Home > Store

More Servlets and JavaServer Pages (JSP)

Register your product to gain access to bonus material or receive a coupon.

More Servlets and JavaServer Pages (JSP)


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2002
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-067614-4
  • ISBN-13: 978-0-13-067614-6

  • Companion to the worldwide bestseller Core Servlets and JavaServer Pages
  • Practical guide to the use of the Java Platform for Web-enabled applications and dynamic Web sites
  • Focus on new capabilities: the servlet 2.3 and JSP 1.2 specifications, the standard JSP tag library (JSPTL), filters, life-cycle event listeners, security, Web applications, and much more
  • Configuration and usage details for Apache Tomcat, Macromedia JRun, and New Atlanta ServletExec

The Java 2 Platform has become the technology of choice for developing professional e-commerce applications, dynamic Web pages, and Web-enabled applications and services. Servlet and JSP technology is the foundation of this platform: it provides the link between Web clients and server-side applications. But, the field has been evolving rapidly, and few developers have been able to keep up. In this companion to Core Servlets and JavaServer Pages, Marty Hall shows you how to apply recent advances in servlet and JSP technology. The book provides everything you need to know to leverage the latest servlet 2.3 and JSP 1.2 standards: real-world insight, advanced techniques, industrial-strength code, and hands on coverage of three top servers: Apache Tomcat, Macromedia JRun, and New Atlanta ServletExec.

  • Part I gives a thorough introduction to programming with servlet and JSP technology. It shows you how to configure your server, read form data and HTTP headers, handle cookies, track sessions, apply JSP scripting elements, use JavaBeans components, develop JSP tag libraries, and apply the MVC architecture.
  • Part II provides exhaustive details on Web application development and deployment. It explains how to register Web applications, how to organize them, how to deploy them in WAR files, how to deal with relative URLs, and how to share data among Web applications. It also gives details on every element in version 2.3 of the deployment descriptor (web.xml).
  • Part III describes Web application security in detail. It explains two general strategies for securing your applications: declarative security and programmatic security. Within each of these strategies, it shows you how to use form-based or BASIC authentication and how to protect your network traffic with SSL.
  • Part IV covers two features introduced with servlets 2.3: filters and life-cycle events. It explains how to use filters to debug, modify, and optimize the output of previously existing servlets and JSP pages. It also shows you how to use event listeners to respond to major events in the server life cycle.
  • Part V looks at new tag library developments. It shows you how to improve your own tag libraries by making use of new capabilities of the JSP 1.2 specification and explains how to streamline your code by using the new standard JSP tag library (JSPTL).

More Servlets and JavaServer Pages delivers:

  • The same clear, step-by-step explanations that make Marty's books so popular
  • In-depth, hands-on coverage of the latest standards: servlets 2.3 and JSP 1.2
  • Hundreds of completely portable, fully documented, industrial-strength examples
  • On-line access to all source code, available free for unrestricted use

Sample Content

Online Sample Chapters

A Fast Introduction to Basic Servlet Programming

Declarative Web Application Security with Servlets and JSP

Servlet and JSP Application Events Framework

Using and Deploying Web Applications with Servlets and JSP

Table of Contents


About the Author.


Who Should Read This Book.

Book Distinctives.

Integrated Coverage of Servlets and JSP. Real Code. Step-by-Step Instructions. Server Configuration and Usage Details.

How This Book Is Organized.

I. The Basics. II. Web Applications. III. Web Application Security. IV. Major New Servlet JSP Capabilities. V. New Tag Library Capabilities.


About the Web Site.


1. Server Setup and Configuration.

Download the Java Development Kit (JDK). Download a Server for Your Desktop. Change the Port and Configure Other Server Settings. Test the Server. Try Some Simple HTML and JSP Pages. Set Up Your Development Environment. Compile and Test Some Simple Servlets. Establish a Simplified Deployment Method. Deployment Directories for Default Web Application: Summary.

2. A Fast Introduction to Basic Servlet Programming.

The Advantages of Servlets Over “Traditional” CG. Basic Servlet Structure. The Servlet Life Cycle. The Client Request: Form Data. The Client Request: HTTP Request Headers. The Servlet Equivalent of the Standard CGI Variables. The Server Response: HTTP Status Codes. The Server Response: HTTP Response Headers. Cookies. Session Tracking.

3. A Fast Introduction to Basic JSP Programming.

JSP Overview. Advantages of JSP. Invoking Code with JSP Scripting Elements. Structuring Autogenerated Servlets: The JSP page Directive. Including Files and Applets in JSP Documents. Using JavaBeans with JSP. Defining Custom JSP Tag Libraries. Integrating Servlets and JSP: The MVC Architecture.

4. Using and Deploying Web Applications.

Registering Web Applications. Structure of a Web Application. Deploying Web Applications in WAR Files. Recording Dependencies on Server Libraries. Handling Relative URLs in Web Applications. Sharing Data Among Web Applications.

5. Controlling Web Application.

Behavior with web.xml. Defining the Header and Root Elements. The Order of Elements within the Deployment Descriptor. Assigning Names and Custom URLs. Disabling the Invoker Servlet. Initializing and Preloading Servlets and JSP Pages. Declaring Filters. Specifying Welcome Pages. Designating Pages to Handle Errors. Providing Security. Controlling Session Timeouts. Documenting Web Applications. Associating Files with MIME Types. Locating Tag Library Descriptors. Designating Application Event Listeners. J2EE Elements.

6. A Sample Web Application: An Online Boat Shop.

General Configuration Files. The Top-Level Page. The Second-Level Pages. The Item Display Servlet. The Purchase Display Page.


7. Declarative Security.

Form-Based Authentication. Example: Form-Based Authentication. BASIC Authentication. Example: BASIC Authentication. Configuring Tomcat to Use SSL.

8. Programmatic Security.

Combining Container-Managed and Programmatic Security.

Example: Combining Container-Managed and Programmatic Security. Handling All Security Programmatically. Example: Handling All Security Programmatically. Using Programmatic Security with SSL. Example: Programmatic Security and SSL.


9. Servlet and JSP Filters.

Creating Basic Filters. Example: A Reporting Filter. Accessing the Servlet Context from Filters. Example: A Logging Filter. Using Filter Initialization Parameters. Example: An Access Time Filter. Blocking the Response. Example: A Prohibited-Site Filter. Modifying the Response. Example: A Replacement Filter. Example: A Compression Filter. The Complete Filter Deployment Descriptor.

10. The Application Events Framework.

Monitoring Creation and Destruction of the Servlet Context. Example: Initializing Commonly Used Data. Detecting Changes in Servlet Context Attributes. Example: Monitoring Changes to Commonly Used Data. Packaging Listeners with Tag Libraries. Example: Packaging the Company Name Listeners. Recognizing Session Creation and Destruction. Example: A Listener That Counts Sessions. Watching for Changes in Session Attributes. Example: Monitoring Yacht Orders. Using Multiple Cooperating Listeners. The Complete Events Deployment Descriptor.


11. New Tag Library Features in JSP 1.2.

Using the New Tag Library Descriptor Format. Bundling Listeners with Tag Libraries. Checking Syntax with TagLibraryValidator. Aside: Parsing XML with SAX 2.0. Handling Exceptions with the TryCatchFinally Interface. New Names for Return Values. Looping without Generating BodyContent. Introducing Scripting Variables in the TLD File.

12. The JSP Standard Tag Library.

Using JSTL: An Overview. Installing and Configuring JSTL. Looping with the forEach Tag. Accessing the Loop Status. Looping with the forTokens Tag. Evaluating Items Conditionally. Using the Expression Language.

Appendix: Server Organization and Structure.



Suppose your company wants to sell products online. You have a database that gives the price and inventory status of each item. But, your database doesn't speak HTTP, the protocol that Web browsers use. Nor does it output HTML, the format Web browsers need. What can you do? Once users know what they want to buy, how do you gather that information? You want to customize your site based on visitors' preferences and interests-how? You want to let users see their previous purchases, but you don't want to reveal that information to other visitors. How do you enforce these security restrictions? When your Web site becomes popular, you might want to compress pages to reduce bandwidth. How can you do this without causing your site to fail for the 30% of visitors whose browsers don't support compression? In all these cases, you need a program to act as the intermediary between the browser and some server-side resource. This book is about using the Java platform for this type of program.

"Wait a second," you say. "Didn't you already write a book about that?" Well, yes. In May of 2000, Sun Microsystems Press and Prentice Hall released my second book, Core Servlets and JavaServer Pages. It was successful beyond everyone's wildest expectations, selling approximately 100,000 copies in the first year, getting translated into Bulgarian, Chinese, Czech, French, German, Hebrew, Japanese, Korean, Polish, Russian, and Spanish, and being chosen by Amazon.com as one of the top five computer programming books of 2001. Even better, I was swamped with requests for what I really like doing: teaching short courses for developers in industry. Despite having to decline most of the requests, I was still able to teach servlet and JSP short courses in Australia, Canada, Japan, the Philippines, and at a variety of U.S. venues. What fun!

Since then, use of servlets and JSP has continued to grow at a phenomenal rate. The Java 2 Platform has become the technology of choice for developing e-commerce applications, dynamic Web sites, and Web-enabled applications and service. Servlets and JSP continue to be the foundation of this platform—they provide the link between Web clients and server-side applications. Virtually all major Web servers for Windows, Unix (including Linux), MacOS, VMS, and mainframe operating systems now support servlet and JSP technology either natively or by means of a plugin. With only a small amount of configuration, you can run servlets and JSP in Microsoft IIS, iPlanet/Netscape Enterprise Server, the Apache Web Server, IBM WebSphere, BEA WebLogic, and dozens of other servers. Performance of both commercial and open-source servlet and JSP engines has improved significantly.

However, the field continues to evolve rapidly. For example:

  • The official servlet and JSP reference implementation is no longer developed by Sun. Instead, it is Apache Tomcat, an open-source product developed by a team from many different organizations.
  • Use of Web applications to bundle groups of servlets and JSP pages has grown significantly.
  • Portable mechanisms for enforcing Web application security have started to displace the server-specific mechanisms that were formerly used.
  • Version 2.3 of the servlet specification was released (August 2001). New features in this specification include servlet and JSP filters, application life-cycle event handlers, and a number of smaller additions and changes to existing APIs and to the deployment descriptor (web.xml).
  • Version 1.2 of the JSP specification was released (also August 2001). This version lets you bundle event listeners with tag libraries, lets you designate XML-based programs to check the syntax of pages that use custom tags, and supplies interfaces that let your custom tags loop more efficiently and handle errors more easily. JSP 1.2 also makes a number of smaller changes and additions to existing APIs and to the TLD file format.
  • XML has become firmly entrenched as a data-interchange language. Servlet and JSP pages use it for configuration files. Tag library validators can use it to verify custom tag syntax. JSP pages can be represented entirely in XML.
  • Throughout 2000 and 2001, the JSR-052 expert group put together a standard tag library for JSP. In November of 2001 they released early access version 1.2 of this library, called JSTL (JSP Standard Tag Library). This library provides standard tags for simple looping, iterating over a variety of data structures, evaluating content conditionally, and accessing objects without using explicit scripting code.

Whew. Lots of changes. The new features are very useful, but is there a single place where you can learn about all of them? Here! That's why I wrote this book: to show developers how to make use of all of these new features. If you aren't familiar with basic servlet and JSP development, don't worry. I provide a thorough review at the beginning of the book.

Who Should Read This Book

This book is aimed at two main groups.

The first group is composed of people who are familiar with basic servlet and JSP development and want to learn how to make use of all the new capabilities I just described.

However, if you are new to this technology, there is no need to go away and learn older servlet and JSP versions and then come back to this book. Assuming you are familiar with the basics of the Java programming language itself, you fit into the second main group for whom this book is designed. For you, I start the book with a detailed review of the foundations of servlet and JSP programming, set in the context of the servlet 2.3 and JSP 1.2 specifications. Furthermore, when space prevents coverage of some of the finer points of basic development, I cite the specific sections of Core Servlets and JavaServer Pages that provide details and put those sections online at http://www.moreservlets.com.

Although this book is well suited for both experienced servlet and JSP programmers and newcomers to the technology, it assumes that you are familiar with basic Java programming. You don't have to be an expert Java developer, but if you know nothing about the Java programming language, this is not the place to start. After all, servlet and JSP technology is an application of the Java programming language. If you don't know the language, you can't apply it. So, if you know nothing about basic Java development, start with a good introductory book like Thinking in Java, Core Java, or Core Web Programming. Come back here after you are comfortable with at least the basics.

Book Distinctives

This book has four important characteristics that set it apart from many other similar-sounding books:

  • Integrated coverage of servlets and JSP. The two technologies are closely related; you should learn and use them together.
  • Real code. Complete, working, documented programs are essential to learning; I provide lots of them.
  • Step-by-step instructions. Complex tasks are broken down into simple steps that are illustrated with real examples.
  • Server configuration and usage details. I supply lots of concrete examples to get you going quickly.

Integrated Coverage of Servlets and JSP

One of the key philosophies behind Core Servlets and JavaServer Pages was that servlets and JSP should be learned (and used!) together, not separately. After all, they aren't two entirely distinct technologies: JSP is just a different way of writing servlets. If you don't know servlet programming, you can't use servlets when they are a better choice than JSP, you can't use the MVC architecture to integrate servlets and JSP, you can't understand complex JSP constructs, and you can't understand how JSP scripting elements work (since they are really just servlet code). If you don't understand JSP development, you can't use JSP when it is a better option than servlet technology, you can't use the MVC architecture, and you are stuck using print statements even for pages that consist almost entirely of static HTML.

In this book, an integrated approach is more important than ever. Web applications let you bundle both servlets and JSP pages into a single file or directory. The custom URLs, initialization parameters, preload settings, and session timeouts of the deployment descriptor apply equally to servlets and JSP pages. Declarative security applies equally to both technologies. The new filtering capability applies to both. Event listeners apply to both. The jx portion of the JSP standard tag library (JSTL) is mostly predicated on the assumption that the JSP page is presenting data that was established by a servlet. Servlets and JSP go together!

Real Code

Sure, small code snippets are useful for introducing concepts. The book has lots of them. But, for you to really understand how to use various techniques, you also need to see the techniques in the context of complete working programs. Not huge programs: just ones that have no missing pieces and thus really run. I provide plenty of such programs, all of them documented and available for unrestricted use at www.moreservlets.com.

Step-by-Step Instructions

When I was a graduate student (long before Java existed), I had an Algorithms professor who explained in class that he was a believer in step-by-step instructions. I was puzzled: wasn't everyone? Not at all. Sure, most instructors explained simple tasks that way, but this professor took even highly theoretical concepts and said "first you do this, then you do that," and so on. The other instructors didn't explain things this way; neither did my textbooks. But, it helped me enormously.

If such an approach works even for theoretical subjects, how much more should it work with applied tasks like those described in this book?

Server Configuration and Usage Details

When I first tried to learn server-side programming, I grabbed a couple of books, the official specifications, and some online papers. Almost without fail, they said something like "since this technology is portable, we won't cover specifics of any one server." Aargh. I couldn't even get started. After hunting around, I downloaded a server. I wrote some code. How did I compile it? Where did I put it? How did I invoke it?

Servlet and JSP code is portable. The APIs are standardized. But, server structure and organization are not standardized. The directory in which you place your code is different on ServletExec than it is on JRun. You set up SSL differently with Tomcat than you do with other servers. These details are important.

Now, I'm not saying that this is a book that is specific to any particular server. I'm just saying that when a topic requires server-specific knowledge, it is important to say so. Furthermore, specific examples are helpful. So, when I describe a topic that requires server-specific information like the directory in which to place a Web application, I first explain the general pattern that servers tend to follow. Then, I give very specific details for three of the most popular servers that are available without cost for desktop development: Apache Tomcat, Macromedia/Allaire JRun, and New Atlanta ServletExec.

How This Book Is Organized

This book consists of five parts:

  • Part I: The Basics. Server setup and configuration. Basic servlet programming. Basic JSP programming.
  • Part II: Web Applications. Using and deploying Web applications. Controlling behavior with web.xml. A larger example.
  • Part III: Web Application Security. Declarative security. Programmatic security. SSL.
  • Part IV: Major New Servlet and JSP Capabilities. Servlet and JSP filters. Application life-cycle event listeners.
  • Part V: New Tag Library Capabilities. New tag library features in JSP 1.2. The JSP Standard Tag Library (JSTL).

Part I: The Basics

  • Server setup and configuration.
  • Downloading the JDK.
  • Obtaining a development server.
  • Configuring and testing the server.
  • Deploying and accessing HTML and JSP pages.
  • Setting up your development environment.
  • Deploying and accessing servlets.
  • Simplifying servlet and JSP deployment.
  • Basic servlet programming.
  • The advantages of servlets over competing technologies.
  • The basic servlet structure and life cycle.
  • Servlet initialization parameters.
  • Access to form data.
  • HTTP 1.1 request headers, response headers, and status codes.
  • The servlet equivalent of the standard CGI variables.
  • Cookies in servlets.
  • Session tracking.
  • Basic JSP programming.
  • Understanding the benefits of JSP.
  • Invoking Java code with JSP expressions, scriptlets, and declarations.
  • Structuring the servlet that results from a JSP page.
  • Including files and applets in JSP documents.
  • Using JavaBeans with JSP.
  • Creating custom JSP tag libraries.
  • Combining servlets and JSP: the Model View Controller (Model 2) architecture.

Part II: Web Applications

  • Using and deploying Web applications.
  • Registering Web applications with the server.
  • Organizing Web applications.
  • Deploying applications in WAR files.
  • Recording Web application dependencies on shared libraries.
  • Dealing with relative URLs.
  • Sharing data among Web applications.
  • Controlling Web application behavior with web.xml.
  • Customizing URLs.
  • Turning off default URLs.
  • Initializing servlets and JSP pages.
  • Preloading servlets and JSP pages.
  • Declaring filters for servlets and JSP pages.
  • Designating welcome pages and error pages.
  • Restricting access to Web resources.
  • Controlling session timeouts.
  • Documenting Web applications.
  • Specifying MIME types.
  • Locating tag library descriptors.
  • Declaring event listeners.
  • Accessing J2EE Resources.
  • Defining and using a larger Web application.
  • The interaction among components in a Web application.
  • Using sessions for per-user data.
  • Using the servlet context for multiuser data.
  • Managing information that is accessed by multiple servlets and JSP pages.
  • Eliminating dependencies on the Web application name.

Part III: Web Application Security

  • Declarative security.
  • Understanding the major aspects of Web application security.
  • Authenticating users with HTML forms.
  • Using BASIC HTTP authentication.
  • Defining passwords in Tomcat, JRun, and ServletExec.
  • Designating protected resources with the security-constraint element.
  • Using login-config to specify the authentication method.
  • Mandating the use of SSL.
  • Configuring Tomcat to use SSL.
  • Programmatic security.
  • Combining container-managed and programmatic security.
  • Using the isUserInRole method.
  • Using the getRemoteUser method.
  • Using the getUserPrincipal method.
  • Programmatically controlling all aspects of security.
  • Using SSL with programmatic security.

Part IV: Major New Servlet JSP Capabilities

  • Servlet and JSP filters.
  • Designing basic filters.
  • Reading request data.
  • Accessing the servlet context.
  • Initializing filters.
  • Blocking the servlet or JSP response.
  • Modifying the servlet or JSP response.
  • Using filters for debugging and logging.
  • Using filters to monitor site access.
  • Using filters to replace strings.
  • Using filters to compress the response.
  • Application life-cycle event listeners.
  • Understanding the general event-handling strategy.
  • Monitoring servlet context initialization and shutdown.
  • Setting application-wide values.
  • Detecting changes in attributes of the servlet context.
  • Recognizing creation and destruction of HTTP sessions.
  • Analyzing overall session usage.
  • Watching for changes in session attributes.
  • Tracking purchases at an e-commerce site.
  • Using multiple cooperating listeners.
  • Packaging listeners in JSP tag libraries.

Part V: New Tag Library Capabilities

  • New tag library features in JSP 1.2.
  • Converting TLD files to the new format.
  • Bundling life-cycle event listeners with tag libraries.
  • Checking custom tag syntax with TagLibraryValidator.
  • Using the Simple API for XML (SAX) in validators.
  • Handling errors with the TryCatchFinally interface.
  • Changing names of method return values.
  • Looping without creating BodyContent.
  • Declaring scripting variables in the TLD file.
  • The JSP Standard Tag Library (JSTL).
  • Downloading and installing the standard JSP tag library.
  • Reading attributes without using Java syntax.
  • Accessing bean properties without using Java syntax.
  • Looping an explicit number of times.
  • Iterating over various data structures.
  • Checking iteration status.
  • Iterating with string-based tokens.
  • Evaluating expressions conditionally.
  • Using the JSTL expression language to set attributes, return values, and declare scripting variables.

About the Web Site

The book has a companion Web site at http://www.moreservlets.com/. This free site includes:

  • Documented source code for all examples shown in the book; this code can be downloaded for unrestricted use.
  • Up-to-date download sites for servlet and JSP software.
  • Links to all URLs mentioned in the text of the book.
  • Information on book discounts.
  • Reports on servlet and JSP short courses.
  • Book additions, updates, and news.


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020