[Top] [Prev] [Next] [Bottom]

1 The Fast Common
Gateway Interface

The Fast Common Gateway Interface (FastCGI) is an enhancement to the existing CGI (Common Gateway Interface), which is a standard for interfacing external applications with Web servers.

FastCGI is a proposed open standard and we expect both free and commercial Web servers to support it. FastCGI is included in Open Market WebServer and Secure WebServer, versions 2.0 and greater.

Advantages of FastCGI

FastCGI extends and enhances the CGI model in several ways:

Long-lived Applications

CGI applications are ephemeral and short-lived: each time a client requests a CGI application, the server asks the operating system to spawn a new CGI process. After the CGI process satisfies the request, the server kills it. The server spawns and subsequently kills a new process for each client request.

FastCGI applications are long-lived, and can persist between client calls. The server spawns the FastCGI process once and it continues to run and satisfy client requests until it is explicitly terminated. You can also ask the Web server to start multiple copies of a FastCGI application, if you expect that concurrent processing will improve the application's performance.

Long-lived applications have two important advantages over short-lived applications:

FastCGI is not the only way to get a long-lived application on the Web, however. For example, there are many existing search engines that are implemented as long-lived applications.

In most cases, these applications rely on customized Web servers. In other words, since most Web servers do not support long-lived applications, a programmer must code this support into a Web server. This approach requires a tremendous amount of work and also ties the application to a particular server.

Another way to get a long-lived application is to write code that calls routines from the Web server's API. This alternative involves a lot of extra coding, ties the application to a particular Web server, and introduces problems of maintainability, scalability, and security.

We believe that FastCGI is the most general and flexible strategy for building long-lived Web applications.

Separating Application and Server

CGI applications must run on the same node as the Web server; FastCGI applications can run on any node that can be reached from your Web server using TCP/IP protocols. For example, you might want to run the FastCGI application on a high-speed computer server or database engine, and run the Web server on a different node.

FastCGI "Roles"

CGI and FastCGI applications are effective ways to allow an application to act as an extension to the Web server. CGI provides no explicit support for different kinds of applications: under CGI, every application receives an HTTP request, does something with it, and generates an HTTP response. FastCGI provides explicit support for several common "roles" that applications can play.

The three roles supported by the WebServer 2.0 are:

Responder Applications

A responder application is the most basic kind of FastCGI application: it receives the information associated with an HTTP request and generates an HTTP response. Responder is the role most similar to traditional CGI programming, and most FastCGI applications are responders.

Filter Applications

A filter FastCGI application receives the information associated with an HTTP request, plus an extra stream of data from a file stored on the Web server, and generates a "filtered" version of the data stream as an HTTP response.

With filter applications, the system administrator maps a particular MIME-type to a particular filter FastCGI application. When a client requests a URL with that MIME-type, the Web server invokes the filter application, which processes the file at the specified URL and sends a response (usually HTML text) back to the client.

For example, suppose you write a filter FastCGI application that converts SGML text to HTML, and map the extension .sgml (MIME-type SGML) to your filter FastCGI application. Now, suppose that a user requests the following URL:


Given this URL, the Web server passes chap1.sgml as input to your filter FastCGI application, which processes chap1.sgml and returns an HTML version of it to the requesting client.

Authorizer Applications

An authorizer FastCGI application receives the information in an HTTP request header and generates a decision whether to authorize the request.

To mark a FastCGI application as having the authorizer role, the system administrator names the application inside the server configuration file, using a directive called AuthorizeRegion. (See the Open Market Web Server manual for information on server configuration directives.)

When a client requests a URL that meets the AuthorizeRegion criteria, the Web server calls your authorizer FastCGI application. If your application grants authorization (by returning a response code of 200), the Web server resumes execution of commands in the AuthorizeRegion section. If your application denies authorization (by returning any other response code), the Web server stops processing subsequent commands in the AuthorizeRegion section, and returns the response from your FastCGI application to the client.

Authorizer applications can return headers containing environment variables. Other CGI or FastCGI programs accessing this request (including other authorizers) can access these environment variables. The headers must have the following format:

Variable-name: value

For example, the following header

Variable-AUTH_METHOD: database lookup

causes the environment variable AUTH_METHOD to be set to "database lookup" for this request. Other CGI or FastCGI applications running on this request can access the value of AUTH_METHOD.

Authorizer applications cannot successfully read from standard input. Any attempts to read from standard input result in an immediate EOF.

All data that authorizer applications write to standard error will get written to the traditional server error logs.

Writing FastCGI Applications

The work involved in writing a FastCGI application depends in large part on the I/O libraries that you use. This manual describes how to write FastCGI applications in terms of the Open Market libraries, which are available for C, Perl, and Tcl. FastCGI is an open standard and you are welcome to build your own libraries for other languages as well, but this manual focuses on building FastCGI applications in the context of the Open Market libraries.

In general, the goal of the libraries is to make the job of writing a FastCGI application as much like writing a CGI application as possible. For example, you use the same techniques for query string decoding, HTML output to stdout, use of environment variables, and so on. When you use our libraries, porting CGI applications to FastCGI is mostly a matter of restructuring the code to take advantage of FastCGI features and libraries.

Code Structure

The main task of converting a CGI program into a FastCGI program is separating the initialization code from the code that needs to run for each request. The structure should look something like this:

Initialization code

Start of response loop

   body of response loop

End of response loop

The initialization code is run exactly once, when the application is initialized. Initialization code usually performs time-consuming operations such as opening databases or calculating values for tables or bitmaps.

The response loop runs continuously, waiting for client requests to arrive. The loop starts with a call to FCGI_Accept, a routine in the FastCGI library. The FCGI_Accept routine blocks program execution until a client requests the FastCGI application. When a client request comes in, FCGI_Accept unblocks, runs one iteration of the response loop body, and then blocks again waiting for another client request. The loop terminates only when the system administrator or the Web server kills the FastCGI application.

Initial Environment Variables

When a FastCGI process starts up, it has not yet accepted a request, and therefore none of the CGI environment variables are set.

You set the initial environment of a FastCGI process started by the AppClass directive using the -initial-env option. The process would use this environment to configure its options and locate files or databases.

In FastCGI processes started by the AppClass directive with the -affinity option, the FCGI_PROCESS_ID variable is set in the initial environment (not in the environment of a request). FCGI_PROCESS_ID is a decimal number in the range 0 to N - 1 where N is the number of processes (argument to the -processes option to AppClass). The process would use FCGI_PROCESS_ID in conjunction with other variables to locate session-related files or databases during restart.

Per-Request Environment Variables

In general, FastCGI uses the same per-request environment variables as CGI, and you access the values of environment variables in FastCGI applications just as you would in CGI applications. The only differences are as follows:

Building FastCGI Applications in C

The Software Development Toolkit that accompanies WebServer 2.0 contains two libraries, fcgi_stdio and fcgiapp, for building FastCGI applications in C.

The fcgi_stdio library implements our philosophy of making FastCGI applications similar to CGI applications, and provides full binary compatibility between FastCGI applications and CGI applications: you can run the same C binary as either CGI or FastCGI.

The fcgiapp library is more specific to FastCGI, and doesn't attempt the veneer of CGI.

We recommend that you use the fcgi_stdio library, and this manual describes the routines in that library. The documentation for the fcgiapp library is in the code in the development kit.

Building FastCGI Applications in Perl

To build FastCGI applications in Perl, you need a FastCGI-savvy version of Perl, plus the FastCGI extension to Perl. We build FastCGI-savvy versions of the Perl interpreter for several common platforms and make them available on our Website. For details and examples, see Chapter 3, "Developing FastCGI Applications in Perl," on page 17.

Building FastCGI Applications in Tcl

To build FastCGI applications in Tcl, you need a FastCGI-savvy version of Tcl. We build FastCGI-savvy versions of the Tcl interpreter for several common platforms and make them available on our Website. For details and examples, see Chapter 4, "Developing FastCGI Applications in Tcl," on page 19.

Implementation Details

The FastCGI application libraries are designed to shield you from the details of the FastCGI design. This section is designed for the curious reader who would like some low-level understanding. If you are not curious about the implementation, you can happily skip this section.

As shown in the following figure, CGI applications use the three standard POSIX streams (stdin, stdout, and stderr), plus environment variables, to communicate with an HTTP server.


Figure 1: Flow of Data in CGI

The fundamental difference between FastCGI and CGI is that FastCGI applications are long-lived, which means that the Web Server needs to rendezvous with a running application, rather than starting the application in order to explicitly communicate with it.

The FastCGI implementation basically creates a bidirectional connection between two processes that have no relationship. FastCGI uses a single connection for all the data associated with an application -- stdin, stdout, stderr, and environment variables. The data on the connection is encapsulated using a FastCGI protocol that allows stdin and the environment variables to share the same half connection (on the way in) and stdout and stderr to share the half connection (on the way out).

On the input side, the FastCGI application receives data on the connection, unpacks it to separate stdin from the environment variables and then invokes the application. On the output side, FastCGI wraps stdout and stderr with appropriate protocol headers, and sends the encapsulated data out to the server.

Since a FastCGI application does not always run on the same node as the HTTP server, we support two implementations of the connection: a stream pipe1, for communications on the same machine, and TCP streams, for communication when the client and the server are on different machines.


Figure 2: Flow of Data in FastCGI when server and application are on different machines

The fcgi_stdio Library: I/O Compatibility

The implementation for I/O compatibility is that the library fcgi_stdio.h contains macros to translate the types and procedures defined in stdio.h into the appropriate FastCGI calls. For example, consider a FastCGI program written in C containing the following line of code:

fprintf(stdout, "<H2>Aerobic Juggling</H2>/n");


header file contains the macro

#define fprintf FCGI_fprintf

So the preprocessor translates the fprintf call into the following call:

FCGI_fprintf(stdout, "<H2>Aerobic Juggling</H2>/n");


takes the same arguments as fprintf.

The implementation of FCGI_fprintf tests the file to see if it is a normal C stream or a FastCGI stream, and calls the appropriate implementation.

The fcgi_stdio.h header file contains macros to translate calls to all ISO stdio.h routines (and all conventional Posix additions, such as fileno, fdopen, popen, and pclose) into their FastCGI equivalents.

The fcgi_stdio Library: Binary compatibility

The fcgi_stdio library provides full binary compatibility between FastCGI applications and CGI applications: you can run the same C binary as either CGI or FastCGI.

The implementation is in FCGI_Accept: the FCGI_Accept function tests its environment to determine whether the application was invoked as a CGI program or an FastCGI program. If it was invoked as a CGI program, the request loop will satisfy a single client request and then exit, producing CGI behavior.

[Top] [Prev] [Next] [Bottom]


UNIX Network Programming, W. Richard Stevens, 1990 Prentice-Hall, Section 7.9