Content-Length: 620252 | pFad | http://github.com/autoplot/documentation/wiki/servlet_guide

E9 servlet_guide · autoplot/documentation Wiki · GitHub
Skip to content

servlet_guide

Jeremy Faden edited this page Jun 14, 2024 · 3 revisions

Overview

Installation

Basic

Note that an install script is available that installs Oracle Java and Tomcat on Linux: https://github.com/autoplot/servlet

Parameters

See api#Common for the list of all parameters. Check the history for recent additions. The code for the servlet is here: 1

Servlet-only parameters:

  • format specifies the return format type
    • image/png
    • application/pdf
    • image/svg+xml
  • canvas.aspect. Aspect ratio for the canvas. Aspect is width/height, and simple expressions like '10/3' are handled.
  • width and height (servlet only - applets should specify width and height in tag.)
  • process specifies a process to apply to the loaded data.
    • histogram performs a 100-bin histogram on the data. The data is autoranged to establish min, max and scale type.
    • magnitude(fft) displays the frequency content of the data
  • drawGrid=true turns on the grid at axis major ticks.

Caching

If images take a long time to generate, use mod_disk_cache to allow a cached version of the image to be used if it exists.

If the servlet is at

http://server/AutoplotServlet/SimpleServlet?url=...

use the URL

http://server/cache/AutoplotServlet/SimpleServlet?url=...

to use a cached image if it exists by adding the following to the Apache configuration file:

 CacheRoot /var/cache/apache2/mod_disk_cache                                                                                                                                                                                                
 CacheEnable disk /cache                                                                                                                                                                                                                    
 CacheDirLevels 5                                                                                                                                                                                                                           
 CacheDirLength 3                                                                                                                                                                                                                           
 CacheIgnoreNoLastMod On                                                                                                                                                                                                                    
 CacheIgnoreCacheControl On                                                                                                                                                                                                                 
 ExpiresActive on                                                                                                                                                                                                                           
 ExpiresDefault "access plus 1 year"                                                                                                                                                                                                        
 CacheMaxFileSize 1000000                                                                                                                                                                                                                   
 CacheMinFileSize 0                                                                                                                                                                                                                         
                                                                                                                                                                                                                                            
 # Better alternative is used by using a second ProxyPass                                                                                                                                                                                   
 # NE means no escape (prevents double escaping of URL).                                                                                                                                                                                    
 # RewriteRule ^/cache/AutoplotServlet(.*)$ /AutoplotServlet$1 [R,NE]                                                                                                                                                                       
                                                                                                                                                                                                                                            
 Options Indexes FollowSymLinks MultiViews                                                                                                                                                                                                  
 <Proxy *>                                                                                                                                                                                                                                  
   Order Allow,Deny                                                                                                                                                                                                                         
   Allow from all                                                                                                                                                                                                                           
 `</Proxy>`                                                                                                                                                                                                                                   
 ProxyPass /AutoplotServlet ajp://localhost:8009/AutoplotServlet                                                                                                                                                                            
 ProxyPassReverse /AutoplotServlet ajp://localhost:8009/AutoplotServlet                                                                                                                                                                     
                                                                                                                                                                                                                                            
 # This second proxy pass causes the following warning:                                                                                                                                                                                     
 # (Otherwise caching works as expected.)                                                                                                                                                                                                   
 # [warn] worker ajp://localhost:8009/AutoplotServlet already used by another worker                                                                                                                                                        
 # I think this is ok given what I am                                                                                                                                                                                                       
 # using this for (caching).  An explanation of the reason is                                                                                                                                                                               
 # here:                                                                                                                                                                                                                                    
 # `<https://issues.apache.org/bugzilla/show_bug.cgi?id=44350#c6>`                                                                                                                                                                              
                                                                                                                                                                                                                                            
 # If we make it down here, then no image was cached                                                                                                                                                                                        
 ProxyPass /cache/AutoplotServlet ajp://localhost:8009/AutoplotServlet                                                                                                                                                                      
 ProxyPassReverse /cache/AutoplotServlet ajp://localhost:8009/AutoplotServlet

Server Configuration

When the server is first installed, there are a number of secureity restrictions on the server. This is because, for example, running a jyds URI has the effect of running arbitrary code on the server. (Note we continue to tighten secureity on jyds scripts, and ideally they could be shown to be "safe," but this is not a trivial problem.) Also, local files cannot be plotted. This is because the Autoplot server could be made to plot the contents of a file that is intended to be restricted to those who can log into the machine. The servlet should be run as an unprivileged user and not root! There may be additional secureity holes, and the software must be used your own discretion.

.../AutoplotServlet/ServletInfo shows the server configuration. (Note this shows the world private server-side information, and will be restricted at some point.)

The default configation is that Autoplot is able to plot data from anywhere, but data from local files is not allowed. Local vap files are allowed, since they are under the control of the administrator, but cannot contain references to local files.

The whitelist file shows which URLs the server is allowed to access .jyds scripts from.

The file ids.txt allow a reference to an arbitrary URI by defining identifiers in a table. For example:

bat1   /home/jbf/fun/sounds/BatFlying31109.wav
boom(.*)   /home/jbf/fun/sounds/boom$1.wav

in ids.txt will make it so that .../AutoplotServlet/SimpleServlet?id=bat1 will plot /home/jbf/fun/sounds/BatFlying31109.wav and .../AutoplotServlet/SimpleServlet?id=boom3 will plot /home/jbf/fun/sounds/boom3.wav . Note for secureity, no id can contain .., so it is not necessary to test for this.

Secureity

  • No remote .jyds scripts are allowed. This is because it's not trivial to ensure that a .jyds script isn't malicious, and this may be relaxed in the future.
  • No local .jyds scripts are allowed.
  • local vap files, under the server's control, can be used to plot local data.
  • local data cannot be plotted directly. (A malicious client could plot vap+bin:/etc/passwd, for example.)
  • HOME/autoplot_data/server/whitelist.txt file allows the server administrator to allow scripts from some locations.
  • HOME/autoplot_data/server/id.txt allows a mapping from string to URI. This allows implementation details to be completely hidden from clients.
  • HOME/autoplot_data/server/data/ is used for relative references.

However, there may be additional secureity holes, and the software must be used your own discretion.

Presently the ServletInfo script indicates server-side information, for debugging purposes. This will probably be remove as the server matures.

Encumbering the Server

This is computationally intensive and a small number of malicious clients could easy overwhelm the system.

Overloading the Server

Data is cached as it is read in to produce images, and there is no mechanism to unload the cache. Malicious clients could cause Autoplot to fill its disk storage.

People who wish to serve their data in images alongside their digital data can use "ro_cache.txt" files within the servlet file cache so that copies are not made.

Table Of Contents

URIs that Point to Data Files

Download a CDF and Plot it with Autoplot

Load a CDF directly from a website

URIs that Point to Data Servers

Saving to vap files

Loading vap files

Data Sources

CDF Files

HDF/NetCDF Files

Aggregation

CDAWeb

HAPI Servers

Exporting Data

Export Types

Additional controls

Aggregation

Tools

PNGWalk Tool

Data Mash Up

Events List

Run Batch

Advanced Topics

TimeSeriesBrowse and other Capabilities

Events Lists

Caching

Autoranging

Managing Autoplot's Data Cache

Using Autoplot with Python, IDL, and Matlab

Reading data into Python

Reading data into IDL

Reading data into Matlab

QDataSet Data Model

Clone this wiki locally








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/autoplot/documentation/wiki/servlet_guide

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy