Lecture 10 12/3/12 1

$_SERVER Server and execution environment information An array containing information such as headers, paths, and script locations The entries in this array are created by the web server $_SERVER['PHP_SELF'] This is the filename of the currently executing script 2

Resources 3

Server-side scripting web server technology in which a user's request is fulfilled by running a script directly on the web server to generate dynamic web pages It is usually used to provide interactive web sites that interface to databases or other data stores This is different from client-side scripting where scripts are run by the viewing web browser, usually in JavaScript The primary advantage to server-side scripting is the ability to highly customize the response based on the user's requirements, access rights, or queries into data stores 4

Alternatives to PHP Classic ASP PERL.NET JSP 5

PHP and.NET Compiled Code vs. PHP Interpreted Code NET compiles code, such as C#, into what its creators have termed MSIL, or Microsoft Intermediate Language This roughly resembles Java's bytecode, the "binary" you have after you compile the source code 6

Compiled Code vs. PHP Interpreted Code PHP pages will compile into smaller pieces than the equivalent ASP.NET page, because there is more overhead with the intermediate compilation with the CLR 7

Declaration of Independence from <% When a function is declared in ASP.NET it must appear in a block with the language declared Functions must exist in these blocks or else they will generate an error 8

Arrays In ASP.NET the first value will be in the 0 position. This is concurrent with other compiled languages Secondly, in order to access the values in an array from a querystring or the like the GetValues method must be called 9

Example ASP.NET: <% variable1=(Request.QueryString.GetValues("values")(0) %> 10

Error Messages When an ASP.NET page is run, if you are on the machine that the code is being executed on, or you have a web.config file in the root directory of the website configured properly, error messages that appear are quite intuitive 11

Multiple Languages ASP.NET enables you to switch between multiple languages on the same page ASP.NET adds another language to the fold, C#, known as C sharp 12

File Extension ASP.NET pages require a different extension When a page is created in ASP.NET it requires an.aspx extension, which you may notice this web page has as well When a page has this extension IIS knows to treat it as an ASP.NET 13

Useful Resources ll_php2.html ll_php2.html 14

Web Services: Definition Available online (addressable) Uses XML messaging (I, O, or both) Operating system/programming language independent (provider and consumer can be different) Self-describing via a common XML grammar (or at least human-documented) Discoverable via a simple mechanism 15

Human-centric web 16

Application-centric Web 17

Two common Architectures 18 SOAP XML HTTP GET SOAP REST

Web Services Protocol Stack 19

Web Services Protocol Stack Service transport layer - responsible for transporting messages between applications. XML messaging layer - responsible for encoding messages in a common XML format so that messages can be understood at either end. Service description layer - responsible for describing the public interface to a specific web service. Service discovery layer - responsible for centralizing services into a common registry, and providing easy publish/find functionality. 20

Web Services Roles Service provider - implements the service and makes it available on the Internet. Service requestor - utilizes an existing web service by opening a network connection and sending an XML request. Service registry - provides a central place where developers can publish new services or find existing ones. It therefore serves as a centralized clearinghouse for companies and their services. 21

Web Services Process 22

23 The Service Request Perspective

24 Service Provider Perspective

25 1. The Transport Layer HTTP currently the most popular Pros: simple, stable, widely deployed, works well with firewalls Cons: Security and performance concerns can be encrypted via the Secure Sockets Layer (SSL) but problems arise when a single web service comprises a chain of applications "SOAP is going to open up a whole new avenue for security vulnerabilities." (Bruce Schneier) Schneier's argument: HTTP was designed for document retrieval not RPC HTTP + SOAP enables remote clients to invoke commands and procedures, exactly what firewalls are designed to prevent

26 2. The Messaging Layer

27 The Messaging Layer REST uses raw XML as output transform with XSLT manipulate with DOM uses as ASP.NET data source RSS and other feeds are related SOAP – for typed data exchange and method invocation Envelope - rules for encapsulating data being transferred between computers (e.g. method name and parameters, return values, error handling) Data encoding rules - data types mostly based on the W3C XML Schema specification RPC conventions - conventions for representing remote procedure calls and responses

28

29 Example SOAP Request <ns1:getTemp xmlns:ns1="urn:xmethods-Temperature" SOAP- ENV:encodingStyle="

30 Envelope – root element Body – required child getTemp – the “payload” (RPC) Zipcode – the parameter Namespaces: SOAP Envelope data encoding via XML Schemas and application identifiers specific to XMethods urn:xmethods- Temperature

31 Example SOAP Response <ns1:getTempResponse xmlns:ns1="urn:xmethods- Temperature“ SOAP- ENV:encodingStyle=" ng/"> 71.0

32 Envelope and Body again getTempResponse – payload (response to RPC) return – returned value

33 3. Description Web Service Descriptions (WSDL) Describe the abstract interface through which a service consumer communicates with a service provider defines specific details of how a given web service has implemented that interface Defines four types of things: data messages interfaces services

34

35 Data <wsdl:definitions name="HelloWorldDescription" targetNamespace="urn:HelloWorld" xmlns:tns="urn:HelloWorld" xmlns:soap=" xmlns:wsdl=" xmlns:xsd="

36 Messages

37 Interfaces <wsdl:binding name="HelloWorldBinding" type="tns:HelloWorldInterface"> <soap:binding style="rpc" transport=" />

38 Services <!-- location of the Perl Hello World Service -->

39 4. Discovery Layer UDDI – Universal Description, Discovery and Integration A technical specification for building distributed directories of businesses and web services White pages General company information like business name, business description, contact information, address and phone numbers. Yellow pages General company/service classification data (e.g. industry, product, or geographic codes) Green pages Technical information about a web service (e.g. pointer to an external specification and an address for invoking the web service) UDDI is not restricted to describing web services based on SOAP but can be used to describe any service, from a single web page or address all the way up to SOAP, CORBA, and Java RMI services.

40 Technical Components UDDI data model An XML Schema for describing businesses and web services. The data model is described in detail in the "UDDI Data Model" section, later in this chapter. UDDI API A SOAP-based API for searching and publishing UDDI data. UDDI cloud services Operator sites that provide implementations of the UDDI specification and synchronize all data on a scheduled basis. Private UDDI registries

41 UDDI Data Model

42 Sources Ethan Cerami "Web Services Essentials" O'Reilly,