The following is a requirements document for the OpenACS 4.0 +request processor. The major enhancements in the 4.0 version +include a more sophisticated directory mapping system that allows +package pageroots to be mounted at arbitrary urls, and tighter +integration with the database to allow for flexible user controlled +url structures, and subsites.
+Most web servers are designed to serve pages from exactly one +static pageroot. This restriction can become cumbersome when trying +to build a web toolkit full of reusable and reconfigurable +components.
+The request processor's functionality can be split into two +main pieces.
Set up the environment in which a server side script expects to +run. This includes things like:
Initialize common variables associated with a request.
Authenticate the connecting party.
Check that the connecting party is authorized to proceed with +the request.
Invoke any filters associated with the request URI.
Determine to which entity the request URI maps, and deliver the +content provided by this entity. If this entity is a proc, then it +is invoked. If this entitty is a file then this step involves +determining the file type, and the manner in which the file must be +processed to produce content appropriate for the connecting party. +Eventually this may also require determining the capabilities of +the connecting browser and choosing the most appropriate form for +the delivered content.
It is essential that any errors that occur during the above +steps be reported to developers in an easily decipherable +manner.
+10.0 Multiple +Pageroots
++10.10 Pageroots may +be combined into one URL space.
+10.20 Pageroots may +be mounted at more than one location in the URL space.
+
20.0 Application +Context
+20.10 The request +processor must be able to determine a primary context or state +associated with a pageroot based on it's location within the +URL space.
30.0 +Authentication
+30.10 The request +processor must be able to verify that the connecting browser +actually represents the party it claims to represent.
40.0 +Authorization
+40.10 The request +processor must be able to verify that the party the connecting +browser represents is allowed to make the request.
50.0 +Scalability
+