Servlet Framework
1. Web Servers
1.1. Web Application versus Standalone Application
Standalone Application
Interaction: how does the user interact with App
Through user interface:
- Base on customer requirements.
- Implemented using libs that are
different ex: java -swing, C-
ncursors, ...
Distribution or Dependency
- A single package includes libs one
executable to run it
Implementation
Provide 1 method static void main
1.2. HTTP and Web Containers
1 web server  1 web container  many Web apps
1.2.1. Responsibilities
Web Server
- Listens for requests: open a port
(80 or 8888)
- Dispatches or forwards requests to
other components or applications
- Serves content: Images, CSS,
Javascript, HTML files
- Implement HTTP( Hyper Text
Transport Protocol)
Web Application
- Implemented using different
languages (PHP, JSP, ASP,…) but
based on HTML
- User make request by using a
browser
- A single package includes libs
- Web container and web server are
needed to run App: Jetty, IIS,
Apache, Tomcat, Websphere
Java  provide many servlets
Web Container
- Provides support for servlets (Java
API)
+ Reading web.xml
+ Creating container
+ Providing context
+ Wrap request/response
- Controls life cycle of servlets
+ Start
+ Shut down
 Jetty Example
- Connection listener App context
+ HTTP  open port 8888 - Alarmpoint
+ AJP  open port 8889 + URL /alarmpoint
+ SSL  open port 443 + Session management
- Resource handler: serving static + Cookies
content + Time out
- Thread pool: control threads to - WebService
make faster + URL  /api
+ Worker threads: 250 + Session management
- Mobile gateway
+ URL  /mg
+ Session management

1.3. Servlet Framework

1.3.1. web.xml: each web app provide web.xml file for context
configuration:
Jetty
- Static resource
- Alarmpoint
+ web.xml, Cocoon
- WebServices
+ web.xml, Axis2
- Mobile Gateway
+ web.xml, JSP
 1.3.2. URL Flow Diagram
Request

Is static URL
/ (root)

/alarmpoint Cocoon

/api Axis2 Send response

/mg JspServlet

1.4. Session Management

1.4.1. What is a session?
- Unique identifier/ attribute
- Provided as part f the servlet framework
- May be used by a web app (Ext: AP webservice not use a
session)
- Most commonly used to identify a user session
- Managed by the web container:
+ Creation
+ Configuration: timeout/removal
- There are two methods for session tracking: cookies and url
rewriting. If use cookies, we don't have to care about session
tracking.
1.4.2. URL Encoding: url rewriting
- Encoding URL will add sessionId into URL by using function
httpResponse.encodeURL(….)
- Config EncodeURLTransformer in sitemap file: determine what
will be included and excluded. Important functions:
startElement(…) and encodeURL(…)
User Webserver
Request login

Response to home page

1.4.3. Cookies with a SesionID
 - Only support when both client and server use cookie.
- If Cookies is used, sessionID will be removed from url and it
will be saved in cookie.
- In login page, there is a check box. And when we click on this,
it means that we will use the cookie in server side.
- Configuration: assets/context/alarmpoint.xml

1.4.4. Client/Server Sequence Diagram

Question 1: how about encode-url and use-cookies config in dev.build.properties

file? Where and when are they used?
<webui>
…
<deploy>true</deploy>
<encode-url>true</encode-url>
<use-cookies>false</use-cookies>
</webui>