iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

351

352

353

354

355

356

357

358

359

360

Configuration Directives

iTP Secure WebServer System Administrator’s Guide—522659-001

A-51

Region

To forbid SSL connections from an area prefixed by PCT/:

Region /PCT* {

RequireSecureTransport -nossl

}

ScriptTimeout time-in-seconds

The ScriptTimeout command sets the period (in seconds) that the iTP Secure

WebServer allows a CGI program to send its output to a web client. The default

value is 300 seconds; do not specify a value greater than 1073741824. If the

program has not exited within the set time, the request is canceled, the connection is

closed, and the CGI process is sent a termination signal.

The ScriptTimeout command overrides the global specification set by the

ScriptTimeout directive. For further information about using the

ScriptTimeout directive, see ScriptTimeout

on page A-58.

SendHeader header

The SendHeader command causes a specified HTTP header (header) to be

included in the server’s response to a web client request. Use HTTP headers to

enable (or disable) particular client features (such as caching) or to modify client

behavior. For example:

SendHeader "Pragma: nocache"

Recognition of headers by clients is client-dependent. Consult the applicable client

documentation for header-recognition information concerning particular clients.

SI_Department departmentID -attribute value [-attribute value

...]

The SI_Department command functions in the same manner as the

SI_Department directive (see SI_Department on page A-68), but applies only to

the specified region. It accepts all the attributes listed in Anonymous Ticket

Attributes on page A-52.

Regions that do not contain an SI_Department command inherit the default

attributes of the iTP Secure WebServer or the department.

To use SI_Department command in a Region directive, enter the following:

Region /foo/* {

SI_Department 5 -ForceTicketInUrl On

SI_RequireSI 5 20 30

}

SI_RequireSI department-id group-list

The SI_RequireSI command protects a region; requests for resources within the

region are only granted to users with a valid ticket.

The ticket’s message authentication code (MAC) must be encoded with the proper

secret, indicated by the department ID (department-id).