Download presentation
Presentation is loading. Please wait.
1
Server-side Programming: Java Servlets
CSI 3140 WWW Structures, Techniques and Standards Server-side Programming: Java Servlets
2
Server-side Programming
The combination of HTML JavaScript DOM is sometimes referred to as Dynamic HTML (DHTML) Web pages that include scripting are often called dynamic pages (vs. static) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
3
Server-side Programming
Similarly, web server response can be static or dynamic Static: HTML document is retrieved from the file system and returned to the client Dynamic: HTML document is generated by a program in response to an HTTP request Java servlets are one technology for producing dynamic server responses Servlet is a class instantiated by the server to produce a dynamic response CSI 3140/ based on Jackson’s notes modified by GV Jourdan
4
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Servlet Overview CSI 3140/ based on Jackson’s notes modified by GV Jourdan
5
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Servlet Overview When server starts, it instantiates servlets Server receives HTTP request, determines need for dynamic response Server selects the appropriate servlet to generate the response, creates request/response objects, and passes them to a method on the servlet instance Servlet adds information to response object via method calls Server generates HTTP response based on information stored in response object CSI 3140/ based on Jackson’s notes modified by GV Jourdan
6
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet CSI 3140/ based on Jackson’s notes modified by GV Jourdan
7
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet All servlets we will write are subclasses of HttpServlet CSI 3140/ based on Jackson’s notes modified by GV Jourdan
8
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet Server calls doGet() in response to GET request CSI 3140/ based on Jackson’s notes modified by GV Jourdan
9
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet Interfaces implemented by request/response objects CSI 3140/ based on Jackson’s notes modified by GV Jourdan
10
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet Production servlet should catch these exceptions CSI 3140/ based on Jackson’s notes modified by GV Jourdan
11
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet JWSDP Tomcat server exception handling: Stack trace appended to logs/jwsdp_log.*.txt HTML document returned to client may (or may not) contain partial stack trace Servlet output to System.out.print(), printStackTrace(), etc. is appended to logs/launcher.server.log CSI 3140/ based on Jackson’s notes modified by GV Jourdan
12
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet Actions to be done First two things done by typical servlet; must be in this order 1 2 CSI 3140/ based on Jackson’s notes modified by GV Jourdan
13
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Hello World! Servlet 3 HTML generated by calling print() or println() on the servlet’s PrintWriter object Good practice to explicitly close the PrintWriter when done 4 CSI 3140/ based on Jackson’s notes modified by GV Jourdan
14
Servlets vs. Java Applications
Servlets do not have a main() The main() is in the server Entry point to servlet code is via call to a method (doGet() in the example) Servlet interaction with end user is indirect via request/response object APIs Actual HTTP request/response processing is handled by the server Primary servlet output is typically HTML CSI 3140/ based on Jackson’s notes modified by GV Jourdan
15
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Running Servlets Simple way to run a servlet (sophisticated one later): Compile servlet (make sure that JWSDP libraries are on right paths!) Copy .class file to shared/classes directory (this is read by servlet enabled server ) (Re)start the Tomcat web server If the class is named ServletHello, browse to (that is, browse to the location of the servlet) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
16
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Dynamic Content Want to print dynamic content that cannot be printed with a static XHTML page CSI 3140/ based on Jackson’s notes modified by GV Jourdan
17
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Dynamic Content CSI 3140/ based on Jackson’s notes modified by GV Jourdan
18
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Dynamic Content CSI 3140/ based on Jackson’s notes modified by GV Jourdan
19
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Dynamic Content Potential problems: We are assuming one single instance of the servlet on one server, but in real world Many Web sites are replicated over multiple servers Even a single server can (not default) create multiple instances of a single servlet Even if the assumption is correct, this servlet does not handle concurrent accesses properly We’ll deal with this later in the chapter CSI 3140/ based on Jackson’s notes modified by GV Jourdan
20
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Servlet Life Cycle Servlet API life cycle methods init(): called when servlet is instantiated; must return before any other methods will be called service(): method called directly by server when an HTTP request is received; default service() method calls doGet() (or related methods covered later) destroy(): called when server shuts down CSI 3140/ based on Jackson’s notes modified by GV Jourdan
21
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Servlet Life Cycle Example life cycle method: attempt to initialize visits variable from file CSI 3140/ based on Jackson’s notes modified by GV Jourdan
22
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Servlet Life Cycle Exception to be thrown if initialization fails and servlet should not be instantiated CSI 3140/ based on Jackson’s notes modified by GV Jourdan
23
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data The request object (which implements HttpServletRequest) provides information from the HTTP request to the servlet One type of information is parameter data, which is information from the query string portion of the HTTP request Query string with one parameter CSI 3140/ based on Jackson’s notes modified by GV Jourdan
24
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Parameter data is the Web analog of arguments in a method call: Query string syntax and semantics CSI 3140/ based on Jackson’s notes modified by GV Jourdan
25
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Query string syntax and semantics Multiple parameters separated by & Order of parameters does not matter All parameter values are strings Value of arg is empty string CSI 3140/ based on Jackson’s notes modified by GV Jourdan
26
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Parameter names and values can be any 8-bit characters URL encoding is used to represent non-alphanumeric characters: URL decoding applied by server to retrieve intended name or value Value of arg is ‘a String’ CSI 3140/ based on Jackson’s notes modified by GV Jourdan
27
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data URL encoding algorithm, in case a name or value contains any non-alphanumeric characters: CSI 3140/ based on Jackson’s notes modified by GV Jourdan
28
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data CSI 3140/ based on Jackson’s notes modified by GV Jourdan
29
Parameter Data: Example
Paragraph with the query string of the URL used to access the servlet PrintThis Paragraph with URL-decoded value (in given color) of the arg parameter, or default text “Hello World!” CSI 3140/ based on Jackson’s notes modified by GV Jourdan
30
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data CSI 3140/ based on Jackson’s notes modified by GV Jourdan
31
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Must replace XML special characters in all user-supplied data before adding to HTML to avoid cross-site scripting attacks CSI 3140/ based on Jackson’s notes modified by GV Jourdan
32
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Cross-site scripting Comment containing <script> element Attacker Blogging Web site Document containing attacker’s comment (and script) Victim CSI 3140/ based on Jackson’s notes modified by GV Jourdan
33
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Also need to escape quotes within attribute values. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
34
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data CSI 3140/ based on Jackson’s notes modified by GV Jourdan
35
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data: Forms A form automatically generates a query string when submitted Parameter names are specified by value of name attributes of form controls Parameter value depends on control type Value for checkbox specified by value attribute CSI 3140/ based on Jackson’s notes modified by GV Jourdan
36
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data CSI 3140/ based on Jackson’s notes modified by GV Jourdan
37
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data username lifestory boxgroup1 (values same as labels) doit CSI 3140/ based on Jackson’s notes modified by GV Jourdan
38
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Query string produced by browser (all one line): Checkbox parameters have same name values; only checked boxes have corresponding parameters CSI 3140/ based on Jackson’s notes modified by GV Jourdan
39
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data GET vs. POST method for forms: GET: Query string is part of URL Length of query string may be limited Recommended when parameter data is not stored but used only to request information (e.g., search engine query) The URL can be bookmarked or ed and the same data will be passed to the server when the URL is revisited CSI 3140/ based on Jackson’s notes modified by GV Jourdan
40
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data Browser content copyright 2004 Google, Inc. Used by permission. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
41
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data GET vs. POST method for forms: POST: Query string is sent as body of HTTP request Length of query string is unlimited Recommended if parameter data is intended to cause the server to update stored data Most browsers will warn you if they are about to resubmit POST data to avoid duplicate updates CSI 3140/ based on Jackson’s notes modified by GV Jourdan
42
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data CSI 3140/ based on Jackson’s notes modified by GV Jourdan
43
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Parameter Data GET vs. POST in a Web application: According to the HTTP 1.1 specification (RFC 2616): In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval A consequence of this is that “web accelerators” might pre-fetch your GET-based URL, with possible disastrous consequences if you actually use GET for processing. (note that because of this, accelerators such as Google’s won’t pre-fetch GET-based URLs with parameters) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
44
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Many interactive Web sites spread user data entry out over several pages: Ex: add items to cart, enter shipping information, enter billing information Problem: how does the server know which users generated which HTTP requests? Cannot rely on standard HTTP headers to identify a user CSI 3140/ based on Jackson’s notes modified by GV Jourdan
45
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions CSI 3140/ based on Jackson’s notes modified by GV Jourdan
46
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Server sends back new unique session ID when the request has none CSI 3140/ based on Jackson’s notes modified by GV Jourdan
47
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Client that supports session stores the ID and sends it back to the server in subsequent requests CSI 3140/ based on Jackson’s notes modified by GV Jourdan
48
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Server knows that all of these requests are from the same client. The set of requests is known as a session. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
49
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions And the server knows that all of these requests are from a different client. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
50
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Returns HttpSession object associated with this HTTP request. Creates new HttpSession object if no session ID in request or no object with this ID exists Otherwise, returns previously created object CSI 3140/ based on Jackson’s notes modified by GV Jourdan
51
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Boolean indicating whether returned object was newly created or already existed. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
52
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Incremented once per session CSI 3140/ based on Jackson’s notes modified by GV Jourdan
53
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Three web pages produced by a single servlet CSI 3140/ based on Jackson’s notes modified by GV Jourdan
54
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions CSI 3140/ based on Jackson’s notes modified by GV Jourdan
55
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions ,,, CSI 3140/ based on Jackson’s notes modified by GV Jourdan
56
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions ,,, Session attribute is a name/value pair CSI 3140/ based on Jackson’s notes modified by GV Jourdan
57
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions ,,, Session attribute will have null value until a value is assigned CSI 3140/ based on Jackson’s notes modified by GV Jourdan
58
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions ,,, Generate sign-in form if session is new or signIn attribute has no value, weclome-back page otherwise. CSI 3140/ based on Jackson’s notes modified by GV Jourdan
59
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Sign-in form Welcome-back page CSI 3140/ based on Jackson’s notes modified by GV Jourdan
60
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Second argument (“Greeting”) used as action attribute value (relative URL) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
61
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Form will be sent using POST HTTP method (doPost() method will be called) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
62
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Text field containing user name is named signIn CSI 3140/ based on Jackson’s notes modified by GV Jourdan
63
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … CSI 3140/ based on Jackson’s notes modified by GV Jourdan
64
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … Retrieve signIn parameter value CSI 3140/ based on Jackson’s notes modified by GV Jourdan
65
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … Normal processing: signIn parameter is present in HTTP request CSI 3140/ based on Jackson’s notes modified by GV Jourdan
66
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … Generate HTML for response CSI 3140/ based on Jackson’s notes modified by GV Jourdan
67
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Thank-you page Must escape XML special characters in user input CSI 3140/ based on Jackson’s notes modified by GV Jourdan
68
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … Assign a value to the signIn session attribute CSI 3140/ based on Jackson’s notes modified by GV Jourdan
69
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions Session attribute methods: setAttribute(String name, Object value): creates a session attribute with the given name and value Object getAttribute(String name): returns the value of the session attribute named name, or returns null if this session does not have an attribute with this name CSI 3140/ based on Jackson’s notes modified by GV Jourdan
70
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions … Error processing (return user to sign-in form) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
71
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Sessions By default, each session expires if a server-determined length of time elapses between a session’s HTTP requests Server destroys the corresponding session object Servlet code can: Terminate a session by calling invalidate() method on session object Set the expiration time-out duration (secs) by calling setMaxInactiveInterval(int) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
72
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies A cookie is a name/value pair in the Set-Cookie header field of an HTTP response Most (not all) clients will: Store each cookie received in its file system Send each cookie back to the server that sent it as part of the Cookie header field of subsequent HTTP requests CSI 3140/ based on Jackson’s notes modified by GV Jourdan
73
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Tomcat sends session ID as value of cookie named JSESSIONID CSI 3140/ based on Jackson’s notes modified by GV Jourdan
74
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Cookie-enabled browser returns session ID as value of cookie named JSESSIONID CSI 3140/ based on Jackson’s notes modified by GV Jourdan
75
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Servlets can set cookies explicitly Cookie class used to represent cookies request.getCookies() returns an array of Cookie instances representing cookie data in HTTP request response.addCookie(Cookie) adds a cookie to the HTTP response CSI 3140/ based on Jackson’s notes modified by GV Jourdan
76
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Cookies are expired by client (server can request expiration date) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
77
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies CSI 3140/ based on Jackson’s notes modified by GV Jourdan
78
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Return array of cookies contained in HTTP request CSI 3140/ based on Jackson’s notes modified by GV Jourdan
79
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Search for cookie named COUNT and extract value as an int CSI 3140/ based on Jackson’s notes modified by GV Jourdan
80
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies CSI 3140/ based on Jackson’s notes modified by GV Jourdan
81
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Send replacement cookie value to client (overwrites existing cookie) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
82
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Cookies Should call addCookie() before writing HTML CSI 3140/ based on Jackson’s notes modified by GV Jourdan
83
Cookies Privacy issues
HTTP request to intended site Web site providing requested content Client HTTP response: HTML document including ad <img> HTTP request for ad image Image plus Set-Cookie in response: third-party cookie Web site providing banner ads CSI 3140/ based on Jackson’s notes modified by GV Jourdan
84
Cookies Privacy issues
Second Web site providing requested content HTTP request to 2nd intended site Web site providing requested content Client HTTP response: HTML document including ad <img> HTTP request for ad image plus Cookie (identifies user) Image Web site providing banner ads Based on Referer, I know two Web sites that this user has visited CSI 3140/ based on Jackson’s notes modified by GV Jourdan
85
Cookies Privacy issues
Due to privacy concerns, many users block cookies Blocking may be fine-tuned. Ex: Mozilla allows Blocking of third-party cookies Blocking based on on-line privacy policy Alternative to cookies for maintaining session: URL rewriting CSI 3140/ based on Jackson’s notes modified by GV Jourdan
86
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Tomcat adds session ID within HTML document to all URL’s referring to the servlet Session ID = 4235 CSI 3140/ based on Jackson’s notes modified by GV Jourdan
87
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Subsequent request will contain session ID in the URL of the request Session ID = 4235 CSI 3140/ based on Jackson’s notes modified by GV Jourdan
88
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Next response must again add session ID to all URL’s Session ID = 4235 CSI 3140/ based on Jackson’s notes modified by GV Jourdan
89
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Original (relative) URL: href=“URLEncodedGreeting” URL containing session ID: href=“URLEncodedGreeting;jsessionid=0157B9E85” Path parameter is treated differently than query string parameter Ex: invisible to getParameter() Path parameter CSI 3140/ based on Jackson’s notes modified by GV Jourdan
90
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting HttpServletResponse method encodeURL() will add session id path parameter to argument URL Original servlet Relative URL of servlet Servlet using URL rewriting CSI 3140/ based on Jackson’s notes modified by GV Jourdan
91
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting URL with session ID 7152 User A CSI 3140/ based on Jackson’s notes modified by GV Jourdan
92
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting URL with session ID 7152 User A User B URL CSI 3140/ based on Jackson’s notes modified by GV Jourdan
93
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting URL with session ID 7152 Visit Web site with session ID 7152 User A User B URL CSI 3140/ based on Jackson’s notes modified by GV Jourdan
94
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods CSI 3140/ based on Jackson’s notes modified by GV Jourdan
95
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods CSI 3140/ based on Jackson’s notes modified by GV Jourdan
96
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods CSI 3140/ based on Jackson’s notes modified by GV Jourdan
97
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods Response buffer All data sent to the PrintWriter object is stored in a buffer When the buffer is full, it is automatically flushed: Contents are sent to the client (preceded by header fields, if this is the first flush) Buffer becomes empty Note that all header fields must be defined before the first buffer flush CSI 3140/ based on Jackson’s notes modified by GV Jourdan
98
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods CSI 3140/ based on Jackson’s notes modified by GV Jourdan
99
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
More Servlet Methods In addition to doGet() and doPost(), servlets have methods corresponding to other HTTP request methods doHead(): automatically defined if doGet() is overridden doOptions(), doTrace(): useful default methods provided doDelete(), doPut(): override to support these methods CSI 3140/ based on Jackson’s notes modified by GV Jourdan
100
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Data Storage Almost all web applications (servlets or related dynamic web server software) store and retrieve data Typical web app uses a data base management system (DBMS) Another option is to use the file system Not web technologies, so beyond our scope Some Java data storage details provided in Appendices B (file system) and C (DBMS) One common problem: concurrency CSI 3140/ based on Jackson’s notes modified by GV Jourdan
101
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency CSI 3140/ based on Jackson’s notes modified by GV Jourdan
102
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency Tomcat creates a separate thread for each HTTP request Java thread state saved: Which statement to be executed next The call stack: where the current method will return to, where that method will return to, etc. plus parameter values for each method The values of local variables for all methods on the call stack CSI 3140/ based on Jackson’s notes modified by GV Jourdan
103
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency Some examples of values that are not saved when a thread is suspended: Values of instance variables (variables declared outside of methods) Values of class variables (variables declared as static outside of methods) Contents of files and other external resources CSI 3140/ based on Jackson’s notes modified by GV Jourdan
104
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency // Output HTML document CSI 3140/ based on Jackson’s notes modified by GV Jourdan
105
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency CSI 3140/ based on Jackson’s notes modified by GV Jourdan
106
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency Java support thread synchronization Only one synchronized method within a class can be called at any one time Only one thread at at time can call doGet() CSI 3140/ based on Jackson’s notes modified by GV Jourdan
107
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency CSI 3140/ based on Jackson’s notes modified by GV Jourdan
108
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency Web application with multiple servlet classes and shared resource: CSI 3140/ based on Jackson’s notes modified by GV Jourdan
109
CSI 3140/3540-- based on Jackson’s notes modified by GV Jourdan
Concurrency Solution: create a shared class with synchronized static methods called by both servlets CounterReader CounterFile CounterWriter readAndReset() incr() File CSI 3140/ based on Jackson’s notes modified by GV Jourdan
110
Common Gateway Interface
CGI was the earliest standard technology used for dynamic server-side content CGI basics: HTTP request information is stored in environment variables (e.g., QUERY_STRING, REQUEST_METHOD, HTTP_USER_AGENT) Program is executed, output is returned in HTTP response CSI 3140/ based on Jackson’s notes modified by GV Jourdan
111
Common Gateway Interface
Advantage: Program can be written in any programming language (Perl frequently used) Disadvantages: No standard for concepts such as session May be slower (programs normally run in separate processes, not server process) CSI 3140/ based on Jackson’s notes modified by GV Jourdan
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.