Professional Documents
Culture Documents
The JSP syntax adds additional XML-like tags, called JSP actions, to be used to invoke
built-in functionality. Additionally, the technology allows for the creation of JSP tag
libraries that act as extensions to the standard HTML or XML tags. Tag libraries provide
a platform independent way of extending the capabilities of a Web server.
JSPs are compiled into Java Servlets by a JSP compiler. A JSP compiler may generate a
servlet in Java code that is then compiled by the Java compiler, or it may generate byte
code for the servlet directly. JSPs can also be interpreted on-the-fly reducing the time
taken to reload changes.
JSP directives control how the JSP compiler generates the servlet. The following
directives are available:
include
The include directive informs the JSP compiler to include a complete file into the
current file. It is as if the contents of the included file were pasted directly into the
original file. This functionality is similar to the one provided by the C
preprocessor. Included files generally have the extension "jspf" (for JSP
Fragment):
<%@ include file="somefile.jspf" %>
page
There are several options to the page directive.
import
Results in a Java import statement being inserted into the resulting file.
contentType
specifies the content that is generated. This should be used if HTML is not used or
if the character set is not the default character set.
errorPage
Indicates the page that will be shown if an exception occurs while processing the
HTTP request.
isErrorPage
If set to true, it indicates that this is the error page. Default value is false.
isThreadSafe
Indicates if the resulting servlet is thread safe.
autoFlush
To autoflush the contents.A value of true, the default, indicates that the buffer
should be flushed when it is full. A value of false, rarely used, indicates that an
exception should be thrown when the buffer overflows. s will be used, and
attempts to access the variable session will result in errors at the time the JSP page
is translated into a servlet.
buffer
To set Buffer Size. The default is 8k and it is advisable that you increase it.
isELIgnored
Defines whether EL expressions are ignored when the JSP is translated.
language
Defines the scripting language used in scriptlets, expressions and declarations.
Right now, the only possible value is "java".
extends
Defines the superclass of the class this JSP will become. You won't use this unless
you REALLY know what you're doing - it overrides the class hierarchy provided
by the Container.
info
Defines a String that gets put into the translated page, just so that you can get it
using the generated servlet's inherited getServletInfo() method.
pageEncoding
Defines the character encoding for the JSP. The default is "ISO-8859-1"(unless
the contentType attribute already defines a character encoding, or the page uses
XML document syntax).
<%@ page import="java.util.*" %> //example import
<%@ page contentType="text/html" %> //example contentType
<%@ page isErrorPage=false %> //example for non error page
<%@ page isThreadSafe=true %> //example for a thread safe JSP
<%@ page session=true %> //example for using session binding
<%@ page autoFlush=true %> //example for setting autoFlush
<%@ page buffer=20 %> //example for setting Buffer Size
Note: Only the "import" page directive can be used multiple times in the same
JSP.
taglib
The taglib directive indicates that a JSP tag library is to be used. The directive
requires that a prefix be specified (much like a namespace in C++) and the URI
for the tag library description.
<%@ taglib prefix="myprefix" uri="taglib/mytag.tld" %>
The following JSP implicit objects are exposed by the JSP container and can be
referenced by the programmer:
out
The JSPWriter used to write the data to the response stream.
page
The servlet itself.
pageContext
A PageContext instance that contains data associated with the whole page. A
given HTML page may be passed among multiple JSPs.
request
The HttpServletRequest object that provides HTTP request information.
response
The HTTP response object that can be used to send data back to the client.
session
The HTTP session object that can be used to track information about a user from
one request to another.
config
Provides servlet configuration data.
application
Data shared by all JSPs and servlets in the application.
exception
Exceptions not caught by application code .
There are three basic kinds of scripting elements that allow java code to be inserted
directly into the servlet.
• A declaration tag places a variable definition inside the body of the java
servlet class. Static data members may be defined as well. Also inner classes
should be defined here.
<%!
/**
* Converts the Object into a string or if
* the Object is null, it returns the empty string.
*/
public String toStringOrBlank( Object obj ){
if(obj != null){
return obj.toString();
}
return "";
}
%>
JSP actions are XML tags that invoke built-in web server functionality. They are executed
at runtime. Some are standard and some are custom (which are developed by Java
developers). The following list contains the standard ones:
jsp:include
Similar to a subroutine, the Java servlet temporarily hands the request and
response off to the specified JavaServer Page. Control will then return to the
current JSP, once the other JSP has finished. Using this, JSP code will be shared
between multiple other JSPs, rather than duplicated.
jsp:param
Can be used inside a jsp:include, jsp:forward or jsp:params block. Specifies a
parameter that will be added to the request's current parameters.
jsp:forward
Used to hand off the request and response to another JSP or servlet. Control will
never return to the current JSP.
jsp:plugin
Older versions of Netscape Navigator and Internet Explorer used different tags to
embed an applet. This action generates the browser specific tag needed to include
an applet.
jsp:fallback
The content to show if the browser does not support applets.
jsp:getProperty
Gets a property from the specified JavaBean.
jsp:setProperty
Sets a property in the specified JavaBean.
jsp:useBean
Creates or re-uses a JavaBean available to the JSP page.
[edit] jsp:include
<html>
<head></head>
<body>
<jsp:include page="mycommon.jsp" >
<jsp:param name="extraparam" value="myvalue" />
</jsp:include>
name:<%=request.getParameter("extraparam")%>
</body>
</html>
[edit] jsp:forward
[edit] jsp:plugin
The plugin example illustrates a <html> uniform way of embedding applets in a web
page. Before the advent of the <OBJECT> tag, there was no common way of embedding
applets. Currently, the jsp:plugin tag does not allow for dynamically called applets. For
example, jsp:params cannot be used with a charting applet that requires the data points to
be passed in as parameters unless the number of data points is constant. You cannot, for
example, loop through a ResultSet to create the jsp:param tags. Each jsp:param tag must
be hand-coded. However, each of those jsp:param tags can have a dynamic name and a
dynamic value.
[edit] jsp:useBean
The scope attribute can be request, page, session or application. It has the following
meanings:
request
the attribute is available for the lifetime of the request. Once the request has been
processed by all of the JSPs, the attribute will be de-referenced.
page
the attribute is available for the current page only.
session
the attribute is available for the lifetime of the user's session.
application
the attribute is available to every instance and is never de-referenced. Same as a
global variable.
The example above will use a Bean Manager to create an instance of the class
com.foo.MyBean and store the instance in the attribute named "myBean". The attribute
will be available for the life-time of the request. It can be shared among all of the JSPs
that were included or forwarded-to from the main JSP that first received the request.
In addition to the pre-defined JSP actions, developers may add their own custom actions
using the JSP Tag Extension API. Developers write a Java class that implements one of
the Tag interfaces and provide a tag library XML description file that specifies the tags
and the java classes that implement the tags.
SKIP_BODY
The body between the tag is not processed.
EVAL_BODY_INCLUDE
Evaluate the body of the tag.
EVAL_BODY_TAG
Evaluate the body of the tag and push the result onto stream (stored in the body
content property of the tag).
Note: If tag extends the BodyTagSupport class, the method doAfterBody() will be called
when the body has been processed just prior to calling the doEndTag(). This method is
used to implement looping constructs.
When it encounters the end tag, it invokes the doEndTag() method. The method may
return one of two values:
EVAL_PAGE
This indicates that the rest of the JSP file should be processed.
SKIP_PAGE
This indicates that no further processing should be done. Control leaves the JSP
page. This is what is used for the forwarding action.
The myaction tag above would have an implementation class that looked like something
below:
The JavaServer Pages Standard Tag Library (JSTL), is a component of the Java EE Web
application development platform. It extends the JSP specification by adding a tag library
of JSP tags for common tasks, such as XML data processing, conditional execution, loops
and internationalization.
[edit] Internationalization
Internationalization in JSP is accomplished the same way as in a normal Java application,
that is by using resource bundles.
[edit] Example
Regardless of whether the JSP compiler generates Java source code for a servlet or emits
the byte code directly, it is helpful to understand how the JSP compiler transforms the
page into a Java servlet. For example, consider the following input JSP and its resulting
generated Java Servlet.
Input JSP
<html>
<head>
<%! int serverInstanceVariable = 1;%>
Resulting servlet
package jsp_servlet;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.jsp.*;
import javax.servlet.jsp.tagext.*;
[hide] Java
Java platform Java ME · Java SE · Java EE · Java Card
Java programming language · Squawk · Java
Sun technologies Development Kit · OpenJDK · Java Virtual Machine ·
Java Runtime Environment · JavaFX
GNU Classpath · GNU Compiler for Java · Kaffe ·
Major third-party technologies Apache Harmony · Apache Struts · Spring
framework · Hibernate · JBoss application server
Java version history · Criticism of Java · Java
History Community Process · Sun Microsystems · Free Java
implementations
Bytecode · Syntax · Applets · Servlets · JavaServer
Language features
Pages · Web Start
Java Tcl · Jython · JRuby · BeanShell · Groovy ·
Scripting languages Judoscript · Sleep · Bean Scripting Framework ·
Yoix · Rhino
JSP Environment
JSP Directives
Anatomy of a JSP page In this article we will study the anatomy of a JSP page and
how you can use each of these elements for your own use.
Forwarding and Including Response from other Servlets. In this article we will
learn how to pass control from one Servlet to another using
RequestDispatcher.forward() method and how to include response from another Servlet
within the caller Servlet using RequestDispatcher.include() method.
JSP Actions JSP actions use constructs in XML syntax to control the behavior of the
servlet engine. You can dynamically insert a file, reuse JavaBeans components, forward
the user to another page, or generate HTML for the Java plugin.
JAVASERVER PAGESTM SYNTAX REFERENCE
JSP Syntax Basics Moving beyond installation, we'll now go into the JSP syntax. For a
cheat sheet, you can download a syntax card. And if you're not familiar with Java
programming, you may want to visit Sun's tutorial; however, Web builders shouldn't
have to do too much Java development. Other than a few method calls, the Java code
in your JSP Web pages should be minimal.
JSP Technology Syntax When Sun introduced Java ServerPages, some were quick to
claim that Servlets had been replaced as the preferred request handling mechanism in
web-enabled enterprise architectures. Although JSP is a key component of the Java 2
Platform Enterprise Edition (J2EE) specification, serving as the preferred request
handler and response mechanism, we must investigate further to understand its
relationship with Servlets
JAVASERVER PAGESTM SYNTAX CARD The Syntax Card is available for download in
both PDF and Postscript formats.
Comments and Character Quoting Conventions There are a small number of
special constructs you can use in various cases to insert comments or characters that
would otherwise be treated specially.
JSP SCRIPLETS
Using Scripting Elements JSP, like ASP, is scripting language independent. Java is
the default, and part of the JSP specification says that any spec-compliant JSP
container must support Java scripting. Java is an excellent language to use.
Nevertheless, other useful scripting languages are available and may be more familiar
to the majority of JSP adopters. The most likely alternative to Java for the initial
adopters of JSP is JavaScript. JavaScript is very similar to Java in its core syntax, is
much simpler overall than Java, and is already known by thousands of Web
programmers.
Presenting Application Pages with JavaServer Pages This chapter describes how
to use JavaServer Pages (JSPs) as page templates in an iPlanet Application Server web
applications
Setting Up JSP Tags and Scriptlets for Campaigns Campaigns require a minimal
set of JSP tags and scriptlets to support their services. In some cases, you might have
already added the required JSP tags to implement other Campaign Manager for
WebLogic services.
JSP SESSIONS
What is Session Tracking? There are a number of problems that arise from the fact
that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping,
it is a real annoyance that the Web server can't easily remember previous transactions.
Session Tracking HTTP is a “stateless” protocol: each time a client retrieves a Web
page, it opens a separate connection to the Web server, and the server does not auto-
matically maintain contextual information about a client.
How can I enable session tracking for JSP pages if the browser has disabled
cookies? We know that session tracking uses cookies by default to associate a session
identifier with a unique user. If the browser does not support cookies, or if cookies are
disabled, you can still enable session tracking using URL rewriting.
How to do session tracking in JSP I want to do session tracking in my JSP
pages.Say once after the user logs in,on every page I can get his username for further
use.Thank you for your help!
Session tracking with Cocoon Maintaining state is a common problem for web
server frameworks because HTTP is a stateless protocol. There are many solutions
known to obtain stateful information. Client-side storage of state information like the
usage of cookies will not be discussed here, since this depends heavily on the client's
browser.
Session Tracking Session tracking is a mechanism that servlets use to maintain state
about a series of requests from the same user (that is, requests originating from the
same browser) across some period of time.
Session Tracking HTTP is a stateless protocol: it provides no way for a server to
recognize that a sequence of requests are all from the same client. Privacy advocates
may consider this a feature, but it causes problems because many web applications
aren't stateless. The shopping cart application is a classic example--a client can put
items in his virtual cart, accumulating them until he checks out several page requests
later. Other examples include sites that offer stock brokerage services or interactive
data mining.
WebSphere Application Server Best Practices using HTTP Sessions A session is
a series of requests to a servlet, originating from the same user at the same browser.
Sessions allow JSPs running on a JSP engine to keep trac of individual users, a concept
known as personalization.
Survey: Hole in JSP ignored by many (IDG.net) Java Application Servers based on
Sun's reference implementation of the Java Servlet Developers Kit (JSDK 2.0), without
enhancements to the session management code, may be vulnerable.
2 Ways To Implement Session Tracking This article explains how to implement
session tracking using two of the simplest & oldest methods available to programmers.
I feel that in order to understand the beauty of new technologies that exist today it is
often necessary to understand what used to be done before that technology came into
being.
State and session tracking with Java servlets Part 1: Using cookies When the
Hyper-Text Transfer Protocol (HTTP) was developed, its designers chose to create a
protocol which does not maintain a persistent connection. Each request made by a Web
browser, for an image, an HTML page, or other Web object, is made via a new
connection. It would have been handy if Web browsers established a single connection,
through which multiple requests could be made.
State and session tracking with Java servlets Part 2: Securing data In the
second part of this tutorial on state and session management, we'll further examine
how cookies can be used to maintain state information between servlet requests, as
well as some of the security implications of storing state data in cookies. We'll also
examine the topic of session management, and the advanced session-tracking features
that the Servlet API offers.
Deciding between session tracking approaches Suppose a servlet implementing
sessions is receiving requests from three different users. For each user request, the
servlet must be able to figure out the session to which the user request pertains. Each
user request belongs to just one of the three user sessions being tracked by the
servlet. Currently, the product offers three ways to address the problem.
Deciding between session tracking approaches Suppose a servlet implementing
sessions is receiving requests from three different users. For each user request, the
servlet must be able to figure out the session to which the user request pertains. Each
user request belongs to just one of the three user sessions being tracked by the
servlet. Currently, the product offers three ways to address the problem.
What is Session Tracking? There are a number of problems that arise from the fact
that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping,
it is a real annoyance that the Web server can't easily remember previous transactions
The Session Tracking API Using sessions in servlets is quite straightforward, and
involves looking up the session object associated with the current request, creating a
new session object when necessary, looking up information associated with a session,
storing information in a session, and discarding completed or abandoned sessions.
Handling Cookies Cookies are small bits of textual information that a Web server
sends to a browser and that the browser returns unchanged when visiting the same
Web site or domain later.
Can cookies only be set in terms of seconds? What if I want to set one for a
year? There are no convenience methods for setting a cookie's lifespan in terms of
days, months or years. However, you can still have a cookie exist for these amounts of
time.
How can I enable session tracking for JSP pages if the browser has disabled
cookies? We know that session tracking uses cookies by default to associate a session
identifier with a unique user. If the browser does not support cookies, or if cookies are
disabled, you can still enable session tracking using URL rewriting.
Questions and Answers - Session state in the client tier A session is a sequence
of service requests by a single user using a single client to access a server. The
information maintained in the session across requests is called session state. Session
state may include both information visible to the user (shopping cart contents, for
example) and invisible application control information (such as user preferences).