[V4RB] Writing a simple server

[Frank Bitterlich]

Just one thing to add: If you want the exact details (and your should
really stick to them if you're creating a HTTP server), look at RFC
2068. It is available from many palces, one of them is 
   http://www.faqs.org

The info about authentication (the simplest one is "Basic") is in
section 10.4.2 and 11.

The basics: the client sends a header line like this with the request:
   Authorization: Basic xxxxxxxxxxxxx

where "xxxxxxxxxxxxx" is an Base64 encoded string consisting of the
username, a colon, and the password. The the username or password is not
valid or the whole Autorization header missing, the server sends a "401
Unauthorized" response instead of the document.

Cheers,
   Frank+++


John DeSoi wrote:
> 
> >At 10:09 AM -0500 2/11/03, jda wrote:
> >>
> >>There are some reports of the RB4 socket failing when multiple
> >>connection requests arrive at the same time, and because of this I'm
> >>destroying and re-creating my socket every other hour, and so far it
> >>runs pretty flawless.
> >
> >I think that the RB 5 SuperSocket class is going to handle this
> >automatically -- another reason to wait for that to deploy.
> 
> At the lower level TCP layers, a web server opens multiple listening
> streams on the specified port. This is the only way not to miss a
> request. Some browsers open multiple TCP streams to the same server
> to handle a request that has mixed content - e.g. text and images. If
> you are not listening on multiple streams, you are going to get
> errors on the browser side. I don't know anything about RB, but it
> sounds like the current socket class just opens one listening stream.
> Perhaps the new version will hide these low level details.
> 
> >What is proper Authentication (and how do you do it)?
> 
> There are several ways to implement authentication. The two most
> common are "Basic" and "Digest". Take a look at the HTTP specs for
> pointers.
> 
> >
> >Oh, and BTW, is there a maximum number of characters you can send in
> >a reply (like 32767)? That was a limit cor cgi's in OS 9, and I read
> >somewhere that it was imposed by AppleEvents, not by HTTP.
> 
> Right, there is no limit imposed by HTTP. HTTP 1.1 required that you
> put the content length in the header when you send back the response.
> Using the older HTTP 1.0 protocol (still supported by all browsers as
> far as I know) you can send as much as you want and then close the
> connection to indicate the end of the response.
> 
> Best,
> 
> John DeSoi, Ph.D.

--
Günter Schmidt & Co. oHG         
Frank Bitterlich             eMail: bitterlich at gsco.de
Schlosserstr. 4              WWW:   http://www.gsco.de/gsco
D-60322 Frankfurt            Tel.:  069 / 156809-29
GERMANY                      Fax:   069 / 156809-28