Web Technology & DBMS– A Quick Reference - PowerPoint PPT Presentation

web technology dbms a quick reference n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Web Technology & DBMS– A Quick Reference PowerPoint Presentation
Download Presentation
Web Technology & DBMS– A Quick Reference

play fullscreen
1 / 96
Web Technology & DBMS– A Quick Reference
103 Views
Download Presentation
taro
Download Presentation

Web Technology & DBMS– A Quick Reference

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Web Technology & DBMS– A Quick Reference

  2. Chapter - Objectives • Basics of Internet, Web, HTTP, HTML, URLs. • Difference between two-tier and three-tier client-server architecture. • Advantages and disadvantages of Web as a database platform. • Approaches for integrating databases into Web: • The Common Gateway Interface (CGI). • Server-Side Includes. • HTTP Cookies. 2

  3. Chapter - Objectives • Extending the Web Server. • Java and JDBC, JSQL and JRB. • Scripting Languages (JavaScript and VBScript). • Microsoft Active Platform: Active Server Pages (ASP) and Active Data Objects (ADO). • Oracle Network Computing Architecture. • Security problems in Web environment. • Proposed HTTP/1.1 and XML. 3

  4. Introduction • World-Wide Web (Web, WWW, or W3) possibly most popular and powerful networked information system to date. • As architecture of Web was designed to be platform-independent, can significantly lower deployment and training costs. • Organizations using Web as strategic platform for innovative business solutions, in effect becoming Web-centric. 4

  5. Introduction • Many Web sites today are file-based where each Web document is stored in separate file. • For large sites, this can lead to significant management problems. • Also many Web sites now contain more dynamic information, such as product and pricing data. • Maintaining such data in both a database and in separate HTML files is problematic. • Accessing database directly from Web would be a better approach. 5

  6. Internet Worldwide collection of interconnected networks. • Began in late ‘60s in ARPANET, a US DOD project, investigating how to build networks that could withstand partial outages. • Starting with a few nodes, Internet estimated to have over 100 million users in 1997, and over 270 million users in over 100 countries in 1998, with one million new users joining each month. • May be 199 million users of Web by year 2000. 6

  7. Intranet and Extranet • Intranet - A Web site or group of sites belonging to an organization, accessible only by the members of an organization. • Extranet - An intranet that is partially accessible to authorized outsiders. • Whereas intranet resides behind firewall and is accessible only to people who are members of same organization, extranet provides various levels of accessibility to outsiders. 7

  8. The Web Hypermedia-based system that provides a simple ‘point and click’ means of browsing information on the Internet using hyperlinks. • Information presented on Web pages, which can contain text, graphics, pictures, sound, and video. • Can also contain hyperlinks to other Web pages, which allow users to navigate in a non-sequential way through information. • Web documents written using HTML. 8

  9. The Web • Web consists of network of computers that can act in two roles: • as servers, providing information; • as clients (browsers), requesting information. • Protocol that governs exchange of information between Web server and browser is HTTP and locations within documents identified as a URL. • Much of Web’s success is due to its simplicity and platform-independence. 9

  10. Basic Components of Web Environment 10

  11. HyperText Transfer Protocol (HTTP) Protocol used to transfer Web pages through Internet. • Based on request-response paradigm: Connection - Client establishes connection with Web server. Request - Client sends request to Web server. Response - Web server sends response (HTML document) to client. Close - Connection closed by Web server. 11

  12. HyperText Transfer Protocol (HTTP) • HTTP/1.0 is stateless protocol - each connection is closed once server provides response. • This makes it difficult to support concept of a session that is essential to basic DBMS transactions. 12

  13. HyperText Markup Language (HTML) Document formatting language used to design most Web pages. • A simple, yet powerful, platform-independent document language. • HTML is an application of Standardized Generalized Markup Language (SGML), a system for defining structured document types and markup languages to represent instances of those document types. 13

  14. HyperText Markup Language (HTML) 14

  15. HyperText Markup Language (HTML) 15

  16. Uniform Resource Locators (URLs) String of alphanumeric characters that represents location or address of a resource on Internet and how that resource should be accessed. • Defines uniquely where documents (resources) can be found. • Uniform Resource Identifiers (URIs) - generic set of all Internet resource names/addresses. • Uniform Resource Names (URNs) - persistent, location-independent name. Relies on name lookup services. 16

  17. Uniform Resource Locators (URLs) • URL consists of three basic parts: • protocol used for the connection, • host name, • path name on host where resource stored. • Can optionally specify: • port through which connection to host should be made, • query string. http://www.w3.org/WWW/MarkUp.html 17

  18. Static and Dynamic Web Pages • HTML document stored in file is static Web page. • Content of dynamic Web page is generated each time it is accessed. • Thus, dynamic Web page can: • respond to user input from browser. • be customized by and for each user. • Requires hypertext to be generated by servers. • Need scripts that perform conversions from different data formats into HTML ‘on-the-fly’. 18

  19. Requirements for Web-DBMS Integration • Ability to access valuable corporate data in a secure manner. • Data and vendor independent connectivity to allow freedom of choice in DBMS selection. • Ability to interface to database independent of any proprietary browser or Web server. • Connectivity solution that takes advantage of all the features of an organization’s DBMS. 19

  20. Requirements for Web-DBMS Integration • Open-architecture to allow interoperability with a variety of systems and technologies. For example: • different Web servers; • Microsoft's (Distributed) Common Object Model (DCOM/COM); • CORBA/IIOP (Internet Inter-ORB protocol); • Java/Remote Method Invocation. 20

  21. Requirements for Web-DBMS Integration • Cost-effective solution that allows for scalability, growth, and changes in strategic directions, and helps reduce applications development costs. • Support for transactions that span multiple HTTP requests. • Support for session- and application-based authentication. • Acceptable performance. 21

  22. Requirements for Web-DBMS Integration • Minimal administration overhead. • Set of high-level productivity tools to allow applications to be developed, maintained, and deployed with relative ease and speed. 22

  23. Two-Tier Client-Server Architecture 23

  24. Three-Tier Client-Server Architecture • Client side presented two problems preventing true scalability: • ‘Fat’ client, requiring considerable resources on client’s computer to run effectively. • Significant client side administration overhead. • By 1995, three layers proposed, each potentially running on a different platform. 24

  25. Three-Tier Client-Server Architecture • Advantages: • ‘Thin’ client, requiring less expensive hardware. • Application maintenance centralized. • Easier to modify or replace one tier without affecting others. • Separating business logic from database functions makes it easier to implement load balancing. • Maps quite naturally to Web environment. 25

  26. Three-Tier Client-Server Architecture 26

  27. Advantages of Web-DBMS Approach • DBMS advantages • Simplicity • Platform independence • Graphical User Interface • Standardization • Cross-platform support • Transparent network access • Scalable deployment • Innovation 27

  28. Disadvantages of Web-DBMS Approach • Reliability • Security • Cost • Scalability • Limited functionality of HTML • Statelessness • Bandwidth • Performance • Immaturity of development tools 28

  29. Approaches to Integrating Web and DBMSs • Common Gateway Interface (CGI). • Server-Side Includes. • HTTP Cookies. • Extending the Web Server. • Java and JDBC, JSQL and JRB. • Scripting Languages (JavaScript and VBScript). • Microsoft Active Platform: ASP and ADO. • Oracle Network Computing Architecture. 29

  30. Common Gateway Interface (CGI) Specification for transferring information between a Web server and a CGI program. • Server only intelligent enough to send documents and to tell browser what kind of document it is. • But server also knows how to launch other programs. • When server sees that URL points to a program (script), it executes script and sends back script’s output to browser as if it were a file. 30

  31. CGI - Environment 31

  32. Common Gateway Interface (CGI) • CGI defines how scripts communicate with Web servers. • A CGI script is any script designed to accept and return data that conforms to the CGI specification. • Before server launches script, prepares number of environment variables representing current state of the server, who is requesting the information, and so on. • Script picks this up and reads STDIN. 32

  33. Common Gateway Interface (CGI) • Then performs necessary processing and writes its output to STDOUT. • Script responsible for sending MIME header, which allows browser to differentiate between components. • CGI scripts can be written in almost any language, provided it supports reading and writing of an operating system’s environment variables. 33

  34. Common Gateway Interface (CGI) • Four primary methods for passing information from browser to a CGI script: • Passing parameters on the command line. • Passing environment variables to CGI programs. • Passing data to CGI programs via standard input. • Using extra path information. 34

  35. CGI - Passing Parameters on Command Line 35

  36. CGI - Advantages • CGI is the de facto standard for interfacing Web servers with external applications. • Possibly most commonly used method for interfacing Web applications to data sources. • Advantages: • simplicity, • language independence, • Web server independence, • wide acceptance. 36

  37. CGI - Disadvantages • Communication between client and database server must always go through Web server. • Lack of efficiency and transaction support, and difficulty validating user input inherited from statelessness of HTTP protocol. • HTTP never intended for long exchanges or interactivity. • Server has to generate a new process or thread for each CGI script. • Security. 37

  38. Server-Side Includes (SSI) • Allows a program to be executed, like CGI, and to incorporate its output into the document. • Generally, end result is a text document. • SSI is not governed by an Internet RFC or other standard. Each server vendor is free to implement SSI on an ad-hoc basis, if at all. • Most servers follow NCSA’s specification. • All SSI commands are embedded within regular HTML comments, making the HTML portable. • Security risks of SSI are similar to those of CGI. 38

  39. HTTP Cookies • Cookies can make CGI scripts more interactive. • Cookies are small text files stored on Web client. • CGI script creates cookie and has Web server send it to client’s browser to store on hard disk. • Later, when client revisits Web site and uses a CGI script that requests this cookie, client’s browser sends information stored in the cookie. • However, not all browsers support cookies. 39

  40. Extending the Web Server • To overcome limitations of CGI, many servers provide an API that adds functionality to server. • Two of main APIs are Netscape’s NSAPI and Microsoft’s ISAPI. • Scripts are loaded in as part of the server, giving back-end applications full access to all the I/O functions of server. • One copy of application is loaded and shared between multiple requests to server. 40

  41. Extending the Web Server • Approach more complex than CGI, possibly requiring specialized programmers. • Can provide very flexible and powerful solution. • API extensions can provide same functionality as a CGI program, but as API runs as part of the server, API approach can perform significantly better than CGI. • Extending Web server is potentially dangerous, since server executable is being changed. 41

  42. Comparison of CGI and API • CGI and API both extend capabilities of server. • CGI scripts run in environment created by Web server program. • Scripts only execute once Web server interprets request from browser, then returns results back to the server. • API approach not nearly so limited in its ability to communicate. • API-based extensions are loaded into same address space as Web server. 42

  43. Java • Proprietary language developed by Sun and currently marketed by JavaSoft. • Originally intended to support environment of networked machines and embedded systems. • Now, Java is rapidly becoming de facto language for Web computing. • Interesting because of its potential for building Web applications (applets) and server applications (servlets). 43

  44. Java • Java is ‘a simple, object-oriented, distributed, interpreted, robust, secure, architecture neutral, portable, high-performance, multi-threaded and dynamic language’. • Has a machine-independent target architecture, the Java Virtual Machine (JVM). • Since almost every Web browser vendor has already licensed Java and implemented an embedded JVM, Java applications can currently be deployed on most end-user platforms. 44

  45. Java 45

  46. Java • Before Java application can be executed, it must first be loaded into memory. • Done by Class Loader, which takes ‘.class’ file(s) containing bytecodes and transfers it into memory. • Class file can be loaded from local hard drive or downloaded from network. • Finally, bytecodes must be verified to ensure that they are valid do not violate Java’s security restrictions. 46

  47. Java • Loosely speaking Java is a ‘safe’ C++. • Safety features include strong static type checking, automatic garbage collection, and absence of machine pointers at language level. • Safety is central design goal: ability to safely transmit Java code across Internet. • Security is also integral part of Java’s design - sandbox ensures untrusted application cannot gain access to system resources. 47

  48. JDBC • Modeled after ODBC, JDBC API supports basic SQL functionality. • With JDBC, Java can be used as host language for writing database applications. • On top of JDBC, higher-level APIs can be built. • Currently, two types of higher-level APIs: • An embedded SQL for Java. • A direct mapping of relational database tables to Java classes. 48

  49. JDBC • JDBC API consists of two main interfaces: an API for application writers, and a lower-level driver API for driver writers. • Applications and applets can access databases using: • JDBC API with pure Java JDBC drivers, • ODBC drivers and existing database client libraries. 49

  50. JDBC - Advantages/Disadvantages • Advantage of using ODBC drivers is that they are a de facto standard for PC database access, and are available for many DBMSs, for very low price. • Disadvantages with this approach: • Non-pure JDBC driver will not necessarily work with a Web browser. • Currently downloaded applet can connect only to database located on host machine. • Deployment costs increase. 50