Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Programming Course

Published byCathleen Bishop Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Programming Course"— Presentation transcript:

1 Web Programming Course

2 Server-side programming
In many cases, client-side applications will be insufficient Heavy processing Communication with other clients Data available on server-side only It may be useful to send the request to the server, and to process it there. A number of technologies available: CGI, Servlets, JSP, ASP, PHP and others We will look at CGI, Servlets and JSP.

3 Static Pages Request file Retrieve file Send file

4 Dynamic Pages Request service Do Computation Generate HTML
page with results of computation Return dynamically generated HTML file

5 Common Gateway Interface (CGI)
CGI stands for Common Gateway Interface CGI is a standard programming interface to Web servers that allows building dynamic and interactive Web sites CGI is not a programming language. It is just a set of standards (protocols) The standards specify how Web-applications can be executed on the server-side

6 Common Gateway Interface (CGI)
CGI can be implemented in an interpreted language such as PERL in a compiled language such as C Any program can be converted to a CGI program It just has to follow the CGI rules The rules define How programs get and sends data (i.e., communication protocol) How to make sure Web server knows that a program is a CGI program.

7 CGI A CGI program is Stored on the server, Executed on the server, Executed in response to request from client. By running a CGI program, rather than delivering a static HTML page, the server can: Put dynamic and updated information on web page (e.g., weather forecast, stocks price, product availability, etc…). Respond appropriately to user input. Store user data on server-side in a file or DB.

8 Dynamic Pages Request service Run CGI program … print $result
Return dynamically generated HTML file <HEADER> <BODY </BODY>

9 Calling CGI Program CGI program can be called in the same way that static HTML pages. For example, a link that when clicked, will run CGI program on the server-side <a href=“ Run my CGI program </a> It can be invoked by a form <form action=“cgi-prog.cgi” method=“POST”> . . . </form> CGI programs are usually executed as processes

10 How does it know its CGI? How does the Web server know whether the request deals with static HTML page, or with invoking a CGI program? The Web server is configured in a way that provides clear distinction between HTML and CGI files. Unix servers usually put the CGI programs in a cgi-bin directory. Access permissions are restricted, such that writing to this directory is allowed to super-users, while executing is allowed to everybody.

11 CGI invocation HTTP GET request:
GET /webp/cgi-bin/printenv.pl HTTP/1.0 Looks like standard HTTP request, but actually will not return printenv.pl file, but rather the output of running it. Different behaviors: regular directory => returns the file cgi-bin => returns output of the program The behavior is determined by the server E.g., if the path is cgi-bin, pass to CGI handler

12 CGI Input Data Input parameters can be passed to a CGI program
For example, HTML forms wrap and encode the form fields as a string looking like: var1=val1&var2=val2&var3=val3&… This string is concatenated to the CGI URL, after the ? character Example: GET /webp/cgi-bin/printenv.pl? var1=val1&var2=val2&var3=val3 The parameters can be extracted by the CGI through environment variables

13 GET vs. POST Above examples used the GET method to handle the data from the form. The form data was concatenated to the CGI URL In the POST method the data is sent to the CGI separately, in the request body. GET method is not secure, the data is visible in URL. GET is suitable for small amounts of data (limited to 1K), but not for larger amounts. What about refreshing in GET and POST?

14 Security issues with CGI
Publicly accessible CGI program allows anyone to run a program on the server. Malicious users may be able to exploit security breaches, and harm to the server. Because of this many Web hosts do not let ordinary users create CGI programs. Where the use of CGI, is permitted special wrapper programs may be required that enhance security checks and to limit the CGI program permissions.

15 CGI Summary CGI is a standard for interfacing Web client to the programs running on server-side. Specifies location of files (so server knows to execute them!) and how input data is handled. The output is displayed according to it. Simple examples using shell script, but need more serious language for complex ones. Security breaches of CGI should be handled

16 Servlets vs. CGI Servlet – Java-based CGI
Executed by servlets container Golden goals: "performance, flexibility, portability, simplicity and security" Faster and thinner No fork-process execution like Perl No need to initialize for each request Only lightweight thread context switching Built-in multithreading

17 Servlets vs. CGI Multi-threaded execution allows to:
share data across successive requests share data between concurrent requests use hidden fields, cookies, or sessions Java supports “write once, run anywhere” paradigm Easier than unportable Perl Java provides enhanced security Supports all HTTP request methods GET, POST, PUT, DELETE, and others

18 Servlet Architecture: 3-Tier system
Tier 1: Client HTML browser Java client Tier 2: Servlets embody business logic secure, robust Tier 3: Data Sources Java can talk to SQL, JDBC, OODB, files, etc…

19 Enterprise Information
Web Application model Enterprise Information System (EIS) Tier Client Tier Middle Tier SQL Web Container Servlet JSP application Database browser File system

20 Servlet Name Servlet is invoked using his name
Servlet should be located in appropriate directory A servlet’s name is its class name Name is usually a single word Possibly with a package name and dots Standard names: DateServlet (echoes current date/time), EchoServlet (bounces back CGI parameters), and many others Refer the server documentation

21 Servlet Invocation Can be invoked directly using the <servlet> tag pass servlet parameters in param tags codebase of the servlet can be specified <servlet code=DateServlet.class codebase= <param name=serviceParam1 value=val3> <param name=serviceParam2 value=val4> </servlet> Typically invoked by form’s action attribute

22 The Servlet API Defined in javax.servlet package Independent of
Web protocol server brand or platform whether it is local or remote servlet Provides core servlet functionality just extend it CGI-like functionality generic interface accepts query, returns response

23 The Servlet API javax.servlet javax.servlet.http
Basic servlet API definitions. What are the inputs and outputs to/from Servlet Not tied to any specific protocol (e.g., HTTP) These low-level classes/interfaces usually are not used javax.servlet.http HTTP-related definitions Extension of the basic interfaces to handle the HTTP protocol functionality This package will be heavily used

24 Servlet Architecture Overview
GenericServlet Servlet Interface methods to manage servlet GenericServlet implements Servlet HttpServlet extends GenericServlet exposes HTTP-specific functionality Interface Class implements HttpServlet extends doGet() doPost() service() ... Class UserServlet extends Override one or more of: doGet() doPost() service() ... Class Class

25 Servlet Architecture Overview
ServletRequest Request sent by the client to the server ServletResponse Response sent by the server to the client Is being sent only after processing the request HttpServletRequest, HttpServletResponse HTTP-specific request and response In addition to the regular request and response, tracking client information and manages the session

26 The HelloWorld Servlet
import javax.servlet.*; import java.io.*; public class HelloServlet extends GenericServlet { public void service(ServletRequest req, ServletResponse res) throws IOException, ServletException{ res.setContentType("text/plain"); ServletOutputStream out = res.getOutputStream(); out.println("Hello, World!"); }

27 Servlet Lifecycle Overview
Server loads and instantiates servlet Server calls init() method Loop Server receives request from client Server calls service() method service() calls doGet() or doPost() methods Server calls destroy() method More detail to come later...

28 Servlet interface Central abstraction in the Servlet API
All servlets implement this interface Either directly, or By extending another class that implements it Defines abstract methods for managing the servlet and its communications with clients Servlet writers provide these methods While developing servlets Implementing the interface

29 Servlet classes GenericServlet class HttpServlet class
implements Servlet also implements Serializable, ServletConfig implements all Servlet methods HttpServlet class extends the GenericServlet class provides a framework for handling the HTTP protocol has its own subclasses of ServletRequest and ServletResponse that do HTTP things

30 HttpServlet methods HTTPServlet class provides helper methods for handling HTTP requests doGet (GET and HEAD) doPost (POST) doPut, doDelete (rare) doTrace, doOptions (not overridden) The service() method dispatches the requests to the appropriate do* methods

31 Generic Servlet vs. HTTP Servlet
Client request Server service ( ) response HTTPServlet Browser request doGet ( ) HTTP Server service ( ) response doPost ( )

32 ServletRequest class Encapsulates the clientserver communication
Allows the Servlet access to Names of the parameters passed in by the client The protocol being used by the client The names of the remote host that made the request and the server that received it The input stream, ServletInputStream, through which the servlet gets data from clients Subclasses of ServletRequest allow the servlet to retrieve more protocol-specific data HttpServletRequest for accessing HTTP-specific header information

33 ServletRequest - Client Info
getRemoteAddr() Returns the IP address of the client that sent the request getRemoteHost() Returns the fully qualified host name of the client that sent the request getProtocol() Returns the protocol and version of the request as a string <protocol>/<major version>.<minor version>.

34 ServletRequest - URL Info
getScheme() Returns the scheme of the URL used in this request, for example "http", "https", or "ftp". getServerName() Returns the host name of the server receiving the request getServerPort() Returns the port number on which this request was received getServletPath() Returns the URL path that got to this script, e.g. “/servlet/com.foo.MyServlet” Useful for putting in a <FORM> tag

35 ServletRequest - Contents
getContentLength() Returns the size of the request data getContentType() Returns the MIME type of the request data getInputStream() Returns an input stream for reading binary data in the request body. getReader() Returns a buffered reader for reading the request body.

36 ServletRequest - Parameters
String getParameter(String) Returns a string containing one value of the specified parameter, or null if the parameter does not exist. String[] getParameterValues(String) Returns the values of the specified parameter as an array of strings, or null if the named parameter does not exist. Useful for parameters with multiple values, like lists Enumeration getParameterNames() Returns the parameter names as an enumeration of strings, or an empty enumeration if there are no parameters or the input stream is empty.

37 ServletResponse class
Encapsulates the serverclient communication Gives the servlet methods for replying to the client Allows the servlet to set the content length and MIME type of the reply Provides an output stream, ServletOutputStream through which the servlet can send the reply data Subclasses of ServletResponse give the servlet more protocol-specific capabilities. HttpServletResponse for manipulating HTTP-specific header information

38 ServletResponse Embodies the response Basic use:
response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println( "<HTML><BODY>Hello</BODY></HTML>"); setContentType() is usually called before calling getWriter() or getOutputStream()

39 ServletResponse - Output
getWriter() for writing text data getOutputStream() for writing binary data or for writing multipart MIME And many other methods, similarly to the methods of ServletRequest Refer the documentation

40 Servlet Example Servlets are not part of the standard SDK, they are part of the J2EE import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class ServWelcome extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<HTML>"); out.println("<HEAD><TITLE>First Servlet Program</TITLE></HEAD>"); out.println("<BODY>"); out.println("<H1>Welcome to Servlets</H1>"); out.println("</BODY>"); out.println("</HTML>"); out.close(); } Servlets normally extend HttpServlet The response to be sent to the client Details of the HTTP request from the client Set the response type to text/html (this is normal) Do not forget to close the connection with the client This HTML text is sent to the client

41 Date Servlet Example public class DateServlet extends HttpServlet {
public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { Date today = new Date(); res.setContentType("text/plain"); ServletOutputStream out = res.getOutputStream(); out.println(today.toString()); } public String getServletInfo() { return "Returns a string representation of the current time";

42 Hello Servlet public class HelloHttpServlet extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException{ String name = req.getParameter("name"); if (name == null) name = “guest"; res.setContentType("text/plain"); ServletOutputStream out = res.getOutputStream(); out.println("Hello, " + name + "!"); }

43 Hello Servlet Reads in a single input parameter
Can be used from a form <FORM METHOD=GET ACTION=”/servlet/HelloHttpServlet”> <INPUT NAME=name> </FORM> Can use right in a URL name=Fred Generates HTML output

44 Servlet Lifecycle: init()
public void init(ServerConfig cfg) Is called only once when servlet loads upon clients request Do not worry about synchronization Perform costly setup here, rather than for each request open database connection load in persistent data spawn background threads

45 init() details init() should be completed before starting to handle requests If init() fails, UnavailableException is thrown Invocation process allows to look-up for the initialization parameters from a configuration file getInitParameter(paramName) method is used to read the parameters init() parameters are set by the administrator servlet parameters are set by the invocation

46 Servlet Lifecycle: service()
After the service loads and initializes the servlet, the servlet is able to handle client requests public void service(ServletRequest req, ServletResponse res) takes Request and Response objects called many times, once per request Each request calls the service() method service() receives the client's request, invokes appropriate handling method (doPost(), doGet() etc…) and sends the response to the client

47 service() and concurrency
Servlets can run multiple instances of service() method concurrently service() must be written in a thread-safe manner it is developer’s responsibility to handle synchronized access to shared resources It is possible to declare a servlet as single-threaded implement SingleThreadModel (empty) interface guarantees that no two threads will execute the service() method concurrently performance will suffer as multiple simultaneous can not be processed

48 Servlet Lifecycle: destroy()
Servlets run until they are removed When a servlet is removed, it runs the destroy() method The destroy() method is run only once the servlet will not run again unless it is reinitialized public void destroy() takes no parameters afterwards, servlet may be garbage collected

49 Servlet Lifecycle: destroy() details
Releasing the resources is the developer’s responsibility close database connections stop threads Other threads might be running service requests, so be sure to synchronize, and/or wait for them to quit Destroy can not throw an exception use server-side logging with meaningful message to identify the problem

50 Technical details getServletInfo() method overrides the method inherited from Servlet class Returns a string containing information about the servlet: author, version, etc… Servlet can be dynamically reloaded by the server at the run-time HttpServlet.getLastModified returns the time the servlet was last modified Improves performance on browser/proxy caching Debugging servlets through printing to HTML

51 Scalability of servlets
The servlet is only recompiled if it was changed otherwise the already compiled class is loaded Faster response times because the servlet does not need to be recompiled The servlet can be kept in memory for a long time to service many sequential requests Faster response times because the servlet does not need to be reloaded Only one copy of the servlet is held in memory even if there are multiple concurrent requests Less memory usage for concurrent requests and no need to load another copy of the servlet and create a new process to run it.

52 Java Server Pages – JSP Java Servlets can be awkward to use.
Servlets often consist mostly of statements to write out HTML (with just a few dynamic calculations, database access etc…). It may be difficult to write servlets to produce attractive well “styled” pages. JSP allows to mix standard static HTML pages with dynamically generated HTML. Hybrid of HTML and servlets

53 Java Server Pages – JSP JSP technically can not do anything that servlets can not do Following example illustrates how we to get JSP code embedded in the HTML <html> <head> … </head> <body> <h1> Todays date is:</h1> <%= new java.util.Date() %> </body> </html>

54 Java Server Pages – JSP JSPs execute as part of a Web server by special JSP container Basically, on first access to JSP code it is automatically converted into servlet code stored as servlets on the server will be invoked on fouture requests Notice the “first invocation delay” JSP errors Translation-time errors - occur when JSP is translated into servlets Request-time errors - occur during request processing

55 JSP example <body> <% // begin JSP
String name = request.getParameter("firstName"); if ( name != null ) { %> <%-- end of JSP --%> <h1> Hello <%= name %>, <br /> Welcome to JavaServer Pages! </h1> <% // continue JSP } else { %> <%-- end of JSP --%> <form action = "welcome.jsp" method = "get"> <p>Type your name and press Submit</p> <p><input type = "text" name = "firstName" /> <input type = "submit" value = "Submit" /> </p> </form> } // end else %> <%-- end scriptlet --%> </body>

56 JSP vs. Servlets JSP Servlets Look like standard HTML
Normally include HTML markup tags HTML codes can be written easily Used when content is mostly fixed-template data Small amounts of content generated dynamically Servlets HTML codes have to be written to the PrintWriter or OutputStream Used when small amount of content is fixed-template data Most content generated dynamically

57 Tomcat Tomcat is the Servlet Engine than handles servlet requests for Apache application server It is best to think of Tomcat as a “servlet container” Tomcat can handle Web pages, Servlets, and JSPs Apache can handle many types of Web services Apache can be installed without Tomcat Tomcat can be installed without Apache It is easier to install Tomcat standalone than as part of Apache Apache and Tomcat are open source (free) One of the coming classes will focus on Tomcat

58 Which Should I Use? Client- or Server-Side?
If you want to have dynamic client forms with client-side validation, you must use client-side programming. If you want your site to have highly interactive pages, you should use client-side programming. If you need to provide your client with advanced functionality that can be created only using ActiveX controls (or Flash, or …), you must use client-side programming.

59 Which Should I Use? Client- or Server-Side?
If you want to control the user's browser (i.e., to turn off the menus or place the browser in kiosk mode), you must use client-side programming. If your Web site must work with every browser on the market, and you do not want to create several different versions for different browsers, you should avoid client-side programming. If you want to protect your source code, you must use only server-side programming. Client-side source code is transferred to the browser.

60 Which Should I Use? Client- or Server-Side?
If you need to track user information across several Web pages to create a "Web application“, you must use server-side programming. If you need to interact with server-side databases, you must use server-side programming. If you need to use server variables or check the capabilities of the user's browser, you must use server-side programming.

Download ppt "Web Programming Course"

Similar presentations

Chapter 6 Server-side Programming: Java Servlets

Chapter 6 Server-side Programming: Java Servlets
4 Copyright © 2005, Oracle. All rights reserved. Creating the Web Tier: Servlets.

4 Copyright © 2005, Oracle. All rights reserved. Creating the Web Tier: Servlets.
 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture 9.2.1 Interface Servlet and.

 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture Interface Servlet and.
Objectives Ch. D - 1 At the end of this chapter students will: Know the general architecture and purpose of servlets Understand how to create a basic servlet.

Objectives Ch. D - 1 At the end of this chapter students will: Know the general architecture and purpose of servlets Understand how to create a basic servlet.
10-Jun-15 Servlets. 2 Servers A server is a computer that responds to requests from a client Typical requests: provide a web page, upload or download.

10-Jun-15 Servlets. 2 Servers A server is a computer that responds to requests from a client Typical requests: provide a web page, upload or download.
Servlets and a little bit of Web Services Russell Beale.

Servlets and a little bit of Web Services Russell Beale.
18-Jun-15 JSP Java Server Pages Reference: Tutorial/Servlet-Tutorial-JSP.html.

18-Jun-15 JSP Java Server Pages Reference: Tutorial/Servlet-Tutorial-JSP.html.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved. 0-13-148952-6 1 Chapter 34 Servlets.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved Chapter 34 Servlets.
1 CS6320 – Servlet Structure and Lifecycle L. Grewe.

1 CS6320 – Servlet Structure and Lifecycle L. Grewe.
Introduction to Servlet & JSP

Introduction to Servlet & JSP
Comp2513 Java Servlet Basics Daniel L. Silver, Ph.D.

Comp2513 Java Servlet Basics Daniel L. Silver, Ph.D.
13-Jul-15 Servlets. 2 Servers A server is a computer that responds to requests from a client Typical requests: provide a web page, upload or download.

13-Jul-15 Servlets. 2 Servers A server is a computer that responds to requests from a client Typical requests: provide a web page, upload or download.
Java Server and Servlet CS616 Team 9 Kim Doyle, Susan Kroha, Arunima Palchowdhury, Wei Xu.

Java Server and Servlet CS616 Team 9 Kim Doyle, Susan Kroha, Arunima Palchowdhury, Wei Xu.
Definition Servlet: Servlet is a java class which extends the functionality of web server by dynamically generating web pages. Web server: It is a server.

Definition Servlet: Servlet is a java class which extends the functionality of web server by dynamically generating web pages. Web server: It is a server.
Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.

Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.
Servlets. Our Project 3-tier application Develop our own multi-threaded server Socket level communication.

Servlets. Our Project 3-tier application Develop our own multi-threaded server Socket level communication.
SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.

SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.
Java Servlets. What Are Servlets? Basically, a java program that runs on the server Basically, a java program that runs on the server Creates dynamic.

Java Servlets. What Are Servlets? Basically, a java program that runs on the server Basically, a java program that runs on the server Creates dynamic.
Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.

Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.
Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Similar presentations

Ads by Google