Docstoc

Java Servlets Presentation

Document Sample
Java Servlets Presentation Powered By Docstoc
					Objectives

• Understand the Servlet Architecture.
• Compare Servlet & Other Similar
  technologies.
• Understand the Servlet Life Cycle.
• Handle Request & Response.
• Generate Dynamic HTML.
• Handle Sessions.
     Evolution of Dynamic Content Tech.


•   Common Gateway Interface (CGI)
•   ColdFusion (Allaire)
•   Active Server Pages (ASP)
•   Server-Side JavaScript (SSJS)
•   Personal Home Page tools (PHP)
•   Java Servlets
•   JavaServer Pages
                    The CGI Life Cycle

                        Main Process
Request for CGI 1                      Child Process for CGI 1

Request for CGI 2                      Child Process for CGI 2

Request for CGI 3                      Child Process for CGI 3



                      CGI-Based Web Server
Java Servlet A Java program that
extends the functionality of a Web server, generating dynamic
content and interacting with Web clients using a request
response paradigm.
                                                   J2EE 1.2 Architecture
An extensible Web technology that uses template data,
custom elements, scripting languages, and server-side
Java objects to return dynamic content to a client.
Typically the template data is HTML or XML elements.
The client is often a Web browser.
          Advantages of Servlets
• Java™ objects which extend the
  functionality of a HTTP server(a big plus).
• Dynamic customization of content
• Platform and server independent
• No CGI limitations
• better performance
• Easier to write than CGI code
    no need to parse headers and get info
     (all that is done by the HttpServlet class
     )
• No Networking restrictions (like applets)
• Do not create a new process (or Servlet for
  every request)
• Servlets can persist over time
              Server Extensions

Enhance or Change the base functionality
of the server, allowing the server to handle tasks
that were once relegated to external CGI
programs.
         The Power of Servlets

•   Portability
•   Power
•   Efficiency and Endurance
•   Safety
•   Elegance
•   Integration
•   Extensibility and Flexibility
            The Servlet Life Cycle
• A web server
  communicates with
  a Servlet through a
  simple interface,
  javax.servlet.Servle
  t. This interface
  consists of three
  main methods:
• init()
• service()
• destroy()
   and two ancillary
  methods:
• getServletConfig()
• getServletInfo()
                Servlet Life Cycle (contd)

                                 Main Process
Request for Servlet1          Thread JVM
                                          Servlet1
Request for Servlet2                  Thread

                                   Thread Servlet2

Servlet initialized once; reused until destroyed and
Request for Servlet1
garbage collected.
                        Java Servlet-based Web Server
Servlet Life Cycle (contd)
          Life Cycle Of A Servlet (contd)
• A servlet is constructed and initialized. It then services zero
or more requests until the service that it extends shuts down
• Initialized only once, stays resident in memory while
servicing requests
• Multiple threads of execute service(), one for each client
connection
• The servlet interface defines the life cycle methods :
 init()
 service()
 destroy()
                  init() Method

• Called by server immediately after servlet is
  instantiated
• Called only once
• Servlet creates and initializes the resources
  needed for handling requests

• public void init(ServletConfig config) throws
  ServletException;

ServletException - thrown when servlet cannot
initialize necessary resources
              service() Method

• It is the heart of the servlet.
• It handles all requests sent by a client.
• Each request message from a client results in a single
  call to the servlet's service() method.
• It reads the request and produces the response message


• public void service(ServletRequest req,
  ServletResponse res) throws ServletException,
  IOException;
               destroy() Method

• This signifies the end of a servlet’s life.
• It’s also a good place to save any persistent information
  that will be used the next time the servlet is loaded.
• It is called to allow the servlet to clean up any
  resources.
• Public void destroy();
         Servlet Life Cycle (contd)
            Servlet loaded on demand (first time
            user accesses the servlet). Once loaded the
            servlet is in memory
      init()
Client requests
arrive
                  service()
                     Unloaded on closing server;
                     manual unloading
             destroy()
                         each client request creates a
                           new thread with service
              Servlet Interface


• Servlets Classes / Interfaces are available in packages
  (in java servlet development kit)

   – javax.servlet.http
   – javax.servlet
Servlet Interface (contd)
                  GenericServlet Class
                 Server        GenericServlet subclass


request
                                      service()

response


  KEY :                   implemented by subclass


          A generic servlet handling a request
      A Http Servlet Handling a Request

 HTTP request                 HttpServlet subclass
                 Web Server
  GET request                               doGet()
   response
  POST request                               doPost()
    response                   service()
 HEAD request                               doHead()
   response
Implementation of doGet() doPost()… is to
return an error to the calling client if
servlet does not override these methods.
        KEY :        implemented by subclass
      Generic servlet vs httpservlet

   init                                   service
                Generic Servlet

destroy

                          extends
          doGet(...)                doOptions(…)

  doPost(...)                             doDelete(…)
                       HttpServlet          doTrace(…)
doPut(…)
         What does the Server Receive
             Found www.mcp.com
             Searching for www.mcp.com
server
                                              client

             GET /index.html HTTP/1.0
Server receives only one
of the HTTP request
methods (Get/Post)

                           http://www.mcp.com/index.html

         Servlet programmers must provide
         implementations for these requests
                Web server recieves
                GET /servlet/myHelloServlet
                                            HttpServlet subclass
                          Check request type
                   Web Server
                              it is “GET”
                           hence call doGet()    doGet()
  GET/servlet/
  myHelloServlet
                                       service()    doPost()
  HTTP/1.0

Web server uses logic:                               doHead()
 myHelloServlet is loaded. If not , then load the servlet.
 call service method (already implemented in HttpServlet)
   (it checks the request type and correspondingly calls the
    doGet() or doPost() method )
   java.io            javax.servlet                 Servlet
InputStream              ServletInputStream
                                                    ServletConfig
OutputStream           ServletOutputStream
                                                   ServletContext
 Serializable
                                                   ServletRequest
  java.lang
                                                  ServletResponse
  Object                  GenericServlet
                                                SingleThreadModel

  Exception             ServletException      UnavailableException


KEY Class       ABSTRACT CLASS   Interface     extends    implements
                                                   Servlet
   javax.servlet.*       GenericServlet            ServletConfig
                     service(req, res)
                                                   Serializable


        ServletRequest                 ServletResponse


    ServletInputStream                    ServletOutputStream




Class   ABSTRACT CLASS     Interface             implements
       ServletContext / ServletConfig
• ServletConfig
   – used to get initialization parameters
      • getServletContext()
      • String getInitParameter(String)
      • Enumeration getInitParameterNames()
• ServletContext
   – useful for logging & finding out about the
     other servlets
      • Servlet getServlet(String)
      • Enumeration getServlets()
      • Enumeration getServletNames()
      • void log(String)
      • void log(Exception, String)
                         GenericServlet             Serializable



javax.servlet.http.*     HTTPServlet




Class   ABSTRACT CLASS   Interface        extends     implements
      Servlet Architecture

                   Methods for
 Servlet       managing a servlet and
                communicating with
                      clients

 HTTPServlet



Interface      class      extends
       Encapsulates communication
         from client to server

                             ServletRequest

GET request
                                         Servlet

   response
                             ServletResponse

Encapsulates communication
  from server to client
package codecamp;                A Simple Code Example
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
Public class ServletGet extends HttpServlet {
       public void doGet(HttpServletRequest request,
                  HttpServletResponse
                     response) throws ServletException,
                             IOException {

            response.setContentType("text/html");
            PrintWriter out = response.getWriter();
            out.println("<title>First
                   Servlet</title>");
            out.println("<big>Hello Code Camp!
                   </big>");
      }
}
                         Example
 Write the following html file: mydisplay.html
         <HTML> <HEAD>
         <TITLE> calling servlets </TITLE> </HEAD>
         <BODY>
         <form method=get
 action="http://localhost:8080/servlet/servletGet">
         <input type=submit value="call servletGet">
         </form>
         </BODY> </HTML>
 Click on the button “call servletGet” and note that the
 earlier servlet is called.


NOTE:User clicked on button, and the browser then
                  mydisplay.html
               Eg:method based on “action” settings.
generated the GET
         Generating GET by clicking a
         button on browser
             Found localhost
             Searching for localhost
server
                                                client

               /servlet/servletGet HTTP/1.0
           GET /mydisplay.html HTTP/1.0




                        http://localhost…/…/mydisplay.html

                          call servletGet
                        Example
  Modify only the following line in html file:
  mydisplay.html
         <form method=post
  action="http://localhost:8080/servlet/servletGet">
  Click on the button “call servletGet” and note what
  happens.


NOTE:User clicked on button, and the browser then
generated the POST method based on “action” settings.

NOTE: the servlet servletGet did not contain a doPost
method and hence got the error. Rename doGet() to
doPost() and it would then work.
Transferring info from browser to Servlets
 • Generally in web pages, users fill up a form
   with fields.
 • Browser communicates with server (servlets)
   through GET and POST methods
 • GET requests :
 • – Getting information
 • – Appended to the URL in a query string ( limited
 • amount of data)
 • –
   .../servlet/ViewCourse?name=servlets_codecamp
 • – Can be bookmarked and emailed
 • POST requests:
 • – Sending information
 • – Send any amount of data
 • – .../servlet/PlaceOrderProcess
 • – Can Not be bookmarked and emailed.
 • – Use POST for things like placing an order.
     Common Requests: GET and POST

• GET
• – Getting information
• – Appended to the URL in a query string ( limited
  amount of data)
• .../servlet/ViewCourse?name=servlets_codecamp
• – Can be bookmarked and emailed
• POST requests:
• Sending information
• – Send any amount of data
• – .../servlet/PlaceOrderProcess
• – Can Not be bookmarked and emailed.
• – Use POST for things like placing an order.
                         Example

Write a html with three text fields for name, id and location,
with a submit button. Set the form method as „GET‟, and
action as „servlet/servletGetParam‟



        Eg: servlet_get_HTML.html
 Write a servlet with doGet() method. In the doGet() method
 read the parameters and then send it back to the browser for
 display


          Eg: servletGetParam.java
                        Example

Write a html with three text fields for name, id and location,
with a submit button. Set the form method as „POST‟, and
action as „servlet/servletGetParam‟



       Eg: servlet_post_HTML.html
Write a servlet with doPost() method. In the doPost() method
read the parameters and then send it back to the browser for
display


               Eg: servletPost.java
       Interface ServletRequest
– information about the client
   • name of the host and the IP address of client
   • parameters sent from the client browser
   • scheme used by the browser to communicate
     to servlet (eg. http; https; ftp;…..)
   • protocol used by client (eg. ftp)
   • access to the ServletInputStream (which
     allows servlet to read binary data from the
     client )
– information about server
   • name of the server
   • port used by the server
               ServletRequest…

• Subclass ServletRequest to provide protocol specific
  information

• Example: HTTPServletRequest (extends ServletRequest
  )supports methods to retrieve more protocol specific
  headers (getMethod() to identify the type of request)
        javax.servlet.ServletRequest

class Name    ServletRequest
     public   String getContentType()
              ServletInputStream getInputStream()
   abstract   String getParameter(String)
   methods    Enumeration getParameterNames()
              String getProtocol()
              BufferedReader getReader()
              String getRemoteAddr()
              String getServerName()
              int getServerPort()
              String getScheme()
              String getRealPath()
              String getCharacterEncoding()
              Object getAttribute()
           interface HTTPServlet
• Information from client
    additional path info (sent along with request)
      • eg /servlet/myservlet/dict/defn.txt
      • “/dict/defn.txt” is the additional info to the servlet
        myservlet
      • within your servlet use getPathInfo() (null if no such
        data is available)
    what was requested (file/ servlet/)
    HTTP headers sent by the client
      • Connection, User-Agent, host, Accept, Accept-
        language, Accept-Charset
                 HTTP Headers

• General : Information not related to Client, Server or
  HTTP protocol.
• Request : Preferred Document formats and server
  parameters.
• Response : Information about the server.
• Entity : Information on the data that is being sent
  between the client and server.
     javax.servlet.http.HttpServletRequest

Class Name    HTTPServletRequest extends ServletRequest
     public
              Enumeration getHeaderNames()
   abstract   long getDateHeader(String)
   methods    String getPathInfo()
              String getQueryString()
              String getRemoteUser()
              String getAuthType()
              Cookie[ ] getCookies()
              String getRequestURI()
              String getServletPath()
              String getSession()
              boolean isRequestedSessionIdFromCookie()
              boolean isRequestedSessionIdFromUrl()
                          Example


Write a servlet that implements the doGet() method. Capture the
information encapsulated in the request object (in ServletRequest
and HTTPServletRequest), and send this info back to the client.




               Eg: helloservletGet.java
         ServletResponse Interface

• Allows the servlet to reply to the client
• Allows the servlet to set the content length and MIME
  type
• Provides a handle to ServletOutputStream (or Writer)
  to send data to the client
• Subclass HTTPServletResponse supports methods to
  set more protocol specific headers
       javax.servlet.ServletResponse


Class Name ServletResponse

    public void setContentLength(int)
  abstract void setContentType(String);
           ServletOutputStream getOutputStream()
  methods
           PrintWriter getWriter()
           String getCharacterEncoding(String)
          javax.servlet.http.
          HttpServletResponse
Class Name    HTTPServletResponse
     public
              void addCookie(http.Cookie)
   abstract   boolean containsHeader(String);
   methods    String encodeURL(String)
              String encodeRedirectURL(String)
              String encodeUri(String)
              String encodeRedirectUri(String)
              void setHeader(String,String)
              void setIntHeader(String,int)
              void setDateHeader(String,long)
              void setStatus(int,String)
              void sendError(int,String)
              void sendRedirect(String)
                      Redirecting …

• Redirection can be set using the following methods in the
  HttpServletResponse class
   – setStatus(status code)
      • status codes available in the HttpServletResponse class as
        static variables
   – setHeader(“Location”, “ give new site location here”)
      • the new location must be an absolute url path
   – setHeader(“Refresh”, “3”) will tell the browser for 3 seconds
     before refreshing the page
   – setHeader(“Refresh”, “3; URL=…..”) will tell the browser for 3
     seconds before going to the new location specified in the
     command.
             Generating HTML

• Hardcoded in the program (servletGet.java)
• Using an HTML generator (require additional
  software; html generation classes)
• Using an HTML generator creatively



        Eg : ServletGet.java
           Redirecting a Request

• Servlet can use status codes and headers to inform a
  client to use another URL. It is useful when
    document (html file) has moved.
    load balancing is required. (one machine can
      distribute the load to many machines)
          Abstract class HTTPServlet
class Name HTTPServlet extends GenericServlets implements
               Serializable
 protected
           void doGet(HttpServletRequest, HttpServletResponse)
  methods long getLastModified(HttpServletRequest);
         void doPost(HttpServletRequest, HttpServletResponse)
         void method supports HttpServletResponse)
The service doPut(HttpServletRequest, HTTP 1.0
         void doDelete(HttpServletRequest, HttpServletResponse)
           This method dispatches each request
protocol.void doOptions(HttpServletRequest, HttpServletResponse)
to the method designed to handle it.
         void doTrace(HttpServletRequest, HttpServletResponse)
         void service(HttpServletRequest, HttpServletResponse)
         public void service(ServletRequest, ServletResponse)

 All methods throws ServletException and IOException
             Overriding Methods

• Servlet writer who wants to handle the GET and the
  HEAD (HTTP protocol) must override the doGet()
  method in the servlet.
• Similarly override
   – doPost() method to handle POST request
   – doPut() method to handle PUT requests
   – doDelete() method to handle DELETE requests
                       Notes

• Servlets are fundamentally multithreaded, hence can
  run multiple service() methods.
• Therefore the code for service method must be thread
  safe.
• If you do not want a multithreaded server then one
  must implement the SingleThreadedModel interface.
                          Example

Write a counter servlet that counts the number of clients
served.

                       Eg: MyCounterServ.java

Modify the above servlet so that if many users are accessing
the variable count, it should be synchronized.


                     Eg: MyCounterServSyn.java
                        Example

Write a servlet that informs the client that the site has moved,
and allow let the browser go to the new url automatically after
9 seconds.




            Eg: RelocateServlet.java
              Request Dispatcher

• The basic use of a RequestDispatcher:
One can effectively use the RequestDispatcher to call a JSP
  from a servlet or a servlet from another servlet.
RequestDispatcher rd =

  getServletContext().getRequestDispatcher("
  /welcome.jsp");

rd.include(request, response);
         Sending Multimedia Content

• To send an image that is available with the server to the
  client
    open a stream to the client browser
    open the local image file
    read block of bytes/ or byte by byte of image
    send information to server by writing to the stream
                    Example

 Write a serlvet that sends an image to the browser.
 Image file must be on the server system.


                  Eg: servletImage.java
Problem: If we write 2 images to the
application, it will read only the first one.
Hence, one can send only one image at a
time.
                      Example

Write a serlvet that sends 2 <img src=“……”> tags to the
client. The client would load one image after another and
display both of them.


         Eg: servletImageHTML.java
Solution: the data to be sent<img src=“…”>, and the
Note: All send the html tag is stored in a
byteArrayOutputStream and sent all the information
browser will open connection and get at once. This is
buffering but could slow down when images can be
from server. This way any number oflot of information is
being sent
passed. to the client.
             User Authentication


• Specify in the resource list
   • servlet resource/ and what type of authentication
   • once set, then the browser gives a dialog box and
     then sends the name and password to the servlet




           Eg: secureServlet.java
               Session Tracking

• Mechanism to maintain a state about a series of
  requests from the same user (request originating from
  same browser)
• Sessions are shared across servlets
• HttpSession Object
    Can Store (name, value) Pairs.
    Persistence and disk swapping through Object
     Serialization.
    Works across protocols (HTTP/HTTPS).
    Session validity, Creation time etc.
          Session Tracking (contd)

procedures in session tracking
• get a HttpSession object for a user
    HttpSession ss = new HttpSession(true)
   true means that if it a new session create a new
   session object, otherwise get session id.
• store/get data from the HttpSession object
    void ss.putValue(String name, Object val)
    Object ss.getValue(String name)
    void ss.removeValue(String name)
• Invalidate the session
    ss.invalidate();
          Count Example using Session

Write a servlet that uses session api to track the number of
times a user has visited the site.




            Eg: SessionDemo.java
        Ways of Session-Tracking


• Hidden Form Fields
• Persistent Cookies
• Servlet API
              Security Issues

• The Servlet Sandbox
• Access Control Lists (ACLs)
                Servlet Sandbox

• It is an area where Servlets are given restricted
  authority on the server.
• They may not have access to the file system or
  network, or they may have been granted a more
  trusted status.
• It is up to the web server administrator to decide
  which servlets are granted this status.
              Access Control Lists

• An ACL is a list of users who are allowed to perform a
  specific function in the server.
  The list specifies:
 What kind of access is allowed
 What object the access applies to
 Which users are granted access
           Servlet Environment

• Inter-Servlet Communication
   How to call a method of another Servlet
        Servlet Environment (contd)

• Communication with Active Server Resources
    How to call another Servlet (or any other kind of
     active resource) to process a request
• Accessing Passive Server Resources
    How to access a resource in the server's document
     tree
• Accessing Servlet Resources
    How to access resources which belong to a Servlet
• Sharing Data Between Servlets
    How to share data between Servlets
Invoking a Servlet From an Applet

           HTTP Request thru DataOutput created by
           URLCorrection object




Formatted results thru DataInputStream object
created by URLConnection object
                                                SQL Query
                           ResultSet Object
                Exercise (contd..)

• 20. Due to the implementation of the application on the
  AWT framework it is required to install the JRE software
  & the required application components on each machine
  which needs to communicate with the application. A better
  alternative would be to implement the same in a http based
  server architecture,(repeat exercises 1 to 5 here)[20]
ThankQ

				
DOCUMENT INFO