1. Technical Field
The present invention relates generally to Web transaction processing and more particularly to techniques for enabling continuous access to Web documents stored in a secure distributed file system.
2. Description of the Related Art
The World Wide Web (WWW) of the Internet is the most successful distributed application in the history of computing. A conventional Web transaction involves a "client," which runs a browser, and a "server." In response to specification of a link at the browser, the client makes a request to the server identified in the link and, in return, receives a document or other object formatted according to HTML.
The Web server is usually a standalone file server that services various Web document requests. Because the server is self-contained, Web site administration is cumbersome because access control must be individualized for each device. Moreover, private and public enterprises are now setting up so-called "Intranets" within their organizations to allow employees and customers to access data on their own corporate Web sites. Such organizations use multiple computers interconnected into a distributed computing environment in which users access distributed resources and process applications. A known distributed computing environment, called DCE, has been implemented using software available from the Open Systems Foundation (OSF). As DCE environments become the enterprise solution of choice, many applications may be utilized to provide distributed services such as data sharing, printing services and database access. OSF DCE includes a distributed file system, called Distributed File Services (DFS), for use in these environments.
DFS provides many advantages over a standalone file server, such as higher availability of data and resources, the ability to share information throughout a very large-scale system, and protection of information by the robust DCE security mechanism. In particular, DFS makes files highly available through replication, making it possible to access a copy of a file if one of the machines where the file is located goes down. DFS also brings together all of the files stored in various file systems in a global namespace. Multiple servers can export their file system to this namespace. All DFS users, in the meantime, share this namespace, making all DFS files readily available from any DFS client machine.
As described in copending application, Ser. No. 08/790,042, titled "Method And Apparatus For Enabling A Web Server To Impersonate A User Of A Distributed File System To Obtain Secure Access To Supported Web Documents," assigned to the assignee of the present application, it has been proposed to extend the functionality of existing standalone Web servers in the enterprise environment to take advantage of the scalability, file availability and security features of DFS (or other similar distributed file systems). As a by-product, users with an off-the-shelf browser would be able to easily access the Web information stored in the DFS namespace with no additional software on the client machine. In the proposed system illustrated in that copending application, a Web server and a DFS client both run on the same machine to provide secure access to DFS files via a Web browser. One of the components that makes this operation possible is a so-called "session manager." The session manager performs a "proxy DCE login" on behalf of a Web server process that is attempting to access the DFS filespace. In particular, the session manager provides the Web server process with a "DCE login context" (sometimes referred to as a "credential") that enables the Web server process to access DFS files securely with a valid DCE user identity.
The session manager is described as a process that is started at the same time as the Web server. Theoretically, the process runs forever, accepting requests from server processes for "proxy DCE logins" and maintaining an in-memory database of "DCE login context" information to help serve "repeated login requests" more quickly. The session manager, as envisioned in the above-identified application, must make calls to a security service to complete a proxy login. When these calls are made, memory must be allocated by the underlying DCE security code; this memory holds information associated with the DCE login context that is created. This memory is allocated within the virtual address space of the session manager process.
The management of this virtual memory is a challenge for the DCE security component. In the first instance, memory leak problems in the DCE code have been discovered with regularity. Any amount of memory leak, however, can be fatal to a theoretically "persistent" process as the virtual memory space becomes "bloated" and ultimately, unusable. Additionally, the DCE security code contains sophisticated memory re-use algorithms that prevent "memory login contexts" from being freed even after the owning process (e.g., session manager) instructs the DCE security component to release them. Experience with the memory management behavior of the DCE security component has also shown that, as a result of these issues, the session manager process will likely be challenged to survive for extended periods as its virtual memory pool continues to grow. If the session manager process aborts, further browser access to the DFS filespace is unavailable until session manager's "death" is somehow discovered and thereafter addressed (e.g., by manually restarting the session manager, or possibly by stopping and restarting the Web server itself).
The present invention addresses and solves this problem.