RealityServer Configuration

Directory Directives

Directory Directives

The following directives apply to directories within the content root.

<directory>

Description Enclose a group of directives that apply only to the named file-system directory and sub-directory
Syntax <directory directory-path> ... </Directory>
Context global

<directory> and </directory> are used to enclose a group of directives that will apply only to the named directory and sub-directories of that directory. Any directive that is allowed in a directory context may be used. directory-path is either the path to a directory (relative to the content root), or a wild-card string using Unix shell-style matching. In a wild-card string, ? matches any single character, and * matches any sequences of characters. You may also use [] character ranges and any POSIX 1003.2 extended regular expression character class. None of the wildcards match a '/' character, so <directory /*/images> will not match /applications/myapp/images, but <directory /applications/*/images> will. Note that the '/' character must be used as the directory separator even under a Windows environment. All matches are done against the start of the directory. If the leading '/' character is ommitted from directory-path then it will automatically be added.

If multiple (non-regular expression) <directory> sections match the directory (or one of its parents) containing a document, then the directives are applied in the order of shortest match first.

Note that the default RealityServer access for <directory /> is Deny from All. This means that RealityServer will not serve any files from the content tree. If you wish to serve any content you will need to enable permission to do so, preferrably on a per-directory basis. EG:

<directory /html>
    allow from all
</directory>
<directory /js>
    allow from all
</directory>
            

allow

Description Controls which hosts are allowed access to the server
Syntax allow from all
Context directory

The allow directive affects which areas of the content root can serve static content. Specifying allow for a directory will permit it's files to be served to users.

The first argument to this directive is always from. The only supported value for the second argument is 'all' which allows content to be served to any host, subject to the configuration of the deny and order directives as discussed below.

deny

Description Controls which hosts are denied access to the server
Syntax deny from all
Context directory

This directive allows access to the server to be restricted. The arguments for the deny directive are identical to the arguments for the allow directive.

index

Description Controls which file is served when a directory is requested
Syntax index filename
Context directory

This directive specifies which file should be served when a client HTTP request resolves to a directory rather than a file. The file is searched for relative to the directory requested. If an absolute path is specified then it is absolute relative to the content_root. A relative path cannot reference a file outside of content_root.

The default index for <directory /> is index.html.

order

Description Controls the default access state and the order in which Allow and Deny are evaluated
Syntax order ordering
Context directory

The order directive, along with the allow and deny directives, controls a three-pass access control system. The first pass processes either all allow or all deny directives, as specified by the order directive. The second pass parses the rest of the directives (deny or allow). The third pass applies to all requests which do not match either of the first two.

Note that all allow and deny directives are processed, unlike a typical firewall, where only the first match is used. The last match is effective (also unlike a typical firewall). Additionally, the order in which lines appear in the configuration files is not significant -- all allow lines are processed as one group, all deny lines are considered as another, and the default state is considered by itself.

ordering is one of:

allow,deny
First, all allow directives are evaluated; at least one must match, or the request is rejected. Next, all deny directives are evaluated. If any matches, the request is rejected. Last, any requests which do not match an allow or a deny directive are denied by default.
deny,allow
First, all deny directives are evaluated; if any match, the request is denied unless it also matches an allow directive. Any requests which do not match any allow or deny directives are permitted.

Keywords may only be separated by a comma; no whitespace is allowed between them.

The default order for <directory /> is Deny,Allow.

virtual

Description Specifies a virtual path for a directory.
Syntax virtual directory-path
Context directory

virtual allows for the serving of static data from outside the content root directory. directory-path specifies a directory on the filesystem from which all content that matches this directory pattern will be served. Note that Directory directives that contain virtuals may not contain wildcards within their pattern.

Virtual directories can only be used for serving static content. They may not be used as paths for executing commands or for loading scene data.