In addition to the many OHS configuration directives you have learned about so far, Oracle HTTP Server provides two special directives, Options and AllowOverride, which you can use to allow or disable several features of the Oracle HTTP Server.
You use the Options directive to configure the server features available in a directory. In other words, you enable or disable specific HTTP server features with the Options directive. You thus can use the Options directive to control what programmers can and can't do with a directory The syntax of the Options directives is as follows:
Options [+|-]option [[+|-]option] ...
If you set the Options directive to None, no extra features are enabled whatsoever.
All The All option means that all options are allowed, and this is the default parameter for the Options directive. The only exceptions are the MultiViews directive, which isn't allowed by default. Of course, any mutually exclusive directives such as Includes and IncludesNoexec won't be allowed together.
ExecCGI If you want CGI scripts to be allowed, you must set this parameter. The only exception is for directories defined with ScriptAlias.
FollowSymLinks This parameter allows the HTTP Server to follow symbolic links for files or directories. However, this parameter doesn't affect the contents of the Location container.
SymlinksIfOwnerMatch This is a more limited version of the FollowSymLinks parameter; it allows the HTTP Server to follow symbolic links only if the target file (or directory) and the symbolic link are owned by the same user.
Includes The Includes parameter controls the execution of server-side includes (SSI).
IncludesNOEXEC The IncludesNOEXEC parameter allows server-side includes but won't allow CGI script execution via the #exec and #include commands.
Indexes This parameter will return a listing of the directory contents when a URL maps to a directory and there's no index file associated with the DirectoryIndex directive.
MultiViews The option will allow content-negotiated multiple views.
If multiple options are applicable to the same directory, the options aren't merged. OHS will use the most specific options and ignore the rest. However, if you prefix all the options under the Options directive with a + or -- sign, OHS will merge the various options. The options you specify with the + sign will be added to the current options being used, and those you prefix with the -- sign will be removed from the currently operative options.
Here's an example showing the use of the Options directive without the + and -- symbols:
As you can see, only the Includes option will be used for the /web/docs/test directory. This means that I'm replacing the set of options for the /web/docs/ directory (Indexes, FollowSymLinks) with the single Includes option, for the /web/docs/test directory. If instead, I want to add the Includes option to the existing option FollowSymLinks and not use the Indexes option, I can do so by using the + and --symbols, as shown here:
Whereas the Options directive lets you enable and disable features, the AllowOverride directive lets you exercise an even finer-grained control over several HTTP Server features. As you can recall, the per-directory configuration files, called .htaccess files,
supplement the main OHS server configuration file, httpd.conf. The AllowOverride directive determines which of the directives in a directory .htaccess file can override the server configuration. The HTTP Server will consider any .htaccess file in a directory as though they were in a Directory container.
Directives in lower Directory containers will have preferences over directives in the higher directories. The default setting or the AllowOverride directive is ALL, which enables the overriding of all directives. The HTTP server will merge the directives in all .htaccess files at the same level. Here are the other options for the AllowOverride directive:
Here's an example showing how to use the AllowOverride directive:
AllowOverride AuthConfig Indexes
blog comments powered by Disqus