EARTH WEEK
Now through April 22, save up to 70% on digital learning resources. Learn more.
Register your product to gain access to bonus material or receive a coupon.
Java servlets are the killer app for server-side programming. They represent the first cross-platform solution for server-side development that delivers the performance developers require -- and they've been incorporated into nearly every leading Web server platform. Inside Servlets, Second Edition teaches developers all they need to build robust, powerful servlets with Sun's new Servlets 2.2 API. It combines detailed, real-world projects, a comprehensive API reference, and extensive new coverage of crucial topics ranging from security to database integration. The book starts with a brief, crystal-clear introduction to servlet technology and architecture -- and then dives into the sophisticated techniques Java developers need to make the most of their servlets. Dustin Callaway provides a complete development framework for building Internet applications, as well as three start-to-finish sample servlets. He also offers outstanding, code-rich explanations of key techniques such as state/session management, cookies, thread-safe servlets, JDBC database access, cross-request communications, request forwarding, and partitioning. This Second Edition adds extensive coverage of deployment, servlet security and authentication, internationalization, JavaServer Pages, and more.
Foreword.
Preface.
Introduction.
I. INTRODUCTION TO WEB DEVELOPMENT.
Internet Basics 3.Networks. Protocols. TCP/IP. Brief History of the Internet. Internet Addresses. Ports. Socket. Name Resolution. Firewalls. Protocol Tunneling. Proxy Servers. Internet Standards. Summary.
2. Web Basics.Brief History of the Web. URLs. Web Browsers. Web Servers. Common Gateway Interface. Summary.
3. Beyond Web Basics.HTTP. MIME. HTML Forms. Summary.
II. INTRODUCTION TO SERVLETS.
4. Why Servlets?What Is a Servlet? Where Do Servlets Fit In? What Can Servlets Do? Why Are Servlets Better Than CGI? NSAPI/ISAPI. Summary.
5. Servlet Basics.Basic Servlet Structure. Servlet Lifecycle. Servlet Reloading. Dissecting Two Sample Servlets. Summary.
6. Servlet API Basics.HttpServlet. Class. GenericServlet. Class. ServletRequest Interface. HttpServletRequest Interface. ServletResponse Interface. HttpServletResponse Interface. Summary.
7. Writing Your First Servlet.Servlet Requirements. Main Page. View Bulletins. Post Bulletin Page. Save Bulletin Page. Complete Bulletin Board Servlet. Summary 193
8 Running Servlets.Apache Tomcat. Jrun. ServletExec. Resin. Summary.
9. Debugging Servlets. AHEADS = Servlet Debugging Process. Jbuilder. Forte for Java. VisualCafé. Summary.ServletInputStream Class.ServletOutputStream Class. ServletConfig Interface. ServletContext Interface. ServletException Class. UnavailableException Class. Summary.
III. ADVANCED SERVLET CONCEPTS.
11. Writing Thread-Safe Servlets.What Is Thread Safety? Synchronization. Service, doGet, and doPost Local Variables. SingleThreadModel Interface. Background Threads. Summary.
12. HTTP Redirects.What Is an HTTP Redirect? HTTP Header Syntax for a Redirect. Sending a Redirect from a Servlet. Load-Balancing Servlet Using HTTP Redirects. Summary.
13. Cookies.What Is a Cookie? HTTP Header Syntax for a Cookie. Setting Cookies with the Servlet API. Summary. @CHAPTER 14. State and Session Management.
What Is a Stateless Protocol? What Is a Session? State and Session Management Defined. State and Session Management Methods. Session Management with the Servlet API. Session Listeners and Events. Summary.
15. Request Forwarding, Server-Side Includes, Servlet Chaining.Using the RequestDispatcher Object. Server-Side Includes. Servlet Chaining. Summary.
16. Database Access with JDBC.JDBC Architecture. Accessing a Database. Basics. Advanced Database Concepts. Database Connection Pooling. Introduction to the MySQL Database. Summary.
17. Security.Basic Authentication. Form-Based Authentication. Digest Authentication. Secure Sockets Layer. Summary.
18. JavaServer.Introduction to JSP. Scope Rules. Implicit Objects. Directives. Scripting Elements. Comments. Actions. CCustom Tag Libraries. Using JSP and Servlets Together. Summary.
19. Packaging and Deployment. @AHEADS Building a Web Application Archive. Deploying on Apache Tomcat. Deploying on Jrun. Deploying on ServletExec. Summary.Protocol Explorer Utility. Diagnostics Servlet. Summary.
IV. SAMPLE SERVLETS.
21. Form Mailer Servlet.Building a Web Application. Inside the Template Server. Guest Book Sample Application.
V. SERVLET API QUICK REFERENCE.
24. Javax.Servlet Package.Interface RequestDispatcher. Interface Servlet. Interface ServletConfig. Interface ServletContext. Interface ServletRequest. Interface ServletResponse. Interface SingleThreadModel. Class Generic Servlet. Class ServletInputStream. Class ServletOutputStream. Class ServletException. Class UnavailableException
25. Javax.Servlet.http Package. Interface HttpServletRequest. Interface HttpServletResponse. Interface HttpSession. Interface HttpSessionBindingListener. Class Cookie. Class HttpServlet. Class HttpSessionBindingEvent. Class HttpUtils.Filtering. Application Lifecycle Events. Shared Library Dependencies. New Error and Security Attributes. Welcome Files. New Classes, Interfaces, and Methods.
VI. APPENDICES.
A: Common Well-Known Port Assignments.Future generations will likely rank the Internet alongside the printing press, the airplane, and the personal computer as one of the most revolutionary technologies in history. After seemingly lying dormant for more than two decades, the Internet has emerged from obscurity to capture the interest and imagination of people around the world. One of the primary factors driving this phenomenon is the astounding popularity of the World Wide Web. Globally accessible via the Internet, the Web has forever changed the way information is published and distributed. The first goal of this book is to familiarize you with the underlying technologies that drive the Internet and the World Wide Web.
The Java programming language is another emerging technology whose potential is just beginning to be recognized. Due to its platform-independent nature, standard network interfaces, and many other advantages, Java is the ideal language for Internet programming. Although initially popularized by applets capable of running on any client, the true power of Java is being realized on the server. Among other things, server-side Java allows developers to build dynamic Web sites using a powerful, object-oriented language that is completely portable across virtually all operating systems and hardware. By writing programs for the Java platform, you are in essence developing applications for all existing platforms--from mobile phones to mainframes and everything in between. This kind of portability and cross-platform functionality isunprecedented.
The Internet relies on open standards to ensure that all clients have equal access to the vast amount of information it provides. Similarly, standards are essential to the advancement of the Java platform. Sun Microsystems, Inc., in cooperation with many industry partners and other interested parties, has created a standard for developing server-side Java programs that extend andenhance the functionality of the server. Known as the Java Servlet API, this standard ensures that all servlets will run properly on all platforms for which a Java virtual machine is available.
By conforming to the Servlet API specification, you can guarantee that all of your server-side programs will run on any platform that fully supports Java. After presenting Web development fundamentals, the second and primary goal of this book is to provide an in-depth understanding of Java servlets and the Servlet API through discussion and example.
This edition of Inside Servlets both revises and expands upon the first edition. Primarily, the bulk of the revisions update the text and source code to conform to version 2.2 of the Java Servlet Specification. In addition to conforming to the new specification, the breadth and depth of the book has been greatly expanded. The second edition of Inside Servlets provides comprehensive coverage of several new topics, including security, JavaServer Pages, packaging and deployment, and servlet troubleshooting. The chapter on database access has also been greatly expanded. Finally, this edition includes improved sample servlets, an updated quick reference section, and a complete review of version 2.3 of the Java Servlet Specification.
In general, this book was written for anyone interested in using server-side Java to build dynamic, data-driven Web sites or other networked applications. To this end, Inside Servlets: Server-Side Programming for the Java(TM) Platform, Second Edition, presents an in-depth review of the Servlet API as well as advanced programming concepts essential for successful servlet development. These concepts include writing thread-safe servlets, session management, database access, and security.
More specifically, the book is intended for programmers and consultants who desire to learn Web development fundamentals in addition to server-side Java programming. Much of this audience likely consists of current client/server programmers. After all, in an increasingly Internet-centric world, many client/server programs are being redeveloped as Web applications. This decisionis often driven by the fact that Web applications offer significant distribution and maintenance advantages over traditional client/server systems.
Because Java servlets may represent your first foray into Web development, the first part of the book is dedicated to teaching the basics of the Internet and the World Wide Web. Although basic Web concepts are presented, the Java programming language is not taught. This book assumes a basic knowledge of object-oriented programming and the Java language. If you are not familiar with Java, I recommend reading the Java primer in Java in a Nutshell by David Flanagan. This primer is especially well suited to C programmers. Another personal favorite for learning about Java is Thinking in Java by Bruce Eckel. If you do not already know Java, you may want to have one of these books available as a reference while reading this book.
AAbsolute URLs, 27, 28, 308, 328, 329
Accept header field, 47
Access control list, 440
Accessor methods, 535, 537
ACTION attribute, 60-61
Actions, 481, 528-545, 576
 jsp:forward, 530-531
 jsp:getProperty, 534, 539-541
 jsp:include, 528-530
 jsp:plugin, 531-533
 jsp:setProperty, 534, 541-545
 jsp:useBean, 534, 538-539
Active Server Pages (ASPs), 35, 488, 492
addCookie() method, 148, 317, 321
 HttpServletResponse interface, 745
 HttpServletResponseWrapper class, 803
addDateHeader() method, 151
 HttpServletResponse interface, 745
 HttpServletResponseWrapper class, 803
addHeader() method, 152
 HttpServletResponse interface, 745
 HttpServletResponseWrapper class, 803
addIntHeader() method, 153
 HttpServletResponse interface, 746
 HttpServletResponseWrapper class, 803
Addresses
 Internet, 3, 13-15
 node, 4
Adelman, Leonard, 470
Advanced Research Projects Agency (ARPA), 12
AIX, 222
Algorithms
 asymmetric key, 466
 Diffie-Hellman, 470
 encryption, 465
 hashing, 462
 one-way functions, 469-470
 RSA cryptosystem, 470
Aliases, 204, 224, 227, 232
Allaire Corporation, xvi, 195, 211, 231, 232, 235
 Cold fusion, 488
 JRun, 584
 servlet debuggers from, 259
ALLOWS header, 118
ALT attribute, 34
ALTER TABLE command, 385
Apache Jakarta project, 35, 196, 231. See also Apache Tomcat
Apache Software Foundation, xvi, 196, 231
Apache Struts project, 574
Apache Tomcat, xvi, 35, 74, 77, 89, 105, 195, 196-211, 231, 259, 492, 493, 582-583, 592, 673
 authentication realm display, 448
 basic authentication with, 439, 446-454
 beta version 4.0, 767
 directories, 200
Apache Tomcat (cont.)
 error page with examples Web application, 461
 form-based authentication with, 458-461
 4.x, 767
 installing, 196-199
 and JavaServer Pages, 488-489
 login page included with examples Web application, 460
 output produced by, at startup, 583
 server output indication, 198
 servlet names, initialization parameters, servlet mappings, 204-206
 and servlet reloading, 88
 3.1, 449-450, 458-459
 3.2, 459
 3.x, 767    
 user information determined from basic authentication data, 449
 WAR file for examples Web application, 581, 582
 Web applications, 199-203
 Welcome Page, 198
Apache Web Server, xvi, 35, 74, 195, 199, 212, 231, 440
 Resin as servlet container for, 227
 ServletExec support for, 222
Apostrophes, 29, 401-402
Applets, xv, 33, 39, 72, 75, 81
Application event listeners, 775-777
 configuration, 777
 interfaces, 775
application implicit object, 496, 497-498
Application lifecycle events, 774-778
Application scope objects, 496, 575
Architecture
 JDBC, 373-378
 template server, 694-696
ARPA. See Advanced Research Projects Agency
ASPs. See Active Server Pages
Asymmetric key algorithm, 466
ATG Dynamo Application Server, 74
attributeAdded() method
 HttpSessionAttributesListener, 788
 ServletContextAttributesListener, 786
attributeRemoved() method
 HttpSessionAttributesListener, 788
 ServletContextAttributesListener, 786
attributeReplaced() method
 HttpSessionAttributesListener, 789
 ServletContextAttributesListener, 786
Attribute values
 dynamic, 545-546
Authenticated users
 information retrieval about, 450-451
 methods returning information about, 450
Authentication, 77, 137, 324. See also Security
 basic, 439-454, 478, 479
 challenge, 440, 444
 and database connection, 380
 digest, 439, 462-465, 478, 479
 form-based, 439, 454-461, 478,
479
 HTTP, 45
 and MVC design pattern, 574
Authorization, 447
Autocommit mode, 403
autoFlush attribute, 503-504
AUTO_INCREMENT statement, 383
Automatic flush option, 503BBackground threads, 281, 292-296, 297
"Bad Request" message, 110, 111, 112, 113, 117
Base64, 57
Base64 decoder, 445
Base64 encoding, 442, 462
BaseServlet class, 675, 697
Basic authentication, 478, 479
 introduction to, 439-441
 servlet creation, 441-445
 using with Tomcat, 446-454
BasicAuthServlet, 452
 user authentication, 453
BEA WebLogic Application Server, 74
Berkeley UNIX, 17
Berners-Lee, Tim, 23, 24, 39
Binary data storage, 399
Binary Large Objects, 374, 399
BLOBs. See Binary Large Objects
Bluestone Sapphire Web, 74
BodyContent object
 methods supported by, 561
BodyTag interface, 550
BodyTagSupport class, 551, 556, 560, 561, 563
Borland Software Corporation, 233, 235
Boundary markers, 653, 657
Breakpoints, 243
 adding, 242
 Forte for Java, 247, 250, 251
 VisualCafe, 258, 259
Broadcast messages, 4n1, 10n3, 11
Browsers, 24, 32-34, 464. See also Web browsers
buffer attribute, 504-505
BufferedReader class, 133, 177
Buffers/buffering, 157, 504
Bulletin Board servlet, 161, 194, 209, 210
 complete source code for, 186-193
 functionality of, 161-162
 mainpage of, 162-169
Business transaction security, 439
Bytecode compilation, 73CC, 38
CallableStatement object
 and stored procedures, 407
Callable statements, 374
CAs. See Certificate authorities
Cascading Style Sheets, 59
Case-sensitivity
 and URLs, 26
catch block, 173, 175, 178, 185
Caucho Technology, 195, 227, 228, 232
CDATA elements, 485
CERN (European Laboratory of Particle Physics), 23-24
Certificate authorities (CAs), 467, 479
CGI (Common Gateway Interface), xv, 35, 37-38, 71, 73
 fast, 80, 82
 servlet advantages over, 78-80
CGI environment variable
 and equivalent HttpServletRequest methods, 136
Chaining
 MIME, 368, 370-371, 372
 servlet, 355, 365-371, 372
ChangeCase custom tag, 560-564
Character Large Objects (CLOBs), 374
Characters, special
 URL, 816-817
CharArrayWriter, 146, 147
Check boxes, 62
Checksum, 9
Cipher text, 465
/classes directory, 203
class.forName() method, 378, 379
Classloader object, 88
ClassNotFoundException, 378
CLASSPATH, 88
 and getResourceAsStream, 272-273
 items added to, Forte for Java, 248
 JARS added to, 247
 JSSE JAR files added to, 471-472
CLASSPATH libraries, JBuilder, 237
 creating new, 239
 selection dialog box, 238
clearParameters() method, 399
Clients. See also Session management; State management