|The Apache HTTP Server Reference Manual
by Apache Software Foundation
Paperback (6"x9"), 862 pages
RRP £19.95 ($29.95)
This section describes some of the major changes between the 2.0 and 2.2 versions of the Apache HTTP Server. For new features since version 1.3, see the 2.0 new features (p. 1673) document.
- The bundled authentication and authorization modules have been refactored. The new mod_authn_alias module can greatly simplify certain authentication configurations. See module name changes, and the developer changes for more information about how these changes affects users and module writers.
- mod_cache, mod_disk_cache, and mod_mem_cache have undergone a lot of changes, and are now considered production-quality. htcacheclean has been introduced to clean up mod_disk_cache setups.
- The default configuration layout has been simplified and modularised. Configuration snippets which can be used to enable commonly-used features are now bundled with Apache, and can be easily added to the main server config.
- Graceful stop
- The prefork, worker and event MPMs now allow httpd to be shutdown gracefully via the graceful-stop (p. 99) signal. The GracefulShutdownTimeout directive has been added to specify an optional timeout, after which httpd will terminate regardless of the status of any requests being served.
- The new mod_proxy_balancer module provides load balancing services for mod_proxy. The new mod_proxy_ajp module adds support for the Apache JServ Protocol version 1.3 used by Apache Tomcat2 .
- Regular Expression Library Updated
- Version 5.0 of the Perl Compatible Regular Expression Library3 (PCRE) is now included. httpd can be configured to use a system installation of PCRE by passing the --with-pcre flag to configure.
- Smart Filtering
- mod_filter introduces dynamic configuration to the output filter chain. It enables filters to be conditionally inserted, based on any Request or Response header or environment variable, and dispenses with the more problematic dependencies and ordering problems in the 2.0 architecture.
- Large File Support
httpd is now built with support for files larger than 2GB on modern 32-bit Unix systems. Support for handling >2GB request bodies has also been added.
- Event MPM
- The event MPM uses a separate thread to handle Keep Alive requests and accepting connections. Keep Alive requests have traditionally required httpd to dedicate a worker to handle it. This dedicated worker could not be used again until the Keep Alive timeout was reached.
- SQL Database Support
- mod_dbd, together with the apr_dbd framework, brings direct SQL support to modules that need it. Supports connection pooling in threaded MPMs.
- Modules in the aaa directory have been renamed and offer better support for digest authentication. For example, mod_auth is now split into mod_auth_basic and mod_authn_file; mod_auth_dbm is now called mod_authn_dbm; mod_access has been renamed mod_authz_host. There is also a new mod_authn_alias module for simplifying certain authentication configurations.
- This module is a port of the 2.0 mod_auth_ldap module to the 2.2 Authn/Authz framework. New features include using LDAP attribute values and complicated search filters in the Require directive.
- A new module that authorizes access to files based on the owner of the file on the file system
- A new module that allows configuration blocks to be enabled based on the version number of the running server.
- Added a new ?config argument which will show the configuration directives as parsed by Apache, including their file name and line number. The module also shows the order of all request hooks and additional build information, similar to httpd -V.
Added a support for RFC 28174 , which allows connections to upgrade from clear text to TLS encryption.
- mod_imap has been renamed to mod_imagemap to avoid user confusion.
- A new command line option -M has been added that lists all modules that are loaded based on the current configuration. Unlike the -l option, this list includes DSOs loaded via mod_so.
- A new program used to generate dbm files from text input, for use in RewriteMap with the dbm map type.
- APR 1.0 API
Apache 2.2 uses the APR 1.0 API. All deprecated functions and symbols have been removed from APR and APR-Util. For details, see the APR Website5 .
- The bundled authentication and authorization modules have been
renamed along the following lines:
- mod_auth_* -> Modules that implement an HTTP authentication mechanism
- mod_authn_* -> Modules that provide a backend authentication provider
- mod_authz_* -> Modules that implement authorization (or access)
- mod_authnz_* -> Module that implements both authentication & authorization
There is a new authentication backend provider scheme which greatly eases the construction of new authentication backends.
- Connection Error Logging
A new function, ap_log_cerror has been added to log errors that occur with the client’s connection. When logged, the message includes the client IP address.
- Test Configuration Hook Added
A new hook, test_config has been added to aid modules that want to execute special code only when the user passes -t to httpd.
- Set Threaded MPM’s Stacksize
- Protocol handling for output filters
In the past, every filter has been responsible for ensuring that it generates the correct response headers where it affects them. Filters can now delegate common protocol management to mod_filter, using the ap_register_output_filter_protocol or ap_filter_protocol calls.
- Monitor hook added
- Monitor hook enables modules to run regular/scheduled jobs in the parent (root) process.
- Regular expression API changes
The pcreposix.h header is no longer available; it is replaced by the new ap_regex.h header. The POSIX.2 regex.h implementation exposed by the old header is now available under the ap_ namespace from ap_regex.h. Calls to regcomp, regexec and so on can be replaced by calls to ap_regcomp, ap_regexec.
- DBD Framework (SQL Database API)
With Apache 1.x and 2.0, modules requiring an SQL backend had to take responsibility for managing it themselves. Apart from reinventing the wheel, this can be very inefficient, for example when several modules each maintain their own connections.
Apache 2.1 and later provides the ap_dbd API for managing database connections (including optimised strategies for threaded and unthreaded MPMs), while APR 1.2 and later provides the apr_dbd API for interacting with the database.
New modules SHOULD now use these APIs for all SQL database operations. Existing applications SHOULD be upgraded to use it where feasible, either transparently or as a recommended option to their users.
|ISBN 9781906966034||The Apache HTTP Server Reference Manual||See the print edition|