Squeak Web Server
This is a web server for Squeak, implemented entirely inside Squeak. Its purpose is to make Squeak a web-based OODBMS/object server/application server (pick your name). Some of its features are
- user authentication
- forms support
- transaction logging for image roll forward in case of a crash
- per user undo facility
- nightly housekeeping operations
Note: Currently this is not a full fledged HTTP 1.0 server, namely
- no support for simple requests (nobody sends them anyway)
- any request that is not POST is treated as GET
Principles of Operation
The server handles URLs of the form
'objectId.message'. Additional parameters delimited by dots may be appended.
Since OOP's are not fixed in Squeak the web server maintains its own objectId's. There are two kinds of them
Message is always a single parameter keyword message (with the trailing colon omitted) with the parameter describing the request.
The corresponding method must be in the Category "HTML Reply" to be accepted otherwise a "400 Bad Request" message is returned. The same reply is triggered by any execution error.
These are numeric and generated on demand. They are purged nightly to avoid garbage accumulation (Squeak has no weak references). These URL's should not be bookmarked.
These are alphabetic and managed by the system administrator. They represent the 'official' entrypoints and thus may be bookmarked.
WWW-Authenticate: Basic mechanism is used.
It is up to the individual HTML-generating method to use the authentification information to decide whether the request is legitimate or how to customize the response. Utility methods provide for the RFC 1421 encoding of username/password combinations and mapping them to application defined 'user' objects.
Forms information is extracted to a dictionary with the field names as keys and the field data as values. Multivalued fields (multiple selection lists, checkbox groups) return an array of values.
The log contains information to rerun all requests in case of a crash. Since this includes username/password information the log has to be kept as secure as the image itself. To guarantee (approximately) accurate timestamps when rolling forward Time has been augmented with a 'Bias' class variable. All senders of
Time>primSecondsClock must be modified to apply the bias (
Time dateAndTimeNow and
Time>totalSeconds in the standard image).
Undo is implemented by creating undo objects holding receiver, message, and parameters. It is the responsibility of the request (form) processing methods to build these objects. Only the (n) newest undo objects are kept, furthermore they are purged during the night. Every user sees only her/his undos.
- String constants
- Some string constants are stored in the pool dictionary TextConstants.
TextConstants at: #HttpAuthorize
- You may want to use a different realm.
- Use the name of your local proxy server or eliminate the first line if you don't care.
- Write about your own proxy policy (if you have one, see
- Insert your robot policy.
- Adjust the header to your local needs.
- Adjust the page footer to your local needs.
Get WebServer.st and miscChanges.st and file them into a 1.21 image. Execute
WebRequest serveOnPort: 8080 loggingTo: 'test.log'. Then load the URL
http://your.server:8080/Server.demo in your favorite web browser.
Notes on version 0.1.1:
- The code has been tested by loading into a virgin 1.21 image on the Mac. Let me know whether it works on other platforms.
- The example implements a very simple class hierarchy browser, demonstrating forms and authentication.
- Username/passwort for stopping the server is "manager"/"squeak".
- Running both Squeak and the browser on the same machine gave halting performance on my Mac.
- You might experience some freezes or crashes. Whether due to bugs in the socket primitives or misuse on my side, I do not know.
- Sometimes the server seemes to be deaf. Aborting and retrying the request at the browser side usually corrects this.
- Image roll forward and undo are not yet implemented.
Feel free to contact me if you have any comments or questions.
Georg Gollmann, Dept.
Systems Support (IU),