1 / 65

COMP9321 Web Application Engineering Semester 2, 2017

COMP9321 Web Application Engineering Semester 2, 2017. Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 2. http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid= 2465. Different Layers in an Application. Presentation Layer.

margaretdaniel
Download Presentation

COMP9321 Web Application Engineering Semester 2, 2017

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMP9321 Web Application EngineeringSemester 2, 2017 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 2 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid= 2465 COMP9321, 17s2, Week 2

  2. Different Layers in an Application COMP9321, 17s2, Week 2

  3. Presentation Layer HTML is a markup language for describing Web documents (Web pages). is-a set of markuptags describe different document content html -> describes an HTML document. head -> provides information about the document. title -> provides a title for the document. body -> describes the visible page content. h1 -> describes a heading. p -> describes a paragraph COMP9321, 17s2, Week 2

  4. Presentation Layer HTML forms are used to collect user input. If you click "Submit", the form-data will be sent to a page called "main.jsp". COMP9321, 17s2, Week 2

  5. Presentation Layer HTML <form> method attribute specifies how to send form-data  as • URL variables (with method="get") , or • HTTP post transaction (with method="post"). Method? Get/Post COMP9321, 17s2, Week 2

  6. Presentation Layer HTML <form> method attribute • GET: • Appends form-data into the URL in name/value pairs • The length of a URL is limited (about 2-3k characters) • Never use GET to send sensitive data! (will be visible in the URL) • Useful for form submissions where a user want to bookmarkthe result, to enable quick access in future. • Google("HTML Links - Create a Bookmark“) • GET is better for non-secure data, like query strings in Google. • GET is supposed to be used for getting things - information retrieval action_page.jsp?firstname=Tim&lastname=Berners-Lee With the GET method, the HTTP request looks like this: COMP9321, 17s2, Week 2

  7. Presentation Layer HTML <form> method attribute • POST: • Appends form-data inside the body of the HTTP request (data is not shown in URL). • Has no size limitations. • Form submissions with POST cannot be bookmarked. • Clicking a bookmark will always fire a GET request! • POST is supposed to be used for sending data to be processed - update or change something on the server When sent using the POST method, the HTTP request looks like this: COMP9321, 17s2, Week 2

  8. Static vs. Dynamic Web Page A static web page is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application, and on demand! • Static websites: • Quick to develop • Cheap to develop • Cheap to host • Dynamic websites: • Much more functional website • Much easier to update • New content brings people back to the site and helps in the search engines • Can work as a system to allow staff or users to collaborate • Slower / more expensive to develop • Hosting costs COMP9321, 17s2, Week 2

  9. Static vs. Dynamic Web Page A static web page is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application, and on demand! is-a web page whose construction is controlled by an application server processing server-side scripts. is-a software framework that provides both facilities to create web applications and a server environment to run them. e.g. Java application servers http://docs.oracle.com/javaee/6/tutorial/doc/ It's core set of API and features are defined by Java EE. The Web modules include Java Servlets and Java Server Pages. COMP9321, 17s2, Week 2

  10. Java Servlets http://java.sun.com/products/servlet/index.jsp http://docs.oracle.com/javaee/6/tutorial/doc/bnafd.html COMP9321, 17s2, Week 2

  11. Apache Tomcat An open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.. • Tomcat's Installed Directory Structure: • bin: for Tomcat's binaries and startup scripts. • conf: global configuration applicable to all the webapps. • lib: Keeps the JAR-file that are available to all webapps. • logs: contains the engine logfile Catalina ("Catalina" is the codename for Tomcat 5 and above). • webapps: the default appBase - web applications base directory of the host localhost. • work: contains the translated servlet source files and classes of JSP. • temp: temporary files. COMP9321, 17s2, Week 2

  12. Making servlets available in the Web container Google(“what is 8080 port”) e.g., Ant tasks for Tomcat, Eclipse Web Tools Platform (WTP) COMP9321, 17s2, Week 2

  13. How container handles the Servlet request 1. Client Browse Servlet URL: User clicks a link that has a URL of Servlet. 2. HttpServletRequestand HttpServletResponse: Container (e.g. Apache Tomcat) sees that the request is for servlet , so create two objects : Request and Response ((HeadFirst) p.42) http://www.jitendrazaa.com/blog/java/servlet/ COMP9321, 17s2, Week 2

  14. How container handles the Servlet request 3. Create Thread for Servlet: Container finds correct servlet using “web.xml” file; and Creates/Allocate thread for that request … Google( Thread, computing ) A thread is a single sequential flow of control within a program. 4. Service method of servlet: Container calls the servlets service() method, on the type of request, service calls doGet() ordoPost() methods. ((HeadFirst) p.42) http://www.jitendrazaa.com/blog/java/servlet/ COMP9321, 17s2, Week 2

  15. How container handles the Servlet request 5. Servlet response object: Lets assume that service calls the doPost() method. doPost() method generates dynamic page and add the page in response object. 6. destroy response and request object: Thread completes, container converts the response object into HttpResponse object and destroys the response and request object. Google( garbage collection, programming ) ((HeadFirst) p.42) http://www.jitendrazaa.com/blog/java/servlet/ COMP9321, 17s2, Week 2

  16. Your Servlet inherits "lifecycle" methods COMP9321, 17s2, Week 2

  17. A typical Servlet looks like this Note: No main() - the container calls the servlet methods like doGet() through service() COMP9321, 17s2, Week 2

  18. Servlet Names COMP9321, 17s2, Week 2

  19. Servlet Names Why do we need a servlet name? It allows you to have multiple servlet mappings on a single servlet instance without the unnecessary need to create a separate instance per mapping. More? <servlet> <servlet-name>someServlet</servlet-name> <servlet-class>com.example.SomeServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>someServlet</servlet-name> <url-pattern>/enroll</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>someServlet</servlet-name> <url-pattern>/pay</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>someServlet</servlet-name> <url-pattern>/bill</url-pattern> </servlet-mapping> COMP9321, 17s2, Week 2

  20. A Lifecycle of a Servlet The Web container controls the lifecycle of a servlet class: COMP9321, 17s2, Week 2

  21. Servlet's Life ((HeadFirst) p.99) COMP9321, 17s2, Week 2

  22. Why care about this initialisation details? Once the servlet is initialised, the servlet gets access to two important objects: ServletConfig and ServletContext • ServletConfig: • It is implemented by the servlet container to initialize a single servlet using init(); • you can pass initialization parameters to the servlet using the web.xml; • For understanding, this is similar to a constructorin a java class; • One ServletConfig object per servlet; • Use it to pass deploy-time information to the servlet (any info. that you do not want to hard-code into the servlet); • Parameters are configured in the deployment descriptor; • Use it to access the ServletContext; <servlet> <servlet-name>ServletConfigTest</servlet-name> <servlet-class>com.javapapers.ServletConfigTest</servlet-class> <init-param> <param-name>topic</param-name> <param-value>Difference between ServletConfig and ServletContext</param-value> </init-param> </servlet> COMP9321, 17s2, Week 2

  23. Why care about this initialisation details? Once the servlet is initialised, the servlet gets access to two important objects: ServletConfig and ServletContext • ServletContext: • It is implemented by the servlet container for all servlets to communicate with its servlet container; • For example, to get the MIME type of a file, to get dispatch requests, or to write to a log file. That is to get detail about its execution environment; • For understanding, this is like a application global variable mechanism for a single web application deployed in only one JVM; • One ServletContext per Web application (they should have named it AppContext); • Use it to access parameters that are Web application-wide; • The ServletContext object is contained within the ServletConfig object, and can be accessed using the ServletConfig object within a servlet; You can specify param-value pairs for ServletContext object in <context-param> tags in web.xml file. <context-param> <param-name>globalVariable</param-name> <param-value>comp9321</param-value> </context-param> COMP9321, 17s2, Week 2

  24. Why care about this initialisation details? So to sum up there is only one ServletContext for an entire app and all the parts of the web app share it. But each servlet in the app has its own ServletConfig. Remember if you change a value you must redeploy the web app in order to get the new value because a servlet is only initialized once at the beginning of its life. COMP9321, 17s2, Week 2

  25. ServletRequest & ServletResponse Interfaces The container implements HttpServletRequest and HttpServletRequest All you should care about is when servlet is called, the service() passes two objects to your servlet. COMP9321, 17s2, Week 2

  26. HttpServletRequest, HttpServletResponse COMP9321, 17s2, Week 2

  27. A simple servlet that generates a text message COMP9321, 17s2, Week 2

  28. RequestDispatcher in Servlet • The RequestDispatcher interface provides the facility of dispatching the request to another resource, e.g., servlet, jsp, or html. • This interface can also be used to include the content of another resource also. • It is one of the way of servlet collaboration. • The RequestDispatcher interface provides two methods: forward and include • Forward: Forwards a request from a servlet to another resource (servlet, JSP file, or HTML file) on the server. public void forward(ServletRequestrequest,ServletResponse response) http://www.javatpoint.com/ COMP9321, 17s2, Week 2

  29. RequestDispatcher in Servlet • The RequestDispatcher interface provides the facility of dispatching the request to another resource, e.g., servlet, jsp, or html. • This interface can also be used to include the content of another resource also. • It is one of the way of servlet collaboration. • The RequestDispatcher interface provides two methods: forward and include • Include: Includes the content of a resource (servlet, JSP page, or HTML file) in the response. public void include(ServletRequestrequest,ServletResponse response) http://www.javatpoint.com/ COMP9321, 17s2, Week 2

  30. Attributes and Sharing Attributes COMP9321, 17s2, Week 2

  31. Who has access to the board and how long does it live? COMP9321, 17s2, Week 2

  32. Attributes API The return type for attributes is an Object, whereas the return type for a parameter is a String. HeadFirst, p. 189 COMP9321, 17s2, Week 2

  33. Request attributes and Request dispatching COMP9321, 17s2, Week 2

  34. Managing the User State COMP9321, 17s2, Week 2

  35. Managing the User State • A problem in HTTP request/response: • HTTP is a stateless protocol. • A single request/response; • Nothing is remembered 'between requests' from the same user; • Web applications need to maintain users + their data. • It is a programmer's responsibility: • The term "session" is used to represent the data associated with one user while she navigates around a Web application. • Session is a conversional state between client and server. • Session can consists of multiple request and response between client and server. • Since HTTP is stateless, the only way to maintain a session is when some unique information about the session (session id) is passed between server and client in every request and response. COMP9321, 17s2, Week 2

  36. Session Management same-as COMP9321, 17s2, Week 2

  37. Session Management COMP9321, 17s2, Week 2

  38. Session Management COMP9321, 17s2, Week 2

  39. URL Rewriting COMP9321, 17s2, Week 2

  40. HTML hidden fields COMP9321, 17s2, Week 2

  41. Cookies • Cookies are text files stored on the client computer and they are kept for various information tracking purpose. • Java Servlets transparently supports HTTP cookies. • There are three steps involved in identifying returning users: • Server script sends a set of cookies to the browser. e.g. session id • Browser stores this information on local machine for future use. • Next time, browser sends request + those cookies to the server and server uses that information to identify the user. COMP9321, 17s2, Week 2

  42. Cookies • The Anatomy of a Cookie: • Cookies are usually set in an HTTP header. • JavaScript can also set a cookie directly on a browser. • A servlet that sets a cookie might send headers that look something like this: HTTP/1.1 200 OK Date: Mon, 03 Aug 2015 17:03:38 GMT Server: Apache… Set-Cookie: name=xyz; expires=Monday, 03-Aug-15 22:00:00 GMT; path=/; domain=comp9321.com Connection: close Content-Type: text/html • Set-Cookie header contains a name value pair, a GMT date, a path and a domain. • The name and value will be URL encoded.  • Expires field is an instruction to the browser to "forget" the cookie after the given time/date.  COMP9321, 17s2, Week 2

  43. Servlet Cookies Methods http://www.tutorialspoint.com/servlets/ COMP9321, 17s2, Week 2

  44. Setting Cookies with Servlet Setting cookies with servlet involves three steps: 1. Creating a Cookie object: Keep in mind, neither the name nor the value should contain white space or any of the following characters: [ ] ( ) = , " / ? @ : ; 2. Setting the maximum age (in seconds): 3. Sending the Cookie into the HTTP response headers Cookie cookie = new Cookie("key","value"); cookie.setMaxAge(60*60*24); response.addCookie(cookie); http://www.tutorialspoint.com/servlets/ COMP9321, 17s2, Week 2

  45. HTTP Sessions with JSESSIONID cookie COMP9321, 17s2, Week 2

  46. HTTP Sessions Interface COMP9321, 17s2, Week 2

  47. An example of using HttpSession object: the scenario COMP9321, 17s2, Week 2

  48. The Journey Object COMP9321, 17s2, Week 2

  49. Using a Journey Object COMP9321, 17s2, Week 2

  50. How session tracking works ... COMP9321, 17s2, Week 2

More Related