Download Web Applications

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
Document related concepts

URL shortening wikipedia , lookup

URL redirection wikipedia , lookup

Transcript 
Web Applications
Basic Web Servers and the HTTP Protocol
Basic Dynamic Content Generation: Servlets, HTML Forms, JDBC
Java Web Applications, JSP, JSTL, JSTL Expression Language
…
-- 1 -Web Servers
and the HTTP Protocol

3
HTML could of course be used locally:
 To retrieve a document, just read it from the local file system
 To identify a document, use its filename: “/info/index.html”

But it was developed to be used over the Internet!
 Retrieve: Communicate with a “web server” (HTTP protocol)
 To identify a document, we need to know:
1. Which server has the document
2. Which TCP port the server is running on
3. Some additional identifier (“filename”), such as “info/index.html”
4. And maybe which part of the document we want to start at
Request
HTTP
Client
(browser)
HTTP
Server
Response
File System
or database…
jonkv@ida
Finding HTML Documents

4
We want a single string to provide all information!
 And we might also want to use such strings for FTP, local files, …
URL: Universal/Uniform Resource Locator
Orig. intention: specify how a resource can be found, generally on the net
http://user:[email protected]:80/info/index.html#chapter2
ftp://user:[email protected]/pub/foo.zip
file:///home/jonkv/book.pdf
(unused fields can generally be omitted)
Later we got URNs: Names
Intention: Name a resource,
without saying where it is
urn:isbn:096139210x
urn:newsml:reuters.com:20000206:…
Eventually, one saw URLs and URNs as special cases of URIs: Identifiers Now, the distinction seems to be fading…
jonkv@ida
URIs and URLs

5
The web browser parses a URL
 http://www.ida.liu.se/info/index.html#chapter2
▪
▪
▪
▪
Protocol:
Server name:
Path:
Anchor:
HTTP  default port is 80
www.ida.liu.se (DNS says IP number is 130.236.177.26)
/info/index.html
#chapter2
 Uses standard TCP to contact 130.236.177.26, port 80
 Uses text‐based HTTP request/response protocol on top of TCP…
Client
(connects to port 80)
Requests “info/index.html"
HTTP Request
Server www.ida.liu.se
(listens to port 80)
HTTP Response
jonkv@ida
HTTP 1: Parsing a URL

6
The browser sends an HTTP request
 A set of request headers
Request method: GET, HEAD, POST, PUT,
▪ GET /info/index.html HTTP/1.0
DELETE, CONNECT, TRACE, OPTIONS
▪ Host: www.ida.liu.se
▪ User‐Agent: Mozilla/5.0 (Windows;
U; Windows NT 5.0; en‐US; rv:1.1)
Gecko/20020818
▪ Accept: text/xml,application/xml,
application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
video/x‐mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1
▪ Accept‐Language: en‐us, en;q=0.50
▪ Accept‐Encoding: gzip, deflate, compress;q=0.9
▪ Accept‐Charset: ISO‐8859‐1, utf‐8;q=0.66, *;q=0.66
▪ Keep‐Alive: 300
Request
▪ Connection: keep‐alive
▪ [empty line]
Client
Server
jonkv@ida
HTTP 2: Sending a Request

7
What resource (page, image, …) was requested?
 Early web servers (1989+) used a single directory of files
▪ Request “info/index.html” 
send file “<webroot>/info/index.html”
 Modern servers may serve many domains (especially web hotels)
▪ www.company.se and www.second.se both point to IP 12.34.56.78
▪ ”Host: www.company.se”  use ”host1” config / directories
▪ ”Host: www.second.se”  use ”second” config / directories
 Some paths may be mapped to programs
▪ Is “/info/index.html” the name of a program? No.
 Other paths correspond to static files on disk
▪ /info/index.html  send file “<IDA webroot>/info/index.html”
jonkv@ida
HTTP 3: Finding Requested Resources

8
The web server sends a reply
 Sequence of HTTP response headers => blank line => data
▪ HTTP/1.1 200 OK
HTTP/version status explanation
▪ Date: Mon, 19 Aug 2123 16:05:14 GMT Code 200: ”OK, here’s what you
▪ Server: Apache/1.3.26 (Unix) PHP/4.2.2 mod_ssl/2.8.10 asked for”…
OpenSSL/0.9.6e
Mapped to English version: “You
▪ Content‐Location: index.en.shtml
asked for index.html, you got
▪ Vary: negotiate,accept‐language
index.en.shtml”
▪ TCN: choice
▪ Transfer‐Encoding: chunked
Vary: “I may send another reply if
▪ Content‐Type: text/html
you vary these fields” (for caching)
▪ Content‐Language: en
▪ [Empty line]
<!DOCTYPE HTML PUBLIC "‐//W3C//DTD HTML 4.01 //EN"
Contents of "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
Client
Server
index file <HEAD>
Response
…
jonkv@ida
HTTP 4: Receiving a Reply

Sometimes a resource must be moved
 301 Moved Permanently
▪ Header "Location: <new‐URL‐to‐resource>"
▪ Client may automatically send a new request for the new URL
▪ Client may automatically update links and bookmarks
 302 Found / 307 Temporary Redirect
▪ Header "Location: <temporary‐URL‐to‐resource>"
▪ Client may automatically send a new request for the new URL
▪ Only temporary redirection; do not update links or bookmarks
 Configuration: Web‐server‐dependent
9
jonkv@ida
HTTP 5: Redirection

10
Various errors on the client side
 400 Bad Request
▪ Syntax error
 403 Forbidden
▪ Server refuses to do this, regardless of authorization
 404 Not Found
▪ May be permanently or temporarily unavailable; maybe never existed
 410 Gone
▪ Used to exist, but is now intentionally, permanently unavailable
 …
jonkv@ida
HTTP 6: Client Errors

11
HTTP needs to specify the response data type
 Can't rely on simple file extensions – not robust
 Uses data types from MIME e‐mail standard

Content‐type: type/subtype; param=value; param…
 Seven top level types
▪ text, image, audio, video, application ‐‐‐ discrete
▪ message, multipart ‐‐‐ composite
 Many subtypes
▪ text/plain, text/html, text/css, text/tab‐separated‐values, …
▪ image/jpeg, image/gif, image/png, image/t38, …
▪ application/postscript, application/octet‐stream, …
▪ Create your own, beginning with "x‐": application/x‐jonkv‐dbresult
 Can accept parameters
▪ text/html; charset=iso‐8859‐1
jonkv@ida
HTTP 7: MIME Data Types
-- 2 -Dynamic Content Generation
CGI Scripts and Java Servlets
HTML Forms and Servlet Request Parameters
Java Database Connectivity

13
How to generate content dynamically?
 Example: Show a random quotation ("fortune")

Early solution, 1993: CGI, Common Gateway Interface
 Simple standard for executing external programs, “CGI scripts”
 Place all external programs in a single directory, /cgi‐bin
 When server receives "GET /cgi‐bin/fortune"…
▪ Assume the file is a program, execute it, and send its output!
Client
(connects to port
80)
Request
Requests
"cgi-bin/fortune"
Response
Server
(listens to port
80)
Execute
/www/cgibin/fortune
stdout
Configured to
serve "/www"
jonkv@ida
Dynamic Content Generation (1)

14
Your first CGI script
 Writes some simple HTML code to standard output
 Could use Perl or other languages. Here: plain shell script
▪ #!/bin/sh
echo "Content-type: text/html“
# An empty line separates headers from body
echo
echo "<html>"
echo "<head><title>Fortune</title></head>"
echo "<body>"
echo "<h1>This is today's fortune:</h1>"
echo "<pre>"
/bin/fortune
# use standard Unix fortune command
echo "</pre></body></html>"
/www/cgibin/fortune
jonkv@ida
Your First CGI Script

15
CGI scripts have some limitations:
 Not completely well‐defined interface
 No support for common server‐side tasks
 Must start a new OS process for every request (inefficient!)

Better alternatives were quickly developed
 Proprietary interfaces for commercial web servers
 Module interface for the common Apache server (open source)
 New languages intended to be used on the web,
including PHP (first "full" version june 1998)
jonkv@ida
CGI Limitations

16
The Java approach: Servlets (”miniature servers”)
 Implemented as subclasses of HttpServlet
 Loaded dynamically into the server’s servlet container
▪ Created, init()ed, called for multiple requests, possibly destroy()ed
▪ doGet() for GET requests, doPost() for POST requests (some forms),
doPut(), doDelete(), doOptions(), doTrace()
▪ public class FortuneServlet extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res) throws … {
res.setContentType("text/html");
PrintWriter out = res.getWriter();
out.println("<html><head><title>Fortune</title></head>");
out.println("<head><title>Hello World</title></head><body>");
out.println("<h1>This is today's “ +
• From early 1997, before PHP
“fortune:</h1><pre>");
• Extensive API support
out.println(Fortune.getFortune());
• Servlet container always loaded –
no need to create new processes
out.println("</pre></body></html>");
}
jonkv@ida
Servlets: The Java Approach

18
Users must be able to send information to the server
 Online store example:
▪ User registration form – enter name, address, … and store in database
▪ Click‐to‐buy: Which item did you click? Store in shopping cart
▪ …
 Solution: Add forms to HTML, send form input to the servlet
▪ Each GUI control has a name and a value
▪ Submitting sends name=value pairs to the servlet
 General format:
▪ <form action="http://somehost/address‐of‐servlet‐or‐script">
…HTML code…
…"input" tags generating GUI controls…
</form>
jonkv@ida
Scripts Need Input!

Text input tags:
 Name:
<input
 Password:
<input
type="text" name="firstName"
value="initial"
maxlength="30">
type="password" name="pass"
maxlength="30">
19
jonkv@ida
HTML Forms 1: Text Input

20
Yes/no input tags: Checkboxes
▪ <p>Which operating systems do you use?</p>
<input type="checkbox" name="os" value="Linux">Linux<br>
<input type="checkbox" name="os" value="Solaris">Solaris<br>
<input type="checkbox" name="os" value="Win">Windows<br>
<input type="checkbox" name="os" value="MacOS">MacOS<br>
<input type="checkbox" name="os" value="C64 Basic V2">C64 Basic V2
▪ Multiple choices result in for example "os=Linux,Solaris"
▪ Can of course use multiple groups (each group has a different name)
jonkv@ida
HTML Forms 2: Checkboxes

Yes/no input tags: Radio buttons
▪ <p>Your gender:<br>
<INPUT type="radio" name="gnd" value="Male">Male<br>
<INPUT type="radio" name="gnd" value="Female">Female<br>
▪ Only one selected radio button within each named group
21
jonkv@ida
HTML Forms 3: Radio Buttons

Button input tags:
 <input type="submit" name="ok" value="Do this">
<input type="submit" name="ok" value="Do that">
▪ Value is also used as label
▪ Pressing one results in "ok" being set to "Do this" or "Do that",
and in submitting the form to the specified URL
 <input

type="reset" name="reset"
value="Reset this form">
Additional tags (see spec):
 Image buttons
 Hidden controls (predefined data to be submitted)
 File selector control (upload files to CGI scripts)
22
jonkv@ida
HTML Forms 4: Buttons + misc

23
Complete form example:
 <FORM action="http://somesite.com/cgi-bin/adduser” method=“(next page)”>
<table class="mytable">
<tbody>
<tr><td>First name:<td><INPUT type="text" name="first">
<tr><td>Last name: <td><INPUT type="text" name="last">
<tr><td>E-mail: <td><INPUT type="text" name="email">
<tr><td><INPUT type="radio" name="gender" value="Male"> Male
<tr><td><INPUT type="radio" name="gender" value="Female"> Female
<tr><td><INPUT type="submit" value="Send"> <INPUT type="reset">
</tbody>
</table>
</FORM>
jonkv@ida
HTML Forms 5: Complete Example

25
Sending form data, method 1: GET
 Same HTTP method as when retrieving a static page
▪ <FORM action="http://somesite.com/cgi-bin/adduser" method="get">
 Form input ends up in the URL query string
▪ Adds a “?” after the action URL
▪ Adds each name=value pair separated by “&”
▪ Uses a special 7‐bit query string format
▪ a‐z, A‐Z, 0‐9 remain the same
▪ Space is converted into '+'
▪ Other characters are converted into ‘%xy’:
Hexadecimal representation of the lower 8 bits of the char
▪ Request: GET /cgi-bin/adduser?first=Jonas&last=Kvarnstr%F6m&… HTTP/1.0
 The server automatically splits the URL at the question mark
▪ Resource:
▪ Query string:
/cgi-bin/adduser
first=Jonas&last=Kvarnstr%F6m&…
jonkv@ida
Form Requests 1: Using GET

Consequences of using GET:
 Parameters end up in the URL field in the browser
▪ Positive: Can add a bookmark pointing to the query
▪ Negative: Many fields and lots of text  very long URLs!
▪ Definitely not useful if you upload files!
 Browsers assume it is safe to request the same URL again
▪ They don’t ask for permission to reload the page
▪ Can be OK for information requests
▪ But don’t use GET for actions having side effects
▪ Add new user
▪ Send email
▪ …
26
jonkv@ida
Form Requests 2: Using GET

27
Sending form data, method 2: POST
 Designed for sending form data
▪ <FORM action="http://somesite.com/cgi-bin/adduser" method="post">
 Request data ends up in the HTTP request data section
▪ POST /cgi-bin/adduser HTTP/1.0
[other headers]
(blank line)
first=Jonas&last=Kvarnstr%F6m&…
 Positive: Much better if you send large quantities of data
 Negative: No parameters in the URL, so not possible to bookmark
 Must be used when you don’t want to re‐submit by accident
(you don’t want to purchase the same item twice!)
▪ Browsers generally ask whether to really re‐post data
if you try to reload the page
jonkv@ida
Form Requests 3: Using POST

Information about the request: HttpServletRequest
 This is where you get your form parameters (already parsed)
▪ req.getParameter(“first") == “Jonas”
▪ req.getParameter(“last") == “Kvarnström” (no %xy codes!)

Sending a response: HttpServletResponse
 First, set the content type
▪ void setContentType(String mimetype)
 Then, send a response (tunneled through the web server)
▪ PrintWriter getWriter()
▪ ServletOutputStream getOutputStream()
28
jonkv@ida
ServletRequest / Response
HTML:
29
jonkv@ida
Servlet Example: Queries
<form action="http://foo.com/employees/list" method="get">
Name pattern: <input type="text" name="pat">…
</form>
----------------------------------------------------------------------------------------------------------------public class ListEmployeeServlet extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res) throws … {
res.setContentType("text/html");
Error handling and PrintWriter out = res.getWriter();
many details omitted!
String pattern = req.getParameter("pat");
DBs covered later.
Connection con = …;
String query = "SELECT * FROM employees WHERE id like ‘?‘ ";
PreparedStatement stmt = con.prepareStatement(query);
stmt.setString(1, pat);
ResultSet emp = stmt.executeQuery(query);
out.println("<HTML><BODY><p>Employees matching pattern:</p>");
while (emp.next()) { /* get and print employee information */ }
out.println("</BODY></HTML>");
}
Webapp:
Servlet:
HTML:
30
jonkv@ida
Servlet Example: Adding Employees
Employee database (context path: /employees)
NewEmployeeServlet (configured within the webapp as "new")
<form action="http://foo.com/employees/new" method="post">
Name: <input type="text" name="name">…
</form>
----------------------------------------------------------------------------------------------------------------public class NewEmployeeServlet extends HttpServlet {
public void doPost(HttpServletRequest req, HttpServletResponse res) throws … {
res.setContentType("text/html");
String name = req.getParameter("name");
String address = req.getParameter("address");
// …
String query = "INSERT INTO employees VALUES(?,?,?,…)";
PreparedStatement stmt = con.prepareStatement(query);
stmt.setString(1, name); /* … */
int modified = stmt.executeUpdate(query);
// …
out.println("<HTML><BODY><p>Added new user: " + name + “</p></BODY></
}
JDBC:
Java Database Connectivity
Interface to relational databases / SQL
2010-01-21
Jonas Kvarnström
31

32
Java keeps track of a set of DataSources
 Using JNDI: Java Naming and Directory Interface

Application servers take care of much of the setup
 In the labs: configure/name a database in Tomcat’s config (XML)
▪ Example:
<Resource
name="jdbc/MyDB”
auth="Container”
type="javax.sql.DataSource”
username=”…” password=”…"
driverClassName=”…” url=”…”
maxActive="8" />
▪ This creates a DataSource named ”jdbc/MyDB”
▪ Automatically creates a connection pool: When you close a connection, it is actually stored and can be reused
jonkv@ida
JDBC 1: DataSource

Use the DataSource to connect to a database
 Use getConnection() to get a connection
▪ InitialContext ic = new InitialContext();
DataSource ds = (DataSource) ic.lookup("java:comp/env/jdbc/MyDB");
Connection con = null;
try {
con = ds.getConnection(url, "ID", "passwd");
// Use the connection
} finally {
try { if (con != null) con.close(); }
catch (SQLException e) { /* handle it, log it, … */ }
}
 Remember to close it!
▪ If you forget, you may run out of connections…
▪ The pattern above (with try/finally) ensures it is closed
even if there is an exception inside “try”
▪ Note that there can be an exception when you close it!
33
jonkv@ida
JDBC 2: Getting a Connection

A connection can handle many concurrent queries
 Each query is handled by a separate Statement
 Each Statement keeps track of its own settings (timeouts, …)
ds.getConnection()
Connection to MyDB
createStatement()
Statement
(settings for one query)
createStatement()
Statement
(settings for one query)
34
jonkv@ida
JDBC 3: Making a Statement

Use executeQuery() to execute a SELECT query
▪ String query="SELECT * FROM employees WHERE salary<12000";
Statement myStatement = null;
ResultSet rs = null;
try {
myStatement = connection.createStatement();
rs = myStatement.executeQuery(query);
// use rs
} finally {
try { if (rs != null) rs.close(); }
catch (SQLException e) { /* handle it */ }
try { if (myStatement != null) myStatement.close(); }
catch (SQLException e) { /* handle it */ }
}
35
jonkv@ida
JDBC 4: Executing a SELECT query

Use PreparedStatements for non‐constant queries!
 If you put user‐generated information into query strings:
▪ String pattern = req.getParameter("pat");
String query = "SELECT * FROM employees WHERE id like ‘“ + pattern + “’”;
▪  suppose the user enters x’; DELETE * FROM employees;
▪ Quoting is possible, but you have to get everything right
 Let PreparedStatement take care of everything instead!
▪ Use ”?” as a placeholder
▪ String pattern = req.getParameter("pat");
String query = "SELECT * FROM employees WHERE id like ‘?‘ ";
PreparedStatement stmt = con.prepareStatement(query);
stmt.setString(1, pat);
boolean success = ps.executeQuery();
▪ Easier and safer
36
jonkv@ida
JDBC 5: PreparedStatement

37
executeQuery() returns a ResultSet – a set of rows
 Similar to an Iterator
▪ "Cursor" points to the "current" row of data,
▪ next() advances the cursor – returns false if there were no more rows
 Retrieve data from the current row
▪ Use column numbers or names:
getFloat(name), getInt(name), getString(name), …
▪ while (rs.next()) {
final String
name
= rs.getString("name");
final String
address = rs.getString("address");
prettyPrint(name, address);
}
 Find out more about the result set using ResultSetMetaData
▪ ResultSetMetadata rsmd = rs.getMetaData();
jonkv@ida
JDBC 6: Using a ResultSet

38
Use executeUpdate() for update queries  Can also use prepared statements more than once
▪ String q = "UPDATE employees SET salary = ? WHERE name = ?"; PreparedStatement stmt = con.prepareStatement(q);
stmt.setInt(1, 15000); stmt.setString(2, "John Doe");
int changedRows = stmt.executeUpdate();
stmt.setInt(1, 17000); stmt.setString(2, "Jane Doe");
changedRows += stmt.executeUpdate();
jonkv@ida
JDBC 7: Updates

39
Connections are normally in auto‐commit mode
 Turn this off if you want to handle transactions
▪ con.setAutoCommit(false);
String q = "UPDATE employees SET salary = ? WHERE name = ?"; PreparedStatement stmt = con.prepareStatement(q);
stmt.setInt(1, 15000); stmt.setString(2, "John Doe");
stmt.executeUpdate();
stmt.setInt(1, 17000); stmt.setString(2, "Jane Doe");
stmt.executeUpdate();
con.commit(); // or con.rollback();
con.setAutoCommit(true);
jonkv@ida
JDBC 8: Transactions
-- 3 -Java Web Applications

41
“External Interface" presented
to web browsers
 A webapp is a single coherent application
Message Forum
▪ Shopping system, message forum, …
Web applications
▪ Consists of HTML files, servlets, images, …
 Appears as a hierarchical URL structure
▪ Rooted in the context path,
specified in the global web server config
 Ex: Message forum at www.myserver.com
▪ Configure with context path "/forum" =>
http://www.myserver.com/forum /login
/index.html
…
▪ Configure with context path "/msg" =>
http://www.myserver.com/msg /login
/index.html
…
/login [servlet]
/listmsg [servlet]
/newmsg [servlet]
/newuser [servlet]
/index.html
/welcome.html
/img/logo.png
jonkv@ida
Webapps 1: Introduction

42
jonkv@ida
Webapps 2: Directory Structure
Physical directory structure matches URL hierarchy
 Except WEB‐INF directory: Contains config files, servlets, … Message Forum
/login [servlet]
Virtual mapping through
<servlet-config> and
<servlet-mapping>
in web.xml
/listmsg [servlet]
/newmsg [servlet]
/newuser [servlet]
/index.html
/welcome.html
/img/logo.png
File System
[approot]/index.html
[approot]/welcome.html
[approot]/img/logo.png
[approot]/WEB-INF/web.xml
[approot]/WEB-INF/classes/…
Can be packaged as a single WAR file
(Web Archive) for easy distribution.
Unpacked version is called exploded directory.

43
The WEB‐INF directory:
 Contains configuration files, servlets, and resources
▪ [approot]/WEB-INF/web.xml:
[approot]/WEB-INF/lib/*.jar:
[approot]/WEB-INF/classes/*:
[approot]/WEB-INF/res.foo:
A deployment descriptor (webapp config)
Libraries used from servlets and JSP
Compiled servlet classes
Resources to use in servlets (see below)
 Example:
▪ …/WEB-INF/lib/jdbcdriver.jar
…/WEB-INF/classes/com/mycorp/LoginServlet.class
…/WEB-INF/classes/com/mycorp/ListMsgServlet.class
 Files in WEB‐INF cannot be retrieved directly via HTTP
▪ Classes accessed through servlet mappings (discussed later)
▪ Files can be accessed from servlet code:
ServletContext ctxt = getServletConfig().getServletContext();
// Use ctxt.getResourceAsStream(…) or ctxt.getResource(…);
jonkv@ida
Webapps 3: WEB-INF

Deployment descriptor (web.xml)
 XML header, then <web‐app> tag – example:
▪ <?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
… miscellaneous configuration items …
… miscellaneous configuration items …
… miscellaneous configuration items …
… miscellaneous configuration items …
</web-app>
44
jonkv@ida
Webapps 4: Deployment Descriptor

45
Configuring webapps should not require recompilation
 Easiest to change configuration if you store it in a database
 Also built‐in support for parameters in web.xml
▪ At the top level in web.xml:
<context-param>
<param-name>Webmaster</param-name>
<param-value>[email protected]</param-value>
</context-param>
 Parameters accessed through ServletContext
▪ ServletContext ctxt = getServletConfig().getServletContext();
String webmaster = ctxt.getInitParameter("Webmaster");
jonkv@ida
Webapps 5: Configuration

Each servlet must be specified in web.xml
 Configuration + possibly user‐specified init params
▪ <servlet>
<servlet-name>mylogin</servlet-name>
<servlet-class>com.mycorp.LoginServlet</servlet-class>
<display-name>Login Servlet</display-name>
<description>Log in using name / password</description>
<init-param>
<description>Maximum number of login attempts</description>
<param-name>maxattempts</param-name>
<param-value>3</param-value>
</init-param>
<init-param>…</init-param>
</servlet>
▪ String maxattempts = getServletConfig().getInitParameter(“maxattempts");
Internal ID:
mylogin
Class name:
com.mycorp.LoginServlet
46
jonkv@ida
Webapps 6: Configuring a Servlet

Mapping URLs to webapps:
47
Context path /forum
 Web server assigns a context path
▪ The webapp itself does not control this!
▪ Setup: Server‐specific
 Example:
▪ Web server at http://www.myserver.com
▪ Suppose admin downloads forum software,
places it at context path "/forum"
▪  any requests to
http://www.myserver.com/forum/…
go to the forum webapp!
▪  The remainder of the URL,
after “http://www.myserver.com/forum/”,
is an address within the webapp
▪ How do we find the intended resource?
Web Application:
Message Forum
LoginServlet
ListMsgServlet
NewMsgServlet
NewUserServlet
index.html
welcome.html
smiley.png
jonkv@ida
Mapping 1: Context paths

48
Suppose someone asks for  http://www.myserver.com/forum/index.html
▪ Server part is http://www.myserver.com
▪ Context path /forum maps to this webapp
▪ Remainder is /index.html
 There is no special configuration for /index.html in web.xml
▪ Search for a file at the root of the webapp
▪ If found, serve this file
File System
▪ If not, send error 404
[approot]/index.html
 But what about servlets?
▪ People aren’t supposed to know about
internal class names, package structures…
▪ We want to define “external” names!
[approot]/welcome.html
[approot]/img/logo.png
[approot]/WEB-INF/web.xml
[approot]/WEB-INF/classes/…
jonkv@ida
Mapping 2: General Files

49
Simple servlet mapping
 http://www.myserver.com/forum/login ‐> LoginServlet
▪ Server part is http://www.myserver.com
▪ Context path /forum maps to this webapp
▪ Remainder is /login
▪ <servlet-mapping>
<url-pattern>/login</url-pattern>
<servlet-name>mylogin</servlet-name>
</servlet-mapping>
public void doGet(HttpServletRequest req, HttpServletResponse res) throws … {
String contextPath = req.getContextPath();
// "/forum"
String servletPath = req.getServletPath();
// "/login"
String pathInfo = req.getPathInfo();
// null
}
URL:
Internal ID:
Class name:
http://<server>/<ctxt>/login
mylogin
com.mycorp.LoginServlet
(http://www.myserver.com/forum/login)
jonkv@ida
Mapping 3: Servlets

Wildcard matching
 http://www.myserver.com/forum/view/102 –> show msg 102
▪ <servlet-mapping>
<url-pattern>/view/*</servlet-name>
<servlet-name>ViewMessage</servlet-name>
</servlet-mapping>
▪ The complete request path is sent to the servlet,
which can extract the message number
public void doGet(HttpServletRequest req, HttpServletResponse res) throws … {
String contextPath = req.getContextPath();
// "/forum"
String servletPath = req.getServletPath();
// "/view"
String pathInfo = req.getPathInfo();
// "/102"
// … Parse pathInfo as a query parameter
}
50
jonkv@ida
Mapping 4: Path Wildcards

How to map: Extension matching
 Can be used to define automatic pre‐processing for *.foo files
▪ Suppose we want any *.foo to be handled by FooServlet,
regardless of where in the webapp the *.foo file is located
▪ <servlet-mapping>
<servlet-name>foo</servlet-name>
<url-pattern>*.foo</servlet-name>
</servlet-mapping>
public void doGet(HttpServletRequest req, HttpServletResponse res) throws … {
String contextPath = req.getContextPath();
// "/forum"
String servletPath = req.getServletPath();
// "/sub/test.foo"
String pathInfo = req.getPathInfo();
// null
}
51
jonkv@ida
Mapping 5: File Extensions

The server returns a MIME type for every file
 Servlets set this using response.setContentType()
 Files are given MIME types using extension mapping
▪ <mime‐mapping>
<extension>pdf</extension>
<mime‐type>application/pdf</mime‐type>
</mime‐mapping>
 Can use the ServletContext to find the MIME type of a file
▪ ServletContext ctxt = getServletConfig().getServletContext();
String mimetype = ctxt.getMimeType("misc/test.zip");
52
jonkv@ida
Mapping 6: MIME Types

53
The webapp does not know where it will end up!
 May be placed at "/forum", at "/users/jonkv/msgs", even at "/"!
 Should not contain hardcoded links to a single path!

To link to another part of the application:
 Use a relative link
▪ <a href="../topiclist?start=100">Next page</a>
▪ Must know "where you are" – address is relative to your own location!
 Servlets: Can use the context path
▪ public void doGet(HttpServletRequest req, HttpServletResponse res) … {
String contextPath = req.getContextPath(); // "/forum", or "/board", or …
String linkURL = contextPath + "/topiclist?start=100";
…
}
 JSP: <jsp:getProperty name="request" property="contextPath"/>
 JSTL: The <c:url> tag can locate resources relative to this webapp
jonkv@ida
Mapping 7: Where is the application?

Summary of servlet configuration:
 1) Give each servlet class an ID
▪ <servlet>
<servlet-name>mylogin</servlet-name>
<servlet-class>com.mycorp.LoginServlet</servlet-class>
</servlet>
 2) Associate various paths with servlet IDs
▪ <servlet-mapping>
<url-pattern>/login</url-pattern>
<servlet-name>mylogin</servlet-name>
</servlet-mapping>
54
jonkv@ida
Summary
Related documents
Category Theory for Dummies (I)
Category Theory for Dummies (I)
First step to securing servers and the data lying there is to set up a
First step to securing servers and the data lying there is to set up a
Servlets - Examples
Servlets - Examples
HTML exhibits high performance by taking less time to load in the
HTML exhibits high performance by taking less time to load in the
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
Name: Date:______ Pd:______ other forms of energy (Standard
Name: Date:______ Pd:______ other forms of energy (Standard
W98Lecture08
W98Lecture08
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
CUSTOMER_CODE SMUDE DIVISION_CODE SMUDE
Data Analysis Tools and Methods for Improving the Interaction
Data Analysis Tools and Methods for Improving the Interaction
Implementation
Implementation