CS401 Homeworks

• To study what the browser sends, we run a fake web server on a machine and submit a HTTP request with a form of data to the fake web server. It allows us to understand the HTTP message format sent by a browser.
• The example is a simple cookie order form orderForm2.html with cgi-bin scripts processOrder.pl and confirmOrder.pl. You can try it with http://cs.uccs.edu/~cs401/hw/hw1/orderForm2.html
• For exercise 1, we will modify a similar form orderForm.html.
• telnet  to cs.uccs.edu.  You can carry out this assignment remotely.
• Copy ~cs401/public_html/hw/hw1/orderForm.html to your public_html  directory. Assume your login is fewatson, use the following command.

cp ~cs401/public_html/hw/hw1/orderForm.html  ~fewatson/public_html
• After you copy the orderForm.html, you need to replace the following line
<FORM METHOD="POST" ACTION="http://cs.uccs.edu:8345/cgi-bin/cs301/processOrder.pl">
with
<FORM METHOD="POST" ACTION="http://cs.uccs.edu:8352/cgi-bin/cs301/processOrder.pl">
where we assume that 352 is the last 3 digits of your SS# and 8352 is the port number the fake web server will use.
• Since we are not super user, we can run web server on port 80, we run it with port number > 1024.
• Change directory by entering "cd ~cs401/bin" command.
• Start fake web server by executing "ws 8<last 3digits of your SS#"

8<last 3digits of your SS#> is the port number which the fake web server process will listen to the incoming http requests.
If the last 3 digits of your SS# is 352, then you enter "ws 8352" as command.  The program will wait for web client to send the request.
• On a web browser, type "http://cs.uccs.edu/~fewatson/orderForm.html" as the url. 
• You will receive a web page similar to the following, enter the info in the text area, and hit the order button.


• On the fake server, you will observe the incoming requests similar to

cs.uccs.edu> ws 8345
argv[1]=8345
portno=8345
before getsockname socket has port #8345
socket has port #8345
rcvd msg 348 bytes-->
POST /cgi-bin/cs401/processOrder.pl HTTP/1.0
Referer: http://www.uccs.edu/~cs401/hw/hw1/orderForm.html
Connection: Keep-Alive
User-Agent: Mozilla/4.7 [en] (WinNT; I)
Host: cs.uccs.edu:8345
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Accept-Encoding: gzip
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8
What is your reply ("$" to break connection)?
rcvd msg 351 bytes-->
Content-type: application/x-www-form-urlencoded
Content-length: 277
butter=1&chocolate=1&mint=3&mm=5&peanut=0&name=C.+Edward+Chow&email=chow%40cs.uc
cs.edu&telephone=%28719%29262-3110&creditCardType=Visa&creditCardNo=3333+2222+44
44+5555&expireDate=02%2F02&shippingAddress=ENS+186%0D%0AUCCS%0D%0AColorado+Sprin
gs%2C+CO+80918%0D%0AUSA&.submit=order
What is your reply ("$" to break connection)?
• Note that the request is actually sent in two packets or only part of the request is read in the first read.
• The message consists of two parts. The one from POST to the empty line after "Content-length:277" is the header of the HTTP message. The rest is the data of the HTTP message, from "butter" to "order".  There are 277 bytes in the data portion of the HTTP request.
• The HTTP header has many "fields" separated by CRLF (carriage return and line feed characters).
• The first line in the HTTP request is called request line. It has the syntax of

Request-Line   = Method SP Request-URI SP HTTP-Version CRLF
In our example, it is
"POST /cgi-bin/cs401/processOrder.pl HTTP/1.0"
The request Method is POST.  Other popular method include GET, PUT, DELETE.
The request-URI is /cgi-bin/cs401/processOrder.pl
• The rest of the header lines are called meta headers or header fields.  Each header fields has a meta header name and an associated value.  They are separated by ':'.
• The definition of these meta header can be found in http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.
• The form data submitted by the web browser are encoded in a special format called x-www-form-urlencoded, where all special characters are encoded as 3-character hexadecimal code representation.
• For detail of the HTTP 1.1 protocol specification, read http://www.w3.org/Protocols/rfc2616/rfc2616.html
• Questions:
• 1.1.  How the space character is encoded? What is character or character sequence sent by the browser to the web server?
• 1.2.  How '(' is encoded?
• 1.3.  The above request example is submitted by Netscape Navigator version 4.7. Use Microsoft IE to request http://cs.uccs.edu:8345/~cs401/  and document the differences between the two request messages.  Especially, the Method used in the request line, # and types of header fields. Is there a message body?
• Create a hw1part1.htm web page that includes the answers of the above questions.

• Create an web page <your login>.html with
• your recent photo with face big enough, scan and save it in JPEG as <your login>.jpg (I can take your picture also.
• short vita with at least email address.
• your interests in CS522
• See student web page examples in http://cs.uccs.edu/~cs525/cs525photo.html
• Put this web page (these two files) in ~<your login>/public_html on europa.uccs.edu
• I will create a class photo album with these image files and web pages.

Note that your home directory on owl.uccs.edu was created with permission that only allow you to have read, write, and execute access. You need to change that to allow the web server access your directory. So execute the command "chmod 755 ~" to allow group/user with read and execute access. For directory, other user needs execute access right to look inside. If you got access prohibited message, this is what you need to do. You also need to allow read and execute access to the public_html subdirectory and the files in it. One possible solution is to change you .login or .cshrc file umask from 077 to 022.

• Learn how to install Redhat Linux 7.3.
• Learn how to setup Apache.
• Learn how to configure Apache for static web pages and CGI scripts.

1. Install Redhat Linux 7.2 on lamar or frodo, referred as <machine> below.
2. Make reservation in the reservation web page, http://cs.uccs.edu/~cs401/lr.htm,  or through our class web page.
3. Browse the steps described in redhat 6.2 installation guide and installation viewgraphs.
4. Check out the CD and follow the installation manual and  installation viewgraphs in the handout. Write down the brief note on the steps and interactions you go through.
5. Choose "customize" installation, instead of the default server or workstation installation.
6. Create swap and root partitions as suggested in the handout.
7. In step 8, check the specific packages: web, ftp, sql, nfs.
8. After the installation, use linuxconf to create a guest user account with
9. Edit /etc/httpd/conf/httpd.conf and replace the line starting "#ServerName localhost" with (assume bilbo is the machine)

ServerName bilbo.uccs.edu  (remove the comment symbol #).
10. Start the httpd web server by executing /usr/sbin/httpd
11. Edit the index.html in /var/www/html with the heading "Apache Web Server installed by <your name> on <machine>".
12. Ftp your personal web page and images files from CS Unix machine to the <machine>.
13. Make sure that the home directory and public_html are readable or executable.
14. Make a cgi-bin directory in /home/httpd/cgi-bin/<yourlogin>.
15. ftp sessionvar.pl from  ~chow/public_html/cgi-bin/chow on CS Unix Machines to /home/httpd/cgi-bin/<yourlogin>
16. From the browser on other machines in the ENS 149, access and print the following three web pages, assume your installation is on bilbo.
1. the default web page, http://bilbo.uccs.edu/,
2. your personal web page, http://bilbo.uccs.edu/~<yourlogin>/,  and
3. the result of the sessionvar.pl.  http://bilbo.uccs.edu/cgi-bin/<yourlogin>/sessionvar.pl  (not ~ in url).
17.  Submit your brief installation note with those three hard copies of web pages as your hw2.

Homework #3

Apache Web Server Configuration and Virtual Hosting

• Learn basic Apache directives for configuring Apache that adapts to the traffic load.
• Learn how to set up Apache for IP-based, Named-based Virtual Hosting.

• Setup site.toddle, site.simple, site.twocopy, and site.virtual. Study. Use sub.pl to help set up the httpd.conf and go command.
• After setting up each web server, access the web server on a web browser and make sure that it leaves access records in the logs/access_log files. For site.twocopy and site.virtual, make sure the all the web servers and that of the virtual host are accessed.
• Exercise 3: Explain why it is possible not to require a new IP address to host a customer's web site, even though it has a unique domain name.  Hint: Think about the Name-based Virtual Hosting Example.
• For hw3 submission,

please
create public_html directory in your home directory on bilbo
cd public_html and then use
ln -s ../sites
to create a soft link to your sites directory.
make sure all directories allow web server access.
send me email with the following  links to all the access_log files. Assume that guest is your login.

http://bilbo.uccs.edu/~guest/sites/site.toddle/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.simple/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.twocopy/customers/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.twocopy/sales/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.virtual/IP-based/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.virtual/Name-based/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.virtual/Mixed-based/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.virtual/Port-based/logs/access_log

In the email, include the answer to exercise 3.
 
 

• Learn how to restrict access to Apache web server from certain machines.
• Learn how to retrieve status web page with frequent updates.
• Learn the filtering mechanism, e.g., how to  process certain web pages, such as decompress, before delivering back to the web client.

• Exercise 1: Setup site.cgi. Use CGI.pm. Pass data among cgi scripts for a web transaction.
• Copy the echoorder.pl and process.pl from /mpc/home/guest/sites/cgi-bin to your sites/cgi-bin directory.
• Cp form_summer.html form_summer3.html
• Edit the form_summer3.html by replacing /cgi-bin/mycgi with /cgi-bin/echoorder.pl in <FORM> tag
• Access form_summer3.html and submit request.
• Exercise 2: Setup site.status. Learn to setup restrict access through <Limit> directive.
• Try to modify the "Allow" directive for specific machine, e.g., the machine of your web browser. Verify that work.
• Access the web server with http://bilbo.uccs.edu:<Port#>/status?refresh=<# of seconds>
• Exercise 3: Setup site.filter.  Learn how to perform additional filter process before document is return.
• You may have to regenerate the .zhtml file. Copy them from site.virtual/customer/htdocs.]
• Email me the links to the access_log files of the above sites after you finish the exercise. Assume that guest is your login.  The list of links are:

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

http://bilbo.uccs.edu/~guest/sites/site.cgi/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.status/logs/access_log
http://bilbo.uccs.edu/~guest/sites/site.filter/logs/access_log

• Learn how to setup authentication on certain locations or directories.
• Learn the related HTTP protocol support on basic and digest based authentication.
• Learn how to DBM to speed up the authentication process.

• I have modified dbmmanage in /usr/bin/dbmanage to use NDBM just like apache web server.
• I also recompiled apache with mod_auth_dbm module.  You donot have to specify using Module directive.
• Create sales and groups DBM files in ok_dbm using dbmmanage for bill, ben, sonia, daphne and yourself with the following group association:
• Sonia: engineers,managers
• Daphne: sales,
• Bill: sales,managers
• Ben: engineers
• <your login>: sales
• For example, In ok_dbm directory, run

dbmmanage sales adduser sonia
(enter password theft)
then run
dbmmanage groups add  sonia  engineers,managers
• Setup site.authent to
• use AuthDBMUserFile /mpc/home/<login>/sites/ok_dbm/sales

and AuthDBMGroupFile /mpc/home/<login>/sites/ok_dbm/groups
• require group sales permission to sales directory or the virtual host home directory. Make sure to add :<portno> to the NameVirtualHost directive
• Try access the sales-<machine>.uccs.edu:<port> site using sonia, bill, and <your login>.

Emal me the link to the access_log of the virtual host site with the authentication access.

• Learn how to setup proxy server and setup browser for proxy server access.
• Learn how to measure the web server performance using webstone.

Exercise 1:

• Set up site.proxy and your web browser  for proxy server access.
• Observer the documents cached in the cache directory.

• cp -r /home/guest/webstone/WebStone2.5  /mpc/home/<login>
• Edit the WebStone2.5/conf/testbed file and replacing
• MAXCLIENTS=40 original value is 20.
• TIMEPERRUN=5
• PORTNO=<your port#>
• Use bilbo as webmaster,
• CLIENT="bilbo gandalf " as webclient.
• SERVER="<servername>" we evaluate frodo, oblib, and wetterhorn.
• Start your web server on frodo.
• Use the site.webstone server configuration on /home/guest/site.webstone.

This directory is a local one.  Therefore the web server does not have to get documents via network.
Note that your classmate may run the experiment at the same time.  Therefore the port number may be changed.
• The web servers on oblib, and wetterhorn already started.
• For oblib and wetterhorn web server, use port 80. On frodo use port 8<last 3 digits of your SS#>
• Run ./webstone (no need to do setup, genfiles)
• Test apache web servers on frodo, oblib, and wetterhorn.
• Plot the server connection rate, server throughput, and average response time , vs the webclient numbers (from 20 to 40).

• Learn how to install windows 2000 advanced server.
• Learn how to set up web pages and perl scripts.

• We will use oblib.uccs.edu the HP vectra 8 PC (the first PC when you enter advanced computing lab).  They have moved the machines to the new table.
• Check out the windows 2000 advanced server CD from me in my office.
• Login as administrator and the same password as that for bilbo and frodo.
• Insert Windows 2000 advanced server CD.
• A setup window will appear and ask for upgrade or install new copy of windows 2000.  If the window did not appear, click on F: drive and hit setup icon.
• Select "install a new copy of window 2000 (Clean Install).  Hit next.
• License agreement window appear. Select "I accept this agreement".  Hit next.
• Select Special Options window appear. Here you can hit the "advanced option" to change the default installation folder. We will not select any special option.  Hit next.
• Directory of applications for windows 2000 appears.  We will not see those info. Hit next.
• Pre-copy phase,  installation  files are being copied from CD-ROM to disk.
• When installation files are copied, a restart window appear.  Hit restart or wait 15 sec. the system automatically restarts.
• Text mode phase begins.  Welcome to setup screen appear.  Hit Enter to "setup window 2000 now".
• Hit ESC "to continue installing a fresh copy of window 2000 without repairing".
• Disk partition window appears. Hit Enter to "setup window 2000" on default C: NTFS partition which is highlighted.
• If you would like to keep other OS (win95/98/NT) you can choose to install window 2000 on other partition.
• A warning screen appear.  It warns about the existing OS on the same partition we chose.

Press C to "continue setup using this partition".
• Press L to use the folder (\winnt) and delete the existing window installation in it"
• If you use a new partition or new disk, you will not be asked the above question.
• Setup program examines the disk; deletes exisitng installation files.
• Setup copies files to the window 2000 installation folder.
• Setup initialze settings then reboots.
• "starting window  logo" followed by "window 2000 server family logo", followed by "window 2000 advanced server logo".
• Welcom to Setup wizard appears.
• Deleting/installing devices (such as keyboard/mouse)   This takes 6-7 min.
• Regional setting window appears.  It allows locale setting (for #, date, currencies display style) and keyboard layout for other languages.   We do nothing here.  Hit next.
• Personalize your software window appears. Enter cs401 as name and uccs as organization.  Hit next.
• Licensing mode window appears. Choose "Per Server" with 500 concurrent sessions.  (equivalent of 500 Client Access License will be needed for production system).   Hit next.
• Computer Name and Administrator Password window appears.  Enter oblib and cs401li.  Confirm the password. Hit next.
• Network Setting : install network components window appears.  It takes about one min. to detect network interface card.
• "Wether to use typical /custom setting" subwindow appears.

!! Here typical setting is not typical at all. It means using DHCP to obtain IP address dynamically.
Choose the "custom setting" instead.   Hit next.
• 3Com Etherlink XL 10/100 PCI TX NIC/ 3C905B-TX  subwindow appears.  This indicates the Ethernet card we have.
• The "Client for Microsoft Network"; "File and Printer sharing for Microsoft Networking"; "Internet Protocol TCP/IP" netowrk services are checked as the default selection (with check mark).  The "Network load balancing" is optional. We will not select it.
• Click on the "Internet Protocol TCP/IP" network services and highlight it.  Then Hit "properties" button to specify the TCP/IP settings, including IP address, DNS server, and default suffix domain name (to be appended when the user enters short machine name within the domain.)
• Internet Protocol TCP/IP properties window appears. Select "use the following IP address".

Enter   128.198.192.195      for    IP address
            255.255.248.0         for     Subnet mask
            128.198.192.1         for     Default gateway.
            128.198.1.250         for     Preferred DNS server.
            128.198.192.183     for     Alternate DNS server.
• Hit advanced button to speciy the domain name suffix (In Linux it is called search domain).
• Advanced TCP/IP Setting window appears. Hit DNS tab.
• Click "Append these DNS suffix".  Hit Add button.  Enter "uccs.edu"  as DNS suffix.  Hit add.  Then hit OK.
• With the above setting, users can enter bilbo in location box of browser and will be interpreted as bilbo.uccs.edu.
• Hit next on the "Networking component with 3COM NIC window to conclude the network settings.
• Workgroup or computer domain window appears.   Choose the default "NO"  It means "No, this computer is not on a network, or is on a network without a domain."
• Type a workgroup name in the following box.  Enter "netcs" as workgroup name in the text book.  Hit next.
• Perform final tasks window appears.  (about 14 mins, you can take a break then come back)
• installs start menu items  (about 2 min)
• Register components (about 6 min)
• Save settings (about 5 min)
• Removes any temporary files (about 1 min)
• Click Finish.  It restarts.  You are done with the installation!!
• Hit control-alt-delete to login. Enter pasword.
• Change screen resolution by
• select start | setting | control panel
• select Display; hit setting tab; change resolution to 1152x864 and select high color 16 bit on the left side menu.
• Setup default web page.
• select start | run  and enter "cmd" to start a console window.
• cd InetPub\wwwroot.   This is the web page directory.
• notepad default.htm.
• Include "IIS5.0 /win2000 advanced server  installed by <your name> on oblib.uccs.edu" as main body in default.htm.  Save it.
• Go a browser in PC next door and enter oblib.uccs.edu as url.  Print a copy of the default web page.
• Setup your own web page.
• In InetPub\wwwroot directory, mkdir <login>. cd <login>.
• ftp your personal web page and related image files to this directory.
• Go a browser in PC next door and enter oblib.uccs.edu/<login>/index.html as url.  Print a copy of your personal web page.
• ftp ~cs401/public_html/packages/perl.msi  on CS Unix machines to c:\temp.   This is a package from activeperl. ActivePerl-5.6.0.620-MSWin32-x86-multi-thread.msi.   Click it on an explorer window to instal it.
• ftp ~cs401/public_html/cgi-bin/cs401/sessionvar.pl to c:\InetPub\scripts.
• Replace the first line with #!c:\perl\bin\perl.exe.
• Go a browser in PC next door and enter oblib.uccs.edu/scripts/sessionvar.pl as url.  Print a copy of the perl script execution.
• Turn in the three web page copies and email me a short summary report on this exercise.

• Learn how to set up virtual directory and virtual server on IIS5.0.
• Learn how to create ASP with database access.
• Learn how to create simple MS access database.
• Learn how to set up ODBC data source for accessing the database.
• Learn how to write simple VBscript and embeded them in a ASP.

• Create a directory c:\cs401<login> with subdirectories www, cgi-bin, and wind.  Here <login> is your login name on CS Unix machines.

• Create a virtual directory with alias cs401<login> and home directory c:\cs401<login>\www. Put your personal web page there.
• Select Start | Programs | Administrative Tools  | Internet Service Manager
• Select Oblib, default web site (click + symbol to the left of Oblib if you did not see default web site.)
• Select the action menu | new | virtual directory
• You will guide through the Virtual Directory Creation Wizard.
• Enter ~<login> as alias
• Enter c:\cs401<login>\www as web site content directory.
• Check only the "Read"“Run scripts (such as ASP)" access permission.
• Click Finish.

 
• Create a virtual directory for your scripts.
• Select Start | Programs | Administrative Tools  | Internet Service Manager
• Select Oblib, default web site (click + symbol to the left of Oblib if you did not see default web site.
• Select the action menu | new | virtual directory
• You will guide through the Virtual Directory Creation Wizard.
• Enter scripts_cs401<login> as alias
• Enter c:\cs401<login>\scripts  as web content directory.
• Check only the “Run scripts (such as ASP)  and “Execute (such as ISAPI applications and CGI).
• Click Finish.

• Start | Programs | Administrative Tools | Internet Services Manger
• Select default web site.
• Select Action menu | new | site
• Web site creation wizard will guide you through virtual sever creation.
• Enter description.
• Enter IP address 128.198.192.204 and Host header as wind.
• In Web Site home directory enter path c:\cs401<login>\wind
• Select access permission, read and run scripts; click finish.
• Setup IP alias. Go to settings | network and dial up connections | local area connection1 | properties | scroll down to select TCP-IP; click properties | advanced | add ; enter IP address 128.198.192.204.
• If someone ahead of you already to set it up, you and delete it and set it up again or just skip the above step.
• Create a simple web page with “wind.ucs.edu/csnet IIS5.0 server by <login>” in c:\c401<login>\wind\default.htm

• Create a Microsoft access database, called “cs401<login>catalog”, with a few catalog items, including fields such as name, ID, price of the item.
• Save cs401<login>catalog.mdb  under c:\cs401<login>\cgi-bin
• Setup ODBC entry for the database as System DSN to allow other application access.
• Modify search.htm and response.asp and put them in c:\cs401<login>\www and cgi-bin directory.
• Access search.htm to retrieve catalog items.
• Turn in hard copy of
• http://oblib/cs401<login>/search.htm and the searech result web page.
• the  virtual directory web page http://oblilb/cs401<login>
• The virtual server web page http://wind/cs401<login>

Homework # 9
Certificate and Secure Email

• Request Digital ID (Client Certificate) from Verisign using Netscape Navigator or MS IE.
• Referhttp://cs.uccs.edu/~cs401/doc/certificate.ppt on detail request steps and email setup.
• Send chow@cs.uccs.edu a signed email
• I will reply with an encrypted signed email. Reply the signed encrypted email with your signed encrypted email.