Under the CERN server, each document request is filtered through a series of translation rules to determine what local resource should be used to handle the request. The document name is matched against a filename expression in each rule; if it matches, the rule is applied. The end result may be a file to send or a CGI program to run, or it may be a redirection to another document, either locally or at another site.
The most important thing to remember about CERN translation rules is that they are applied in the order that they appear in the configuration file. So if you have a rule that disallows access to a given document, it doesn't matter if there is a rule later that allows it. The request will already have been denied.
DefProt expression setup_file
Associate a file or group of files with the protection setup file. Any files matching expression are affected. The protection setup file is a file that sets the protection parameters to be used on the specified files. See the section entitled "Access Control Configuration" at the end of this chapter.
Exec expression script
Specifies the pathname to your CGI program directory. This directive also tells the server to run requested documents in that directory as CGI programs and return the results. For example, suppose your main CGI directory is /www/cgi-bin/, while your server root directory is /usr/local/etc/httpd/docs/. To make /cgi-bin/ the server path to your actual CGI directory and to tell the server that /cgi-bin/ is a CGI directory, use the following setting:
Exec /cgi-bin/* /www/cgi-bin/*
Tells the server that the document matching expression may not be served. The server returns a 403 (Permission Denied) error to the user and closes the connection.
Map expression new_path
The Map directive tells the server to rewrite a request for a document to use a different path. It is the CERN server's way of creating virtual pathnames. The directive can specify any directory to be mapped to one relative to the ServerRoot directory. For example, to map the directory /WWW/sales/web/docs/ to the directory /sales/ under the ServerRoot directory, use this directive:
Map /sales/* /www/sales/web/docs/*
Pass expression [new_path]
The Pass directive is used to specify directories where documents can be served from. For example, to allow documents to be served from the directory /WWW/sales/web/docs/, use this directive:
Pass can also map a pathname, like the Map directive, at the same time that it permits access to the directory.
Protect expression setup_file uid.gid
The Protect directive is used to declare a file or set of files to be subject to access control, and indicates a protection setup file to be used for the specified files. This directive is discussed in the Access Control section at the end of this chapter.
Redirect expression url
The Redirect directive is useful when you have had to move resources around either within the server or across servers. The new path is a full URL, possibly on another server. For example, if you have moved all documents from the /www/ directory on your server to another server, use:
Redirect /www/* http://www.acme.com /products/*