 2008 Pearson Education, Inc. All rights reserved. 1 21 Web Servers (IIS and Apache)

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.

DT228/3 Web Development WWW and Client server model.

 2004 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.

 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.

Web App Development with ASP.NET. Introduction In this chapter, we introduce web-app development with Microsoft’s ASP.NET technology. Web-based apps create.

Layer 7- Application Layer

Introduction to Web Database Processing

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

 2002 Prentice Hall. All rights reserved. 1 Chapter 6 – Introduction to the Common Gateway Interface (CGI) Outline 6.1 Introduction 6.2 Client and Web.

Introduction to Web Interface Technology (CSE2030)

1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.

Computer Science 101 Web Access to Databases Overview of Web Access to Databases.

Internet Basics.

Chapter 2 Introduction to HTML5 Internet & World Wide Web How to Program, 5/e Copyright © Pearson, Inc All Rights Reserved.

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Linux Operations and Administration

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

17 Web Servers (Apache and IIS)

1 Web Servers (IIS and Apache) Outline 9.1 Introduction 9.2 HTTP Request Types 9.3 System Architecture 9.4 Client-Side Scripting versus Server-Side Scripting.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

CSCI 323 – Web Development Chapter 1 - Setting the Scene We’re going to move through the first few chapters pretty quick since they are a review for most.

INTRODUCTION TO WEB DATABASE PROGRAMMING

T U T O R I A L  2009 Pearson Education, Inc. All rights reserved Bookstore Web Application Introducing Visual Web Developer 2008 Express and the.

© Copyright by Deitel & Associates, Inc. and Pearson Education Inc. All Rights Reserved. 1 Outline 29.1 Multi-Tier Architecture 29.2 Web Servers.

Web Servers1-1 Web Servers Xingquan (Hill) Zhu

1 Web Server Concepts Dr. Awad Khalil Computer Science Department AUC.

Copyright © cs-tutorial.com. Introduction to Web Development In 1990 and 1991,Tim Berners-Lee created the World Wide Web at the European Laboratory for.

Chapter 6: Forms JavaScript - Introductory. Previewing the Product Registration Form.

Chapter 1: Introduction to Web

DATA COMMUNICATION DONE BY: ALVIN SAMPATH CARLVIN SAMPATH.

JavaScript, Fourth Edition Chapter 12 Updating Web Pages with AJAX.

5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

 2001 Prentice Hall, Inc. All rights reserved. 1 Chapter 21 - Web Servers (IIS, PWS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3.

 2008 Pearson Education, Inc. All rights reserved Introduction to XHTML.

Database-Driven Web Sites, Second Edition1 Chapter 5 WEB SERVERS.

MySQL and PHP Internet and WWW. Computer Basics A Single Computer.

 2004 Prentice Hall, Inc. All rights reserved. 1 Segment – 6 Web Server & database.

Kingdom of Saudi Arabia Ministry of Higher Education Al-Imam Muhammad Ibn Saud Islamic University College of Computer and Information Sciences Chapter.

1 Welcome to CSC 301 Web Programming Charles Frank.

 2006 Pearson Education, Inc. All rights reserved Web Programming.

1 MSCS 237 Overview of web technologies (A specific type of distributed systems)

1 Web Servers (Chapter 21 – Pages( ) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System Architecture.

Internet & World Wide Web How to Program, 5/e. © by Pearson Education, Inc. All Rights Reserved.2 Revised by Dr. T. Tran for CSI3140.

 2008 Pearson Education, Inc. All rights reserved. Chapter 17 Web Servers (Apache and IIS) Internet & World Wide Web How to Program, 5/e.

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 1 Fundamentals.

Web Design and Development. World Wide Web  World Wide Web (WWW or W3), collection of globally distributed text and multimedia documents and files 

Module: Software Engineering of Web Applications Chapter 2: Technologies 1.

27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Introduction and Principles Web Server Scripting.

Internet Applications (Cont’d) Basic Internet Applications – World Wide Web (WWW) Browser Architecture Static Documents Dynamic Documents Active Documents.

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.

JavaScript and Ajax (Internet Background) Week 1 Web site:

COSC 2328 – Web Programming.  PHP is a server scripting language  It’s widely-used and free  It’s an alternative to Microsoft’s ASP and Ruby  PHP.

Copyright © 2011 Pearson Addison-Wesley Web Servers and Projects Deployment Chapter 11 – Slide 1.

National College of Science & Information Technology.

1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.

Web Technology Seminar

Web Development Web Servers.

E-commerce | WWW World Wide Web - Concepts

E-commerce | WWW World Wide Web - Concepts

PHP / MySQL Introduction

IS333D: MULTI-TIER APPLICATION DEVELOPMENT

17 Web Servers (Apache and IIS)

Client side & Server side scripting

17 Web Servers (Apache and IIS)

Web Servers (IIS and Apache)

Presentation transcript:

 2008 Pearson Education, Inc. All rights reserved Web Servers (IIS and Apache)

 2008 Pearson Education, Inc. All rights reserved. 2 Stop abusing my verses, or publish some of your own. — Martial There are three difficulties in authorship: to write anything worth the publishing, to find honest men to publish it, and to get sensible men to read it. — Charles Caleb Colton When your Daemon is in charge, do not try to think consciously. Drift, wait and obey. — Rudyard Kipling

 2008 Pearson Education, Inc. All rights reserved. 3 OBJECTIVES In this chapter you will learn:  To understand a web server’s functionality.  To introduce Microsoft Internet Information Services (IIS) and Apache HTTP Server.  To set up virtual directories from which content can be served.  To test whether you set up the virtual directory properly.

 2008 Pearson Education, Inc. All rights reserved Introduction 21.2 HTTP Transactions 21.3 Multitier Application Architecture 21.4 Client-Side Scripting versus Server-Side Scripting 21.5 Accessing Web Servers 21.6 Microsoft Internet Information Services (IIS) Microsoft Internet Information Services (IIS) 5.1 and Microsoft Internet Information Services (IIS) Apache HTTP Server 21.8 Requesting Documents 21.9 Web Resources

 2008 Pearson Education, Inc. All rights reserved Introduction A web server responds to client requests (typically from a web browser) by providing resources such as XHTML documents. When users enter a Uniform Resource Locator (URL) address, such as into a web browser, they are requesting a specific document from a web server. The web server maps the URL to a resource on the server (or to a file on the server’s network) and returns the requested resource to the client. A web server and a client communicate using the platform-independent Hypertext Transfer Protocol (HTTP), a protocol for transferring requests and files over the Internet or an intranet.

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions The HTTP protocol allows clients and servers to interact and exchange information in a uniform and reliable manner. HTTP uses URIs (Uniform Resource Identifiers) to identify data on the Internet. URIs that specify document locations are called URLs (Uniform Resource Locators). Common URLs refer to files, directories or objects that perform complex tasks, such as database lookups and Internet searches. A URL contains information that directs a browser to the resource that the user wishes to access. indicates that the resource is to be obtained using the HTTP protocol.

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions (Cont.) Fully qualified hostname – the name of the server on which the resource resides, called the host A hostname is translated into an IP address—a unique numerical value which identifies the server much as a telephone number uniquely defines a particular phone line – Translation is performed by a domain name system (DNS) server—a computer that maintains a database of hostnames and their corresponding IP addresses—and the process is called a DNS lookup The remainder of the URL after the hostname specifies both the name of the requested resource and its path, or location, on the web server For security reasons the path normally specifies the location of a virtual directory. The server translates the virtual directory into a real location on the server (or on another computer on the server’s network), thus hiding the true location of the resource Some resources are created dynamically and do not reside anywhere on the server

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions (Cont.) When given a URL, a web browser performs a simple HTTP transaction to retrieve and display the web page found at that address. HTTP method get indicates that the client wishes to obtain a resource from the server. The remainder of the request provides the path name of the resource (e.g., an XHTML document) and the protocol’s name and version number ( HTTP/1.1 ). Any server that understands HTTP can receive a get request and respond appropriately. HTTP status code 200 indicates success. Status code 404 informs the client that the web server could not locate the requested resource. A complete list of numeric codes indicating the status of an HTTP transaction can be found at

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions (Cont.) In a response, the server sends one or more HTTP headers, which provide additional information about the data that will be sent. Multipurpose Internet Mail Extensions (MIME) is an Internet standard that specifies data formats so that programs can interpret data correctly. The MIME type text/plain indicates that the sent information is text that can be displayed directly, without any interpretation of the content as XHTML markup. The MIME type image/jpeg indicates that the content is a JPEG image. When the browser receives this MIME type, it attempts to display the image. The header or set of headers is followed by a blank line, which indicates to the client browser that the server is finished sending HTTP headers.

 2008 Pearson Education, Inc. All rights reserved. 10 Fig | Client interacting with web server. Step 1: The GET request.

 2008 Pearson Education, Inc. All rights reserved. 11 Fig | Client interacting with web server. Step 2: The HTTP response.

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions (Cont.) Two most common HTTP request types – get and post – get request typically gets (or retrieves) information from a server. Common uses of get requests are to retrieve an XHTML document or an image, or to fetch search results based on a user-submitted search term. – post request typically posts (or sends) data to a server. Common uses of post requests are to send information to a server, such as authentication information or data from a form that gathers user input. – An HTTP request often posts data to a server-side form handler that processes the data. – A get request sends information to the server as part of the URL in a query string. A ? separates the query string from the rest of the URL in a get request. A name/value pair is passed to the server with the name and the value separated by an equals sign ( = ). If more than one name/value pair is submitted, each pair is separated by an ampersand ( & ). – A get request may be initiated by submitting an XHTML form whose method attribute is set to "get", or by typing the URL (possibly containing a query string) directly into the browser’s address bar – A post request is specified in an XHTML form by the method "post ". The post method sends form data as an HTTP message, not as part of the URL. – A get request limits the query string to a specific number of characters (2083 in IE; more in other browsers). – Large pieces of information must be sent using the post method.

 2008 Pearson Education, Inc. All rights reserved. 13 Software Engineering Observation 21.1 The data sent in a post request is not part of the URL and the user can’t see the data by default. However there are tools available that expose this data, so you should not assume that the data is secure just because a post request is used.

 2008 Pearson Education, Inc. All rights reserved HTTP Transactions (Cont.) Browsers often cache web pages so they can quickly reload the pages. If there are no changes between the version stored in the cache and the current version on the web, this helps speed up your browsing experience.

 2008 Pearson Education, Inc. All rights reserved Multitier Application Architecture Web-based applications are multitier applications that divide functionality into separate tiers. Although tiers can be located on the same computer, the tiers of web-based applications typically reside on separate computers. The bottom tier (also called the data tier or the information tier) maintains the application’s data. The middle tier implements business logic, controller logic and presentation logic to control interactions between the application’s clients and its data. Business logic in the middle tier enforces business rules and ensures that data is reliable before the server application updates the database or presents the data to users. Business rules dictate how clients can and cannot access application data, and how applications process data. The top tier, or client tier, is the application’s user interface. In response to user actions, the client tier interacts with the middle tier to make requests and to retrieve data from the information tier. The client tier then displays the data retrieved for the user. The client tier never directly interacts with the information tier.

 2008 Pearson Education, Inc. All rights reserved. 16 Fig | Three-tier architecture.

 2008 Pearson Education, Inc. All rights reserved Client-Side Scripting versus Server- Side Scripting Client-side scripting can be used to validate user input, to interact with the browser, to enhance web pages by manipulating the DOM of a page, and to add Ajax functionality. Client-side scripting does have limitations, such as browser dependency; the browser or scripting host must support the scripting language and capabilities. Client-side scripts can be viewed by the client by using the browser’s source-viewing capability. Sensitive information, such as passwords or other personally identifiable data, should not be stored or validated on the client.

 2008 Pearson Education, Inc. All rights reserved Client-Side Scripting versus Server- Side Scripting (Cont.) Placing large amounts of JavaScript on the client can open web applications to attack and other security issues. Code executed on the server often generate custom responses for clients. Server-side scripting languages have a wider range of programmatic capabilities than their client-side equivalents. For example, server-side scripts often can access the server’s file directory structure, whereas client- side scripts cannot access the client’s directories. Properly configured server-side scripts are not visible to the client; only XHTML and any client-side scripts are visible to the client.

 2008 Pearson Education, Inc. All rights reserved. 19 Software Engineering Observation 21.2 Properly configured server-side script source code is not visible to the client; only XHTML and any client-side scripts are visible to the client.

 2008 Pearson Education, Inc. All rights reserved Accessing Web Servers To request documents from web servers, users must know the hostnames on which the web server software resides. Users can request documents from local web servers or remote web servers. Local web servers can be accessed through your computer’s name or through the name localhost —a hostname that references the local machine and normally translates to the IP address (also known as the loopback address).

 2008 Pearson Education, Inc. All rights reserved Microsoft Internet Information Services (IIS) Microsoft Internet Information Services (IIS) is a web server that is included with several versions of Windows. Installing IIS on a machine allows that computer to serve documents. To install IIS 5.1 on Windows XP, you may need your original operating-system disk. For IIS 6.0 (Windows Server 2003) and IIS 7.0 (Windows Vista), the software should already be installed, but is also available on your installation disk. You place documents that will be requested from IIS either in the default directory or in a virtual directory. A virtual directory is an alias for an existing directory that resides on the local machine or on the network. In Windows Vista, before you can use IIS, you must enable the World Wide Web Publishing Service (W3SVC).

 2008 Pearson Education, Inc. All rights reserved. 22 Fig | Internet Information Services window of IIS 5.1.

 2008 Pearson Education, Inc. All rights reserved. 23 Fig | Virtual Directory Creation Wizard welcome page.

 2008 Pearson Education, Inc. All rights reserved. 24 Fig | Virtual Directory Alias page of the Virtual Directory Creation Wizard.

 2008 Pearson Education, Inc. All rights reserved. 25 Fig | Web Site Content Directory page of the Virtual Directory Creation Wizard.

 2008 Pearson Education, Inc. All rights reserved. 26 Fig | Access Permissions page of the Virtual Directory Creation Wizard.

 2008 Pearson Education, Inc. All rights reserved. 27 Fig | Internet Information (IIS) Services Manager window (IIS 7.0).

 2008 Pearson Education, Inc. All rights reserved. 28 Fig | Add Virtual Directory dialog.

 2008 Pearson Education, Inc. All rights reserved Apache HTTP Server The Apache HTTP Server, maintained by the Apache Software Foundation, is currently the most popular web server. It is open source software that runs on UNIX, Linux, Mac OS X, Windows and numerous other platforms. Mac OS X and many versions of Linux come preinstalled with Apache. You can obtain the Apache HTTP Server for a variety of platforms from httpd.apache.org/download.cgi. All documents that will be requested from an Apache HTTP Server must be either in the default directory or in a directory for which an Apache HTTP Server alias is configured. An alias is Apache’s equivalent to Microsoft IIS’s virtual directory. It is a pointer to an existing directory that resides on the local machine or on the network. The httpd.conf file contains all the information that the Apache HTTP Server needs to run correctly and serve web documents. An introductory comment at the top of the httpd.conf file explains how the file is organized. After this comment, the configuration information starts with the most important, global settings.

 2008 Pearson Education, Inc. All rights reserved. 30 Fig | Apache Service Monitor. (Courtesy of The Apache Software Foundation,.)

 2008 Pearson Education, Inc. All rights reserved. 31 Good Programming Practice 21.1 Place a small comment near any changes you make to the Apache httpd.conf file.

 2008 Pearson Education, Inc. All rights reserved. 32 Error-Prevention Tip 21.1 If you place a forward slash (/) at the end of the alias name, Apache will require this slash when a document is requested from the server. For example, if your alias is /myExamples/, then a user request for will not work as expected. The user will need to request to access the alias. If the forward slash ( / ) is not placed at the end of the alias name, Apache will not require this slash, and will work as expected whether or not it is present in the request.

 2008 Pearson Education, Inc. All rights reserved Requesting Documents The server sends XHTML documents to the client as static web pages. The server response for a given XHTML document is always the same. For other types of documents, such as PHP, Ruby on Rails, ASP.NET and JavaServer Faces, the appropriate language interpreter or scripting engine first generates XHTML content, then transmits it to the client over HTTP. These are often referred to as dynamic web pages, because the results of these requests might vary based on numerous factors, such as user input, the time of day and current database content. A file cannot be copied directly to a virtual directory, because a virtual directory is only a name referring to a physical local directory. To request the document from IIS or Apache, start the server, launch a web browser and enter the XHTML document’s URL (i.e., ) in the Address field.

 2008 Pearson Education, Inc. All rights reserved. 34 Fig | Requesting test.html.