Home > Store

XML and Java?: Developing Web Applications, 2nd Edition

Register your product to gain access to bonus material or receive a coupon.

XML and Java?: Developing Web Applications, 2nd Edition


  • Sorry, this book is no longer in print.
Not for Sale



Topic coverage includes:

  • The role of XML and Java in Web applications.
  • Parsing XML documents.
  • How to use the Document Object Model (DOM) Level 1 and DOM Level 2 APIs.
  • How to work with SAX.
  • Techniques for making the most of existing XML processors.
  • W3C XML Schema and OASIS RELAX NG.
  • The XML application server, XML and databases, and XML messaging, including SOAP.
  • Techniques for storing XML documents by using JDBC.
  • Information on Web services, including WSDL and UDDI.
  • How to represent data in XML (data binding).
  • Standard techniques for securing B2B applications.
  • XML Schema languages.


  • Copyright 2002
  • Dimensions: 7-3/8" x 9-1/4"
  • Edition: 2nd
  • Book
  • ISBN-10: 0-201-77004-0
  • ISBN-13: 978-0-201-77004-9

The first edition of XML and Java earned rave reviews for its exceptionally practical, thorough, and example-rich coverage of XML development with Java. Now, the authors -- all leading-edge XML experts from IBM -- have updated the book to reflect the latest XML tools, technologies, and best practices. From start to finish, they provide expert insight and "jumpstart" examples that are immediately applicable to real-world problems. Coverage includes: parsing and generating XML documents; working with DOM/DOM2 and SAX/SAX2; schemas and validation; document manipulation with XPath and XSLT; and utilizing advanced XML parsers. The authors introduce XML programming with servlets and JSP; XML database integration; XML messaging and Web services; data binding and security solutions; and more.


CD Contents

Untitled Document Download the CD Contents from this title.

Sample Content

Online Sample Chapter

XML and Java: Bridging Application Data Structure and XML

Downloadable Sample Chapter

Click below for Sample Chapter(s) related to this title:
Sample Chapter 8

Table of Contents



1. Web Applications, XML, and Java.


Structure of This Book.

Web Applications.

From Static Contents to Dynamic Contents.

From B2C to B2B-From Web for Eyeballs to Web for Programs.

Interoperability Is Everything.

From Distributed Applications to Decentralized Applications.

The World of Web Services-More Dynamic Integration.

Other Application Areas of XML.


Configuration Files.

Rich Documents.

Some XML Basics.

Standardization Process.

Validity and Well-Formedness.



2. Parsing XML Documents.


XML Processors.

Working with Xerces.

Basics of Parsing Documents.

Parsing Well-Formed Documents.

Parsing Valid Documents.

Design Point: Well-Formed versus Valid.

More about Parsing XML Documents.

Parsing XML Documents with Namespaces.

Parsing XML Documents with XML Schema.

Design Point: The DTD versus XML Schema.

Parsing XML Documents with JAXP.

Design Point: JAXP and XercesNative API.

Programming Interfaces for Document Structure.

DOM: Tree-Based API.

SAX: Event-Driven API.

Design Point: DOM versus SAX.


3. Generating and Serializing XML Documents.


Creating a DOM Tree from Scratch.

Creating a Document Object.

Creating and Appending Child Nodes.

Handling Namespaces.

Validating a Generated DOM Tree.

Serializing a DOM Tree.

Using the XMLSerializer Package.

Discussions about Serialization.

Handling Whitespace.


XML Declarations.

Charset Parameter.


4. Working with DOM.


DOM Basics.

Accessing and Updating the Status of a Node.

Accessing Structural Information.

Inserting, Detaching, and Replacing a Child Node.

DOM Tree and Attributes.

Advanced DOM.

How to Simplify Your Code by Removing Entity References.

Tree Traversal.

DOM Collection Is Live.

Moving Nodes over Documents.

Namespaces in DOM.


5. Working with SAX.


Basic Tips for Using SAX.


Using and Writing SAX Filters.

New Features of SAX2.

DOM versus SAX.

Performance: Memory and Speed.

Conversion from DOM to SAX and Vice Versa.


6. Parser Tricks.


General Tricks.

Namespace Validation with DTDs.

Entity Resolution.

Working with Sockets.

Basic Xerces Tricks.

Extended Parser Options.

Custom DOM Implementation.

Advanced Xerces Tricks.

The Xerces Native Interface.

Components and the Component Manager.

Parser Configurations.

Building Parser Configurations from Xerces2 Components.


7. XPath and XSLT.


What Is XPath?

Syntax and Semantics of XPath.

XPath and Namespaces.

XPath Programming in Java.


What Is XSLT?

Syntax and Semantics of XSLT.

XSLT Programming in Java.

Pros and Cons of XSLT, XPath, DOM, and SAX.

Execution Efficiency.

Development Efficiency.


8. Bridging Application Data Structure and XML.


Mapping to Almost Isomorphic Tree Structures.

Structure Adjustment by XSLT.

Mapping to Tables.

Mapping to Hash Tables.

Mapping to Graph Structures.


9. Working with Schemas: Datatypes and Namespaces.


W3C XML Schema.

Mimicking DTDs.


Using Namespaces.

Advanced Features.

Further Information.


Mimicking DTDs.

Using Datatypes and Facets of W3C XML Schema.

Using Namespaces.

Co-occurrence Constraints.

Further Information.


10. XML Application Server.

The Background of the XML Application Server.

The Need for a Common Framework for Building Web Applications.

What Is an XML Application Server?


Returning XML Documents from a Servlet.

Receiving XML Documents.

Considerations for State Management.

JavaServer Pages.

What Is JSP?

An Informational JSP Returning XML Documents.

The Combination of Servlet and JSP.

Apache Cocoon.

Having Well-Grounded Goals.

Integrating and Multichanneling XML Documents Using Cocoon.


11. XML and Databases.


Storing and Searching for XML Documents.

Mapping from an XML Document to Tables.

Designing Relational Tables.

Defining the Primary Keys in a Table.

Designing a Table for MultiplyOccurring Elements.

Datatype Mapping.

Semantics of Data.

Two Approaches.

Mapping from Tables to an XML Document.

Nested and Flat Representation.

Element versus Attribute Representation.

Program Examples.

Mapping Method.

XPath Method.

A Servlet for Accessing a Database.

Working with EJB.

The Importance of EJB.

A Simple EJB.


12. XML Messaging.


Distributed Computing and Interoperability.

Overview of XML Messaging.

New-Generation Distributed Programming.

Simple Object Access Protocol.

The Birth of SOAP.

Travel Reservation Example.

Basic Concepts of SOAP.

To Use SOAP or Not?

SOAP Engines.

Prototyping a SOAP Engine.

SOAP Engine Products.

Java API for SOAP.


13. Web Services.

Emergence of Web Services.

Publishing, Finding, and Integration.

What Are Web Services?

Status of Web Services.

Web Services Description.

Overview of WSDL.

WSDL as an Interface Definition Language.

WSDL Tools.

Programming with WSDL4J.


Service Registration and Discovery.

Overview of UDDI.

Programming with UDDI4J.

Registering WSDL with the UDDI Registry.

Application to Dynamic e-Business.

Application Scenario.

Discovering Businesses on the Fly.

Dynamic Binding.

Enterprise Web Services.


14. Security.


IT System Security in General.

Security Requirements on B2B Systems.

Security of Communication.

Access Control.


Server Authentication.

Client Authentication.

Selecting a Public-Key Infrastructure.

Configuring a Server and a Client for SSL/TLS.

SSL/TLS Programming in Java.

Firewall Considerations.

Summary of Using SSL/TLS.

XML Digital Signature.

XML Canonicalization.

XML Digital Signature Sample.

Signing XML Documents with XML Security Suite for Java.

Verifying XML Digital Signature with XML Security Suite for Java.

Access Control in Java.

Declarative Access Control and Programmatic Access Control.

Declarative Access Control.

Programmatic Access Control.

Security Architecture of EJB.

Security in Web Services.

Using SSL/TLS and XML Digital Signature in SOAP.

Access Control in SOAP Applications.

Partial Encryption of XML.

Security Service as Web Services.


15. Data Binding.


Generating Java Classes from a Schema.



Pros and Cons of Generating a Java Program from a Schema

Generating an XML Document from Java Classes.

Castor XML.

Pros and Cons of Generating XML Documents from Java Classes.

SOAP Encoding.


16. Principles of Schema Languages.


Schemas as Syntactic Constraints.

Checking Unexpected Documents.

What Happens If We Neglect Schemas?

Desiderata for Schema Languages.

Schemas as Data Models.

Documents as Character Strings.

Documents as Trees.

Documents as Data Compliant with Schemas.

Documents as Information for Web Applications.

Desiderata for Schema Languages.

Interworking with Other Software.

Interworking with Programming Languages.

Relational Databases.

Desiderata for Schema Languages.

General-Purpose Schema Languages.


W3C XML Schema.



Special-Purpose Schema Languages.

RDF Schema.

RELAX Namespace.


Appendix A.

Appendix B. Useful Links and Books.





Platform and SDK.

Web Applications.




Web Services.







Web Services.

Other Topics.

Appendix C. XML-Related Standardization Activities.

XML Core.


XML Fragment Interchange.

XML Inclusions.

XML Infoset.

XML Tools.


XML Pointer, XML Base, and XML Linking.

Extensible Stylesheet Language.

Schema Languages.

XML Schema.




Document Object Model.

Simple API for XML.

XML Security.

XML Signature.

XML Encryption.

Platform for Privacy Preferences Project.

Web Services.

XML Protocol (SOAP).

Web Services Description Language.

Universal Description, Discovery, and Integration.

Java Specification Requests.

Other Topics.

Web Distributed Authoring and Versioning.

Wireless Markup Language.


XML Query.

Appendix D. JDBC Primer.


JDBC Package.

Loading a JDBC Driver.

Connecting to a Database.

Submitting a Query.

Using a Connection Pool.

Index. 0201770040T05092002


When we had an opportunity of writing a book on XML in February 1998, which was just after we had released the first XML4J Parser from IBM’s alphaWorks Web site, we discussed what we could achieve through publishing a book. We immediately came to a conclusion that a book on how to develop programs that deal with XML as data would be the most needed and we could contribute through our experience in writing the parser. There were several XML books on the market but most of them were either about the specifications themselves or about creating XML documents. Very few of them described how to write programs with XML as input and output data format. Because Java was the implementation language of XML4J Parser, and also because there are many features that make XML and Java are a perfect match such as built-in Unicode character support, it was a natural choice to pick Java as the programming language. More importantly, Java was becoming the mainstream language for server side programming. We believe that the first edition of the book satisfied, at least to a certain extent, the needs of developers who desperately needed to know the potential and limitations of these two emerging technologies and how they can be best applied to real world situations.

We keep the same goals in this edition with more new technologies—to show how the emerging technologies around XML and Java, such as DOM Level 2, SAX2, XSLT, J2EE, XML Schema, and Web Services, are combined to solve real world problems and to discuss how these technologies will change the way the future e-Business applications will be developed. The first edition of the book was never an introduction nor a reference to each technology piece, and the second edition is not, either. Each of these topics is worth an entire book. We do not list all the features of these technologies. Instead, we explain why you should be interested in them and how you can apply them to your problem by showing real world examples.

This book has two parts. Part I covers basic tools for dealing with XML in a Java environment. Here we concentrate on the solid, stable technologies only. XML technologies that were not W3C recommendations at the time of writing, are not included deliberately. That Part I is about “basic” technologies does not mean that these chapters are introductory. It simply means that these technologies and tools are the absolute minimum that you need to understand in order to develop an XML-based application. Seasoned developers who trust only basic and proven tools will also find these chapters useful, as we covered a lot of programming techniques and hints for making the most out of these tools. In Part II, on the other hand, we included emerging technologies such as SOAP and Web Services, which we believe crucial for the future e-business solutions. For those who are looking for new technologies for their next projects and need to understand the potential and limitations of these technologies, chapters in Part II will be particularly useful.

All the sample programs in the book are available in the accompanying CD-ROM. Each sample has its own README file that describes how to set up and run it. It is our strong belief that knowledge on new software technologies can be acquired only through playing with them—running them, changing the configurations and modifying lines of code and re-running them to see the effects. We recommend that the readers try the samples in the CD-ROM as much as possible. We made every effort that the samples are complete and run on most, if not all, platforms that support the latest Java runtimes. Any updates on the contents of the book can be downloaded from the publisher’s Web site.



Hiroshi Maruyama, Kent Tamura, and Naohiko Uramoto released one of the first books that provided a practical introduction to developing XML applications using Java in early 1999. Three years later, much has happened in the XML community: many new specifications have been released that were not discussed in the first edition, and some have been widely implemented in both commercial products and open source software, usually written in Java. Furthermore, the Java and XML communities have become more tightly integrated than they were in 1999, when many Java developers saw XML as more of a threat than an opportunity. Now the mantra “Java is portable code, XML is portable data” is repeated frequently.

The release of XML and Java, Second Edition roughly coincides with the release of JDK 1.4, which incorporates XML technologies into the very core of Java. Sun has defined the Java API for XML Processing (JAXP) that incorporates both the de facto standard SAX API and the World Wide Web Consortium’s Document Object Model (DOM) API. Also, JAXP fills in some of the gaps between these cross-platform standards to define JAXP APIs for loading, configuring, and invoking an XML parser and serializing DOM objects to XML text. Additional Java tools are being developed to assist in other XML-related tasks, such as the JAXM for XML messaging and JAXB to “compile” XML schemas into Java classes that automatically parse, validate, and serialize instances of them. Even more importantly, the basic XML functionality is automatically available to JDK and JRE 1.4 users without additional downloading or installation.

XML and Java, Second Edition is an excellent resource for Java developers and system architects or advanced students needing to understand how to work with these new XML features being tightly bundled with Java. It assumes a basic working knowledge of XML and Java, so the experienced reader need not skip over widely covered introductory material. Furthermore, it exploits the combined expertise of the various authors while avoiding most of the discontinuity, redundancy, and inconsistency all too common in multi-author books.

The book is organized into two parts, the first set of chapters (mostly written by Maruyama, Tamura, and Uramoto) effectively covers the core XML technologies such as XML namespaces, SAX, DOM, schemas, and XSLT and how they can be used in Java programs. Part II primarily covers more experimental or Java-specific tools such as application servers and EJB, messaging, data binding, and Web Services tools such as SOAP, UDDI, and WSDL. In less knowledgeable hands, this wealth of material could be overwhelming, but the authors’ deep expertise in these subjects allows them to handle it quite effectively, offering both concrete examples and high-level design guidance. Ryo Neyama’s Chapter 10 provides a very useful overview of server-side Java XML programming using servlets, JSP, and Apache Cocoon. Yuichi Nakamura contributes two chapters on XML messaging and Web services that clearly show that Java developers have all they tools they need to participate in the Web Services revolution. The principal authors contribute chapters describing the state of the art in using databases, security services, and the generation of Java classes from XML schema. The accompanying CD-ROM contains plenty of material for hands-on learning of the techniques covered in the book.

The emphasis throughout the book is on how to use the cross-platform standard tools from Java code; the authors do not succumb to the temptation to spend much time on those XML tools that exploit Java’s strengths and idioms. This leaves the reader better equipped to work with XML on other platforms as well as from Java, and the knowledgeable Java programmer who understands the XML standards will have little trouble picking up the Java-specific tools.

This is not to say that the authors uncritically describe the Sun or W3C view of Java or XML. It provides an independent perspective, such as by illustrating how to use the Apache Xerces XML parser via the Java-standard JAXP interfaces instead of the Crimson parser included with JAXP. Likewise, Andy Clark’s Chapter 6 on Parser Tricks shows how to use some of the more complex and obscure bits of XML (such as external parsed entities) effectively by using the features of the Apache Xerces parser. Other challenges one faces in the terra incognita at the borders of XML and Java technology are described, and routes around the worst pitfalls mapped.

One especially valuable feature of XML and Java, Second Edition is its treatment of the rather contentious subject of XML schemas and DTDs. XML 1.0 defines a Document Type Definition syntax describing constraints on XML structures that a validating parser must enforce, and the W3C has more recently produced Recommendation defining an XML Schema Definition Language. The W3C schema language has not been particularly well received in the XML community, however, and several alternatives have been proposed. The International Organization for Standardization has undertaken an effort to define an international standard ISO/IEC JTC1/SC34 Document Schema Definition Language (DSDL), which covers XML DTDs, W3C schemas, the RELAX-NG XML schema language, and the Schematron XPath-based tree pattern constraint language. It appears that XML users will have a menu of standard schema language options to choose from, some more appropriate than others for specific situations but none completely suitable for all scenarios.

This book has two chapters covering these subjects written by Makoto Murata, a co-author of the RELAX-NG specification and a researcher who has convincingly applied mathematical techniques to practical problems in the XML world. Chapter 9 presents information about XML schemas likely to be most useful to practitioners: it says what problems they are supposed to solve, presents the ways in which DTDs, W3C Schema, and RELAX-NG address these problems, and summarizes the strengths and weaknesses of each. Chapter 16 addresses the larger principles at stake here in more depth, covering additional schema languages such as Schematron and RDF Schema. Together, these chapters provide a concise but rather profound summary of the state of the art in XML schema language theory and practice that should be of great use in guiding Java developers through the dynamic but confusing world of XML schemas.

The first edition of XML and Java played an important role in introducing Java developers to XML. The second edition not only brings this introduction up to date as Java and XML have evolved, but also shows the authors’ deepening understanding of these technologies and how they fit together.

Michael Champion
Advisory Research and Development Specialist, Software AG
Darmstadt, Germany


Click below to download the Index file related to this title:


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020