We have implemented a prototype Active Cache as an extension of the the CERN httpd proxy (6, 6). The original CERN httpd software offers traditional caching of Web documents and HTTP protocol support. We have modified the daemon to recognize the CacheApplet header, and to invoke the appropriate applet upon cache hit.
A cache-applet attached document is stored as a regular document in the CERN proxy. The CacheApplet header is stored as part of the document. The header identifies the associated applet and archive. The CERN httpd proxy handles each user request in a separate process. (Despite its process-forking overhead, CERN httpd performs amazingly well compared to other sophisticated proxies (7, 7).) The process model significantly simplifies our implementation, because we can limit the resource consumption of applets by using setrlimit calls prior to calling the applet. Sending the log object back to the server is implemented via a HTTP ``POST'' request to the server. If the server is unreachable, the proxy retries the transmission periodically up to a configurable time period, after which an alert message is sent to the proxy administrator and human intervention is required.
The prototype implements the active cache protocol and the security mechanisms described before. If an applet does not pass the static examination, both the document and the applet are deleted from the cache. All objects created by the applet are stored in a special directory whose name is the applet's URL. The implementation of the write and lock methods limits the operations to the objects in the special directory only. The implementation of the read method verifies that the object has the same URL as the server URL of the applet. The Java run-time environment is set up with the appropriate security manager.