comp9321 web application engineeringcs9321/16s1/lectures/lec12/lec-12.pdf · •jsp technology...
TRANSCRIPT
![Page 1: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/1.jpg)
COMP9321 Web Application Engineering
Wrap-up
1 COMP9321, 16s1, Week12
http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2442
Dr. Basem Suleiman
Service Oriented Computing Group, CSE, UNSW Australia
Semester 1, 2016, Week 12
![Page 2: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/2.jpg)
Course Core Components
2
This course consists of:
• 12 weeks of lectures
• 1 individual assignment – 10 marks
• 1 group assignment – 25 marks
• 1 group assignment – 15 marks
• 1 final exam (50 marks)
COMP9321, 16s1, Week12
![Page 3: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/3.jpg)
Assignments
3 COMP9321, 16s1, Week12
• Assignment 1 – GradeBook
• Assignment 2 – Week 13 (GradeBook)
• Assignment 3 – Due Wednesday, June 1, 2016, 23:59:59
![Page 4: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/4.jpg)
Assignments
4 COMP9321, 16s1, Week12
• Assignment 1 • Individual web application development
• XML, Servlet and JSP
• Assignment 2 • Group – Hotel Management Web Application
• JSP, Java objects, JDBC, others
• Design patters, MVC, other frameworks
• Teamwork skills
• Assignment 3 • Performance Evaluation of Web application
• Group – performance of Hotel Management Application
• Performance testing JMeter, Queuing theory and laws,
Analysis and reporting
![Page 5: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/5.jpg)
Final Exam
5 COMP9321, 16s1, Week12
![Page 6: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/6.jpg)
Final Exam
6 COMP9321, 16s1, Week12
• 2 hours exam (+10 minutes reading time)
• Total marks 50
• 6 Main questions (Answer only 5)
• No multiple choice questions
• First 5 answers will be marked
• Questions cover both technical and conceptual understanding on
the core topics
• Concepts, explanation, design principles, comparisons
• Short, factual and essay question, technical knowledge concepts
• Topics/Lectures Week1- Week10
• To make both our life easier, please
• Write to the point, use diagrams wherever is helpful, provide
examples especially if the question asks for it
• Write legibly and clearly – quality not quantity
![Page 7: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/7.jpg)
Final Exam
7 COMP9321, 16s1, Week12
![Page 8: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/8.jpg)
Final Exam
8 COMP9321, 16s1, Week12
• The following topics from the lectures will not be asked in
the final exam:
• TCP and DNS from Web Essentials
• Queueing Theory and Performance Modeling in
Performance Measurement Lecture
• Service Oriented Architecture (SOA)/Web Services
• NoSQL database
• Introduction to Cloud Computing
• Architecting Web Applications for the Cloud
![Page 9: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/9.jpg)
General Review
Week 1 – 10
9 COMP9321, 16s1, Week12
Warning: this review covers some topics only. For the final exam, study all topics and slides covered in weeks 1-10, excluding topics specified in the previous slide.
![Page 10: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/10.jpg)
Different Layers in an Application
10 COMP9321, 16s1, Week12
![Page 11: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/11.jpg)
Presentation Layer
11 COMP9321, 16s1, Week12
HTML <form> method attribute
how to send form-data
URL variables (with method="get") , or HTTP post transaction (with method="post").
specifies
as
Method? Get/Post
![Page 12: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/12.jpg)
Static vs. Dynamic Web Page
12 COMP9321, 16s1, Week12
A static web page is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application, and on demand!
web page whose construction is controlled by an application server processing server-side scripts.
software framework that provides both facilities to create web applications and a server environment to run them.
is-a
is-a
Java application servers
e.g.
It's core set of API and features are defined by Java EE.
The Web modules include Java Servlets and Java Server Pages.
http://docs.oracle.com/javaee/6/tutorial/doc/
![Page 13: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/13.jpg)
Java Servlets
13 COMP9321, 16s1, Week12
http://java.sun.com/products/servlet/index.jsp http://docs.oracle.com/javaee/6/tutorial/doc/bnafd.html
![Page 14: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/14.jpg)
A Lifecycle of a Servlet
14 COMP9321, 16s1, Week12
The Web container controls the lifecycle of a servlet class:
• initialisation • ServletConfig • ServletContext • …
![Page 15: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/15.jpg)
Attributes and Sharing Attributes
15 COMP9321, 16s1, Week12
![Page 16: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/16.jpg)
Who has access to the board and how long does it live?
16 COMP9321, 16s1, Week 2
![Page 17: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/17.jpg)
RequestDispatcher in Servlet
17 COMP9321, 16s1, Week12
• The RequestDispatcher interface provides the facility of dispatching the
request to another resource, e.g., servlet, jsp, or html.
• This interface can also be used to include the content of another resource also.
• It is one of the way of servlet collaboration.
http://www.javatpoint.com/
The RequestDispatcher interface provides two methods: forward and include
• Forward: Forwards a request from a servlet to another resource (servlet, JSP file, or HTML file) on the server.
public void forward(ServletRequest request,ServletResponse response)
![Page 18: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/18.jpg)
RequestDispatcher in Servlet
18 COMP9321, 16s1, Week12
• The RequestDispatcher interface provides the facility of dispatching the
request to another resource, e.g., servlet, jsp, or html.
• This interface can also be used to include the content of another resource also.
• It is one of the way of servlet collaboration.
http://www.javatpoint.com/
The RequestDispatcher interface provides two methods: forward and include
• Include: Includes the content of a resource (servlet, JSP page, or HTML file)
in the response.
public void include(ServletRequest request,ServletResponse response)
![Page 19: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/19.jpg)
Session Management
19 COMP9321, 16s1, Week 2
![Page 20: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/20.jpg)
Session Management
20 COMP9321, 16s1, Week 2
![Page 21: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/21.jpg)
Managing the User State
21 COMP9321, 16s1, Week12
A problem in HTTP request/response:
• HTTP is a stateless protocol.
• A single request/response;
• Nothing is remembered 'between requests' from the same user;
• Web applications need to maintain users + their data.
It is a programmer's responsibility:
• The term "session" is used to represent the data associated with one user while
she navigates around a Web application.
• Session is a conversional state between client and server.
• Session can consists of multiple request and response between client and server.
• Since HTTP is stateless, the only way to maintain a session is when some unique
information about the session (session id) is passed between server and client in
every request and response.
![Page 22: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/22.jpg)
Cookies
22 COMP9321, 16s1, Week12
• Cookies are text files stored on the client computer and they are kept for
various information tracking purpose.
• Java Servlets transparently supports HTTP cookies.
• There are three steps involved in identifying returning users:
• Server script sends a set of cookies to the browser. e.g. session id
• Browser stores this information on local machine for future use.
• Next time, browser sends request + those cookies to the server and server uses that information to identify the user.
![Page 23: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/23.jpg)
JavaServer Pages (JSP) Technology
23 COMP9321, 16s1, Week12
• JavaServer Pages (JSP) technology allows you to easily create
web content that has both static and dynamic components.
• JSP technology makes available all the dynamic capabilities of
Java Servlet technology; but provides a more natural approach
to creating static content.
• JSP is similar to PHP, but it uses the Java programming language.
• To deploy and run JavaServer Pages, a compatible web server
with a servlet container, such as Apache Tomcat, is required.
![Page 24: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/24.jpg)
JSP
24 COMP9321, 16s1, Week12
![Page 25: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/25.jpg)
JSP Basics
25 COMP9321, 16s1, Week12
JSP Page
JSP Elements
Template Text (HTML bits…)
Scripting
Elements
Directive
Elements
Action
Elements
Traditional
Modern EL Scripting
${…}
Scriptlet
Expression
Declaration
Comments
Page
Include
Taglib
custom
Standard
<abc:mytag>
<jsp:useBean>
<jsp:getProperty>
<jsp:setProperty>
<jsp:include>
<jsp:forward>
<jsp:param>
![Page 26: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/26.jpg)
Extensible Markup Language (XML)
26 COMP9321, 16s1, Week12
• XML originally designed to meet the challenges of large-scale
electronic publishing.
• XML separates presentation issues from the actual data.
• XML plays an increasingly important role in the exchange of a
wide variety of data on the Web and elsewhere.
• Needs a communication protocol?
• e.g. SOAP stands for Simple Object Access Protocol
• SOAP is based on XML
• SOAP is a W3C recommendation
• SOAP uses XML Information Set for its message format.
![Page 27: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/27.jpg)
JSP Elements: JSP Actions (useBean)
27 COMP9321, 16s1, Week 3
![Page 28: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/28.jpg)
The XML Family
28 COMP9321, 16s1, Week12
XML: a markup language used to describe information.
DOM: a programming interface for accessing and updating documents.
DTD and XML Schema: describes the structure and content of XML documents.
XSLT: a language for transforming XML documents
XPath: a query language for navigating XML documents.
XPointer: for identifying fragments of a document.
XLink: generalises the concept of a hypertext link.
XInclude: for merging documents.
XQuery: a language for making queries across documents.
RDF: a language for describing resources.
![Page 29: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/29.jpg)
XML – Document Type Definition
29 COMP9321, 16s1, Week 4
• An XML document with correct syntax is called "Well Formed“ • Errors (incorrect syntax) – application processing will trigger errors • Well Formed XML document it has valid XML syntax rules
• Well formed XML document “valid” XML document ?
• A valid XML document must be:
• Well formed AND
• Conform to Document Type Definition (DTD)
• Document Type Definition (DTD) • Defines the structure and the legal elements and attributes of an XML document
• DTD or XML Schema (XML alternative to DTD)
• Internal DTD declaration or external DTD declaration (.dtd)
![Page 30: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/30.jpg)
Well-formedness and Validity of XML
30 COMP9321, 16s1, Week 4
![Page 31: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/31.jpg)
Limitations of DTD
31 COMP9321, 16s1, Week 4
![Page 32: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/32.jpg)
The XML Family – XML Schema
32 COMP9321, 16s1, Week 4
XML Schema (or SML Schema Definition XSD)
• is an XML-based alternative to DTD.
• describes the structure of an XML document.
• defines elements and attributes that can appear in a document
• defines data types for elements and attributes
• defines default and fixed values for elements and attributes
• defines the child elements, their orders, etc.
• XML Schemas are much more powerful than DTDs.
• The XML Schema language is also referred to as XML Schema Definition (XSD).
![Page 33: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/33.jpg)
XML Namespaces
33 COMP9321, 16s1, Week 4
![Page 34: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/34.jpg)
Simple Types
34 COMP9321, 16s1, Week 4
![Page 35: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/35.jpg)
Type Restrictions
35 COMP9321, 16s1, Week 4
More examples : http://www.w3schools.com/xml/schema_facets.asp
Constraint Description
enumeration Defines a list of acceptable values
fractionDigits Specifies the maxi number of decimal places allowed. Must be equal to or greater than zero
length Specifies the exact number of characters or list items allowed. Must be >= than zero
maxExclusive Specifies the upper bounds for numeric values (the value must be less than this value)
maxInclusive Specifies the upper bounds for numeric values (the value must be <= to this value)
maxLength Specifies the Max number of characters or list items allowed. Must be >= zero
minExclusive Specifies the lower bounds for numeric values (the value must be greater than this value)
minInclusive Specifies the lower bounds for numeric values (the value must be>= to this value)
minLength Specifies the minimum number of characters or list items allowed. Must be >= 0
pattern Defines the exact sequence of characters that are acceptable
totalDigits Specifies the exact number of digits allowed. Must be greater than zero
whiteSpace Specifies how white space (line feeds, tabs, spaces, and carriage returns) is handled
![Page 36: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/36.jpg)
Complex Types
36 COMP9321, 16s1, Week 4
![Page 37: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/37.jpg)
Persistence
37 COMP9321, 16s1, Week 5
• Persistence is a fundamental concept in application
development
• In an object-oriented applications, persistence allows an
object to outlive the process that created it
• The state of the object may be stored to disk and an object
with the same state re-created at some point in the future.
• Sometimes entire graphs of interconnected objects may be
made persistent and later re-created in a new process.
(Hibernate, pp.5-29)
![Page 38: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/38.jpg)
Data Persistence
38 COMP9321, 16s1, Week12
• When you work with a relational database in a Java
application, the Java code issues SQL statements to the
database via the JDBC API.
• The Java Database Connectivity (JDBC) API provides
universal data access from the Java programming language.
• Using the JDBC API, you can access virtually any data
source, from relational databases to spreadsheets and flat
files.
• The JDBC API is comprised of two packages:
• java.sql
• javax.sql (Hibernate, pp.5-29)
![Page 39: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/39.jpg)
JDBC Interfaces
39 COMP9321, 16s1, Week 5
![Page 40: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/40.jpg)
Accessing DB from an Application
40 COMP9321, 16s1, Week12
![Page 41: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/41.jpg)
PreparedStatement object
41 COMP9321, 16s1, Week12
• A more realistic case is that the same kind of SQL statement is processed over and
over (rather than a static SQL statement).
• In PreparedStatement, a place holder (?) will be bound to an incoming value before
execution (no recompilation).
![Page 42: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/42.jpg)
Data Access Objects (DAO)
42 COMP9321, 16s1, Week 5
![Page 43: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/43.jpg)
Object-Relational Impedance Mismatch Problems
43 COMP9321, 16s1, Week12
![Page 44: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/44.jpg)
Object-Relational Impedance Mismatch Problems
44 COMP9321, 16s1, Week12
https://docs.oracle.com/cd/E16162_01/user.1112/e17455/img/mismatch.gif
![Page 45: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/45.jpg)
Impedance (or Paradigm) Mismatch Problem
45 COMP9321, 16s1, Week 5
(Hibernate, pp.5-29) The problem of subtypes
Subtypes
![Page 46: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/46.jpg)
Hibernate - ORM Framework
46 COMP9321, 16s1, Week 5
• Hibernate is an open source ORM solution for JAVA which provides
Object-Relational Persistence and Query service for any Java
Application
• Improve development efficiency by relieving the developer from
majority of common data persistence related programming tasks
•
• Hibernate maps Java classes to database tables and from Java data
types to SQL data types
• Hibernate sits between traditional Java objects and database server to
handle all the work in persisting those objects based on the
appropriate O/R mechanisms and patterns
• Supports major RDBMS including MySQL, MS SQL, Oracle, DB2,
HSQL
![Page 47: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/47.jpg)
Design Patterns
47 COMP9321, 16s1, Week12
A pattern is a proven solution to a problem in a context.
Each pattern expresses a relation between a certain context, a problem, and a solution.
A design pattern represents a solutions to problems that arise when developing a software.
Design pattern are granular and applied at different levels such as: Frameworks Subsystems Sub-subsystems
Categories include:
Design
Architectural
Analysis
Creational
Structural
Behavioral
![Page 48: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/48.jpg)
J2EE Design Patterns
48 COMP9321, 16s1, Week12
![Page 49: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/49.jpg)
Servlet design guidelines: When to use Servlets
49 COMP9321, 16s1, Week 6
![Page 50: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/50.jpg)
JSP Design Guidelines
50 COMP9321, 16s1, Week 6
![Page 51: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/51.jpg)
General Guideline for Servlet/JSP/JavaBeans
51 COMP9321, 16s1, Week12
![Page 52: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/52.jpg)
Model 1 Architecture
52 COMP9321, 16s1, Week 6
![Page 53: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/53.jpg)
Model 2 Architecture = MVC pattern
53 COMP9321, 16s1, Week 6
![Page 54: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/54.jpg)
Model 2 Architecture = MVC pattern
54 COMP9321, 16s1, Week 6
![Page 55: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/55.jpg)
Command Design Pattern
55 COMP9321, 16s1, Week 6
![Page 56: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/56.jpg)
Securing your Web Application: Threats!
56 COMP9321, 16s1, Week12
![Page 57: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/57.jpg)
Securing your Web Application: Threats!
57 COMP9321, 16s1, Week12
![Page 58: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/58.jpg)
CSRF Attacks Mechanisms
58 COMP9321, 16s1, Week 8
GET scenario Using GET method, the money transfer operation might be reduced to a request like
GET http://bank.com/transfer.do?acct=BOB&amount=100 HTTP/1.1
• Maria decides to exploit this web application vulnerability using Alice as her victim. Maria first constructs the following exploit URL which will transfer $100,000 from Alice's account to her account. She takes the original command URL and replaces the beneficiary name with herself, raising the transfer amount significantly at the same time
GET http://bank.com/transfer.do?acct=MARIA&amount=10000
The attack that tricks Alice into loading this URL when she's logged into the bank application
• Sending an unsolicited email with HTML content • Planting an exploit URL or script on pages that are likely to be visited by the victim while
they are also doing online banking
The exploit URL can be disguised as an ordinary link, encouraging the victim to click it
<a href="http://bank.com/transfer.do?acct=MARIA&amount=100000">View my Pictures!</a>
More CSRF Attacks Examples: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
![Page 59: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/59.jpg)
Cross Site Scripting (XSS): Summary!
59 COMP9321, 16s1, Week 8
![Page 60: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/60.jpg)
Cross Site Scripting (XSS): Prevention!!
60 COMP9321, 16s1, Week 8
![Page 61: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/61.jpg)
Cross Site Scripting (XSS): Prevention!!
61 COMP9321, 16s1, Week 8
More on XSS prevention rules and examples https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
![Page 62: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/62.jpg)
Session Management…
62 COMP9321, 16s1, Week12
![Page 63: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/63.jpg)
Transport Layer Security (e.g. HTTPS)
63 COMP9321, 16s1, Week12
![Page 64: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/64.jpg)
Performance
64 COMP9321, 16s1, Week12
![Page 65: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/65.jpg)
Scalability
65 COMP9321, 16s1, Week12
![Page 66: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/66.jpg)
Architectural Considerations - Network
66 COMP9321, 16s1, Week 10
https://devcentral.f5.com
![Page 67: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/67.jpg)
General Techniques for Improving Performance and Scalability
67 COMP9321, 16s1, Week 10
1. Caching and Replication
2. Parallelism
3. Redundancy
4. Asynchrony
5. Resource Pooling
![Page 68: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/68.jpg)
Improving Performance using HTTP features
68 COMP9321, 16s1, Week 10
![Page 69: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/69.jpg)
Improving Database Access
69 COMP9321, 16s1, Week12
![Page 70: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/70.jpg)
Improving Database Access
70 COMP9321, 16s1, Week 10
![Page 71: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/71.jpg)
Improving Database Access
71 COMP9321, 16s1, Week 10
JOINT queries
![Page 72: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/72.jpg)
Improving Database Access
72 COMP9321, 16s1, Week 10
![Page 73: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/73.jpg)
Scaling & Request Load Balancing
73 COMP9321, 16s1, Week 10
![Page 74: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/74.jpg)
Scaling & Request Load Balancing
74 COMP9321, 16s1, Week 10
![Page 75: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/75.jpg)
Scaling & Request Load Balancing
75 COMP9321, 16s1, Week 10
Application-Level Load Balancing with Stateless Logic
![Page 76: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/76.jpg)
Scaling & Request Load Balancing
76 COMP9321, 16s1, Week 10
Scaling Databases - Replication
![Page 77: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/77.jpg)
COMP9322 !!
77 COMP9321, 16s1, Week12
…from building a web site (cs9321) to building web services (cs9322) ...
context: “global/distributed/complex” business applications
• Goals:
• understand the concept of services and business processes
• articulate the motivation behind web service-based technologies
• apply the knowledge in practical situations
COMP9322 course aims:
• provide students with a deep understanding of SOA, service-orientation
paradigm, business processes and Web services as an implementation
technology.
![Page 78: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/78.jpg)
78 COMP9321, 16s1, Week12
Good Luck!
![Page 79: COMP9321 Web Application Engineeringcs9321/16s1/lectures/lec12/Lec-12.pdf · •JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides](https://reader033.vdocuments.us/reader033/viewer/2022043023/5f3e932b2d933f46e2183b6d/html5/thumbnails/79.jpg)
79 COMP9321, 16s1, Week12