Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6 Server-side Programming: Java Servlets

Published byTheodora Walters Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapter 6 Server-side Programming: Java Servlets"— Presentation transcript:

1 Chapter 6 Server-side Programming: Java Servlets
WEB TECHNOLOGIES A COMPUTER SCIENCE PERSPECTIVE JEFFREY C. JACKSON Chapter 6 Server-side Programming: Java Servlets Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

2 Server-side Programming
Web server response can be static or dynamic Static: HTML document is retrieved from the file system and returned to the client Dynamic: HTML document is generated by a program in response to an HTTP request Java servlets are one technology for producing dynamic server responses Servlet is a class instantiated by the server to produce a dynamic response Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

3 Servlet Overview Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

4 Servlet Overview When server starts it instantiates servlets
Server receives HTTP request, determines need for dynamic response Server selects the appropriate servlet to generate the response, creates request/response objects, and passes them to a method on the servlet instance Servlet adds information to response object via method calls Server generates HTTP response based on information stored in response object Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

5 Hello World! Servlet Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

6 Hello World! Servlet All servlets we will write are subclasses of
HttpServlet Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

7 Hello World! Servlet Server calls doGet() in response to GET request
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

8 Hello World! Servlet Interfaces implemented by request/response objects Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

9 Hello World! Servlet Production servlet should catch these exceptions
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

10 Hello World! Servlet First two things done by typical servlet;
must be in this order Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

11 Hello World! Servlet Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

12 Hello World! Servlet HTML generated by calling print() or println() on the servlet’s PrintWriter object Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

13 Hello World! Servlet Good practice to explicitly close
the PrintWriter when done Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

14 Servlets vs. Java Applications
Servlets do not have a main() The main() is in the server Entry point to servlet code is via call to a method (doGet() in the example) Servlet interaction with end user is indirect via request/response object APIs Actual HTTP request/response processing is handled by the server Primary servlet output is typically HTML Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

15 Running Servlets Simple way to run a servlet (better later):
Compile servlet (make sure that JWSDP libraries are on path) Copy .class file to shared/classes directory (Re)start the Tomcat web server If the class is named ServletHello, browse to Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

16 Servlet Life Cycle Servlet API life cycle methods
init(): called when servlet is instantiated; must return before any other methods will be called service(): method called directly by server when an HTTP request is received; default service() method calls doGet() (or related methods covered later) destroy(): called when server shuts down Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

17 Servlet Life Cycle Example life cycle method:
attempt to initialize visits variable from file Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

18 Servlet Life Cycle Exception to be thrown
if initialization fails and servlet should not be instantiated Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

19 Lab 1 – First Servlet Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

20 Parameter Data The request object (which implements HttpServletRequest) provides information from the HTTP request to the servlet One type of information is parameter data, which is information from the query string portion of the HTTP request Query string with one parameter Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

21 Parameter Data Parameter data is the Web analog of arguments in a method call: Query string syntax and semantics Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

22 Parameter Data Query string syntax and semantics
Multiple parameters separated by & Order of parameters does not matter All parameter values are strings Value of arg is empty string Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

23 Parameter Data Parameter names and values can be any 8-bit characters
URL encoding is used to represent non- alphanumeric characters: URL decoding applied by server to retrieve intended name or value Value of arg is ‘a String’ Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

24 Parameter Data URL encoding algorithm
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

25 Parameter Data Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

26 Parameter Data Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

27 Parameter Data A form automatically generates a query string when submitted Parameter name specified by value of name attributes of form controls Parameter value depends on control type Value for checkbox specified by value attribute Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

28 Parameter Data Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

29 Parameter Data Query string produced by browser (all one line):
Checkbox parameters have same name values; only checked boxes have corresponding parameters Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

30 Lab 2 – Customizing Servlet URL
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

31 Parameter Data GET vs. POST method for forms: GET:
Query string is part of URL Length of query string may be limited Recommended when parameter data is not stored but used only to request information (e.g., search engine query) The URL can be bookmarked or ed and the same data will be passed to the server when the URL is revisited Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

32 Parameter Data Browser content copyright 2004 Google, Inc. Used by permission. Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

33 Parameter Data GET vs. POST method for forms: POST:
Query string is sent as body of HTTP request Length of query string is unlimited Recommended if parameter data is intended to cause the server to update stored data Most browsers will warn you if they are about to resubmit POST data to avoid duplicate updates Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

34 Parameter Data Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

35 Lab 3 – Post Method Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

36 Sessions Many interactive Web sites spread user data entry out over several pages: Ex: add items to cart, enter shipping information, enter billing information Problem: how does the server know which users generated which HTTP requests? Cannot rely on standard HTTP headers to identify a user Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

37 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

38 Sessions Server sends back new unique session ID when the request has
none Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

39 Sessions Client that supports session stores the ID and sends it
back to the server in subsequent requests Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

40 Sessions Server knows that all of these requests are from the same
client. The set of requests is known as a session. Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

41 Sessions And the server knows that all of these requests are
from a different client. Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

42 Sessions Returns HttpSession object associated with this HTTP request.
Creates new HttpSession object if no session ID in request or no object with this ID exists Otherwise, returns previously created object Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

43 Sessions Boolean indicating whether returned
object was newly created or already existed. Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

44 Sessions Incremented once per session
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

45 Sessions Three web pages produced by a single servlet
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

46 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

47 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

48 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

49 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

50 Sessions ,,, Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

51 Sessions ,,, Session attribute is a name/value pair
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

52 Sessions ,,, Session attribute will have null value until
a value is assigned Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

53 Sessions ,,, Generate sign-in form if session is new or signIn
attribute has no value, weclome-back page otherwise. Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

54 Sessions Sign-in form Welcome-back page
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

55 Sessions Second argument (“Greeting”) used as action attribute value
(relative URL) Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

56 Sessions Form will be sent using POST HTTP
method (doPost() method will be called) Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

57 Sessions Text field containing user name is named signIn
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

58 Sessions Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

59 Sessions … Retrieve signIn parameter value
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

60 Sessions … Normal processing: signIn parameter is present in
HTTP request Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

61 Sessions … Generate HTML for response
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

62 Sessions Thank-you page Must escape XML special characters in
user input Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

63 Sessions … Assign a value to the signIn session attribute
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

64 Sessions Session attribute methods:
setAttribute(String name, Object value): creates a session attribute with the given name and value Object getAttribute(String name): returns the value of the session attribute named name, or returns null if this session does not have an attribute with this name Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

65 Sessions … Error processing (return user to sign-in form)
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

66 Sessions By default, each session expires if a server-determined length of time elapses between a session’s HTTP requests Server destroys the corresponding session object Servlet code can: Terminate a session by calling invalidate() method on session object Set the expiration time-out duration (secs) by calling setMaxInactiveInterval(int) Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

67 Lab 4 - Session Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

68 Cookies A cookie is a name/value pair in the Set- Cookie header field of an HTTP response Most (not all) clients will: Store each cookie received in its file system Send each cookie back to the server that sent it as part of the Cookie header field of subsequent HTTP requests Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

69 Cookies Tomcat sends session ID as value of cookie named JSESSIONID
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

70 Cookies Cookie-enabled browser returns session ID as value
of cookie named JSESSIONID Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

71 Cookies Servlets can set cookies explicitly
Cookie class used to represent cookies request.getCookies() returns an array of Cookie instances representing cookie data in HTTP request response.addCookie(Cookie) adds a cookie to the HTTP response Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

72 Cookies Cookies are expired by client (server can request
expiration date) Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

73 Cookies Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

74 Cookies Return array of cookies contained in HTTP request
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

75 Cookies Search for cookie named COUNT and extract value as an int
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

76 Cookies Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

77 Cookies Send replacement cookie value to client (overwrites
existing cookie) Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

78 Cookies Should call addCookie() before writing HTML
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

79 Cookies Privacy issues
HTTP request to intended site Web site providing requested content Client HTTP response: HTML document including ad <img> HTTP request for ad image Image plus Set-Cookie in response: third-party cookie Web site providing banner ads Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

80 Cookies Privacy issues
Second Web site providing requested content HTTP request to 2nd intended site Web site providing requested content Client HTTP response: HTML document including ad <img> HTTP request for ad image plus Cookie (identifies user) Image Web site providing banner ads Based on Referer, I know two Web sites that this user has visited Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

81 Cookies Privacy issues
Due to privacy concerns, many users block cookies Blocking may be fine-tuned. Ex: Mozilla allows Blocking of third-party cookies Blocking based on on-line privacy policy Alternative to cookies for maintaining session: URL rewriting Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

82 Lab 5 - Cookies Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

83 URL Rewriting Tomcat adds session ID within HTML document to all URL’s
referring to the servlet Session ID = 4235 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

84 URL Rewriting Subsequent request will contain session ID in the
URL of the request Session ID = 4235 Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

85 URL Rewriting Next response must again add session ID to all URL’s
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

86 URL Rewriting Original (relative) URL: href=“URLEncodedGreeting”
URL containing session ID: href=“URLEncodedGreeting;jsessionid=0157B9E85” Path parameter is treated differently than query string parameter Ex: invisible to getParameter() Path parameter Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

87 URL Rewriting HttpServletResponse method encodeURL() will add session id path parameter to argument URL Original servlet Relative URL of servlet Servlet using URL rewriting Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

88 URL Rewriting Must rewrite every servlet URL in every document
Security issues Web site using URL rewriting URL with session ID 7152 User A Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

89 URL Rewriting Must rewrite every servlet URL in every document
Security issues Web site using URL rewriting URL with session ID 7152 User A User B URL Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

90 URL Rewriting Must rewrite every servlet URL in every document
Security issues Web site using URL rewriting URL with session ID 7152 Visit Web site with session ID 7152 User A User B URL Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

91 Lab 6 – URL Rewriting Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved

Download ppt "Chapter 6 Server-side Programming: Java Servlets"

Similar presentations

Chapter 6 Server-side Programming: Java Servlets

Chapter 6 Server-side Programming: Java Servlets
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 10 Servlets and Java Server Pages.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.

1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.
 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture 9.2.1 Interface Servlet and.

 2002 Prentice Hall. All rights reserved. Chapter 9: Servlets Outline 9.1 Introduction 9.2 Servlet Overview and Architecture Interface Servlet and.
Server-side Programming: Java Servlets CSI 3140 WWW Structures, Techniques and Standards.

Server-side Programming: Java Servlets CSI 3140 WWW Structures, Techniques and Standards.
Servlets and a little bit of Web Services Russell Beale.

Servlets and a little bit of Web Services Russell Beale.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved. 0-13-148952-6 1 Chapter 34 Servlets.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2005 Pearson Education, Inc. All rights reserved Chapter 34 Servlets.
Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0 Chapter 6 Server-side Programming:

Jackson, Web Technologies: A Computer Science Perspective, © 2007 Prentice-Hall, Inc. All rights reserved Chapter 6 Server-side Programming:
Python and Web Programming

Python and Web Programming
Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.

Servlets Compiled by Dr. Billy B. L. Lim. Servlets Servlets are Java programs which are invoked to service client requests on a Web server. Servlets extend.
SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.

SE-2840 Dr. Mark L. Hornick1 Java Servlet-based web apps Servlet Architecture.
Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Chapter 6 Server-side Programming: Java Servlets CSI3140 WWW Structures,

Dr. Thomas Tran – CSI3140 Lecture Notes (based on Dr. Jeffrey Jackson’s slides) Chapter 6 Server-side Programming: Java Servlets CSI3140 WWW Structures,
Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.

Gayle J Yaverbaum, PhD Professor of Information Systems Penn State Harrisburg.
Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.

Java Server Pages B.Ramamurthy. Topics for Discussion 8/20/20152 Inheritance and Polymorphism Develop an example for inheritance and polymorphism JSP.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
1 Lecture 10 Server-side Programming: Java Servlets.

1 Lecture 10 Server-side Programming: Java Servlets.
JavaScript, Fourth Edition

JavaScript, Fourth Edition
Chapter 5 Java Servlets. Objectives Explain the nature of a servlet and its operation Use the appropriate servlet methods in a web application Code the.

Chapter 5 Java Servlets. Objectives Explain the nature of a servlet and its operation Use the appropriate servlet methods in a web application Code the.
Li Tak Sing COMPS311F. Static attributes in Servlets Since Servlets are also Java classes, you can also use static attributes to store values that can.

Li Tak Sing COMPS311F. Static attributes in Servlets Since Servlets are also Java classes, you can also use static attributes to store values that can.

Similar presentations

Ads by Google