Viewing file:  ch1intro.htm (24.29 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
FastCGI Programmer's Guide - Chapter 1, The Fast Common Gateway Interface
[Top] [Prev] [Next] [Bottom]
1 The Fast Common
Gateway Interface
The Fast Common Gateway Interface (FastCGI) is an enhancement to the existing CGI (Common Gateway Interface),
which is a standard for interfacing external applications with Web servers.
FastCGI is a proposed open standard and we expect both free and commercial Web servers to
support it. FastCGI is included in Open Market WebServer and Secure WebServer, versions 2.0 and greater.
Advantages of FastCGI
FastCGI extends and enhances the CGI model in several ways:
-
-
FastCGI enables applications to persist between client requests, eliminating application start up overhead
and allowing the application to maintain state between client calls.
-
FastCGI enables applications to reside on remote systems (rather than having to reside on the same system
as the Web server)
-
FastCGI enables additional flexibility in application functionality, with explicit support for applications
that do client authentication and filtering of input.
Long-lived Applications
CGI applications are ephemeral and short-lived: each time a client requests a CGI application, the server asks
the operating system to spawn a new CGI process. After the CGI process satisfies the request, the server kills
it. The server spawns and subsequently kills a new process for each client request.
FastCGI applications are long-lived, and can persist between client calls. The server
spawns the FastCGI process once and it continues to run and satisfy client requests until it is explicitly
terminated. You can also ask the Web server to start multiple copies of a FastCGI application, if you expect
that concurrent processing will improve the application's performance.
Long-lived applications have two important advantages over short-lived applications:
-
-
A short-lived application pays start up overhead on every request; a long-lived application spreads the
overhead over many requests. For an application that has a heavy start up cost, such as opening a database,
doing initialization on every call can be very inefficient. Reinitializing for every client is also very
inefficient for Perl programs, where the interpreter reads through the entire program before executing any
of it.
-
A long-lived application can cache information in memory between requests, allowing it to respond more
quickly to later requests.
FastCGI is not the only way to get a long-lived application on the Web, however. For example, there are many
existing search engines that are implemented as long-lived applications.
In most cases, these applications rely on customized Web servers. In other words, since
most Web servers do not support long-lived applications, a programmer must code this support into a Web
server. This approach requires a tremendous amount of work and also ties the application to a particular
server.
Another way to get a long-lived application is to write code that calls routines from the
Web server's API. This alternative involves a lot of extra coding, ties the application to a particular
Web server, and introduces problems of maintainability, scalability, and security.
We believe that FastCGI is the most general and flexible strategy for building long-lived
Web applications.
Separating Application and Server
CGI applications must run on the same node as the Web server; FastCGI applications can run on any node that
can be reached from your Web server using TCP/IP protocols. For example, you might want to run the FastCGI
application on a high-speed computer server or database engine, and run the Web server on a different node.
FastCGI "Roles"
CGI and FastCGI applications are effective ways to allow an application to act as an extension to the Web
server. CGI provides no explicit support for different kinds of applications: under CGI, every application
receives an HTTP request, does something with it, and generates an HTTP response. FastCGI provides explicit
support for several common "roles" that applications can play.
The three roles supported by the WebServer 2.0 are:
-
-
Responder
-
Filter
-
Authorizer
Responder Applications
A responder application is the most basic kind of FastCGI application: it receives the information
associated with an HTTP request and generates an HTTP response. Responder is the role most similar to
traditional CGI programming, and most FastCGI applications are responders.
Filter Applications
A filter FastCGI application receives the information associated with an HTTP request, plus an extra
stream of data from a file stored on the Web server, and generates a "filtered" version of the data
stream as an HTTP response.
With filter applications, the system administrator maps a particular MIME-type to a
particular filter FastCGI application. When a client requests a URL with that MIME-type, the Web server
invokes the filter application, which processes the file at the specified URL and sends a response (usually
HTML text) back to the client.
For example, suppose you write a filter FastCGI application that converts SGML text to
HTML, and map the extension .sgml (MIME-type SGML) to your filter FastCGI application. Now, suppose that a
user requests the following URL:
/www.aerjug.com/docs/chap1.sgml
Given this URL, the Web server passes chap1.sgml as input to your filter FastCGI application,
which processes chap1.sgml and returns an HTML version of it to the requesting client.
Authorizer Applications
An authorizer FastCGI application receives the information in an HTTP request header and generates a
decision whether to authorize the request.
To mark a FastCGI application as having the authorizer role, the system administrator
names the application inside the server configuration file, using a directive called
AuthorizeRegion. (See the Open Market Web Server manual for information on server configuration
directives.)
When a client requests a URL that meets the AuthorizeRegion criteria, the Web
server calls your authorizer FastCGI application. If your application grants authorization (by returning a
response code of 200), the Web server resumes execution of commands in the AuthorizeRegion
section. If your application denies authorization (by returning any other response code), the Web server stops
processing subsequent commands in the AuthorizeRegion section, and returns the response from your
FastCGI application to the client.
Authorizer applications can return headers containing environment variables. Other CGI or
FastCGI programs accessing this request (including other authorizers) can access these environment variables.
The headers must have the following format:
Variable-name: value
For example, the following header
Variable-AUTH_METHOD: database lookup
causes the environment variable AUTH_METHOD to be set to "database lookup"
for this request. Other CGI or FastCGI applications running on this request can access the value of
AUTH_METHOD.
Authorizer applications cannot successfully read from standard input. Any attempts to read
from standard input result in an immediate EOF.
All data that authorizer applications write to standard error will get written to the
traditional server error logs.
Writing FastCGI Applications
The work involved in writing a FastCGI application depends in large part on the I/O libraries that you use.
This manual describes how to write FastCGI applications in terms of the Open Market libraries, which are
available for C, Perl, and Tcl. FastCGI is an open standard and you are welcome to build your own libraries
for other languages as well, but this manual focuses on building FastCGI applications in the context of the
Open Market libraries.
In general, the goal of the libraries is to make the job of writing a FastCGI application
as much like writing a CGI application as possible. For example, you use the same techniques for query string
decoding, HTML output to stdout, use of environment variables, and so on. When you use our libraries, porting
CGI applications to FastCGI is mostly a matter of restructuring the code to take advantage of FastCGI features
and libraries.
Code Structure
The main task of converting a CGI program into a FastCGI program is separating the initialization code from
the code that needs to run for each request. The structure should look something like this:
Initialization code
Start of response loop
body of response loop
End of response loop
The initialization code is run exactly once, when the application is initialized. Initialization code
usually performs time-consuming operations such as opening databases or calculating values for tables or
bitmaps.
The response loop runs continuously, waiting for client requests to arrive. The
loop starts with a call to FCGI_Accept, a routine in the FastCGI library. The
FCGI_Accept routine blocks program execution until a client requests the FastCGI application.
When a client request comes in, FCGI_Accept unblocks, runs one iteration of the response loop
body, and then blocks again waiting for another client request. The loop terminates only when the system
administrator or the Web server kills the FastCGI application.
Initial Environment Variables
When a FastCGI process starts up, it has not yet accepted a request, and therefore none of the CGI environment
variables are set.
You set the initial environment of a FastCGI process started by the AppClass
directive using the -initial-env option. The process would use this environment to configure its
options and locate files or databases.
In FastCGI processes started by the AppClass directive with the -affinity
option, the FCGI_PROCESS_ID variable is set in the initial environment (not in the environment of
a request). FCGI_PROCESS_ID is a decimal number in the range 0 to N - 1 where N is the number of
processes (argument to the -processes option to AppClass). The process would use
FCGI_PROCESS_ID in conjunction with other variables to locate session-related files or databases
during restart.
Per-Request Environment Variables
In general, FastCGI uses the same per-request environment variables as CGI, and you access the values of
environment variables in FastCGI applications just as you would in CGI applications. The only differences are
as follows:
-
-
In Authorizer FastCGI applications, the Web server unsets the
PATH_INFO,
PATH_TRANSLATED, and CONTENT_LENGTH variables.
-
In Filter FastCGI applications, the Web server sets two additional environment variables:
-
-
FILE_LAST_MOD: The Web server sets FILE_LAST_MOD to the date and time that
filter input file was last modified. The format is the number of seconds since midnight (UTC),
January 1, 1970.
-
FCGI_DATA_LENGTH: The application reads at most FCGI_DATA_LENGTH bytes from
the data stream before receiving the end-of-stream indication.
-
FastCGI sets
FCGI_ROLE for each request to RESPONDER, AUTHORIZER, or
FILTER.
Building FastCGI Applications in C
The Software Development Toolkit that accompanies WebServer 2.0 contains two libraries, fcgi_stdio and
fcgiapp, for building FastCGI applications in C.
The fcgi_stdio library implements our philosophy of making FastCGI applications similar to
CGI applications, and provides full binary compatibility between FastCGI applications and CGI applications:
you can run the same C binary as either CGI or FastCGI.
The fcgiapp library is more specific to FastCGI, and doesn't attempt the veneer of
CGI.
We recommend that you use the fcgi_stdio library, and this manual describes the routines
in that library. The documentation for the fcgiapp library is in the code in the development kit.
Building FastCGI Applications in Perl
To build FastCGI applications in Perl, you need a FastCGI-savvy version of Perl, plus the FastCGI extension to
Perl. We build FastCGI-savvy versions of the Perl interpreter for several common platforms and make them
available on our Website. For details and examples, see Chapter 3, "Developing
FastCGI Applications in Perl," on page 17.
Building FastCGI Applications in Tcl
To build FastCGI applications in Tcl, you need a FastCGI-savvy version of Tcl. We build FastCGI-savvy versions
of the Tcl interpreter for several common platforms and make them available on our Website. For details and
examples, see Chapter 4, "Developing FastCGI Applications in Tcl," on page
19.
Implementation Details
The FastCGI application libraries are designed to shield you from the details of the FastCGI design. This
section is designed for the curious reader who would like some low-level understanding. If you are not curious
about the implementation, you can happily skip this section.
As shown in the following figure, CGI applications use the three standard POSIX streams
(stdin, stdout, and stderr), plus environment variables, to communicate
with an HTTP server.
Figure 1: Flow of Data in CGI
The fundamental difference between FastCGI and CGI is that FastCGI applications are long-lived, which means
that the Web Server needs to rendezvous with a running application, rather than starting the application in
order to explicitly communicate with it.
The FastCGI implementation basically creates a bidirectional connection between two
processes that have no relationship. FastCGI uses a single connection for all the data associated with an
application -- stdin, stdout, stderr, and environment variables. The data on the connection is encapsulated
using a FastCGI protocol that allows stdin and the environment variables to share the same half connection (on
the way in) and stdout and stderr to share the half connection (on the way out).
On the input side, the FastCGI application receives data on the connection, unpacks it to
separate stdin from the environment variables and then invokes the application. On the output side, FastCGI
wraps stdout and stderr with appropriate protocol headers, and sends the encapsulated data out to the server.
Since a FastCGI application does not always run on the same node as the HTTP server, we
support two implementations of the connection: a stream pipe1, for
communications on the same machine, and TCP streams, for communication when the client and the server are on
different machines.
Figure 2: Flow of Data in FastCGI when server and application are on different machines
The fcgi_stdio Library: I/O Compatibility
The implementation for I/O compatibility is that the library fcgi_stdio.h contains macros to
translate the types and procedures defined in stdio.h into the appropriate FastCGI calls. For example,
consider a FastCGI program written in C containing the following line of code:
fprintf(stdout, "<H2>Aerobic Juggling</H2>/n");
fcgi_stdio.h
header file contains the macro
#define fprintf FCGI_fprintf
So the preprocessor translates the fprintf call into the following call:
FCGI_fprintf(stdout, "<H2>Aerobic Juggling</H2>/n");
FCGI_fprintf
takes the same arguments as fprintf.
The implementation of FCGI_fprintf tests the file to see if it is a normal C stream or a
FastCGI stream, and calls the appropriate implementation.
The fcgi_stdio.h header file contains macros to translate calls to all ISO
stdio.h routines (and all conventional Posix additions, such as fileno, fdopen,
popen, and pclose) into their FastCGI equivalents.
The fcgi_stdio Library: Binary compatibility
The fcgi_stdio library provides full binary compatibility between FastCGI applications and CGI applications:
you can run the same C binary as either CGI or FastCGI.
The implementation is in FCGI_Accept: the FCGI_Accept function tests its environment to
determine whether the application was invoked as a CGI program or an FastCGI program. If it was invoked as a
CGI program, the request loop will satisfy a single client request and then exit, producing CGI behavior.
[Top] [Prev] [Next] [Bottom]
1
UNIX Network Programming, W. Richard Stevens, 1990 Prentice-Hall, Section 7.9
|