Subj : WCWEB and Host Headers To : All From : CHRIS CRANFORD Date : Thu Jan 31 2019 07:10 pm Date: Mon, 12 Apr 2004 23:14:49 -0400 From: CHRIS CRANFORD To: HECTOR SANTOS Subject: WCWEB and Host Headers Newsgroups: win.server.wish.list Message-ID: <1081826089.33.0@winserver.com> X-WcMsg-Attr: Rcvd X-Mailer: Wildcat! Interactive Net Server v7.0.454.5 Lines: 92 Hector - I wanted to bring this up before I forget what I was thinking earlier today about this... and get your opinion and others as well because I am not sure what the goal is in order to offer this. But with that in mind, lets assume for the moment we take a multiple phased approach. I'm coming from the mind-set that the demand is to be able to have multiple WCWEB domains point to different WWWROOT directories. So, lets assume the following setup similar to things here: Security Profile #1 - SP1 Domain: tkdsoftware.com Security Profile #2 - SP2 Domain: petsutopia.com Security Profile #3 - SP3 Domain: [nothing] Now, as the web server stands today, we have: wc:\http\public wc:\http wc:\http\template These are the major player directories. Now, could WCWEB be capable of reading the HTTP 'Host' header if it is passed and do a lookup against the domains defined in all the security profiles? If so, then could the following logic be implemented: Request: http://www.petsutopia.com (not authenticated) 1. WCWEB sees that the session isn't authenticated and the URI is not referring to a protected document, so the request gets sent to http://www.petsutopia.com/public/ 2. WCWEB sees the wc:\http\public\default.htm request come in and it checks the web root folders in the following order: Check Host Header wwwroot directory if exists wc:\http(petsutopia.com)\public --> wc5\wwwroot\petsutopia.com\public Check Computer Config wwwroot directory if exists wc:\http(tkdsoftware.com)\public --> wc5\wwwroot\tkdsoftware.com\public Fall back to original logic wc:\http\public -> wc5\http\public 3. When user logs into the web server, requests for protected documents would follow a simliar pattern: wc:\http(petsutopia.com)\default.htm -> wc5\wwwroot\petsutopia.com\default.htm wc:\http(tkdsoftware.com)\default.htm -> wc5\wwwroot\tkdsoftware.com\default.htm wc:\http\default.htm -> wc5\http\default.htm 4. When templates are requested, simliarly: wc:\http(petsutopia.com)\template\XXX.htm -> wc5\wwwroot\petsutopia.com\template\XXX.htm ... wc:\http\template\XXX.htm -> wc5\http\template\XXX.htm I know that when (or if we) get to this point to do this, it is going to be a BIG change and require loads of testing ... Not sure when you have this slated on the project timeline, but since this idea came to my head, I certainly wanted to pass it along to you. Just to recap, for non-authenticated sessions, the host header would be used to initially determine the wwwroot directory path. If that path does not exist, try the domain for the computer running wconline. If that path does not exist, default to the current directory logic. For authenticated sessions, we could just use the security profile domain to determine the web root directory path instead of then relying on the host headers (unless you want to always carry this thru regardless). Anyways, gonna grab some TV.. Chat soon. Thanks, Chris --- Platinum Xpress/Win/WINServer v3.1 * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013) .