|
|
|
Jagdish Gangolly |
|
State University of New York at Albany |
|
|
|
|
Three-tier web commerce systems |
|
Advantages of server-side programming |
|
Advantages of Servlets over CGI |
|
J2EE Architecture |
|
Web Containers |
|
HTTP Protocol |
|
J2EE Support for Web Applications |
|
|
|
|
|
Database Tier (Database logic) |
|
SQL, XML |
|
Application Tier (Application/Business logic) |
|
Java Servlets, Java Server Pages (JSP), ISAPI,
NSAPI, Active Server Pages (ASP) |
|
XML, SQL/OQL,… |
|
Presentation Tier |
|
XSL/XSLT, XHTML, XML |
|
|
|
|
Greater control |
|
Avoid browser compatibility problems |
|
Reliability |
|
|
|
|
|
|
|
Efficiency: HTTP requests are handled by a
lightweight thread managed by a servlet engine (in CGI, HTTP requests spawn
OS processes) |
|
Convenience: Java provides outstanding
infrastructure for parsing/decoding HTML data, reading/setting HTTP
headers, session tracking, cookies,… |
|
Communication with webservers: |
|
Servlets communicate directly, whereas CGI
scripts communicate through webserver-specific APIs |
|
Multiple servlets can share data, so it is
easier to implement resource-sharing optimisations such as database
connection pooling |
|
|
|
|
|
|
|
Program portability: Standard APIs |
|
Security: |
|
Buffer flow attacks avoided |
|
Execution in CGI programs often in shells |
|
Memory protection features (array/bound
checking, etc.) |
|
Inexpensive: |
|
|
|
Source: Core Servlets and JavaServer Pages, by
Marty Hall (Prentice |
|
Hall, 2000) |
|
|
|
|
|
APIs that any J2EE platform must support |
|
JDBC (Java DataBase Connectivity) |
|
RMI-IIOP (Remote Method Invocation – Internet
Inter-ORB Protocol) |
|
EJB (Enterprise JavaBeans) |
|
Java Servlets |
|
JSP (Java Server Pages) |
|
JMS (Java Message Service) |
|
JNDI (Java Naming & Directory Interface) |
|
Java Transaction API |
|
JavaMail |
|
|
|
|
|
Containers |
|
Web containers |
|
EJB containers |
|
Container Architecture |
|
Application components (Servlets, JSPs, EJBs) |
|
Deployment descriptor (an XML file describing
the application components) |
|
Component contract |
|
Container service APIs |
|
Declaration services |
|
Other container services |
|
|
|
|
|
|
|
|
|
Web components |
|
Servlets: application logic embedded in HTTP
request/response process |
|
JSP: can contain HTML, java code, and java bean
components. JSP pages are compiled into servlets. Separation of web
development from application development |
|
Enterprise JavaBean components: Reusable
software units containing business logic. Allows separation of application
logic from system level services |
|
|
|
|
|
Application clients |
|
Fat clients |
|
Applicastion logic processed by client |
|
Require installation on each desktop |
|
Web clients |
|
Thin clients |
|
Browsers manage user interaction |
|
All other client responsibilities met by the
server |
|
|
|
|
|
Application level protocol (top layer) |
|
Stateless protocol based on request/response |
|
Persistent (with or without pipelining) vs.
Non-persistent connections |
|
URL Request Protocol: |
|
Protocol Servername Filepath |
|
Protocols: http, https, ftp, file, news,
nntp,mailto, telnet, gopher, Javascript |
|
|
|
|
|
|
|
|
|
Client Request: |
|
|
|
Method
Request-URI Protocol |
|
GET /index.html HTTP/1.0 |
|
|
|
Methods: OPTIONS, GET, HEAD, POST, PUT DELETE,
TRACE |
|
|
|
|
|
|
cayley:/home2/faculty/gangolly % telnet
www.albany.edu 80 |
|
Trying 169.226.1.109... |
|
Connected to maenad.csc.albany.edu. |
|
Escape character is '^]'. |
|
HEAD /index.html HTTP/1.0 |
|
HTTP/1.1 408 Request Timeout |
|
Server: Netscape-Enterprise/4.1 |
|
Date: Mon, 12 Feb 2001 18:27:11 GMT |
|
Content-length: 148 |
|
Content-type: text/html |
|
Connection: close |
|
|
|
<HTML><HEAD><TITLE>Request
Timeout</TITLE></HEAD> |
|
<BODY><H1>Request Timeout</H1> |
|
The server timed out waiting for the client
request. |
|
</BODY></HTML>Connection closed by
foreign host. |
|
cayley:/home2/faculty/gangolly % |
|
|
|
|
|
|
|
|
|
|
|
Syntax: |
|
Protocol
Status-code Description |
|
HTTP/1.1 408 Request Timeout |
|
|
|
|
|
|
Allow application logic to be embedded in the
HTTP request/response process |
|
Servlets extend the functionality of webservers |
|
HTTP protocol only what requests or responses
can be made, not how the responses are to be generated (that is the concern
of application logic) |
|
Servlets are user-invokable applications |
|
|
|
|
|
|
|
Browser sends request to webserver |
|
Webserver delegates the request to J2EE web
container if the request is in servlet context (sort of like server
invoking a method on the web container) |
|
The web container maps the request to a servlet,
JSP, or a static page. The application should specify the mapping |
|
If the request is mapped to a servlet, web
container creates/locates a servlet instance and delegates the request,
passing the objects encapsulating HTTP request and response (request &
response streams) |
|
|
|
|
|
|
|
|
|
|
Parameters initialisation: Database logins such
as URL strings, Ids, Passwords, etc. |
|
Servlets/JSP definitions: Name of servlet/JSP
and description |
|
Servlet/JSP mappings: Mapping requests to
servlets/JSPs |
|
MIME types: Content types for each application |
|
Security: logins |
|
Notes