The Servlet Technology Model

  • The getWriter() method of the ServletResponse interface returns a PrintWriter object suitable for writing character data in the response.
  • The setValue() method of the Cookie class is used to assign a new value to a cookie after the cookie is created.
  • A cookie is created by the server on request from a client. It is stored on a client computer.
  • The getOutputStream() method returns a ServletOutputStream suitable for writing binary data in the response.
  • Either the Response.setContentType(String name, String value) or the HttpServletResponse.setHeader(String name, String value) is used to set the Content type.
  • The getWriter() method of the ServletResponse interface returns a PrintWriter object suitable for writing character data in the response.
  • The sendError() method of the HttpResponse interface sends an error response to the client using the specified status code and message.
  • The getRequestURL() method of the HttpServletRequest interface returns the URL associated with the request as a String.
  • The getCookies() method of the HttpServletRequest interface returns an array of cookie objects that a client sends with a request. However, if no cookies are sent, this method returns a null value.
  • A servlet has three life cycle methods. They are init(), service(), and destroy().
  • A servlet has no main() method. The container is responsible for managing the life-cycle of a servlet.
  • The servlet init parameters are read only once when the container initializes the servlet.
  • Before calling the init() method, a servlet class must be loaded and instantiated.
  • The element of the deployment descriptor declares the initialization parameters that are applicable for an entire Web application.
  • For each request, the Container creates a separate thread.
  • The init() and the destroy() methods are called only once in the life of a servlet.

The Structure and Deployment of Web Applications

  • Deploying a servlet in the deployment descriptor requires two main elements: and .
  • The WEB-INF directory contains files that should not be publicly available. This includes among others the web.xml file, the servlet class files, and the lib/JAR files.
  • The setContentType() method of the ServletResponse interface sets the content type of the response. The content type is also referred to as the MIME type.
  • The sub-element is present in two elements: and .
  • The element of a deployment descriptor is used to load a servlet file when the server starts instead of waiting for the first request. It is also used to specify the order in which the files are to be loaded.
  • The element of the deployment descriptor is used to configure a mapping between a mime type and an extension. It has two sub-elements, namely and .
  • A welcome file is returned when a user enters a partial link in a URL, i.e., the name of a directory but with no file inside it. If there is more than one welcome file, they are all entered within a single element.
  • The element defines a mapping between an error code/exception type and the location of the resource to display in response to the error.
  • A deployment descriptor is an XML document that defines a component’s deployment settings.
  • A deployment descriptor is an xml file known as web.xml located in the WEB-INF directory. It provides configuration and deployment information for the Web components that comprise a Web application.
  • The element is a sub-element of the element. It defines the user roles that are allowed to access the Web resources specified by the sub-elements.

The Web Container Model

  • To declare a filter in the deployment descriptor, the and the elements are mandatory, while the element is optional.
  • A filter life-cycle consists of three methods, namely init(), doFilter(), and destroy().
  • An object of the FilterChain interface is provided by the container to invoke the next filter in a chain of filters.
  • Every filter must implement the Filter interface.
  • The ServletContextListener interface has the two methods, namely ContextInitialized() and contextDestroyed.
  • The HttpContextAttributeListener interface has the following three methods:
    1. public void attributeAdded(ServletContextAttributeEvent event)
    2. public void attributeRemoved(ServletContextAttributeEvent event)
    3. public void attributeReplaced(ServletContextAttributeEvent event)
  • The requestInitialized() method of the ServletRequestListener interface takes a ServletRequestEvent object and notifies that the request is about to come into scope of the Web application.
  • The requestDestroyed() method of the ServletRequestListener interface takes a ServletRequestEvent object and notifies that the request is about to go out of scope of the Web application.
  • The HttpSessionBindingListener interface causes an object of the implementing class to be notified when it is added to or removed from a session. This interface has the following methods:
    1. public void valueBound(event)
    2. public void valueUnbound(event)

Session Management

  • The HttpSessionActivationListener interface notifies an attribute that the session is about to be activated or passivated.
  • The HttpSessionListener object is used to notify the class when a session is created or destroyed.
  • Invalidating a session unbinds all the attributes from the session. Hence, attributes no longer exist with the session, and trying to get an attribute from the session will result in an IllegalStateException.
  • The session binds the object by a call to the HttpSession.setAttribute() method and unbinds the object by a call to the HttpSession.removeAttribute() method.
  • Except for the HttpSessionActivationListener and the HttpSessionBindingListener, all other listeners must be configured in the deployment descriptor.
  • The getCreationTime() method throws an IllegalStateException if it is called on an invalidated session.
  • The getCookies() method of the HttpServletRequest interface is used to get the cookies from a client. This method returns an array of cookies.
  • URL rewriting can be used even if cookies are not supported by the browser.
  • The element of the deployment descriptor sets the session timeout. If the time specified for timeout is zero or negative, the session will never timeout.
  • The getSession() method of the HttpServletRequest interface returns the current session associated with the request, or creates a new session if no session exists.
  • The getCreationTime() method returns the time when the session was created. The time is measured in milliseconds since midnight January 1, 1970.
  • The getWriter() method of the ServletResponse interface returns a PrintWriter object suitable for writing character data in the response.
  • The setMaxInactiveInterval() method sets the maximum time in seconds before a session becomes invalid.
  • The encodeRedirectURL() method of the HttpServletResponse interface, returns a URL by including a session ID in it for use in the sendRedirect() method. If the encoding is not required, the URL is returned unchanged.

Web Application Security

  • If there is no auth-constraint, or if role-name is specified as * , all users are allowed access to the resource. If auth-constraint is empty, no user is allowed access to the resource.
  • The element specifies the resources that will be constrained.
  • The element can have any of three values as follows:
    1. NONE
    2. CONFIDENTIAL
    3. INTEGRAL
  • The element is used to specify the type of authentication and the type of security realm associated with the resource.
  • The element is a sub-element of the element and specifies the resources that will be constrained.

The JavaServer Pages (JSP) Technology Model

  • The import attribute of a page directive allows a user to import a specific package when a JSP is translated to a servlet. This is the only attribute in a page directive that can be used multiple times.
  • JSP directives serve as a message from a JSP page to the JSP container and control the processing of the entire page. They are used to set global values such as a class declaration, method implementation, output content type, etc.
  • A page directive allows a user to set the page-specific properties for a JSP.
  • The include directive inserts code of the included file into a JSP page at translation time, i.e., when the JSP page is compiled.
  • The variable directive is used to declare variables in a tag file.
  • The include directive inserts code of the included file into a JSP page at translation time, i.e., when the JSP page is compiled. This include mechanism is also known as static include.
  • The uri of the taglib directive matches the sub-element of the element in the deployment descriptor.
  • The page directive has an attribute called contentType that is used to set the MIME type, i.e., the content type of the response.
  • A tag directive is similar to a page directive and has all the attributes similar to a page directive plus an extra attribute called body-content. The body-content attribute can be scriptless, tagdependent, or empty.
  • An XML-based JSP document should be enclosed between the and tags.
  • The element is used to disable scripting through the deployment descriptor.
  • When a JSP page is translated to a servlet, the scriptlet code goes into the service() method.
  • A tag file must be placed in either of the following locations: Inside the META-INF/tags directory or its subdirectory within a JAR file installed in the WEB-INF/lib directory of the Web application or inside the WEB-INF/tags directory or its subdirectory.
  • A tag library is a collection of classes and meta information for using custom tags.

Building JSP Pages Using the Expression Language (EL)

  • Expression languages are always within curly braces, and prefixed with a dollar sign that is ${expression}.
  • The standard action enables the current JSP page to include a static or a dynamic resource at runtime. In contrast to the include directive, the include action is used for resources that change frequently. The resource to be included must be in the same context.
  • The param implicit object maps a request parameter name to a single value. If there are multiple values in a parameter, they are printed using the paramValues implicit object.
  • The getInitParameter() method returns the names of the servlet’s initialization parameters as an enumeration of String objects, or an empty enumeration if the servlet has no initialization parameters.
  • The dot operator is used in the expression language to retrieve a named property of either a bean or a Map.
  • When using the dot operator, the variableName can be a Java bean or a Map, and the propertyName can be a key or a bean property.
  • The indexing operator [] is used in the expression language to retrieve properties of a Java bean, a Map, an array, or a List. It can be used in all places where a dot operator is used.
  • A [] operator can accept a Map key, a bean property, a List, or an array index. It can accept an integer or any String that can be converted to an integer.
  • If the dot operator is used to access the bean property but the property does not exist, a runtime exception is thrown.
  • The ge operator checks whether the first operand is greater than or equal to the second operand. The gt operator checks whether the first operand is greater than the second operand. The div operator returns the result of the division of first operand by the second.
  • While performing EL arithmetic operations, the operands are converted to their primitive values.
  • In EL, true and false are reserved words. For an arithmetic operation, an undefined variable is treated as zero.
  • The name of the class containing an EL function should be mapped in the TLD using the sub-element of the element.
  • In order to use an EL function, the following files are required:
    1. A class with a public static method.
    2. A TLD that maps the EL function class to a JSP page.
    3. A JSP that invokes the EL function.

Building JSP Pages Using Standard Actions

  • The standard action is used with or to pass parameter names and values to the target resource.
  • The standard action forwards a response from a servlet or a JSP page to another page. The execution of the current page is stopped, and control is transferred to the forwarded page.

Building JSP Pages Using Tag Libraries

  • The tag pulls out one element at a time from a stack and prints that element in a dynamically-generated manner.
    The tag is similar to the try-catch block, as the tag is used to handle exceptions. However, unlike the try-catch block, there is no separate try block in the tag.
  • If the value attribute of the tag evaluates to null, the attribute pointed by var will be removed. However, if the var attribute does not exist, it will be created if the specified value is not null.
  • The tag evaluates an expression and writes its value to the output stream.

Building a Custom Tag Library

  • The getParentTag() method is present in two interfaces, namely Tag for classic custom tags and SimpleTag for simple custom tags. This method is used when custom tags are nested one inside the other. The outer tag is called the parent tag and the inner tag is called the child tag. A child element uses this method to call its parent.
  • The findAncestorWithClass() method is present in two classes, namely TagSupport for classic tag handlers, and SimpleTagSupport for simple tag handlers. It is a static method that finds the closest ancestor of the given tag and class.
  • The findAncestorWithClass() method internally calls the getParent method to get further reference.
  • A simple tag handler is a Java class that extends the SimpleTagSupport class.
  • The SimpleTag interface extends the JspTag interface and provides methods to support simple tag handlers. The doTag() of the SimpleTag interface is used by the container when a JSP page invokes the tag using the name declared in the TLD file.
  • The SkipPageException is thrown by a simple tag handler to indicate that the remainder of the page must not be evaluated.

J2EE Patterns

  • Business Delegate, Service Locator, and Transfer Object are used in business tier. Front controller and Intercepting filter are used in presentation tier.
  • Business Delegate is a business tier component that provides a proxy interface to various business services. Service Locator is a J2EE design pattern that uses the Java Naming and Directory Service (JNDI) tree to lookup, access, and invoke business services. It hides the implementation details from a client.
  • An intercepting filter is a used to modify incoming requests from a client to a servlet and to send the response back to the client.
  • Transfer Object is a serializable class that is used to transfer data between different tiers in an application.
  • The Business Delegate model provides control and protection for the business service and reduces coupling between client and system’s business services.
  • The Transfer Object model reduces the network traffic by collapsing multiple remote requests into one. It may be implemented as a serializable object, so that it can be moved across the network.
  • A Business Delegate model provides control and protection for the business service.

Leave a reply

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

required