Transcript CSCI 6962

CSCI 6962:
Server-side Design and Programming
Course Introduction and
Overview
Client-Server Web Architecture
• Client browser sends request for page to server
– May contain form data and other information
• Server sends response page and sends to client
• May need to generate response page dynamically
– Form parameters
– Previous requests (such as items purchased so far)
– Information in database
Focus of this course
2
Client-Server Web Architecture
Client
Browser
www.cis.ysu.edu/
~john/Syllabus.htm
Response containing Syllabus.htm as a long string
(<html><head><title>CSCI 6962 Syllabus</title>
</head><body>…)
Request to
www.cis.ysu.edu
for Syllabus.htm
port
Server
john  public_html Syllabus.htm
3
Form Handling
• Form data appended to request string
<FORM NAME="purchaseform"
METHOD=GET
ACTION=http://frodo.cis.ysu.edu/~john/cgi-bin/test.pl >
Quantity: <INPUT TYPE="text" NAME="quantity" />
<BR /><BR />
<INPUT TYPE="submit" VALUE="SUBMIT">
/FORM>
Generates the request:
http://frodo.cis.ysu.edu/~john/cgi-bin/test.pl&quantity=3
4
Form Handling
Server must:
– Listen on port for requests
– Parse request to determine values of parameters
– Generate appropriate response page based on
parameter values
– Send response page back to client
5
Simple perl cgi-bin Program
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
#!/opt/local/bin/perl
Problem:
#program to print back results of test form
#parse input string into an associative list
Too difficult to do
@pairs=split(/&/, $ENV{'QUERY_STRING'});
foreach $pair (@pairs) {
complex server-side
@item=split(/=/, $pair);
development
$key=@item[0];
$value=@item[1];
• Database manipulation
$formdata{$key}=$value;
}
• Security …
#print response to form
print "Content-type: text/html\n\n";
print "<HTML><HEAD><TITLE>cgi-bin response</TITLE><BODY>";
print "Thank you for your order of ";
print $formdata{"quantity"};
print " widgets!";
print "</BODY></HTML>";
6
Course Topics
•
•
•
•
•
•
•
•
Server-side Web Containers
Java Server Pages/Active Server Pages
Web Site Architecture
Session Handling
AJAX
Database Manipulation
Security
Email, etc.
7
Web Containers
• Program running continuously on server
• Runs code to handle requests
• Built-in methods for parsing requests,
generating responses
• Handles other important functions:
–
–
–
–
Session tracking
Database access
Email generation
Security and encryption
8
Web Containers
http://homer.cis.ysu.edu/reciept.jsp&quantity=3
Port
Client
Server
Browser
Web Container
Listen on port
Execute code in requested server page
Generate corresponding html page
<HTML>
<HEAD><TITLE>cgi-bin response</TITLE></HEAD>
<BODY>
<P>
Thank you for your order of
<%= request.getParameter(“quantity”) %>
widgets!
</P>
</BODY>
</HTML>
Constantly running in background
9
Web Containers
• Jakarta Tomcat
– Written in Java
– NetBeans IDE
– Acts as engine for Java Server Pages and servlets
• Microsoft IIS
– Visual Basic/C#
– Acts as engine for Active Server Pages
10
Java Server Pages
• Perl/cgi-bin approach:
Generate response page one character at a time
• Java Server Page approach:
Create html “template” with “spaces” to be filled in
<HTML>
<HEAD><TITLE>Reciept</TITLE></HEAD>
<BODY>
<P>
Thank you for your order of
insert value of quantity here
widgets!
</P>
</BODY>
</HTML>
11
Java Server Pages
<HTML>
<HEAD><TITLE>Reciept</TITLE></HEAD>
<BODY>
<P>
Thank you for your order of
<%= request.getParameter(“quantity”) %>
widgets!
</P>
</BODY>
</HTML>
12
Active Server Pages
• Active Server Page approach:
Create “form” which is translated to html
13
Active Server Pages
• Server-side code manipulates “form elements”
– Subroutine called when page submitted
– Data read from elements (actually request string)
– Used to set value of other elements
14
Active Server Pages
• Resulting form translated to response page
15
Control-View Architecture
• Different user input might require different response
pages
– Different types of request
– Errors/missing field values, etc.
• Servlets/Multipage sites:
Code to determine and redirect to appropriate response JSP
request
Control
servlet
JSP
JSP
JSP
JSPs for
views
response
16
Form Validation
• Detecting user error
– Invalid form information
– Inconsistencies of forms to other entities
• Enter ID not in database, etc.
• Correcting user error
– Providing information or how to correct error
– Reducing user memory load
• Preventing user error
– Good instructions
– Field types/values that prevent error
– Error tolerance
• Example: Accepting phone numbers in multiple formats
17
User-friendly Error Handling
• Tell user what went wrong
• Don’t force re-entry of information
18
Session Handling
• Most web transactions are sessions consisting
of series of requests and responses
• No easy way to associate steps if multiple clients
Who submitted this request?
19
Session Handling
• Assign each new client a unique ID at the start
of a session
• Client/server pass that ID back and forth with
each request/response
• Data for that client (such as “shopping cart”)
associated with ID on server
20
AJAX
Request
Client
Server
Response
Large
Document
• Response is entire web page
• Very inefficient
– High network costs
– Must be loaded into browser and rendered
• Problem:
Browser itself cannot get any data from server without
requesting entire page
21
AJAX
Request
JavaScript
Server
Response
Web Page
Small
Data
• Based on JavaScript running in browser
– JavaScript code sends data to server, reads response
– Response is simple data instead of entire page
– JavaScript code then modifies page without rerendering it completely
– AJAX: Asynchronous JavaScript and XML
22
Database Manipulation
• Database driver provides access to databases
• JDBC: classes to query/manipulate database
• Reliability/Efficiency issues
– Synchronization
– Prepared statements
– Connection pooling
web container
database server
control
servlet
database
driver
DBMS
JSP
database
JDBC
23
Web Site Security
• Encryption
– SSL/TLS protocols for information exchange
– Certificates for authenticating servers
• Security roles for authenticating clients
– Assigning different levels of access
Change inventory
Inventory Role
View salaries
HR Role
Change salaries
Manager Role
24
Tools We will be Using
• JSP:
–
–
–
–
Jakarta Tomcat web container
Java programming language
NetBeans IDE
MySQL database server
• ASP:
– Microsoft Visual Studio
All are free downloads (see textbooks)
25
Background Knowledge
• Java or C++ (for JSP)
– May want to get Java reference
– I will cover basics in class
• Visual Basic or C# (for ASP)
– Basics covered in class
– If more familiar with C# can get corresponding text
• Basic html (including forms and tables)
– Chapter 4 of text
• Basic SQL
26
Assignments
• Short programming assignments in core areas
–
–
–
–
Java Server Pages
Validation/redirection servlets
Session handling
Active Server Pages
• Web Site Project
– Multi-page web site in area of your choice
– Includes server pages, servlets, and session handling
– Should include at least one other advanced capability
• Database manipulation
• AJAX
• Security…
– Can use either JSP or ASP
– Can be group project
27
The NetBeans IDE
• Integrated Development Environment for Java
Programming
– Editing code (with hints)
– Compiling code
– Running code
• Good for JSP/servlet development
– Comes with own copy of Java, Tomcat
– Allows easy development of web applications
• MS Visual Studio corresponding IDE for ASP
Downloading NetBeans
www.netbeans.org
Downloading NetBeans
Downloading NetBeans
• Note: NetBeans has built-in Tomcat server
(must download Java EE version)
Creating a Web Application
• In NetBeans: File  New Project
• Choose Web and Web Application
Creating a Web Application
• Give your project a name (I called this one “WidgetSite”)
• Give it a location (I have put it in a directory called 6962)
• Make sure it is set as the Main Project
Creating a Web Application
• The final page shows information (such as which server
this project uses)
• Can change to external server if desired
Creating a Web Application
NetBeans creates
an initial web site
Structure shown
in the project
window
Creates an
initial index.jsp
page (default
home page of
the new site)
The index.jsp is initially just a
“Hello world” page
Running a Web Application
• Running the site opens the index.jsp page
Building a Web Application
• Modify and add files to create web site
index.jsp
Prompts user for
number of widgets
reciept.jsp
Displays number of
widgets purchased
Building a Web Application
Adding a JSP
• File  New
Choose a JSP
Give it a
name
Running the Site
Compiles and runs current webapp
(starting Tomcat and opening browser)