Java Servlet Architecture in Web Applications

Interaction between web clients and servers in Java servlet-based web apps, from handling HTTP requests to employing helper apps for dynamic content generation. Overview of server responses, CGI helper programs, and how servlets work within a web container like Tomcat.

• Java Servlets
• Web Applications
• Web Servers
• Servlet Architecture
• Dynamic Content

dolal Follow

Uploaded on Oct 06, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Java Servlet-based web apps Servlet Architecture SE-2840 Dr. Mark L. Hornick 1

2. Recall: The interaction between web clients and servers is structured around HTTP Request and Response messages Server is running a web server app, like Apache or Microsoft IIS. SE-2840 Dr. Mark L. Hornick 2

3. In the simplest scenario, the Server responds to a browser GET request by returning a pre-written, static HTML file HTTP GET request HTML file maintained on Server, returned to the Browser as the HTTP response payload Note: This diagram can be found in your textbook SE-2840 Dr. Mark L. Hornick 3

4. Eclipse J2EE demo CS-4220 Dr. Mark L. Hornick 4

5. A web server can employ a Helper App when it needs to go beyond serving static web pages HTTP GET or POST request (may include parameters) parameters CGI Helper app CGI* programs can be written in Perl, Python, PHP, C, or Java *Common Gateway Interface SE-2840 Dr. Mark L. Hornick 5

6. How it works in general User enters a URL (or clicks a link) to a CGI program rather than a static page Web server sees that the request is for a helper program, so the server runs the helper, sending along any parameters sent from the Client. The helper app constructs the brand new (dynamic) page and sends the HTML back to the server. Note: This diagram can be found in your textbook SE-2840 Dr. Mark L. Hornick 6

7. How it works for Java Servlets Web container app is Tomcat Web server app is commonly Apache Servlets are run by Tomcat Note: This diagram can be found in your textbook SE-2840 Dr. Mark L. Hornick 7

8. What does a Container like Tomcat do? Communication Creates server-side sockets Listens for client connections Determines client HTTP request type and decodes HTTP headers Servlet Lifecycle management Figures out which Servlet should be used to process a specific request Handles Servlet class loading Handles Servlet instantiation/construction Handles Servlet initialization Servlet execution support Launches/manages threads that service each incoming request Handles Servlet service() method (doGet and doPost) invocation Creates and passes Request and Response objects to the Servlet Supports Security Supports JSP SE-2840 Dr. Mark L. Hornick 8

9. How Tomcat manages Servlets Web Container (Tomcat) Loading can be done upon Tomcat startup, or deferred until later Your servlet class no-arg ctor runs (you should NOT write a ctor; just use the compiler- supplied default. Called only ONCE in the servlet s life (and must complete before Container calls service() This is where the servlet spends most of its life The methods doGet() or doPost() are executed to process requests Container calls destroy() to give the servlet a chance to clean up; like init(), destroy() is only called ONCE CS-4220 Dr. Mark L. Hornick 9

10. Tomcat invokes a Servletsservice() method, but your HTTPServlet-derived class should only override doGet() or doPost() The service() method is given an implementation in the HTTPServlet base class, where the doGet() and doPost() methods are called. You must override these methods in your HttpServlet-derived class SE-2840 Dr. Mark L. Hornick 10

11. A Servlet is just a Java class that implements some specific interfaces (defined by the Java Servlet Specifications) that are used by the Container class Servlet-api classes All Servlets must implement these 5 methods java.lang.Object java.lang.Object interface Servlet interface ServletConfig + destroy() : void + getServletConfig() : ServletConfig + getServletInfo() : String + init(ServletConfig) : void + service(ServletRequest, ServletResponse) : void + getInitParameter(String) : String + getInitParameterNames() : Enumeration + getServletContext() : ServletContext + getServletName() : String -config Abstract class. Implements most of the basic servlet methods Implements the service() method and calls doGet(), doPost() etc as appropriate java.lang.Object java.io.Serializable java.io.Serializable GenericServlet HttpServlet + destroy() : void + GenericServlet() : void + getInitParameter(String) : String + getInitParameterNames() : Enumeration + getServletConfig() : ServletConfig + getServletContext() : ServletContext + getServletInfo() : String + getServletName() : String + init(ServletConfig) : void + init() : void + log(String) : void + log(String, Throwable) : void + service(ServletRequest, ServletResponse) : void # doDelete(HttpServletRequest, HttpServletResponse) : void # doGet(HttpServletRequest, HttpServletResponse) : void # doHead(HttpServletRequest, HttpServletResponse) : void # doOptions(HttpServletRequest, HttpServletResponse) : void # doPost(HttpServletRequest, HttpServletResponse) : void # doPut(HttpServletRequest, HttpServletResponse) : void # doTrace(HttpServletRequest, HttpServletResponse) : void # getLastModified(HttpServletRequest) : long + HttpServlet() : void # service(HttpServletRequest, HttpServletResponse) : void + service(ServletRequest, ServletResponse) : void SE-2840 Dr. Mark L. Hornick 11

12. NOTE The Java classes pertaining to Servlets are not part of the standard SE They are part of the Java EE specification Implementation of the 1.x SE is provided in the 1.x JDK/JRE System Library This is the library you are probably most familiar with rt.jar is the main jarfile in this library Container vendors supply the implementation of the classes that are part of the Servlet specification Tomcat comes with its own Servlet libraries servlet-api.jar implements the Servlet-related classes SE-2840 Dr. Mark L. Hornick 12

13. Parameters: HTML <form> tag element and the name of the Web Resource that will process the form data if it is submitted The opening <form> tag all form elements go between the opening and closing tag. <form action="http://<url>" method= post"> <!-- form elements go here --> </form> The method attribute specifies which HTTP message will be used to send the data in the form to the server default is get The required action attribute specifies the url of where to send the form s data. Note: See the examples on the course website SE-2840 Dr. Mark L. Hornick 13

14. GET vs. POST scenarios Note: This diagram can be found in your textbook SE-2840 Dr. Mark L. Hornick 14

15. get specifies that a HTTP GET message should be used, which appends the form data to the end of the url http://<domain>/<resource>?firstname=Arnold&last name=Ziffel get requests have a limit of 256 characters The data is plainly visible in the url (insecure!) You can bookmark a page that is the result of submitting a form Use GET only to submit small amounts of insensitive data which the server app will NOT use to modify its internal state SE-2840 15 Dr. Mark L. Hornick

16. post specifies that a HTTP POST message should be used, which appends the form data to the end of the HTTP POST header There is no limit on the size of the data packet that can be sent to the server You cannot bookmark a url that was generated as a POST message, since the form data is not in the url A post request can be encrypted (using HTTPS) in order to protect sensitive data, such as a credit card numbers or passwords Use POST to send form data that Is sensitive (use encryption in that case) If the data is large (>256 bytes) Will change the state of the web application Note: Detailed explanation on pp 112-114 in your text. Be sure to read it! SE-2840 16 Dr. Mark L. Hornick

17. Servlet execution Part 1 of 2 These contain all kinds of useful stuff SE-2840 Dr. Mark L. Hornick 17

18. Servlet execution Part 2 of 2 Note: This diagram can be found in your textbook 18 SE-2840 Dr. Mark L. Hornick

19. The HTTP Request Wrapper Class class Request classes java.lang.Object java.lang.Object interface interface servlet::ServletRequest http::HttpServletRequest java.io.InputStream servlet::ServletInputStream + # readLine(byte[], int, int) : int ServletInputStream() : void -request java.lang.Object provides access to servlet::ServletRequestWrapper http::HttpServletRequestWrapper + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + getAttribute(String) : Object getAttributeNames() : Enumeration getCharacterEncoding() : String getContentLength() : int getContentType() : String getInputStream() : ServletInputStream getLocalAddr() : String getLocale() : Locale getLocales() : Enumeration getLocalName() : String getLocalPort() : int getParameter(String) : String getParameterMap() : Map getParameterNames() : Enumeration getParameterValues(String) : String[] getProtocol() : String getReader() : BufferedReader getRealPath(String) : String getRemoteAddr() : String getRemoteHost() : String getRemotePort() : int getRequestDispatcher(String) : RequestDispatcher getScheme() : String getServerName() : String getServerPort() : int isSecure() : boolean removeAttribute(String) : void ServletRequestWrapper(ServletRequest) : void setAttribute(String, Object) : void setCharacterEncoding(String) : void + + + + + + + + + + + + + + + + + + + + + + + + + + getAuthType() : String getContextPath() : String getCookies() : Cookie[] getDateHeader(String) : long getHeader(String) : String getHeaderNames() : Enumeration getHeaders(String) : Enumeration getIntHeader(String) : int getMethod() : String getPathInfo() : String getPathTranslated() : String getQueryString() : String getRemoteUser() : String getRequestedSessionId() : String getRequestURI() : String getRequestURL() : StringBuffer getServletPath() : String getSession(boolean) : HttpSession getSession() : HttpSession getUserPrincipal() : Principal HttpServletRequestWrapper(HttpServletRequest) : void isRequestedSessionIdFromCookie() : boolean isRequestedSessionIdFromURL() : boolean isRequestedSessionIdFromUrl() : boolean isRequestedSessionIdValid() : boolean isUserInRole(String) : boolean These methods are about HTTP things like headers, sessions, and cookies A reference to an HTTPServletRequest is created by the Container and passed to the doGet() and doPost() methods of an HTTPServlet property get + getRequest() : ServletRequest property set + setRequest(ServletRequest) : void SE-2840 Dr. Mark L. Hornick 19

20. The HTTP Response Wrapper Class class Response Classes java.lang.Object java.lang.Object java.io.OutputStream interface interface servlet::ServletOutputStream servlet::ServletResponse http::HttpServletResponse -response provides access to java.lang.Object servlet::ServletResponseWrapper http::HttpServletResponseWrapper + addCookie(Cookie) : void + addDateHeader(String, long) : void + addHeader(String, String) : void + addIntHeader(String, int) : void + containsHeader(String) : boolean + encodeRedirectURL(String) : String + encodeRedirectUrl(String) : String + encodeURL(String) : String + encodeUrl(String) : String + HttpServletResponseWrapper(HttpServletResponse) : void + sendError(int, String) : void + sendError(int) : void + sendRedirect(String) : void + setDateHeader(String, long) : void + setHeader(String, String) : void + setIntHeader(String, int) : void + setStatus(int) : void + setStatus(int, String) : void + flushBuffer() : void + getBufferSize() : int + getCharacterEncoding() : String + getContentType() : String + getLocale() : Locale + getOutputStream() : ServletOutputStream + getWriter() : PrintWriter + isCommitted() : boolean + reset() : void + resetBuffer() : void + ServletResponseWrapper(ServletResponse) : void + setBufferSize(int) : void + setCharacterEncoding(String) : void + setContentLength(int) : void + setContentType(String) : void + setLocale(Locale) : void These methods are also about HTTP things like headers, sessions, and cookies property get + getResponse() : ServletResponse property set + setResponse(ServletResponse) : void A reference to an HTTPServletResponse is created by the Container and passed to the doGet() and doPost() methods of an HTTPServlet SE-2840 Dr. Mark L. Hornick 20