Manualshelf

iTP Secure WebServer System Administrators Guide (Version 7.5+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
41424344454647484950
3 Planning the iTP Secure WebServer PATHMON
Environment
This section provides background for configuring the iTP Secure WebServer PATHMON environment.
Topics discussed in this section include:
“Conventional TCP/IP: The Distributor Process” (page 47)
“TCP/IPv6 and IP CIP:The Auto Accept Feature” (page 47)
“Configuring the PATHMON Environment” (page 49)
“Threading Considerations for the httpd Server” (page 49)
“Security for the Server's Pathway Environment” (page 50)
“Other Security Considerations” (page 51)
Conventional TCP/IP: The Distributor Process
If you choose not to use TCP/IPv6 or IP CIP support, you must configure your iTP Secure WebServer
to use the Distributor. The Distributor process is a process that checks for incoming requests for
new connections from the TCP/IP subsystem and distributes the new requests to the iTP Secure
WebServer. The Distributor process runs as an OSS process and uses NonStop TS/MP to provide
process control, persistence, and scalability, as required for online enterprises.
The Accept and AcceptSecureTransportdirectives in the iTP Secure WebServer configuration
file (httpd.config, described in “Configuring the iTP Secure WebServer” (page 94)), determine
the Distributor process configuration.
The Distributor process can monitor multiple ports on multiple TCP/IP transport processes for new
connection requests, and then distribute those requests to various iTP Secure WebServer processes
within the httpd server class.
The Distributor process runs persistently. PATHMON starts the Distributor process and keeps it alive
persistently, but not as a process pair. If the Distributor process fails, PATHMON automatically creates
a new process.
When started, the Distributor process establishes OPENs with the TCP/IP processes specified in
the configuration file and monitors the configured ports for incoming connection requests.
When a request for connection arrives on one of the ports, the Distributor process performs a
SERVERCLASS_SEND_() to send the connection information to one of the iTP Secure WebServer
processes in the PATHMON environment. The iTP Secure WebServer processes the request to
completion.
For more information about the OSS environment, see the Open System Services User's Guide.
For more information about the Pathway environment, see the TS/MP System Management Manual.
TCP/IPv6 and IP CIP:The Auto Accept Feature
Running with the Auto-Accept feature, an iTP Secure WebServer no longer needs its Distributor
component. The httpd servers will assume the listening in addition to the distributing functions of
the Distributor. The Distributor server class will be completely removed from the PATHWAY
environment.
When the httpd program is run (while the "start" script gets executed), it begins a series of inquiries
to determine whether to run the iTP Secure WebServer under the new architecture or the old one.
If it passes all of its checkpoints, the iTP Secure WebServer will be configured according to the
new architecture and runs without the Distributor. If any of the checkpoints fail, the iTP Secure
WebServer will fall back to the conventional TCP/IP solution.
Conventional TCP/IP: The Distributor Process 47