unit-III-full stack web development-Java-Serve-Let.ppt

Chapter 6 Server-side Programming: Java Servlets WEB TECHNOLOGIES A COMPUTER SCIENCE PERSPECTIVE JEFFREY C. JACKSON Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Server-side Programming • The combination of – HTML – JavaScript – DOM is sometimes referred to as Dynamic HTML (DHTML) • Web pages that include scripting are often called dynamic pages (vs. static)

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Server-side Programming • Similarly, web server response can be static or dynamic – Static: HTML document is retrieved from the file system and returned to the client – Dynamic: HTML document is generated by a program in response to an HTTP request • Java servlets are one technology for producing dynamic server responses – Servlet is a Java class instantiated by the server to produce a dynamic response

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Servlet Overview

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Servlet Overview 1. When server starts, it instantiates servlets 2. Server receives HTTP request, determines need for dynamic response 3. Server selects the appropriate servlet to generate the response, creates request/response objects, and passes them to a method on the servlet instance 4. Servlet adds information to response object via method calls 5. Server generates HTTP response based on information stored in response object

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Hello World! Servlet

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Hello World! Servlet All servlets we will write are subclasses of HttpServlet

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Hello World! Servlet Server calls doGet() in response to GET request

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Hello World! Servlet Interfaces implemented by request/response objects

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Hello World! Servlet Production servlet should catch these exceptions

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Servlets vs. Java Applications • Servlets do not have a main() – The main() is in the server – Entry point to servlet code is via call to a method (doGet() in the example) • Servlet interaction with end user is indirect via request/response object APIs – Actual HTTP request/response processing is handled by the server • Primary servlet output is typically HTML

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Running Servlets • Simple way to run a servlet (better later): 1. Compile servlet (make sure that JWSDP libraries are on path) 2. Copy .class file to shared/classes directory 3. (Re)start the Tomcat web server 4. If the class is named ServletHello, browse to http://localhost:8080/servlet/ServletHello

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Dynamic Content

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Servlet Life Cycle • Servlet API life cycle methods – init(): called when servlet is instantiated; must return before any other methods will be called – service(): method called directly by server when an HTTP request is received; default service() method calls doGet() (or related methods covered later) – destroy(): called when server shuts down

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Parameter Data • GET vs. POST for the method attribute of forms: – GET: – Choosing GET as the "method" will append all of the data to the URL and it will show up in the URL bar of your browser. – The amount of information you can send back using a GET is restricted as URLs can only be 1024 characters. – Recommended when parameter data is not stored or updated on the server, but used only to request information (e.g., search engine query)

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Parameter Data • GET vs. POST method for forms: – POST: • Query string is sent as body of HTTP request • Length of query string is unlimited • Recommended if parameter data is intended to cause the server to update stored data • Most browsers will warn you if they are about to resubmit POST data to avoid duplicate updates

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions • Many interactive Web sites spread user data entry out over several pages: – Ex: add items to cart, enter shipping information, enter billing information • Problem: how does the server know which users generated which HTTP requests? – Cannot rely on standard HTTP headers to identify a user • A session can be defined as a server-side storage of information that is desired to persist throughout the user's interaction with the web site or web application. •

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions Server sends back new unique session ID when the request has none

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions Client that supports session stores the ID and sends it back to the server in subsequent requests

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions Server knows that all of these requests are from the same client. The set of requests is known as a session.

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions And the server knows that all of these requests are from a different client.

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Sessions Three web pages produced by a single servlet

Sessions • How to get the HttpSession object ? • The HttpServletRequest interface provides two methods to get the object of HttpSession: • public HttpSession getSession():Returns the current session associated with this request, or if the request does not have a session, creates one. • public HttpSession getSession(boolean create):Returns the current HttpSession associated with this request or, if there is no current session and create is true, returns a new session. Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides)

Commonly used methods of HttpSession interface • public String getId():Returns a string containing the unique identifier value. • public long getCreationTime():Returns the time when this session was created, measured in milliseconds since midnight January 1, 1970 GMT. • public long getLastAccessedTime():Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT. • public void invalidate():Invalidates this session then unbinds any objects bound to it. • setMaxInactiveInterval(int )Returns the maximum time interval, in seconds, that the servlet container will keep this session open between client accesses. Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides)

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies • A cookie is a name/value pair in the Set-Cookie header field of an HTTP response. • A HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie), is a small piece of data sent from a website and stored in a user's web browser while the user is browsing that website. • Every time the user loads the website, the browser sends the cookie back to the server to notify the website of the user's previous activity. • Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items in a shopping cart) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited by the user as far back as months or years ago) • . • Without cookies, websites and their servers have no memory. A cookie, like a key, enables swift passage from one place to the next. • Without a cookie every time you open a new web page the server where that page is stored will treat you like a completely new visitor.

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies Tomcat sends session ID as value of cookie named JSESSIONID

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies Cookie-enabled browser returns session ID as value of cookie named JSESSIONID

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies • Servlets can set cookies explicitly – Cookie class used to represent cookies – request.getCookies() returns an array of Cookie instances representing cookie data in HTTP request – response.addCookie(Cookie) adds a cookie to the HTTP response

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies Cookies are expired by client (server can request expiration date)

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies Privacy issues Client Web site providing requested content HTTP request to intended site HTTP response: HTML document including ad <img> Web site providing banner ads HTTP request for ad image Image plus Set-Cookie in response: third-party cookie

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Web site providing requested content Cookies Privacy issues Client Second Web site providing requested content HTTP request to 2nd intended site HTTP response: HTML document including ad <img> Web site providing banner ads HTTP request for ad image plus Cookie (identifies user) Image Based on Referer, I know two Web sites that this user has visited

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Cookies Privacy issues • Due to privacy concerns, many users block cookies – Blocking may be fine-tuned. Ex: Mozilla allows • Blocking of third-party cookies • Blocking based on on-line privacy policy • Alternative to cookies for maintaining session: URL rewriting

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Data Storage • Almost all web applications (servlets or related dynamic web server software) store and retrieve data – Typical web app uses a data base management system (DBMS) – Another option is to use the file system – Not web technologies, so beyond our scope • Some Java data storage details provided in Appendices B (file system) and C (DBMS) • One common problem: concurrency

Common Gateway Interface • The common gateway interface (CGI) is a standard way for a Web server to pass a Web user's request to an application program and to receive data back to forward to the user. • When the user requests a Web page (for example, by clicking on a highlighted word or entering a Web site address), the server sends back the requested page. However, when a user fills out a form on a Web page and sends it in, it usually needs to be processed by an application program. • The Web server typically passes the form information to a small application program that processes the data and may send back a confirmation message. This method or convention for passing data back and forth between the server and the application is called the common gateway interface (CGI). It is part of the Web's Hypertext Transfer Protocol (HTTP). Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides)

unit-III-full stack web development-Java-Serve-Let.ppt

More Related Content

Similar to unit-III-full stack web development-Java-Serve-Let.ppt

Recently uploaded

unit-III-full stack web development-Java-Serve-Let.ppt