WEBTOBDIR/relative_path".
The substitution string specified in FileName is replaced with the actual value when the file is created. For example, the value configured in FileName is replaced with "$WEBTOBDIR/log/access_20091105.log".
FileName = "log/access_%Y%%M%%D%.log"
The following strings in a file name are replaced by actual values when the file is created:
| String | Actual value |
|---|---|
| %Y% | Year (4 digits). Example: 2009 |
| %M% | Month (2 digits). Example: 11 |
| %D% | Day (2 digits). Example: 05 |
| %h% | Hour (2 digits). Example: 10 |
| %m% | Minute (2 digits). Example: 30 |
| %s% | Second (2 digits). Example: 45 |
Type: Literal
Range: Up to 255 characters
Specifies the log format
This value can be set to the name of the log format set in the *USERLOGFORMAT section.
The following format string is applied only to the access log. System log and error log can have any value.
| Format | Description |
|---|---|
| DEFAULT | Default Logfile Format. (Format string: "%h %t \"%r\" %s %b %D") |
| COMMON | Common Log File Format. (Format string: "%h %l %u %t \"%r\" %s %b") |
| COMBINED | Combined Log File Format. (Format string: "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-Agent}i\") |
| %a | Displays the IP address of the machine that sent the request. Same as %h. |
| %b | Displays the byte of the response object. |
| %c | Displays if the response was generated in internal WebtoB cache. If true, set to "hc". |
| %c | Displays the location where a WebtoB response is generated.
|
| %C{_attr_name_}C | Displays the value corresponding to '_attr_name_' among cookie Header values of an HTTP request. |
| %d | Displays the time the response was sent. |
| %D | Displays the time spent processing the request. (unit: millisecond) |
| %e{ENV_NAME}e | Displays the environment variable ENV_NAME. |
| %g | Displays the request identifier used internally by WebtoB. |
| %h | Displays the IP address of the machine that sent the request. Same as %a. |
| %H | Displays the HTTP version used. |
| %i{HEADER_FIELD}i | Displays the HEADER_FIELD Header value of the HTTP request. |
| %{_id_name_}J | Displays the request id used internally when a request is forwarded to JEUS for processing.
|
| %m | Displays the HTTP request method. |
| %p | Displays the server port number that received the request. |
| %q | Displays the query value of the HTTP request. |
| "%r" | Displays the entire request line of the HTTP request. |
| %R | Displays the entire request line of the HTTP request. Displays the request lines that were changed by the CheckURL or URLRewrite function. |
| %s | Displays the HTTP Status Code used in the response. |
| %t | Displays the time when the request processing ended. |
| %T | Displays the time spent in processing the request. (unit: second) |
| %u | Displays the user name used in the HTTP authentication. |
| %U | Displays the HTTP Request URI. |
| %v | Displays the Host Header item value. |
| %z | If the response is compressed, displays the response size and compression rate before and after the compression. |
| %S | Separates HTTP and HTTPS. |
| %A | Displays server IP address. |
Type: Literal
Range: Up to 255 characters
Specifies the logging options.
| Option | Description |
|---|---|
| Sync | Does not buffer logging content and records directly onto the disk. Services that require immediate logs, such as finance service and banking service, should use this feature for immediate error identification. |
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0 (The default value disables this function.)
Specifies the maximum period of time to create a new log file. An existing log file is older than this period of time, a new log file is created to record a new log.
Type: Literal
Range: Up to 1023 characters
Specifies the file extension to exclude from logging.
The following is an example configuration.
ExcludeByExt = "jpg,png"
Type: Literal
Range: Up to 255 characters
Specifies the log file name format for an archived file. For example, the current log file name is always log/access.log, and the archived file is in the form of log/backup.access_20090425_112233.log.
Type: Numeric
Unit: Hour
Range: 0 ~ 23
Default value: 0 (The default value disables this function.)
Specifies the creation of a new log file at the specified interval.
The following is an example configuration of the LOGGING section.
*LOGGING
access_log
Format = "default", # "%h %l %u %t \"%r\" %s %b" is default format
Filename = "log/archives/access_%Y%%M%%D%.log"
Option = "sync"
error_log
Format = "",
Filename = "log/archives/error_%Y%%M%%D%.log"
Option = "sync"
system_log
Format = "",
Filename = "log/archives/system_%Y%%M%%D%.log"
Option = "sync"
The ACCESS section configures client accesses based on IP address and netmask information and the order of applying configurations. This section can be applied to the URI, EXT, DIRECTORY, and TCPGW sections. The defined resources from each of these sections are accepted or denied.
The following is the environment configuration format of the ACCESS section.
*ACCESS name # String[32] #Method = Literal[256], # "<all-methods>", PM.LIST #MethodExcept = Literal[256], # PM.LIST #Order = Literal[256], # "deny,allow" #Allow = Literal[256*35], # LIST[256] #Deny = Literal[256*35], # LIST[256] #AllowIf = Literal[256], # MULTI[32] #DenyIf = Literal[256] # MULTI[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the ACCESS section configuration items.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name.
Type: Literal
Range: Up to 255 characters
Default value: <all-HTTP-methods>
Specifies the HTTP method.
Type: Literal
Range: Up to 255 characters
Specifies the methods to be excluded from the HTTP methods list (GET, POST, HEAD, OPTIONS, PUT, DELETE, TRACE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK) that can be configured in WebtoB. I.e., only the methods not specified by MethodExcept can be applied.
For example, MethodExcept = "POST" is same as Method = "GET, HEAD, ..." (all HTTP methods except POST).
Type: Literal
Default value: "Deny,Allow"
Specifies the order of the following access restriction directives: Method, Allow, AllowIf, Deny, and DenyIf.
The following are descriptions of the options.
| Option | Description |
|---|---|
| Deny, Allow | Matches in the following order: Method > Deny > DenyIf > Allow > AllowIf.
|
| Allow, Deny | Matches in the following order: Method > Allow > AllowIf > Deny > DenyIf.
|
Type: Literal
Range: Up to 8959 characters
Specifies the IP address and netmask that are allowed to send requests.
Specifies IP address and netmask as follows.
Allow = "192.168.1.43/255.255.255.0"
Allow = "all" is a special value and allows all IP addresses.
Up to 256 items can be configured by separating each item with a comma (,).
Type: Literal
Specifies the IP address and netmask that are not allowed to send requests. This item can be configured in the same way as the Allow item.
Type: Literal
Range: Up to 255 characters
Specifies as "<header item name> <regular expression>".
Allows access if the <header item name> Header value included in the request matches the specified <regular expression> pattern. The <regular expression> are Perl compatible regular expressions.
One or more AllowIf values can be specified.
AllowIf="Referer http://10.0.0.2/"
Type: Literal
Range: Up to 255 characters
DenyIf can be configured similarly to Allowlf.
The following is an example configuration of the ACCESS section.
*ACCESS
access1
Order = "allow, deny",
Allow = "all"
access2
Order = "allow, deny",
Allow = "211.1.1.10, 211.1.1.20"
access3
Order = "allow, deny",
Allow = "211.1.1.0/255.255.255.0"
access4
Order = "deny, allow",
Deny = "211.1.1.30"
access5
Order = "allow, deny",
Allow = "all",Deny = "211.1.1.30"
The AUTHENT section configures user and group authentication to restrict client accesses. This section can be configured in the SVRGROUP, URI, EXT, and DIRECTORY sections.
The following is the environment configuration format of the AUTHENT section.
*AUTHENT
name # String[32]
Type = String[32],
UserFile = Literal[256], # $ENV, R.PATH
#AccessName = String[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the AUTHENT section configuration items.
Type: String
Range: Up to 31 characters
Specifies the AUTHENT section name.
Type: String
Range: Up to 31 characters
Specifies the authorization control method. Either Basic (HTTP basic authentication) or Digest (HTTP digest authentication). Refer to "8.4.1. Authentication" for more information.
Type: Literal
Range: Up to 255 characters
Specifies the file in which user names, passwords, and realms are saved.
WebtoB provides the 'wsmkpw' tool, which manages UserFiles. The wsmkpw tool can be used to record user names and encrypted codenames to the UserFile.
Type: String
Range: Up to 31 characters
Access section name to use for access control on requests for specific IP bandwidth.
The EXT section maps a process to a request according to the file extension. WebtoB is already configured with mappings between basic MIME types and processes. This section can be used to configure additional mappings.
The following is the environment configuration format of the EXT section.
*EXT name # String[32] #Mimetype = Literal[128], #SvrType = String[32], # HTML #SvrName = String[32], #SvcName = String[16], #VhostName = String[1024], # LIST[64], MULTI #AccessName = String[32], #AuthentName = String[32], #Options = Literal[256], # PM.LIST #Charset = Literal[32], #SCGI = Boolean, # N #ScgiServer = Literal[256], #Match = Literal[256], # "exact" #RegExp = Literal[256], #Priority = Numeric, # 50, 0 ~ 100 #FCGI = Boolean, # N #Extension = Literal[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the EXT section configuration items.
Type: String
Range: Up to 31 characters
Specifies the pattern to match with the HTTP request path extension. Once matched, the EXT section configuration is applied to the request.
WebtoB supports various pattern types. Configure the pattern types in the Match item.
Type: Literal
Range: Up to 127 characters
Specifies the MIME type corresponding to an extension.
MimeType = "text/html"
Type: String
Default value: HTML
Specifies the server type to process extensions.
Type: String
Range: Up to 31 characters
Specifies the server name to process the request.
Type: String
Range: Up to 15 characters
Specifies the service name to process the request.
Type: String
Range: Up to 1023 characters
When EXT is used in a specific virtual host, the virtual host name defined in the VHOST section is specified.
Up to 64 items can be configured by separating each item with a comma (,).
Type: String
Range: Up to 31 characters
Specifies in the EXT section whether to allow or deny a request coming from a specific IP address.
Type: String
Range: Up to 31 characters
Specifies the AUTHENT section name for authentication. If the server type is JSV, authentication can be applied to only SVRGROUP.
Type: Literal
The following are descriptions of configurable options.
| Option | Description |
|---|---|
| {+|-}Cache | Enables or disables the cache (+|-) of the selected content. |
| SSLRequireSSL | Processes SSL requests only. Responds to Non-SSL requests with the "403 Forbidden" message. |
| SSLDenySSL | Processes Non-SSL requests only. Responds to SSL requests with the "403 Forbidden" message. |
| UnSet | Unsets default MIME-Types such as SHTML, CGI, and JSP. |
Type: Literal
Specifies the charset to add to the Content-Type Header.
| Value | Description |
|---|---|
| on | "iso-8859-1" is used. |
| off | Does not add charset to the Content-Type Header. |
| <custom> | Uses the user specified value as the charset. |
Type: Boolean
Default value: N
Specifies whether the request is SCGI when SvrType is set to CGI.
If set to Y, the SCGI server address is also required.
Type: Literal
Range: Up to 255 characters
Specifies the SCGI server address in the "server_name[IP_address]:port_number" format.
SCGIServer = "172.16.1.100:9001"
Type: Literal
Default value: "exact"
Specifies the matching pattern type. The matching method used for HTTP Request path extensions depends on the pattern type.
The following are descriptions of configurable pattern types.
| Pattern Type | Description |
|---|---|
| prefix | The specified pattern is prefixed of the extension. For example, pattern "abc" is matched with the following extensions: "abc", "abc1", and "abc12". |
| exact | The specified pattern and extension match exactly. For example, pattern "abc" is matched only when extension is "abc". |
| regexp | The specified pattern is a regular expression used in the Perl scrip language. In order to use regexp, the pattern must be configured in RegExp. In this case, the pattern of EXT name is ignored. For example, pattern "jsp[a-z]" is matched with extensions such as "jspa", "jspb", "jspx", etc. |
Type: Literal
Range: Up to 255 characters
Specifies the regular expression pattern.
Only applied if Match = "regexp".
Type: Numeric
Range: 0 ~ 100
Default value: 50
Prioritizes client requests. Priority is between 1 (lowest) and 100 (highest).
Type: Boolean
Default value: N
Specifies whether the request is FastCGI when SvrType is set to CGI.
If set to Y, the request is processed as Fast CGI.
Type: Literal
Range: Up to 31 characters
Specifies when to use another value as an extension instead of the EXT section name.
General MIME-Types are provided by default.
The items listed in the following table do not need to be configured in the EXT section, and they are all are processed by a worker thread that processes HTML services. Hence, if the extension is processed by a different server, the server must be specified in the SvrType item of the EXT section.
| Extension | MIME-Type | Extension | MIME-Type |
|---|---|---|---|
| avi | "video/video-x-msvideo" | asc | "text/plain" |
| au | "audio/basic" | ai | "application/postscript" |
| aif | "audio/x-aiff" | aiff | "audio/x-aiff" |
| af | "audio/x-aiff" | aifc | "audio/x-aiff" |
| bmp | "image/bmp" | bin | "application/octet-stream" |
| bcpio | "application/x-bcpio" | cpio | "application/x-cpio" |
| csh | "application/x-csh" | cpt | "application/mac-compactpro" |
| class | "application/octet-stream" | cdf | "application/x-netcdf" |
| css | "text/css" | doc | "application/msword" |
| dvi | "application/x-dvi" | dms | "application/octet-stream" |
| dcr | "application/x-director" | dir | "application/x-director" |
| dxr | "application/x-director" | eps | "application/postscript" |
| exe | "application/octet-stream" | ez | "application/andrew-inset" |
| etx | "text/x-setext" | gif | "image/gif" |
| gtar | "application/x-gtar" | html | "text/html" |
| htm | "text/html" | hqx | "application/mac-binhex40" |
| hdf | "application/x-hdf" | hwp | "application/x-hwp" |
| hif | "application/x-hif" | hpt | "application/x-hpt" |
| hst | "application/x-hst" | ief | "image/ief" |
| igs | "model/iges" | iges | "model/iges" |
| ice | "x-conference/x-cooltalk" | jpg | "image/jpeg" |
| js | "application/x-javascript" | jpeg | "image/jpeg" |
| jpe | "image/jpeg" | kar | "audio/midi" |
| latex | "application/x-latex" | lha | "application/octet-stream" |
| lzh | "application/octet-stream" | mpg | "video/mpeg" |
| mpeg | "video/mpeg" | mpe | "video/mpeg" |
| mid | "audio/midi" | midi | "audio/midi" |
| mov | "video/quicktime" | mif | "application/vnd.mif" |
| man | "application/x-troff-man" | me | "application/x-troff-me" |
| ms | "application/x-troff-ms" | mpga | "audio/mpeg" |
| mp2 | "audio/mpeg" | mp3 | "audio/mpeg" |
| msh | "model/mesh" | mesh | "model/mesh" |
| movie | "video/video-x-sgi-movie" | nc | "application/x-netcdf" |
| oda | "application/oda" | "application/pdf" | |
| ps | "application/postscript" | ppt | "application/vnd.ms-powerpoint" |
| pgn | "application/x-chess-pgn" | pdb | "chemical/x-pdb" |
| png | "image/png" | pnm | "image/x-portable-anymap" |
| pbm | "image/x-portable-bitmap" | pgm | "image/x-portable-graymap" |
| ppm | "image/x-portable-pixmap" | qt | "video/quicktime" |
| rtf | "application/rtf" | ra | "audio/x-realaudio" |
| rgb | "image/x-rgb" | roff | "application/x-troff" |
| rmm | "audio/x-pn-realaudio" | ram | "audio/x-pn-realaudio" |
| rm | "application/vnd.rn-realmedia" | rpm | "application/x-rpm" |
| ras | "image/x-cmu-raster" | rtx | "text/richtext" |
| rt | "text/vnd.rn-realtext" | rv | "video/vnd.rn-realvideo" |
| rf | "image/vnd.rn-realflash" | rp | "image/vnd.rn-realpix" |
| sgm | "text/sgml" | src | "application/x-wais-source" |
| snd | "audio/basic" | smi | "application/smil" |
| smil | "application/smil" | spl | "application/x-futuresplash" |
| skp | "application/x-koan" | skd | "application/x-koan" |
| skt | "application/x-koan" | skm | "application/x-koan" |
| sh | "application/x-sh" | shar | "application/x-shar" |
| swf | "application/x-shockwave-flash" | sit | "application/x-stuffit" |
| sv4cpio | "application/x-sv4cpio" | sv4crc | "application/x-sv4crc" |
| silo | "model/mesh" | sgml | "text/sgml" |
| sdp | "application/sdp" | txt | "text/plain" |
| tar | "application/x-tar" | tcl | "application/x-tcl" |
| tex | "application/x-tex" | texinfo | "application/x-texinfo" |
| texi | "application/x-texinfo" | t | "application/x-troff" |
| tr | "application/x-troff" | tiff | "image/tiff" |
| tif | "image/tiff" | tsv | "text/tab-separated-values" |
| ustar | "application/x-ustar" | vrml | "model/vrml" |
| vcd | "application/x-cdlink" | wav | "audio/x-wav" |
| wrl | "model/vrml" | xls | "application/vnd.ms-excel" |
| xyz | "chemical/x-pdb" | xbm | "image/x-xbitmap" |
| xpm | "image/x-pixmap" | xwd | "image/x-windowdump" |
| xml | "text/xml" | zip | "application/zip" |
The SSL section configures SSL functions used in WebtoB. SSL service operates according to these settings.
The following is the environment configuration format of the SSL section.
*SSL
name # String[32]
CertificateFile = Literal[256], # $ENV, R.PATH
CertificateKeyFile = Literal[256], # $ENV, R.PATH
#CACertificatePath = Literal[256], # $ENV, R.PATH
#CACertificateFile = Literal[256], # $ENV
#CertificateChainFile = Literal[256], # $ENV, R.PATH
#VerifyDepth = Numeric, # 0 (0-)
#VerifyClient = Numeric, # 0 (0-3)
#FakeBasicAuth = Boolean, # N
#Protocols = Literal[256], # LIST
#RequiredCiphers = Literal[1024], # LIST
#RandomFile = Literal[256], # $ENV, R.PATH
#RandomFilePerConnection = Literal[256], # $ENV, R.PATH
#PassPhraseDialog = Literal[256], # $ENV, R.PATH
#CryptoDevice = Literal[256], # "builtin"
#RenegotiationLevel = String[256], # secure (secure, insecure, disable)
#DHParameter = Literal[256], # $ENV, R.PATH
#Options = Literal[256] # PM.LIST
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the SSL section configuration items.
Type: String
Range: Up to 31 characters
Specifies the section name.
Type: Literal
Range: Up to 255 characters
Specifies the server certificate encoded in PEM format.
The certificate in PEM format, which is Base64 encoded DER (Distinguished Encoding Rules), is used like ASCII code for web transmissions. If the certificate is encrypted, a passphrase is requested.
Up to 4 certificates can be set using a comma (,) as a delimiter.
The number of certificates must match the number of keys specified with CertificateKeyFile.
Type: Literal
Range: Up to 255 characters
Specifies the private key for the server certificate encoded in PEM format.
If the key is not included with the certificate, use this directive to specify the location of the key. Generally, this file is placed in the WebtoB SSL directory.
Up to 4 keys can be set using a comma (,) as a delimiter.
The number of keys must match the number of certificates specified with CertificateFile.
Type: Literal
Range: Up to 255 characters
Specifies the directory of the certificate.
The certificate includes data required to certify user certificates. This file is generally encoded in PEM.
Type: Literal
Range: Up to 255 characters
Specifies the certificate file when using a single CA to autheticate users.
Type: Literal
Range: Up to 255 characters
Specifies the path to CA certificates used to create a server certificate chain. For client authentication, the CACertificateFile or CACertificatePath item must be set.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the level to trace CA for authentication. Different CAs exist at different levels in a certificate. This item tracks and validates CAs at different levels. If verification from one CA is sufficient, set item value to 1.
Type: Numeric
Default value: 0
Specifies the authentication level requested to the user.
The following are descriptions of verification levels.
| Level | Description |
|---|---|
| 0 | The user does not request a certificate. |
| 1 | The user can submit a valid certificate to the server. |
| 2 | The user must submit a valid certificate to the server. |
| 3 | The user must submit a valid certificate to the server. The server does not perform verification without having the certificate. |
Type: Boolean
Default value: N
Specifies the option to translate subject DN (distinguished name) of the certificate into a HTTP basic authorization username. If this item is used with the VerifyClient item, the authentication result can be seen in the log file. A predefined password is used as the code.
Type: Literal
Range: Up to 255 characters
Default value: "SSLv3, TLSv1, TLSv1.1, TLSv1.2"
Specifies the protocols that can be used by the server. Specific SSL or TLS versions can be specified. "TLSv1.1, TLSv1.2" is supported for WBSSL 1.0.1 or later, and "SSLv2" is no longer supported.
Append a hyphen (-) in front of a protocol to disable it.
Type: Literal
Range: Up to 1023 characters
Default value: "HIGH:MEDIUM:!SSLv2:!PSK:!SRP:!ADH:!AECDH:!EXP:!RC4:!IDEA:!3DES"
Specifies the ciphers that can be used by the server. Specific cipher, SSL or TLS versions can be specified. Since WebtoB uses OpenSSL, refer to the OpenSSL guide for cipher names.
Type: Literal
Range: Up to 255 characters
Specifies the random seed file and its size for SSL. If a file is selected, WebtoB extracts a random value from this file to create a random seed when creating a password for SSL.
Type: Literal
Range: Up to 255 characters
Specifies the random seed file for SSL and its size used to establish each connection.
Type: Literal
Default value: "builtin"
Specifies the passphrase value to use for encrypted private key files when SSL is used.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| builtin | Asks for a passphrase when starting WebtoB. |
| exec:<program path> | When starting WebtoB, a program is executed and its output is used as a passphrase. A file that is executed with “exec” can be a compiled executable or a shell script. |
| file:<passphrase file path> | Uses the passphrase in the passphrase file that was generated by the wsmkppd tool when WebtoB is started. |
Type: Literal
Range: Up to 255 characters
Default value: "builtin" (The default value specifies the use of the method implemented in OpenSSL.)
Specifies the SSL external crypto device type.
Type: String
Range: Up to 255 characters
Default value: secure
Specifies the renegotiation level when SSL is used.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| secure | Proceeds to renegotiate when the client and web server are safe. Example: RFC5746 |
| insecure | Proceeds to renegotiate although the client and web server are not safe. Example: CVE-2009-3555 |
| disable | Does not renegotiate in any situation. |
Note that if renegotiation proceeds when safety is not guaranteed, it becomes vulnerable to MITM (Man in the Middle) Attack or DoS (Denial of Service) Attack.
Type: Literal
Range: Up to 255
Specifies the Diffie-Hellman group created to enhance security of encrypted communication.
You can create a Diffie-Hellman group (2048bit) as follows:
wbssl dhparam -out dhparams.pem 2048
Type: Boolean
Default value: N
Specifies to use the order of ciphers set in RequiredCiphers when using SSL algorithm.
Type: Literal
Range: Up to 255 characters
The following are descriptions of the configurable options.
| Option | Description |
|---|---|
| StdEnvVars | Creates SSL environmental variables or the HTTP Request Header value so that the basic information used in the SSL Handshake process can be used in CGI/PHP, JEUS, and internal Reverse Proxy servers.
The following are examples in each language.
|
| ExportClientCert | Creates SSL environmental variables or the HTTP Request Header value so that the client certificate can be used in CGI/PHP, JEUS, and internal Reverse Proxy servers when client authentication is implemented (VerifyClient = 2). To process the client certificate's extension items (Extension Items - Key Usage, Certificate Policies, CRL Distribution Points, etc.), obtain and parse the client certificate information from the configuration to use it.
The following are examples in each language.
|
Describes CA commands used in UNIX.
CertificateFile or CertificateKeyFile specifies the path to the key and certificate files for user authentication. While the key is generally supplied by external security experts, it is possible for a server administrator to create this file and use it to secure connections with clients. The key and certificate is generated using a tool called CA.
The CA program is in the executable directory (/bin) of WebtoB.
Certificate creation
This command creates a certificate. Using this command, a server creates a certificate and uses the certificate to authenticate a user. Successful execution of this command also generates a private key. When generating a certificate, CA asks for a password. Do not lose or forget this password. If a self-generated certificate is used, the password is required when WebtoB starts up. WebtoB will fail to boot without the correct password.
$ CA -newcert
Certificate check
Verifies the input file.
$ CA -newca
Certificate Request Form creation
Creates a certificate request form. This form is required by the Certificate Authority, such as Verisign, when creating a certificate.
$ CA -newreq
Sign input
Enter a sign to the created key.
$ CA -sign
For more information on SSL, refer to other references or sites.
The PROXY_SSL section configures SSL functions used in WebtoB when it is used as a proxy. SSL service operates according to these settings.
The following is the environment configuration format of the PROXY_SSL section.
*PROXY_SSL
name # String[32]
Verify = Numeric, # 0 (0-3)
#VerifyDepth = Numeric, # 0 (0-)
#CACertificatePath = Literal[256], # $ENV, R.PATH
#CACertificateFile = Literal[256], # $ENV
#CheckPeerValidPeriod = Boolean, # N
#Protocols = Literal[256], # LIST
#RequiredCiphers = Literal[1024], # LIST
#CertificateFile = Literal[256], # $ENV, R.PATH
#CertificateKeyFile = Literal[256], # $ENV, R.PATH
#CertificateChainFile = Literal[256], # $ENV, R.PATH
#PassPhraseDialog = Literal[256] # $ENV, R.PATH
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the PROXY_SSL section configuration items.
Type: String
Range: Up to 31 characters
Specifies the section name.
Type: Numeric
Default value: 0
Specifies the verification level of the internal server certificate.
The following are descriptions of authentication levels.
| Level | Description |
|---|---|
| 0 | Internal server certificate does not get verified. |
| 1 | Internal server can submit a valid certificate. If submitted, WebtoB verifies the certificate. |
| 2 | Internal server must submit a valid certificate and WebtoB verifies the certificate received from the internal server. |
| 3 | Internal server must submit a valid certificate. WebtoB does not does not perform verification without having the certificate. |
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
This is used when different CAs intervene sequentially in the verification process. Specifies to what level depth the linked CAs are tracked for authentication. If verification from one CA is sufficient, set this to 1.
Type: Literal
Range: Up to 255 characters
Specifies the directory where the certificate will be saved.
The certificate includes data required to verify the certificate of the server to connect to. This file is generally encoded in PEM.
Type: Literal
Range: Up to 255 characters
Use this directive instead of CACertificatePath to verify the server from a single CA(Certificate Authority). The certificate file must be encoded in PEM.
Type: Literal
Default value: N
Specifies whether to verify the certificate expiry date when verifying the internal server certificate.
Type: Literal
Range: Up to 255 characters
Default value: "SSLv3, TLSv1, TLSv1.1, TLSv1.2"
Specifies the protocols that can be used by the server. Specific SSL or TLS versions can be specified. "TLSv1.1, TLSv1.2" is supported for WBSSL 1.0.1 or later, and "SSLv2" is no longer supported.
Append a hyphen (-) in front of a protocol to disable it.
Type: Literal
Range: Up to 1023 characters
Default value: "HIGH:MEDIUM:!SSLv2:!PSK:!SRP:!ADH:!AECDH:!EXP:!RC4:!IDEA:!3DES"
Specifies the ciphers that can be used by the server. Specific cipher, SSL or TLS versions can be specified. Since WebtoB uses OpenSSL, refer to the OpenSSL guide for cipher names.
Type: Literal
Range: Up to 255 characters
Specifies the client certificate file encoded in PEM. This is required if the internal server requires client verification.
The certificate is encoded in DER and is used like ASCII for web transmission. If the server certificate is encoded, then it will prompt for a passphrase.
Type: Literal
Range: Up to 255 characters
Specifies the private key of a PEM encoded certificate used on the client-side. This is required if the internal server requires client verification.
If the key is not included with the certificate, use this directive to specify the location of the key. Generally, this file is placed in the WebtoB SSL directory.
Type: Literal
Range: Up to 255 characters
Specifies the paths to the certificates of CAs (root certificate authority) that are used to create the certificate chain of client certificates.
Type: Literal
Default value: "builtin"
Specifies how to retrieve the passphrase for an encrypted private key file when using client authentication (CertificateFile, CertificateKeyFile) in PROXY_SSL.
The following are descriptions of configuration values.
| Value | Description |
|---|---|
| builtin | Asks for a passphrase when starting WebtoB. |
| exec:<program path> | When starting WebtoB, a program is executed and its output is used as a passphrase. A file that is executed with “exec” can be a compiled executable or a shell script. |
| file:<passphrase file path> | Uses the passphrase in the passphrase file that was generated by the wsmkppd tool when WebtoB is started. |
There are four ways to troubleshoot an error in WebtoB:
Output the error message defined in the source code.
Output the error message defined by the user.
Retransmit to a local URL.
Retransmit to an external URL.
For the second, third, and fourth methods, the ERRORDOCUMENT section configures an HTTP response status code, except 401, with the URL to redirect to.
The following is the environment configuration format of the ERRORDOCUMENT section.
*ERRORDOCUMENT
name # String[32]
Status = Numeric, # (HTTP status code)
Url = Literal[256]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the ERRORDOCUMENT section configuration items.
Type: String
Range: Up to 31 characters
Specifies the section name.
Type: Numeric
Specifies the HTTP status code.
Type: Literal
Range: Up to 255 characters
Specifies the relative path from DocRoot or absolute path that a client can interpret.
The EXPIRES section configures server response header information.
When transmitting a specific MIME type document, the document’s expiration date can be set in the server response header. When a client's web browser reconnects to a site, only updated documents and documents that do not exist in the browser cache are retrieved from the site.
The client browser sends a specific MIME-Type and MIME expiration date to the web server. The browser requests the server to retransmit only the documents that have expired. The web server analyzes the MIME-Type and the expiration data in the client request header and retransmits when the MIME-Type document has expired.
The web server refers to the configuration file for the expiration date sent from the client to the web server. The web server then transmits the expiration date to client. The EXPIRES section defines the configuration related to the expiration date.
The following is the environment configuration format of the EXPIRES section.
*EXPIRES
name # String[32]
ExpiresTime = Literal[256],
#Mimetype = Literal[128],
#Url = Literal[256]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the EXPIRES section configuration items.
Type: String
Range: Up to 31 characters
Specifies the section name.
Type: Literal
Range: Up to 255 characters
Specifies the expiration date in the format of either <code><second> or <base>[plus]{<num><type>}*. If only ExpiresTime is specified, the expiration date in the Response Header for all requests is specified.
<code><seconds>
| Item | Description |
|---|---|
| <code> |
|
| <second> | Specifies the time cycle in seconds. 1 hour(3600), 1day(86400), 1week(604800), 1moth(241920) |
<base> [plus] {<num> <type>}*
| Item | Description |
|---|---|
| <base> |
|
| [plus] | optional |
| <num> | integer value |
| <type> | ‘years’, ‘months’, ‘weeks’, ‘days’, ‘hours’, ‘minutes’, ‘seconds’, ‘year’ , ‘month’, ‘week’, ‘day’, ‘hour’, ‘minute’ or ‘second’ |
Type: Literal
Range: Up to 127 characters
Specifies the response MIME type for the expiry date.
Type: Literal
Range: Up to 255 characters
Specifies the request URL for the expiry date.
The following is an example configuration of the EXPIRES section.
*EXPIRES
exp1
MimeType = "text/html",
ExpiresTime = "A604800"
exp2
MimeType = "image/gif",
ExpiresTime = "A2419200"
exp3
ExpiresTime = "A86400"
exp4
Url = "/news/",
ExpiresTime = "modification 1 days"
exp5
MimeType = "text/html",
ExpiresTime = "access plus 1 weeks"
exp6
ExpiresTime = "M86400"
exp7
Url = "/image/",
MimeType = "image/gif",
ExpiresTime = "access plus 1 months"
exp8
MimeType = "text/html",
ExpiresTime = "M86400"
TCPGW acts as a proxy that transfers a TCP connection from specific port or IP address to another server. TCPGW never interprets transferred data. TCPGW leaves a sysLog instead of an AccessLog when a client opens or terminates access.
The following is the environment configuration format of the TCPGW section.
*TCPGW
name # String[32]
ServerAddress = Literal[1024], # LIST[100]
#Port = Literal[1024], # (1-65535), LIST[100]
#Listen = Literal[1024], # LIST[100]
#SSLFlag = Boolean, # N
#SSLName = String[32],
#Timeout = Numeric, # 300 (0-)
#CheckAliveTime = Numeric, # 0 (0-)
#ConnectTimeout = Numeric, # 5 (0-)
#ConnectDirection = String[256], # "CS"
#Schedule = String[256], # "RR"
#AccessName = String[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the TCPGW section configuration items.
Type: String
Range: Up to 31 characters
Specifies the section name.
Type: Literal
Range: Up to 1023 characters
Specifies the pairs of an IP address and a port number of servers that process client requests.
Up to 100 pairs can be specified. The requests are distributed to servers by using round robin method.
Type: Literal
Range: Up to 1023 characters
Specifies the port used to listen to client requests.
Up to 100 ports can be specified. Multiple ports can listen concurrently through the port configuration.
If both the Port and Listen items are configured, the Port item is ignored.
Type: Literal
Range: Up to 1023 characters
Specifies the pairs of IP address and port number used to listen to client requests
Up to 100 pairs can be specified. If a server has multiple IP addresses, this item can be used to accept only the requests from a specific IP address.
Type: Boolean
Default value: N
Specifies when to apply SSL.
Type: String
Range: Up to 31 characters
Specifies the SSL section name.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 300
Specifies the maximum period of time to wait for a server response. After this timeout expires, the connection is ended.
If set to 0, there is no time limit.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0
Specifies the time interval at which server status is checked. If a server is not connected, the server is excluded from load balancing. After the specified time interval, server status is checked.
If set to 0, server status is checked on every request.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 5
Specifies the maximum period of time for WebtoB TCP gateway to try to access a set server in order to send a client request. After this timeout expires, the gateway tries to connect to another server.
If set to 0, there is no time limit.
Type: String
Range: CS | SC
Default value: CS
Specifies the connection direction: client to server (CS) or server to client (SC).
Type: String
Range: RR | FA
Default value: RR
Specifies the request dispatch method when multiple external servers are configured.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name used to determine whether to allow user accesses.
Type: Boolean
Default value: Y
Specifies whether to record logs in SysLog when the client is connecting or disconnecting to/from TCP gateway port.
The following is an example configuration of the TCPGW section.
*TCPGW
tcpgw1
Port = "5000",
ServerAddress = "192.168.1.20:5000, 92.168.1.21:5000"
tcpgw2
Listen = "192.168.1.10:5050",
ServerAddress = "192.168.1.20:5050, 92.168.1.21:5050",
TimeOut = 0,
AccessName = access1
tcpgw3
Listen = "192.168.1.10:5060",
ServerAddress = "192.168.1.20:5060,92.168.1.21:5060",
ConnectTimeOut = 20,
AccessName = access2
*ACCESS
access1
Order = "allow, deny",
Allow = "all"
access2
Order = "allow, deny",
Allow = "211.1.1.10, 211.1.1.20"
The REVERSE_PROXY_GROUP section is used to manage multiple REVERSE_PROXY sections as a group for load balancing and sticky session routing.
The following is the environment configuration format of the REVERSE_PROXY_GROUP section.
*REVERSE_PROXY_GROUP
name # String[32]
PathPrefix = Literal[256],
ServerPathPrefix = Literal[256],
#RegExp = Literal[256],
#SetHostHeader = Literal[256],
#VhostName = String[1024], # LIST[64], MULTI
#RewriteRedirect = Literal[256], # MULTI[16]
#RewriteCookieDomain = Literal[256],
#RewriteCookiePath = Literal[256],
#RewriteHtmlMaxSize = Numeric, # 10240 (1-)
#RewriteHtmlUrl = Literal[256], # MULTI[32]
#HtmlUrl = Literal[256], # MULTI[64]
#WBRoutingCookieKey = Literal[256],
#SessionIdCookieKey = Literal[256],
#FlexibleStickySessionRouting = Boolean, # N
#LBBackup = Literal[256],
#FailbackCheckTime = Numeric, # 60 (0-)
#AccessName = String[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the REVERSE_PROXY section configuration items.
Type: String
Range: Up to 31 characters
Specifies the reverse proxy group name.
Type: Literal
Range: Up to 255 characters
Specifies the HTTP request URL prefix. If the request URL is prefixed with the specified value, the request is sent to a reverse proxy.
PathPrefix = "/internal/"
Type: Literal
Range: Up to 255 characters
Specifies the prefix to replace the HTTP request URL prefix. The modified request is sent to an internal server set in the ServerAddress item.
Using the following setting, the HTTP Request URL is changed from "/internal/abc.html" to "/docs/abc.html" and then sent to the internal server.
ServerPathPrefix = "/docs/"
Type: Literal
Range: Up to 255 characters
Specifies the regular expression to match with the HTTP request URL. If they match, the request is sent to a reverse proxy.
'!' means to exclude.
RegExp = "\.(do|jsp)$"
Type: Literal
Range: Up to 255 characters
Specifies the Host header when forwarding the request to the internal server using reverse proxy. If not set, the value specified in ServerAddress is used.
If set to "$BypassHostHeader", the client Host header is used without modification.
SetHostHeader = "reverseproxy.server.com"
Type: String
Range: Up to 1023 characters
Specifies the reverse proxy's virtual host name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Literal
Range: Up to 255 characters
Specifies the two strings delimited by a blank space. When the status code of an internal server response is 301, 302, 303, or 307 (related to redirection), the Location and Content-Location headers for the response are compared to the first string. If they match, the domain name and port are replaced by those of the request, and the path is replaced by the second string.
The following replaces "http://internal.server.com:80/docs/abc.html", the location of original response, by "http://webtob:8100/internal/abc.html".
RewriteRedirect = "http://internal.server.com:80/docs/ /internal/" RewriteRedirect = "http://internal.server.com:80/docs_kr/ /internal_kr/" RewriteRedirect = "http://internal.server.com:80/docs_ch/ /internal_ch/"
Up to 16 items can be specified.
Type: Literal
Range: Up to 255 characters
Used as a condition to change the "domain=" value of the Cookie Header item in the internal server response. If the string specified in "domain=" matches the string specified in RewriteCookieDomain, the "domain=" value is replaced with the domain of the user request.
Using the following configuration, if the WebtoB domain is webtob, the cookie of the original response "jsessionid=abc, domain=internal.server.com" is modified to "jsessionid=abc, domain=webtob".
RewriteCookieDomain = "internal.server.com"
Type: Literal
Range: Up to 255 characters
Used as a condition to change the "path=" value of the Cookie header item in the internal server response. If the string specified in "path=" is prefixed with the first string of the RewriteCookiePath, the "path=" string is replaced with the second string.
Using the following configuration, the cookie of the original response "jsessionid=abc, path=/jeus/application" is modified to "jsessionid=abc, path=/jeus_proxy/application".
RewriteCookiePath = "/jeus /jeus_proxy"
Type: Numeric
Unit: bytes
Range: 1 ~ INT_MAX
Default value: 10240
If the response is an HTML page (Content-Type: text/html), specific tag values inside the page can be modified. This value sets the maximum internal buffer size that can be used.
If the response size is greater than the specified value, the original response is sent to the client.
Type: Literal
Range: Up to 255 characters
Specifies the two strings used to replace the URL of an HTML document.
If the URL is prefixed with the first string, the part is replaced by the second string. The domain name and port in the URL are replaced by the WebtoB server address.
A tag and its attributes that specify a URL can be defined in the HtmlUrl item.
It is assumed that a meta tag always includes a URL.
<meta ... http-equiv="refresh" ... content="http://internal.server.com:80/docs/link3.html" ...>
RewriteHtmlUrl = "http://test2:80/ /proxy/", RewriteHtmlUrl = "/ /proxy/"
Up to 32 items can be configured for RewriteRedirect.
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the names of the tags and attributes that include the URL in the HTML document.
The first string is the tag name. Starting from the second line, the attribute names are specified.
Up to 64 tags can be configured by specifying HtmlUrl multiple times.
HtmlUrl = "a href", HtmlUrl = "img src longdesc usemap"
Type: Literal
Range: Up to 255 characters
Specifies the key in the HTTP cookie used for routing between reverse proxy servers in a group.
This item overrides the SessionIdCookieKey item. If set, StickySessionRoutingId set in the REVERSE_PROXY section is ignored.
Routing id is set to the Base64 encoded values of Reverse Proxy Group Name and Reverse Proxy Name.
Using the following configuration, the response Set-Cookie Header is set to a form of W2BRID=RPG1.rproxy1 and is used for routing by checking the request Cookie Header.
WBRoutingCookieKey = "W2BRID"
WBRoutingCookieKey value can be set to the SessionIdCookieKey value. In this case, if the key, e.g., JSESSIONID, set in the response (Set-Cookie) header received from the internal Reverse Proxy server exists, add the routingid to the key value and send it to the client to use it as the routingid for any subsequent requests.
Type: Literal
Range: Up to 255 characters
Default value: "JSESSIONID"
Specifies the key in the HTTP cookie used for session routing.
Type: Boolean
Default value: N
Specifies the option to use flexible session routing.
The following are descriptions of the configurable options.
| Option | Description |
|---|---|
| Y | If connections up to MaxPersistentServerConnections of the internal server are in the RUN state when using the StickySessionRoutingId for session routing, requests are routed to another internal server connection with a different StickySessionRoutingId instead of being queued. |
| N (default value) | Uses the basic sticky session routing. Requests are routed only to internal server connections with the same StickySessionRoutingId, and requests are queued if connections up to MaxPersistentServerConnections are all in the RUN state. |
When using flexible routing, multiple clients with the same JSESSIONID can be each routed to different servers. It is recommended to use the default value.
Type: Literal
Range: Up to 31 characters
Specifies the backup server for reverse proxy servers.
Type: Literal
Range: 0 ~ INT_MAX
Default value: 60 (If set to 0, Failback checks are not performed.)
Specifies the time interval at which a backup server tries to fail back. If set to 0, failback is not used.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name to use to accept or reject a reverse proxy request from a specific IP address.
The following is an example configuration of the REVERSE_PROXY_GROUP section.
*REVERSE_PROXY_GROUP
rpg_internal
VhostName = "vhost1",
PathPrefix = "/internal/",
RegExp = "\.(do|jsp)$",
ServerPathPrefix = "/docs/",
RewriteRedirect = "http://internal.server.com:80/docs/ /internal/",
RewriteCookieDomain = "internal.server.com",
RewriteCookiePath = "/jeus /jeus_proxy",
RewriteHtmlUrl = "http://internal.server.com:80/ /internal/",
RewriteHtmlUrl = "/ /internal/",
HtmlUrl = "a href",
HtmlUrl = "img src longdesc usemap",
RewriteHtmlMaxSize = 4194304,
SessionIdCookieKey = "JSESSIONID",
FlexibleStickySessionRouting = N
The REVERSE_PROXY section configures a reverse proxy. A reverse proxy modifies a client request and then passes it to an internal server. It also modifies headers of the response and sends it to the client.
The following is the environment configuration format of the REVERSE_PROXY section.
*REVERSE_PROXY
name # String[32]
PathPrefix = Literal[256],
ServerPathPrefix = Literal[256],
ServerAddress = Literal[256],
#ReverseProxyGroupName = Literal[32],
#RegExp = Literal[256],
#SetHostHeader = Literal[256],
#VhostName = String[1024], # LIST[64], MULTI
#HttpInbufSize = Numeric, # 16384 (0-)
#RewriteRedirect = Literal[256], # MULTI[16]
#RewriteCookieDomain = Literal[256],
#RewriteCookiePath = Literal[256],
#RewriteHtmlMaxSize = Numeric, # 10240 (1-)
#RewriteHtmlUrl = Literal[256], # MULTI[32]
#HtmlUrl = Literal[256], # MULTI[64]
#StickySessionRoutingId = Literal[256],
#MinPersistentServerConnections = Numeric, # 0 (0-)
#MaxPersistentServerConnections = Numeric, # 0 (0-)
#PersistentServerCheckTime = Numeric, # 30 (0-)
#PersistentServerTimeout = Numeric, # 300 (0-)
#PersistentServerCheckUrl = Literal[256],
#ProxySslFlag = Boolean, # N
#ProxySslName = String[32],
#MaxWebSocketConnections = Numeric, # 0 (0-)
#WebSocketSessionTimeout = Numeric, # 0 (0-)
#Options = Literal[256], # PM.LIST
#ConnectRetryCount = Numeric, # 3 (0-)
#ConnectTimeout = Numeric, # 5 (0-)
#AccessName = String[32]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the REVERSE_PROXY section configuration items.
Type: String
Range: Up to 31 characters
Specifies the reverse proxy name.
Type: Literal
Range: Up to 255 characters
Specifies the request URL prefix. If the request URL is prefixed with the specified value, the request is sent to the reverse proxy.
If an HTTP Request URL is prefixed with the specified value, Reverse Proxy processes the request.
PathPrefix = "/internal/"
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead. If the ReverseProxyGroupName is used, this value must be set to the value set in the REVERSE_PROXY_GROUP section.
Specifies the prefix to replace the request URL prefix. The modified request is sent to an internal server set in the ServerAddress item.
Using the following setting, the HTTP Request URL is changed from "/internal/abc.html" to "/docs/abc.html" and then sent to the internal server.
ServerPathPrefix = "/docs/"
Type: Literal
Range: Up to 255 characters
Specifies the internal server address to which the request is sent.
ServerAddress = "internal.server.com:80"
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the Host Header value when a request is forwarded to the internal server using Reverse Proxy. If not set, the Host Header value is set to the value specified in ServerAddress.
If set to "$BypassHostHeader", the client-sent Host Header value is used.
SetHostHeader = "reverseproxy.server.com"
Type: String
Range: Up to 1023 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead. If the ReverseProxyGroupName is used, this value must be set to the value set in the REVERSE_PROXY_GROUP section.
Specifies the reverse proxy's virtual host name.
Up to 64 items can be configured by separating each item with a comma (,).
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 16384
Specifies the buffer size used when a server receives user requests.
If value is set to 0 or greater than 16777216 (16 MB), the value 16777216 (16 MB) is used.
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the two strings delimited by a blank space. When the status code of an internal server response is 301, 302, 303, or 307 (related to redirection), the Location and Content-Location headers for the response are compared to the first string. If they match, the domain name and port are replaced by those of the request, and the path is replaced by the second string.
The following replaces "http://internal.server.com:80/docs/abc.html", the location of original response, by "http://webtob:8100/internal/abc.html".
RewriteRedirect = "http://internal.server.com:80/docs/ /internal/" RewriteRedirect = "http://internal.server.com:80/docs_kr/ /internal_kr/" RewriteRedirect = "http://internal.server.com:80/docs_ch/ /internal_ch/"
Up to 16 items can be specified.
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the domain value to replace. If the domain in the response cookie header is identical to the specified value, it is replaced by the domain name of the request.
Using the following configuration, if the WebtoB domain is webtob, the cookie of the original response "jsessionid=abc, domain=internal.server.com" is modified to "jsessionid=abc, domain=webtob".
RewriteCookieDomain = "internal.server.com"
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the two strings delimited by a blank space. If the path in the cookie header for the response is prefixed with the first string, the part is replaced by the second string.
Using the following configuration, the cookie of the original response "jsessionid=abc, path=/jeus/application" is modified to "jsessionid=abc, path=/jeus_proxy/application".
RewriteCookiePath = "/jeus /jeus_proxy"
Type: Numeric
Unit: bytes
Range: 1 ~ INT_MAX
Default value: 10240
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the maximum buffer size used to store the HTML response in order to modify its URL. If the response size is bigger than the specified size, the URL is not modified.
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the two strings used to replace the URL of an HTML document (Content-Type: text/html), which is an internal server response. If the URL is prefixed with the first string, the part is replaced by the second string. The domain name and port in the URL are replaced by the WebtoB server address of the request.
A tag and its attributes that specify a URL can be defined in the HtmlUrl item.
It is assumed that a meta tag always includes a URL.
<meta..http-equiv="refresh"..content="http://internal.server.com:80/docs/link3.html"..>
RewriteHtmlUrl = "http://test2:80/ /proxy/",
RewriteHtmlUrl = "/ /proxy/"
Up to 32 items can be specified.
Type: Literal
Range: Up to 255 characters
If the ReverseProxyGroupName is configured, this can be omitted and the setting in the REVERSE_PROXY_GROUP section can be used instead.
Specifies the tag and attribute(s) names that include the URL of an HTML document. The first string is the tag name followed by attribute names.
Up to 64 tags can be configured by specifying HtmlUrl multiple times.
HtmlUrl = "a href",
HtmlUrl = "img src longdesc usemap"
Type: Literal
Range: Up to 255 characters
Used for sticky session routing when connecting to multiple web application servers in a reverse proxy group that is specified with ReverseProxyGroupName.
Use the name of the engine that corresponds to the Sticky Session id(JSESSIONID) value set in the Set-Cookie response header by the internal server (WAS). For example, if the "JSESSIONID" value in the Set-Cookie response header is "Pl1xfBkEVbUu2cj20CUNlHJoWLmU.xxx_servlet_engine1", use the value following the delimiter (period) which is "xxx_servlet_engine1".
StickySessionRoutingId = "xxx_servlet_engine1"
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the minimum number of connections required to maintain connection with an internal server after request processing is complete.
A new connection with an internal server is created when there is a new request, and as long as the internal server doesn't terminate the connection it is maintained and reused for subsequent requests.
The PersistentServerCheckUrl setting is required to be able to send a ping, which must be sent to maintain the connection with an internal server.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the maximum number of connections required to maintain connection with an internal server after request processing is complete.
When there is a new request, a new connection is created if all connections are currently processing other requests and the request is queued if the number of connections has reached the specified maximum limit.
The PersistentServerCheckUrl setting is required to be able to send a ping, which must be sent to maintain the connection with an internal server.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 30
Specifies the interval for checking connection with an internal server in order to manage internal server connections.
To maintain internal server connections, this must be set to a value less than the KeepAliveTimeout of the internal server. A single ping is sent to connections in the Ready state, and the connection is disconnected if no reply is received within the PersistentServerCheckTime period.
If set to 0, no ping is sent and connections are maintained for the KeepAliveTimeout period of the external server.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 300
Specifies the timeout for terminating a connection in the Ready state when the number of internal server connections has reached the MinPersistentServerConnections.
If set to 0, timeout is not applied to idle connections.
Type: Literal
Range: Up to 255 characters
Specifies to internally use the HTTP HEAD request as the ping message for maintaining internal server connections.
Connections are maintained by using a ping message to check for the connection state after sending an HTTP request to the internal server and receiving an HTTP response. If the response message is not 200, the connection is terminated. An application must be implemented on the internal server to respond to the ping.
PersistentServerCheckUrl = "/ping.html"
Type: Boolean
Default value: N
Specifies whether to use SSL/TLS to connect to the internal server.
If set, the PROXY_SSL section item can be set in ProxySslName.
Type: String
Range: Up to 31 characters
Specifies the PROXY_SSL section item when ProxySslFlag is set to 'Y'.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 0
Specifies the maximum number of connections when connection is upgraded from HTTP to WebSocket protocol.
If set to 0, no limit is set on the number of WebSocket connections.
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 0
Specifies the timeout for WebSocket connection. It is recommended to set this value based on the timeout setting of the WebSocket session on the internal server.
If set to 0, timeout check is not performed.
Type: Literal
Range: Up to 255 characters
Specifies the Cache option that is applied to the server.
| Option | Description |
|---|---|
| {+|-}Cache | Determines the presence (+|-) of the content's cache. |
| DynamicServerAddress | 내부 서버와 연결 실패시 DNS resolution을 다시 시도한다. |
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 3
Specifies the number of DNS resolution retries to execute when TCP connection with the internal server fails.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 5
Specifies the retry interval for TCP connection with the internal server.
Retries DNS resolution and TCP connection attempts when this time is exceeded.
Type: String
Range: Up to 31 characters
Specifies the ACCESS section name to use to accept or reject a reverse proxy request from a specific IP address.
The following is an example configuration of the REVERSE_PROXY section.
*REVERSE_PROXY
rproxy1
ReverseProxyGroupName = "rpg_internal",
VhostName = "vhost1",
PathPrefix = "/internal/",
RegExp = "\.(do|jsp)$",
ServerAddress = "internal.server.com:80",
ServerPathPrefix = "/docs/",
RewriteRedirect = "http://internal.server.com:80/docs/ /internal/",
RewriteCookieDomain = "internal.server.com",
RewriteCookiePath = "/jeus /jeus_proxy",
RewriteHtmlUrl = "http://internal.server.com:80/ /internal/",
RewriteHtmlUrl = "/ /internal/",
HtmlUrl = "a href",
HtmlUrl = "img src longdesc usemap",
RewriteHtmlMaxSize = 4194304,
MinPersistentServerConnections = 10,
MaxPersistentServerConnections = 20,
PersistentServerCheckTime = 50,
PersistentServerTimeout = 300,
PersistentServerCheckUrl = "/ping.html",
ProxySslFlag = Y,
ProxySslName = proxy_ssl1,
MaxWebSocketConnections = 20,
WebSocketSessionTimeout = 300,
Options = "-cache"
The LOGLEVEL section configures the syslog level.
The following is the environment configuration format of the LOGLEVEL section.
*LOGLEVEL
name # String[256]
Level = String[256] # "INFO"
#Options = String[256], # PM.LIST
#RotateBySeconds = Numeric # 300 (0-)
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the LOGLEVEL section configuration items.
Type: String
Specifies the logger name. Logger is a WebtoB component.
WebtoB defines the following loggers:
| Logger Name | Description |
|---|---|
| . | ROOT | All WebtoB logger. |
| .hth | HTH | For HTH logs. |
| .htl | HTL | For HTL logs. |
| .wsm | WSM | For WSM logs. |
| .server | SERVER | For all server logs. |
| .server.cgis | CGIS | For CGIS logs. |
| .server.phps | PHPS | For PHPS logs. |
| .server.ssis | SSIS | For SSIS logs. |
| .server.filters | FILTERS | For FILTERS logs. |
Type: String
Default value: "INFO"
Specifies the log level.
Messages with a log level higher than the specified value are recorded. Set to one of: "TRACE" (lowest), "DEBUG", "INFO", "WARN", and "FATAL". The default level of all loggers is "INFO".
TRACE level logs are recorded in a trace file set in the WEBTOB_TRACE environment variable, not the syslog file. If the environment variable is not set, the messages are recorded in $(WEBTOBDIR)/log/trace/processname-pid-date.trace.
WEBTOB_TRACE can be set with one of the following format strings:
| Format String | Description |
|---|---|
| %N% | Process name. |
| %P% | Process ID. |
| %D% | Date. |
For example, the following means that HTH and CGIS messages are recorded in HTH.trace and CGIS.trace, respectively.
WEBTOB_TRACE = %N%.trace
Type: String
Specifies the options for HTL log (.hth). Specify multiple options delimited with a comma
The following describes the options used in ".hth" logger.
| Option | Description |
|---|---|
| dcR | Records data sent by the client in the trace file. |
| dcW | Records data sent to the client in the trace file. |
| dsR | Records data sent by the server in the trace file. |
| dsW | Records data sent to the server in the trace file. |
The following is an example.
Options = "dcR,dcW,dsR,dsW"
Type: Numeric
Unit: Second
Range: 0 ~ INT_MAX
Default value: 300 (If set to 0, this function is disabled.)
Specifies the time (sec) since the creation of the current log file after which a new log file is created for a new log message.
The HEADERS section is used when a specific HTTP Header is added to a user request or a response. Headers items can be configured in the NODE, VHOST, and SERVER sections.
The following is the environment configuration format of the HEADERS section.
*HEADERS
name # String[256]
Action = String[256],
#ItemName = String[256],
#ItemValue = String[1024],
#RegExp = String[256],
#StatusCode = String[256] # (HTTP status code)
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the HEADERS section configuration items.
Type: String
Range: Up to 255 characters
Specifies the section name.
Type: String
Range: Up to 255 characters
When configuring AddRequest, add the specified HTTP Header to the request. When configuring AddResponse, add the specified HTTP Header to the response.
Type: String
Range: Up to 255 characters
Specifies the HTTP Header to add.
Type: String
Range: Up to 1023 characters
Specifies the HTTP Header value to add.
Type: Literal
Range: Up to 255 characters
If the HTTP Request URL matches the specified Regular expression, add the specified Header.
Type: String
Range: Up to 255 characters
Specifies when to add the Header for a specific HTTP Status Code.
This section configures preceding commands such as specifying CPU Affinity by each process of WebtoB when starting WebtoB.
The following is the environment configuration format of the PRECEDING_COMMAND section.
*PRECEDING_COMMAND
name # String[256]
Command = Literal[256] # MULTI[100]
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the PRECEDING_COMMAND section configuration items.
Type: String
Specifies the WebtoB process names.
| Process name | Description |
|---|---|
| .hth | HTH | HTH process |
| .htl | HTL | HTL process |
| .wsm | WSM | WSM process |
| .server | SERVER | Server process |
Type: Literal
Range: Up to 255 characters
Inputs the commands to perform before process execution.
The commands vary depending on the OS. The full path of the command located in the OS must be inputted.
| OS | Command |
|---|---|
| Linux | taskset |
| AIX | execrset |
| HP-UX | psrset |
| SunOS | psrset |
For HTH, up to 100 commands can be set.
Except for HTH processes, only the first command is applied even if commands are configured multiple times.
If multiple HTH processes are configured in the NODE section and the number of commands is greater than the number of HTH processes, as many commands as the number of HTH processes are executed. For example, if there are 5 HTH processes, only 5 commands are executed.
If the number of HTH processes is greater than the number of commands, the specified commands are sequentially executed in a round-robin manner.
If two commands are configured in the .hth file (as follows) and HTH is set to 5 in the NODE section, the first command is executed for hth1/hth3/hth5 and the second command for hth2/hth4.
Command = "/usr/bin/execrset -c 0 -e", Command = "/usr/bin/execrset -c 1 -e"
When the process is restarted after an abnormal termination, the commands are also re-executed.
The FILTER section specifies the FILTER section name that will use the Filter module. The Filter item is set in the NODE, VHOST, or SVRGROUP section.
The following is the environment configuration format of the FILTER section.
*FILTER
name # String[256]
RealPath = Literal[256] # $ENV, R.PATH
Refer to "3.1.3. Configuration Item Description Rules" for more information on symbols and details of the LOGGING configuration items.
Type: String
Range: Up to 255 characters
Specifies the configured FILTER section name.
Type: String
Range: Up to 255 characters
Specifies the path of the Filter module within the physical directory of the server.
Common log format. The format defined in this section can be used in the LOGGING section.
*USERLOGFORMAT
name # String[256]
Format = Literal[256]
Type : String
Range : Up to 32 characters
Specifies a log format.
The specified name can be used as an argument of *LOGGING.Format.
Type : String
Range : Up to 255 characters
Log message format. For more information, refer to the "*LOGGING"section.
Enables disk caching in WebtoB. When a file is in a remote host through a network such as NAS or NFS, this option saves the file in a local disk. Configuration items are disk path, size of a file to be cached, and so on.
*DISK_CACHE
name # String[32]
CacheRoot = Literal[256] # "cache_root/", $ENV, R.PATH
DirLevels = Numeric # 0 (0 - )
MinFileSize = Numeric # 1 (1 - )
MaxFileSize = Numeric # 1000000
RefreshTime = Numeric # 1 (1 - )
RetryWaitCount = Numeric # 5
Type : String
Range : Up to 32 characters
Name of a disk cache.
Type : String
Range : Up to 255 characters
Path to a disk.
Environment variables can be used as a value for this item. If set to a relative path, it will be converted to an absolute path that uses $WEBTOBDIR.
Type: Numeric
Range: 0 ~ INT_MAX
Default value : 0
Depth of a directory to be created for disk cache.
Type: Numeric
Unit: bytes
Range: 0 ~ INT_MAX
Default value: 1
Minimum file size for disk cache.
Type: Numeric
Unit: bytes
Range: 0 ~ LONG_MAX
Default value: 1000000
Maximum file size for disk cache.
Type: Numeric
Unit: seconds
Range: 0 ~ INT_MAX
Default value: 1
Cache refresh interval. A cached response is valid for the specified period of time (sec).
If set to 0, the cached response is deemed valid without an expiration time.
Type: Numeric
Range: 0 ~ INT_MAX
Default value: 5
If the same file is requested by multiple clients, the first request will be cached in disk.
The next requests will be retried again after the first request is cached in disk and its response is returned. This item specifies the maximum number of retries for next requests.