Transcript Comp1503 Introduction to E

Comp2513
E-Commerce Infrastructure 2
Daniel L. Silver, Ph.D.
Objectives
To complete an overview of the major
architectural components of the Internet that
form the infrastructure for E-Commerce
 References: portions of Sharma Ch.1 and 2,
and DDEA Ch.7

2001
Daniel L. Silver
2
Outline


Review of Architectural Map
Dynamic Interactive Webpages
– Forms and CGI
– Java and Applets, JavaScript
– Cookies





2001
Servlets and Application Servers
Database and Database Servers
Beyond HTML: XML
Security and Authentication
Electronic Payment
Daniel L. Silver
3
Major Architectural Components
of the Web
Bank
Server
Dedicated
Client 1
Browser
Client 2
HTTP
TCP/IP
Server A
Internet
HTTP
Server
Browser
URL
Server B
2001
App.
Server
index.html
Database
Server
prog.cgi
Bank
Server
Daniel L. Silver
4
Dynamic Internet Pages!
HTTP allows client to request a webpage
(URL) and server to respond
 HTML and browser allows display of data
sent from server
 How do we move data to the server?
 How do we provide program logic at the
client?

– e.g. Check the postal code: B0P 1XO
2001
Daniel L. Silver
5
Forms and CGI

The HTML <FORM> tag specifies that:
– Input data will be received from the keyboard
– Data should be processed by a server application if
SUBMIT button is pressed

CGI – Common Gateway Interface
– Standard for HTTP client-server application
communications. It defines how:
– A client can request to run an application on a server
and use specified input data
– A server application can pass the response back to the
client
– It is NOT a programming language
2001
Daniel L. Silver
6
Forms and CGI

An Example: greeting.html
2001
Daniel L. Silver
7
Java and Applets
Java is an OOP language developed by Sun
Microsystems
 Platform independent – code is interpreted
by a Java Virtual Machine (JVM)
 A Java applet is a Java program that is
launched by a browser:

– HTML page contains reference to an applet
– Applet is downloaded from server
– Java is executed by JVM assoc. with browser
2001
Daniel L. Silver
8
Java Applet

Advantages:
– Client side logic for dynamic content and
format of pages
– Client side logic for complex algorithms and
local data manipulation

An Example: HelloApplet.html
2001
Daniel L. Silver
9
Javascript





Introduced by NetScape
A client-side language
Provides program logic embedded in HTML for
generation of dynamic webpages and minor
computation
Manipulation of objects in HTML page including
the creation and movement of browser windows
Most importantly allows validation of entered
FORM data
2001
Daniel L. Silver
10
Web Sessions?
Recall the problem of web sessions being
connectionless
 TCP/IP is connection oriented but each
HTTP request/response uses one such
connection and then terminates
 State is not maintained from page to page
 Each item you order is a separate request
 So how does a E-Comm site know how to
accumulate orders for you?

2001
Daniel L. Silver
11
Cookies

A Cookie is a small piece of data placed on a
client system that is used by the server to identify
the client
– Client, about to make a request to a server, checks to
see if it has an associated cookie
» If cookie, then send it with the request
– Server checks for cookie in request
» If cookie, then pass it to any applications called
– Server may create a new cookie and return it with the
response to the client
– Client receives response and checks for new cookie
» If cookie, then it saves it for this server URL
2001
Daniel L. Silver
12
Servlets and Application Servers

Java Applets have three major drawbacks:
– Take time to load unto client
– May not work as planned (depends on JVM)
– Potential security risk for client
Server-side code is preferred for business
logic
 CGI allows an application to run on server
but creates server performance problems:

– Each time a separate process must be spawned
2001
Daniel L. Silver
13
Servlets and Application Servers
Servlets overcome this problem
 Servlets rely on a Servlet Engine
(Application Server) to manage multiple
requests for the same application
 Tomcat is one of the most common Servlet
Engines

2001
Daniel L. Silver
14
JSPs – Java Server Pages
A relatively new Java programming model
from SUN that follows IBM’s older net.data
and MS’s Active Server Pages
 Objective is to separate the application
processing code from the HTML
presentation code
 Easier to build dynamic E-commerce
applications without loss of servlet power

2001
Daniel L. Silver
15
Skeleton of a JSP
<HTML>
Basic Html Code
<HEAD>
<TITLE> HelloJSP1</TITLE>
</HEAD>
<BODY>
<H1>Hello JSP - Example 1 </H1>
<BEAN
Java Object Created
name="textProvider"
as a Java Bean
type="example.Bean.HelloJSP1"
scope="request">
</BEAN>
Calling a method
<B><%= textProvider.getTextMessage() %></B>
of the Java Object
</BODY>
</HTML>
2001
Daniel L. Silver
16
Major Architectural Components
of the Web
Bank
Server
Dedicated
Client 1
Browser
Client 2
HTTP
TCP/IP
Server A
Internet
HTTP
Server
Browser
Server B
2001
App.
Server
Database
Server
URL index.html prog.class
page.jsp
Bank
Server
Daniel L. Silver
17
Database and Database Servers

Database - A collection of data, structured in a well
defined format, accessed by multiple applications using
standard commands, ensures integrity of access
DBMS – Database Management System –
facilitates and optimizes database I/O
 Database Server – A server that runs a
DBMS and can field requests for data I/O

2001
Daniel L. Silver
18
Database and Database Servers
raven.acadiau.ca will be our database server
 Our DBMS will be PostgreSQL (Postgres)
 Postgres is a relational database – like a set
of spreadsheet tables
 Used to store all data for products,
categories and stores
 ODBC – Open Database Connectivity
 JDBC – Java Database Connectivity

2001
Daniel L. Silver
19
XML
eXtensible Markup Language
 HTML tags such as <B>Silver<\B> tell
how to display the word “Silver” (syntax)
 But its does not define what it means
 XML defines meaning (semantics):
<mail_adrs>
<last_name>Silver<\last_name>
<fname>Homer<\fname>
 And to create structure … <lname>Simpson<\lname>

2001
Daniel L. Silver
<strnum>1234<\strnum>
<str>Hickup Lane<\str>
<\mail_adrs>
20
Security and Authentication
HTTP connections can be “sniffed” for their
data – just plain ASCII text
 Encryption methods encode text to make it
unreadable
 Public and private keys are used for coding
and decoding encrypted messages
 Authentication concerns ensuring that a
sender is who she says she is

2001
Daniel L. Silver
21
Security and Authentication
Certificate is an entity’s public key plus
other identification (name., location)
 SSL – Secure Socket Layer

– Lies between TCP/IP and HTTP and performs
encryption

HTTPS is the HTTP protocol that employs
SSL – it will use a separate server port
(default = 443)
2001
Daniel L. Silver
22
Security through HTTPS
Bank
Server
Dedicated
Client 1
Browser
HTTP
TCP/IP
Server A
port = 80
HTTP
Server
HTTPS
port = 443
URL
2001
Daniel L. Silver
App.
Server
index.html
Database
Server
prog.cgi
23
E-Payment
Credit card
 Debit card
 Micro-payments
 Smart card

2001
Daniel L. Silver
24
Major Architectural Components
of the Web
Bank
Server
Dedicated
Client 1
Browser
Client 2
HTTP
TCP/IP
Server A
Internet
HTTP
Server
Browser
URL
Server B
2001
App.
Server
index.html
Database
Server
prog.cgi
Bank
Server
Daniel L. Silver
25
Successful E-Commerce
Applications
Flexible – ever changing products,
technology, business process
 Multi-channel interfaces - diversity of user
and external application access
 Security – a primary concern
 Integration – no application is an Island

2001
Daniel L. Silver
26
Summary of Technical
Requirements for E-Comm.








Dynamic, personalized web user interfaces
Multi-channel user interface support
Adheres to standard application interfaces
Distributed programming/acrhitectural model
Deployment on distributed components
Distributed transaction support
Asynchronous message communications
Strong security
2001
Daniel L. Silver
27
THE END
[email protected]