Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Chapter 6 Server-side Programming:

Publish Modified over 9 years ago

Similar presentations

Presentation on theme: "Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Chapter 6 Server-side Programming:"— Presentation transcript:

1 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Chapter 6 Server-side Programming: Java Servlets WEB TECHNOLOGIES A COMPUTER SCIENCE PERSPECTIVE JEFFREY C. JACKSON

2 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Server-side Programming The combination of –HTML –JavaScript –DOM is sometimes referred to as Dynamic HTML (DHTML) Web pages that include scripting are often called dynamic pages (vs. static)

3 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Server-side Programming Similarly, web server response can be static or dynamic –Static: HTML document is retrieved from the file system and returned to the client –Dynamic: HTML document is generated by a program in response to an HTTP request Java servlets are one technology for producing dynamic server responses –Servlet is a class instantiated by the server to produce a dynamic response

4 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlet Overview

5 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlet Overview 1.When server starts it instantiates servlets 2.Server receives HTTP request, determines need for dynamic response 3.Server selects the appropriate servlet to generate the response, creates request/response objects, and passes them to a method on the servlet instance 4.Servlet adds information to response object via method calls 5.Server generates HTTP response based on information stored in response object

6 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet

7 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet All servlets we will write are subclasses of HttpServlet

8 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet Server calls doGet() in response to GET request

9 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet Interfaces implemented by request/response objects

10 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet Production servlet should catch these exceptions

11 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet JWSDP Tomcat server exception handling: –Stack trace appended to logs/jwsdp_log.*.txt –HTML document returned to client may (or may not) contain partial stack trace Servlet output to System.out.print(), printStackTrace(), etc. is appended to logs/launcher.server.log

12 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet First two things done by typical servlet; must be in this order

13 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet

14 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet HTML generated by calling print() or println() on the servlet’s PrintWriter object

15 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Hello World! Servlet Good practice to explicitly close the PrintWriter when done

16 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlets vs. Java Applications Servlets do not have a main() –The main() is in the server –Entry point to servlet code is via call to a method ( doGet() in the example) Servlet interaction with end user is indirect via request/response object APIs –Actual HTTP request/response processing is handled by the server Primary servlet output is typically HTML

17 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Running Servlets Simple way to run a servlet (better later): 1.Compile servlet (make sure that JWSDP libraries are on path) 2.Copy.class file to shared/classes directory 3.(Re)start the Tomcat web server 4.If the class is named ServletHello, browse to http://localhost:8080/servlet/ServletHello

18 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Dynamic Content

19 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Dynamic Content

20 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Dynamic Content

21 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Dynamic Content Potential problems: –Assuming one instance of servlet on one server, but Many Web sites are distributed over multiple servers Even a single server can (not default) create multiple instances of a single servlet –Even if the assumption is correct, this servlet does not handle concurrent accesses properly We’ll deal with this later in the chapter

22 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlet Life Cycle Servlet API life cycle methods –init() : called when servlet is instantiated; must return before any other methods will be called –service() : method called directly by server when an HTTP request is received; default service() method calls doGet() (or related methods covered later) –destroy() : called when server shuts down

23 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlet Life Cycle Example life cycle method: attempt to initialize visits variable from file

24 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Servlet Life Cycle Exception to be thrown if initialization fails and servlet should not be instantiated

25 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data The request object (which implements HttpServletRequest ) provides information from the HTTP request to the servlet One type of information is parameter data, which is information from the query string portion of the HTTP request Query string with one parameter

26 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Parameter data is the Web analog of arguments in a method call: Query string syntax and semantics

27 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Query string syntax and semantics –Multiple parameters separated by & –Order of parameters does not matter –All parameter values are strings Value of arg is empty string

28 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Parameter names and values can be any 8-bit characters URL encoding is used to represent non- alphanumeric characters: URL decoding applied by server to retrieve intended name or value Value of arg is ‘a String’

29 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data URL encoding algorithm

30 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

31 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

32 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

33 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Must escape XML special characters in all user-supplied data before adding to HTML to avoid cross-site scripting attacks

34 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Cross-site scripting Attacker Blogging Web site Comment containing element Document containing attacker’s comment (and script) Victim

35 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Also need to escape quotes within attribute values.

36 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

37 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data A form automatically generates a query string when submitted –Parameter name specified by value of name attributes of form controls –Parameter value depends on control type Value for checkbox specified by value attribute

38 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

39 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data username lifestory boxgroup1 (values same as labels) doit

40 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Query string produced by browser (all one line): Checkbox parameters have same name values; only checked boxes have corresponding parameters

41 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data GET vs. POST method for forms: –GET: Query string is part of URL Length of query string may be limited Recommended when parameter data is not stored but used only to request information (e.g., search engine query) –The URL can be bookmarked or emailed and the same data will be passed to the server when the URL is revisited

42 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data Browser content copyright 2004 Google, Inc. Used by permission.

43 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data GET vs. POST method for forms: –POST: Query string is sent as body of HTTP request Length of query string is unlimited Recommended if parameter data is intended to cause the server to update stored data Most browsers will warn you if they are about to resubmit POST data to avoid duplicate updates

44 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Parameter Data

45 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Many interactive Web sites spread user data entry out over several pages: –Ex: add items to cart, enter shipping information, enter billing information Problem: how does the server know which users generated which HTTP requests? –Cannot rely on standard HTTP headers to identify a user

46 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions

47 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Server sends back new unique session ID when the request has none

48 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Client that supports session stores the ID and sends it back to the server in subsequent requests

49 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Server knows that all of these requests are from the same client. The set of requests is known as a session.

50 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions And the server knows that all of these requests are from a different client.

51 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Returns HttpSession object associated with this HTTP request. Creates new HttpSession object if no session ID in request or no object with this ID exists Otherwise, returns previously created object

52 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Boolean indicating whether returned object was newly created or already existed.

53 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Incremented once per session

54 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Three web pages produced by a single servlet

55 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions

56 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions

57 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions

58 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions

59 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions,,,

60 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions,,, Session attribute is a name/value pair

61 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions,,, Session attribute will have null value until a value is assigned

62 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions,,, Generate sign-in form if session is new or signIn attribute has no value, weclome-back page otherwise.

63 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Sign-in form Welcome-back page

64 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Second argument (“Greeting”) used as action attribute value (relative URL)

65 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Form will be sent using POST HTTP method ( doPost() method will be called)

66 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Text field containing user name is named signIn

67 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions …

68 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions … Retrieve signIn parameter value

69 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions … Normal processing: signIn parameter is present in HTTP request

70 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions … Generate HTML for response

71 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Thank-you page Must escape XML special characters in user input

72 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions … Assign a value to the signIn session attribute

73 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions Session attribute methods: –setAttribute(String name, Object value) : creates a session attribute with the given name and value –Object getAttribute(String name) : returns the value of the session attribute named name, or returns null if this session does not have an attribute with this name

74 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions … Error processing (return user to sign-in form)

75 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Sessions By default, each session expires if a server-determined length of time elapses between a session’s HTTP requests –Server destroys the corresponding session object Servlet code can: –Terminate a session by calling invalidate() method on session object –Set the expiration time-out duration (secs) by calling setMaxInactiveInterval(int)

76 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies A cookie is a name/value pair in the Set- Cookie header field of an HTTP response Most (not all) clients will: –Store each cookie received in its file system –Send each cookie back to the server that sent it as part of the Cookie header field of subsequent HTTP requests

77 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Tomcat sends session ID as value of cookie named JSESSIONID

78 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Cookie-enabled browser returns session ID as value of cookie named JSESSIONID

79 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Servlets can set cookies explicitly –Cookie class used to represent cookies –request.getCookies() returns an array of Cookie instances representing cookie data in HTTP request –response.addCookie(Cookie) adds a cookie to the HTTP response

80 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Cookies are expired by client (server can request expiration date)

81 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies

82 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Return array of cookies contained in HTTP request

83 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Search for cookie named COUNT and extract value as an int

84 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies

85 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Send replacement cookie value to client (overwrites existing cookie)

86 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Should call addCookie() before writing HTML

87 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Privacy issues Client Web site providing requested content HTTP request to intended site HTTP response: HTML document including ad Web site providing banner ads HTTP request for ad image Image plus Set-Cookie in response: third-party cookie

88 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Web site providing requested content Cookies Privacy issues Client Second Web site providing requested content HTTP request to 2nd intended site HTTP response: HTML document including ad Web site providing banner ads HTTP request for ad image plus Cookie (identifies user) Image Based on Referer, I know two Web sites that this user has visited

89 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Cookies Privacy issues Due to privacy concerns, many users block cookies –Blocking may be fine-tuned. Ex: Mozilla allows Blocking of third-party cookies Blocking based on on-line privacy policy Alternative to cookies for maintaining session: URL rewriting

90 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Tomcat adds session ID within HTML document to all URL’s referring to the servlet Session ID = 4235

91 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Subsequent request will contain session ID in the URL of the request Session ID = 4235

92 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Next response must again add session ID to all URL’s Session ID = 4235

93 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Original (relative) URL: href=“URLEncodedGreeting” URL containing session ID: href=“URLEncodedGreeting;jsessionid=0157B9E85” Path parameter is treated differently than query string parameter –Ex: invisible to getParameter() Path parameter

94 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting HttpServletResponse method encodeURL() will add session id path parameter to argument URL Relative URL of servlet Original servlet Servlet using URL rewriting

95 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting User A URL with session ID 7152

96 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting User A User B Email URL URL with session ID 7152

97 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 URL Rewriting Must rewrite every servlet URL in every document Security issues Web site using URL rewriting User A URL with session ID 7152 User B Email URL Visit Web site with session ID 7152

98 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods

99 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods

100 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods

101 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods Response buffer –All data sent to the PrintWriter object is stored in a buffer –When the buffer is full, it is automatically flushed: Contents are sent to the client (preceded by header fields, if this is the first flush) Buffer becomes empty –Note that all header fields must be defined before the first buffer flush

102 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods

103 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 More Servlet Methods In addition to doGet() and doPost(), servlets have methods corresponding to other HTTP request methods –doHead() : automatically defined if doGet() is overridden –doOptions(), doTrace() : useful default methods provided –doDelete(), doPut() : override to support these methods

104 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Data Storage Almost all web applications (servlets or related dynamic web server software) store and retrieve data –Typical web app uses a data base management system (DBMS) –Another option is to use the file system –Not web technologies, so beyond our scope Some Java data storage details provided in Appendices B (file system) and C (DBMS) One common problem: concurrency

105 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency

106 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency Tomcat creates a separate thread for each HTTP request Java thread state saved: –Which statement to be executed next –The call stack: where the current method will return to, where that method will return to, etc. plus parameter values for each method –The values of local variables for all methods on the call stack

107 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency Some examples of values that are not saved when a thread is suspended: –Values of instance variables (variables declared outside of methods) –Values of class variables (variables declared as static outside of methods) –Contents of files and other external resources

108 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency // Output HTML document

109 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency

110 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency Java support thread synchronization –Only one synchronized method within a class can be called at any one time Only one thread at at time can call doGet()

111 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency

112 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency Web application with multiple servlet classes and shared resource:

113 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Concurrency Solution: create a shared class with synchronized static methods called by both servlets CounterFileCounterReaderCounterWriter readAndReset()incr() File

114 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Common Gateway Interface CGI was the earliest standard technology used for dynamic server-side content CGI basics: –HTTP request information is stored in environment variables (e.g., QUERY_STRING, REQUEST_METHOD, HTTP_USER_AGENT) –Program is executed, output is returned in HTTP response

115 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Common Gateway Interface Advantage: –Program can be written in any programming language (Perl frequently used) Disadvantages: –No standard for concepts such as session –May be slower (programs normally run in separate processes, not server process)

Download ppt "Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Chapter 6 Server-side Programming:"

Similar presentations

Chapter 6 Server-side Programming: Java Servlets

Chapter 6 Server-side Programming: Java Servlets
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.

1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.
 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture 9.2.1 Interface Servlet and.

 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture Interface Servlet and.
Server-side Programming: Java Servlets CSI 3140 WWW Structures, Techniques and Standards.

Server-side Programming: Java Servlets CSI 3140 WWW Structures, Techniques and Standards.
Servlets and a little bit of Web Services Russell Beale.

Servlets and a little bit of Web Services Russell Beale.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved. 0-13-148952-6 1 Chapter 34 Servlets.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved Chapter 34 Servlets.
Python and Web Programming

Python and Web Programming
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.

XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.

Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.
SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.

SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.
Java Servlets. What Are Servlets? Basically, a java program that runs on the server Basically, a java program that runs on the server Creates dynamic.

Java Servlets. What Are Servlets? Basically, a java program that runs on the server Basically, a java program that runs on the server Creates dynamic.
Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Chapter 6 Server-side Programming: Java Servlets CSI3140 WWW Structures,

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Chapter 6 Server-side Programming: Java Servlets CSI3140 WWW Structures,
Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.

Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.

Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
1 Lecture 10 Server-side Programming: Java Servlets.

1 Lecture 10 Server-side Programming: Java Servlets.

Similar presentations

Ads by Google