Jeff Offutt. SWE 432 Design and Implementation of Software for the Web. Web Applications

Similar documents
Introduction to Java Servlets. SWE 432 Design and Implementation of Software for the Web

Presentation and content are not always well separated. Most developers are not good at establishing levels of abstraction in JSPs

Lecture 9a: Sessions and Cookies

Web Software Model CS 4640 Programming Languages for Web Applications

ICOM 5016 Database Systems. Database Users. User Interfaces and Tools. Chapter 8: Application Design and Development.

Produced by. Web Development. Eamonn de Leastar Department of Computing, Maths & Physics Waterford Institute of Technology

CSC309: Introduction to Web Programming. Lecture 8

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Going Without CPU Patches on Oracle E-Business Suite 11i?

Software Design Document

GET /index.php HTTP/1.1 Host: User- agent: Mozilla/4.0

Session 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes

MSRS Roadmap. As of January 15, PJM 2019

Review. Fundamentals of Website Development. Web Extensions Server side & Where is your JOB? The Department of Computer Science 11/30/2015

Java Server Page (JSP)

Oracle - Developing Applications for the Java EE 7 Platform Ed 1 (Training On Demand)

Scope and State Handling in JSP

Chapter 10 Web-based Information Systems

AIM. 10 September

Oracle 10g: Build J2EE Applications

Writing Servlets and JSPs p. 1 Writing a Servlet p. 1 Writing a JSP p. 7 Compiling a Servlet p. 10 Packaging Servlets and JSPs p.

13. Databases on the Web

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Vulnerability Scan Service. User Guide. Issue 20 Date HUAWEI TECHNOLOGIES CO., LTD.

Outline. Databases and DBMS s. Recent Database Applications. Earlier Database Applications. CMPSCI445: Information Systems.

Course Web Site. 445 Staff and Mailing Lists. Textbook. Databases and DBMS s. Outline. CMPSCI445: Information Systems. Yanlei Diao and Haopeng Zhang

Penetration Testing. James Walden Northern Kentucky University

Module 3 Web Component

CMPSCI445: Information Systems

Client Side Scripting. The Bookshop

P2_L12 Web Security Page 1

Database Applications

HOW TO PASS WA ECART DATA TO MY SECURE SERVER

Information Security CS 526 Topic 11

Server-Side Web Programming: Python (Part 1) Copyright 2017 by Robert M. Dondero, Ph.D. Princeton University

Session 9. Deployment Descriptor Http. Reading and Reference. en.wikipedia.org/wiki/http. en.wikipedia.org/wiki/list_of_http_headers

Java.. servlets and. murach's TRAINING & REFERENCE 2ND EDITION. Joel Murach Andrea Steelman. IlB MIKE MURACH & ASSOCIATES, INC.

Web Architecture AN OVERVIEW

NET 311 INFORMATION SECURITY

Computer Networks. Wenzhong Li. Nanjing University

CSC4370/6370 Spring/2010 Project 1 Weight: 40% of the final grade for undergraduates, 20% for graduates. Due: May/8th

Web Development with Java

Common Websites Security Issues. Ziv Perry

The project is conducted individually The objective is to develop your dynamic, database supported, web site:

Deploying an IVR Web Application

RQs + PEs: More Servlets

Tableau Server - 101

Information Security CS 526 Topic 8

Introductory workshop on PHP-MySQL

Securent Entitlement Management Solution. v 3.1 GA. JACC Agent for WebSphere. September Part No. 31GA-JACCAGENTWEBSPHERE-1

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Oracle Application Express: Administration 1-2

Advanced Web Technology 10) XSS, CSRF and SQL Injection

Introduction to Java Server Pages. Enabling Technologies - Plug-ins Scripted Pages

Updating Astea Mobile URLs

Traditional Web Based Systems

Subscriptions and Recurring Payments Guide

Chapter 3. Technology Adopted. 3.1 Introduction

UNIT I Java Bean, HTML & Javascript

Sterling Selling and Fulfillment Suite Developer Toolkit FAQs

PRODUCT DOCUMENTATION. Installing and Implementing Enterprise Contact Center Chat RELEASE 5.1

Excel4apps Wands 5 Architecture Excel4apps Inc.

Persistence & State. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Web, HTTP and Web Caching

Creating Data Driven Websites with Dreamweaver CS4: Using ColdFusion, PHP or ASP

CMSC 332 Computer Networking Web and FTP

Building Multi-Channel Applications using Frameworks. Jörg Jungjohann, Systor AG

Application Design and Development: October 30

Enterprise Java Unit 1- Chapter 3 Prof. Sujata Rizal Introduction to Servlets

Attacking the Application OWASP. The OWASP Foundation. Dave Ferguson, CISSP Security Consultant FishNet Security.

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

15-415: Database Applications Project 2. CMUQFlix - CMUQ s Movie Recommendation System

QUICKBOOKS ONLINE PLUS: A COMPLETE COURSE 2016

CS 161 Computer Security

About the Authors. Who Should Read This Book. How This Book Is Organized

Managing State. Chapter 13

Javascript value to jsp variable. Javascript value to jsp variable.zip

AppSpider Enterprise. Getting Started Guide

WHAT IS MOVABLE TYPE?

Enterprise Web based Software Architecture & Design

Persistence. SWE 432, Fall 2017 Design and Implementation of Software for the Web

Assembling a Three-Tier Web Form Application

Introducing Cisco Unified MeetingPlace Web Conferencing

Custom Report Enablement

User Interfaces and Tools. Web Interfaces to Database (Cont.) Web Interfaces to Databases. Client Side Scripting and Applets.

TESTING WEB APPLICATIONS WITH MUTATION ANALYSIS

Introducing Cisco Unified MeetingPlace Web Conferencing

Xerox PagePack Program FAQs & Troubleshooting Tips

JSP (Java Server Page)

Configuring Stickiness

Read the following information carefully, before you begin an upgrade.

(Worth 50% of overall Project 1 grade)

Developing Online Databases and Serving Biological Research Data

Saving State on the WWW

Ch04 JavaServer Pages (JSP)

CS 5450 HTTP. Vitaly Shmatikov

iseries & WebSphere Express

Connecting VirtueMart To PayPal (Live)

CS144: Sessions. Cookie : CS144: Web Applications

Real Life Web Development. Joseph Paul Cohen

Transcription:

Introduction to Web Applications Jeff Offutt http://www.cs.gmu.edu/~offutt/ SWE 432 Design and Implementation of Software for the Web Web Applications A web application uses enabling technologies to 1. make web site contents dynamic 2. allow users of the system to implement business logic on the server Web applications let users affect state on the server A web application is a program deployed on the web An enabling technology makes web pages interactive and responsive to user input 7 October 2014 Offutt, 2011 2 1

Web Applications web browser client response web server server web app 1 web app 2 web app n Web applications are constructed from diverse, distributed, and dynamically generated web components 3 Web Application Failures Web applications have many problems Oct 2004: Paypal waived transaction fees for an entire day because of a service outage after an upgrade Aug 2006 and July 2008: Amazon failure caused businesses to lose information and revenue Sep 2011: 2 hours downtime of Target s web site and its 1 day intermittently functioning delayed and cancelled customers orders Mar 2012: The BodyShop BOGO turned to extra discount September 2012: Bank of America, JPMorgan Chase, Citigroup, US Bank, Wells Fargo, and PNC suffered online attacks 5 October 2014 Offutt, 2011 4 2

Traditional Computing Use A user works with software on her computer 5 October 2014 Offutt, 2011 5 Client Server Computing A user works with software or data on a separate computer called a server Client s data Client PC Server returns data Compute or DB Server 5 October 2014 Offutt, 2011 6 3

Web Applications Many users work with servers and databases that can be reached through the Internet with the HyperText Transfer Protocol SQL Records HTML HTTP Request Internet Client Browser Client Browser Client Browser 5 October 2014 Offutt, 2011 7 N-Tier Web Architecture Large web applications run on many computers that have to coordinate with each other. Amazon and Netflix have thousands of servers. network middleware middleware Client Browser! Javascripts! Web Servers HTML! PHP! ASP! JSP, etc! Application Servers Java! C#! DB Servers 5 October 2014 Offutt, 2011 8 4

How the Software Works Name : George Age : 23 Email : Browser <html> <body> <form method=post action=idprogram Name=idForm> Name: <input type=text name=username> Age: <input type=text name=age> Email: <input type=text name=email> </form> </body> </html> HTML to server out.println ( <html>\n ); out.println ( <body>\n ); out.println ( <p>your name is ); out.println (req.getparameter (username)); out.println ( \n<p>your age is ); out.println (req.getparameter (age)); out.println ( \n<p>your email is ); out.println (req.getparameter (Email)); out.println ( </body> ); out.println ( </html> ); Java Servlet idprogram to client Your name is George Your age is 23 Your email is Browser 5 October 2014 Offutt, 2011 9 Server Side Processing HTTP Request data UI implemented in a browser Web server Container engine Program components Client HTML HTTP Response Server 5 October 2014 Offutt, 2011 10 5

Incoming on port 8080 Execution Overview 1 Server HTTP HTTP 2 Request Response 7 Web server Request / Modified Response Response 3 6 Objects Container Objects engine Create Return 5 thread / call 4 method Program component 8 Response back to or 5 October 2014 Offutt, 2011 11 Web Software Container Engine Container Engine Web App 1 Web App 2 C1 a C1 b C2 a C2 b C1 c C2 c C2 d Shared memory Shared memory Shared memory Web applications are constructed from diverse, distributed, and dynamically generated web components 5 October 2014 Offutt, 2011 12 6

Session Management HTTP client-server communication is connnectionless As soon as the is made and fulfilled, the connection is terminated Communication is simple and resistant to network problems send a response a Server 7 October 2014 Offutt, 2011 13 Session Management How can servers keep track of state of different clients? 1. Session : A single coherent use of the system by the same user Example : shopping carts 2. Cookies : A string of characters that a web server places on a browser s client to keep track of a session Usually used as an index into a table (dictionary) on the server Most dictionaries expire after a period of time (15 to 30 minutes) Additional mechanisms - URL rewriting - Hidden form control We will come back to this later 7 October 2014 Offutt, 2011 14 7

User s ability to control web application via web browser features component Additional Web Features index post (userid, password) simple link form link operational record_add post (name, category, content) record_insert back login browse 15 Additional Web Features Identifying web application resources with URLs component simple link form link operational userlogin.jsp record_add post (name, category, content) record_insert back index post (userid, password) login browse 16 8

Additional Web Features Communication among web components depending on s through the HTTP component get index post (userid, password) simple link login form link operational record_add post (name, category, content) record_insert back browse 17 Additional Web Features Control connections: forward, include, component index post (userid, password) simple link form link back login forward operational record_add post (name, category, content) record_insert browse 18 9

Additional Web Features State scope of web components Client 1 page page forward forward session page Client 2 application Scope and Handling State in JSPs, slides from SWE 642, reproduced with permission from J. Offutt 19 Summary Web Programming The major difference is deployment Software is deployed across the Web using HTTP Other deployment methods include bundling, shrink-wrapping, embedding, and contracting New software technologies New conceptual language constructs for programming Integration Data management Control connections These differences affects every aspect of how to engineer high quality software 5 October 2014 Offutt, 2011 20 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback