Transcript ppt
CSE 190: Internet E-Commerce
Lecture 5
Exam: 3-Tier Architecture
•
What are the three tiers?
–
Presentation, application, and data tier
•
•
•
•
Presentation: purpose of
–
Firewall
•
–
–
Distributes requests in round-robin fashion (or based upon machine load) to an array of servers
Web server
How to recover from failure?
Application Tier
–
How to recover from failure?
•
•
Stores commonly access pages (e.g. home page) in faster memory to improve performance
Load balancing server
•
–
–
Forbids all TCP/IP traffic from entering or exiting the site’s network, unless it is an allowed service. E.g.
allow only incoming HTTP requests, no FTP, telnet, SMTP.
Cache
•
•
Presentation: responsible for generating HTML for the user interface
Application: Executing the logic of the site (ordering a book, bidding on an auction, logging in a user)
Data tier: Storing all of the persistent data for a user
The load balancer recognizes that the machine is down and routes requests to a valid application
server. Because all state is stored in the data tier, no data is lost when an app server crashes.
Data Tier
–
Why can’t this be combined with application tier?
Exam: HTML
•
•
•
Purpose; difference with other doc formats
Structure of an HTML document
General tag syntax
– <tagname attributename=“attributevalue”>…</tagname>
•
Familiar with tags: html, head, body, H#, A, UL, OL, form, input, table, tr, td,
br, img, center, frame, script
– <form action=“/cgi-bin/myscript”>
<input type=“text” name=“firstname”>
<input type=“password” name=“maidenname”>
<input type=“submit” value=“Register Now”>
</form>
•
•
•
Components of URL
URL encoding ( url?arg1=ab+cd&arg2=ef%20 )
Difference between relative and absolute URL
– Relative URLs specify a document relative to the document that contains the
URL. E.g. /home/index.html.
– Absolute URLs specify a document without any need for context. They specify
the complete protocol, domain, and filename. E.g. http://ucsd.edu/x/search.cgi
Exam: Stylesheets
•
•
Purpose
What is meant by cascading?
– More than one stylesheet may be applied at the same time to render a
document. The more specific a style takes precedence over less specific styles.
For example, inline styles precede internal styles which precede external styles
which precede browser stylesheets.
•
General CSS syntax
– selector { property: value; }
– Example: h1, h2, h3 { text-align: center; }
•
Applying style to:
– All tags of type X
• H1 example: H1 { color: red; margin-left: 20px; }
– All elements of class X
• All elements of class X: .x { font-size: 18pt; }
•
Specify an external stylesheet, internal stylesheet, and inline style
– External: <link rel=stylesheet href=/corpss/chsty.css type=text/css>
– Internal: <html>…..<style>….</style>….
– Inline: <p style=“{ color: red; }”>
Exam: Javascript
•
•
•
•
Purpose
How to include in a page
Writing text to HTML page
Declaring variables
– var greeting = “Welcome !”
• Declaring functions
– function foo() { alert( “Foo Fighter” ); }
• Returning a value
– function isEven(x) { return( x % 2 == 0 ); }
• Displaying an alert
• When the script executes
Exam: HTTP
•
•
Status codes, classes of
Purpose of: GET, POST, HEAD
–
–
HEAD does the same as GET, but without sending the response body.
GET is used for idempotent transactions, i.e. operations which leave the server state unchanged. POST is
used for those which alter server state, such as logging in or buying an item.
•
•
Idempotent: In arithmetic, multiplication by one is idempotent.
For a server, GET applied to server-state yields the same server-state. But POST applied to server-state yields new-serverstate.
Syntax of: GET, POST
–
POST /cgi-bin/login.pl HTTP/1.0
Content-Length: 10
user=harry
•
Request fields: Host, Content-Length
–
–
–
•
GET /home.asp HTTP/1.0
Host: www.smallbusiness.com
The host field allows multiple domains to be served by the same web server. It is a required field for all
HTTP/1.1 clients to send.
Content-Length: Used by POST to indicate how many bytes are in the body of a POST request
Response fields: Content-Type
–
Content-Type indicates the MIME type of a document, so the browser knows how to handle the response
body. Examples include: text/html, text/plain, image/gif, image/jpeg, video/asf.
Exam: Web Servers
• Purpose of
• Apache multi-client model
• Apache configuration: Purpose of
– Port
• Indicates what TCP/IP port the server is listening to. The default for HTTP is
80.
– DocumentRoot
• Where to find the root document for a web site and its subdirectories and
files. Usually: apache_install_directory/htdocs/
– ServerName
• Name of the machine where the web server is running
– User
•
•
•
•
HTTP authentication
SSL
Virtual Hosts
CGI
Example Exam Questions
•
•
(2 pts) Draw & explain the relationship between a load balancer and a
cluster of web servers.
(3 pts) Show the URL that represents a GET request for domain ucsd.edu
and document /student/ski/home.asp with two arguments, task with value
open and the second shibboleth with “ali baba” (no quotes).
– http://ucsd.edu/student/ski/home.asp?task=open&shibboleth=ali+baba
•
(3 pts) Explain two advantages of stylesheets over plain HTML. Write an
HTML file that applies an internal style to all DIV tags such that the attribute
font-size is 18.
– <html>
<head>
<style>
DIV { font-size: 18pt; }
</style>
</head>
<body><H1>Look below</h1>
<DIV>This will be in 18pt</DIV>
</body>
</html>
Example Exam (cot’d)
•
(3 pts) Write an HTML page that contains a form taking username and password and submits it to
ucsd.edu/form.cgi using HTTPS. Onlookers may not view the password.
–
•
(3 pts) Write HTML code that uses Javascript to write “Hello World!” to the browser window.
–
•
•
…<form action=https://ucsd.edu/form.cgi method=“POST”>
Enter your username: <input type=“text” name=“username”><br>
Enter your password: <input type=“password” name=“pass”><br>
<input type=“submit” value=“Login to our service”>
</form>
…<script>document.write( “Hello World!” ); </script>
(2 pts) Write a Javascript function that takes two numbers and returns their sum.
(2 pts) Using Javascript to access the DOM, access the second form on the page and assign it to a variable.
<html><head></head><body>
<form></form>
<form action="/cgi-bin/mytest">
Username: <input type="text" name="user">
<input type="submit">
</form>
<script>
var myform = document.forms[ 1 ];
// Show the HTML making up the form
alert( "My form looks like this: " + myform.innerHTML );
</script>
</body>
</html>
Example Exam (cot’d)
•
(3 pts) Show an HTTP/1.0 client send a request for a document hello.gif from an
HTTP 1.1 server. Show both request and response headers. Indicate when the
connection closes.
–
GET /hello.gif HTTP/1.0
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1018
GIF87aFDSU)(&#$)(&%(*$&)&#$%)….
Connection closed by server
•
•
(2 pts) What is the purpose of DocumentRoot in Apache’s configuration file
(httpd.conf)?
(2 pts) What happens to your web server if a hostile user crashes a child process?
How does the parent recover? Are pages still served?
–
Pages are still served. The other children process may still respond to user requests. The
parent notices that the child has terminated by polling periodically. When the number of
children falls below a threshold, it creates a new child process to handle requests. Since the
parent never handles requests itself, delegating that task to its children, the parent rarely
crashes. This leads to a more robust web server.