JsP EasY WayS to LearN

JavaServer Pages
JavaServer Pages (JSP) is a Java technology that allows software developers to dynamically generate HTML, XML or other types of documents in response to a Web client request. The technology allows Java code and certain pre-defined actions to be embedded into static content.

The JSP syntax adds additional XML-like tags, called JSP actions, to be used to invoke built-in functionality. Additionally, the technology allows for the creation of JSP tag libraries that act as extensions to the standard HTML or XML tags. Tag libraries provide a platform independent way of extending the capabilities of a Web server.

JSPs are compiled into Java Servlets by a JSP compiler. A JSP compiler may generate a servlet in Java code that is then compiled by the Java compiler, or it may generate byte code for the servlet directly. JSPs can also be interpreted on-the-fly reducing the time taken to reload changes.

JSP and Servlets
Architecturally, JSP can be viewed as a high-level abstraction of servlets that is implemented as an extension of the Servlet 2.1 API. Both servlets and JSPs were originally developed at Sun Microsystems, initially created by Manohar Rao Mankala and later elaborated on as a specification by Satish Dharmaraj. Starting with version 1.2 of the JSP specification, JavaServer Pages have been developed under the Java Community Process. JSR 53 defines both the JSP 1.2 and Servlet 2.3 specifications and JSR 152 defines the JSP 2.0 specification. As of May 2006 the JSP 2.1 specification has been released under JSR 245 as part of Java EE 5.

JSP syntax
A JavaServer Page may be broken down into the following pieces:
• static data such as HTML
• JSP directives such as the include directive
• JSP scripting elements and variables
• JSP actions
• custom tags with correct library
JSP directives control how the JSP compiler generates the servlet. The following directives are available:
include
The include directive informs the JSP compiler to include a complete file into the current file. It is as if the contents of the included file were pasted directly into the original file. This functionality is similar to the one provided by the C preprocessor. Included files generally have the extension "jspf" (for JSP Fragment):
<%@ include file="somefile.jspf" %>
page
There are several options to the page directive.
import
Results in a Java import statement being inserted into the resulting file.
contentType
specifies the content that is generated. This should be used if HTML is not used or if the character set is not the default character set.
errorPage
Indicates the page that will be shown if an exception occurs while processing the HTTP request.
isErrorPage
If set to true, it indicates that this is the error page. Default value is false.
isThreadSafe
Indicates if the resulting servlet is thread safe.
autoFlush
To autoflush the contents.A value of true, the default, indicates that the buffer should be flushed when it is full. A value of false, rarely used, indicates that an exception should be thrown when the buffer overflows. s will be used, and attempts to access the variable session will result in errors at the time the JSP page is translated into a servlet.
buffer To set Buffer Size. The default is 8k and it is advisable that you increase it.
isELIgnored Defines whether EL expressions are ignored when the JSP is translated.
language Defines the scripting language used in scriptlets, expressions and declarations. Right now, the only possible value is "java".
extends Defines the superclass of the class this JSP will become. You won't use this unless you REALLY know what you're doing - it overrides the class hierarchy provided by the Container.
info Defines a String that gets put into the translated page, just so that you can get it using the generated servlet's inherited getServletInfo() method.
pageEncoding Defines the character encoding for the JSP. The default is "ISO-8859-1"(unless the contentType attribute already defines a character encoding, or the page uses XML document syntax).

<%@ page import="java.util.*" %> //example import
<%@ page contentType="text/html" %> //example contentType
<%@ page isErrorPage=false %> //example for non error page
<%@ page isThreadSafe=true %> //example for a thread safe JSP
<%@ page session=true %> //example for using session binding
<%@ page autoFlush=true %> //example for setting autoFlush
<%@ page buffer=20 %> //example for setting Buffer Size
Note: Only the "import" page directive can be used multiple times in the same JSP.
taglib
The taglib directive indicates that a JSP tag library is to be used. The directive requires that a prefix be specified (much like a namespace in C++) and the URI for the tag library description.
<%@ taglib prefix="myprefix" uri="taglib/mytag.tld" %>
[edit] JSP scripting elements and objects
[edit] JSP implicit objects
The following JSP implicit objects are exposed by the JSP container and can be referenced by the programmer:
out
The JSPWriter used to write the data to the response stream.
page
The servlet itself.
pageContext
A PageContext instance that contains data associated with the whole page. A given HTML page may be passed among multiple JSPs.
request
The HttpServletRequest object that provides HTTP request information.
response
The HTTP response object that can be used to send data back to the client.
session
The HTTP session object that can be used to track information about a user from one request to another.
config
Provides servlet configuration data.
application
Data shared by all JSPs and servlets in the application.
exception
Exceptions not caught by application code .
[edit] Scripting elements
There are three basic kinds of scripting elements that allow java code to be inserted directly into the servlet.
• A declaration tag places a variable definition inside the body of the java servlet class. Static data members may be defined as well. Also inner classes should be defined here.
<%! int serverInstanceVariable = 1; %>
Declaration tags also allow methods to be defined.
<%!
/**
* Converts the Object into a string or if
* the Object is null, it returns the empty string.
*/
public String toStringOrBlank( Object obj ){
if(obj != null){
return obj.toString();
}
return "";
}
%>
• A scriptlet tag places the contained statements inside the _jspService() method of the java servlet class.
<% int localStackBasedVariable = 1;
out.println(localStackBasedVariable); %>
• An expression tag places an expression to be evaluated inside the java servlet class. Expressions should not be terminated with a semi-colon .
<%= "expanded inline data " + 1 %>
• Also we can use the following tag to give comments in jsp:
<%-- give your comments here --%>
[edit] JSP actions
JSP actions are XML tags that invoke built-in web server functionality. They are executed at runtime. Some are standard and some are custom (which are developed by Java developers). The following list contains the standard ones:
jsp:include
Similar to a subroutine, the Java servlet temporarily hands the request and response off to the specified JavaServer Page. Control will then return to the current JSP, once the other JSP has finished. Using this, JSP code will be shared between multiple other JSPs, rather than duplicated.
jsp:param
Can be used inside a jsp:include, jsp:forward or jsp:params block. Specifies a parameter that will be added to the request's current parameters.
jsp:forward
Used to hand off the request and response to another JSP or servlet. Control will never return to the current JSP.
jsp:plugin
Older versions of Netscape Navigator and Internet Explorer used different tags to embed an applet. This action generates the browser specific tag needed to include an applet.
jsp:fallback
The content to show if the browser does not support applets.
jsp:getProperty
Gets a property from the specified JavaBean.
jsp:setProperty
Sets a property in the specified JavaBean.
jsp:useBean
Creates or re-uses a JavaBean available to the JSP page.
[edit] Examples of tags
[edit] jsp:include






name:<%=request.getParameter("extraparam")%>


[edit] jsp:forward



In this forwarding example, the request is forwarded to "subpage.jsp". The request handling does not return to this page.
[edit] jsp:plugin
archive="myjarfile.jar,myotherjar.jar"
codebase="/applets"
code="com.foo.MyApplet" >




Your browser does not support applets.


The plugin example illustrates a uniform way of embedding applets in a web page. Before the advent of the tag, there was no common way of embedding applets. Currently, the jsp:plugin tag does not allow for dynamically called applets. For example, jsp:params cannot be used with a charting applet that requires the data points to be passed in as parameters unless the number of data points is constant. You cannot, for example, loop through a ResultSet to create the jsp:param tags. Each jsp:param tag must be hand-coded. However, each of those jsp:param tags can have a dynamic name and a dynamic value.
[edit] jsp:useBean



The scope attribute can be request, page, session or application. It has the following meanings:
request
the attribute is available for the lifetime of the request. Once the request has been processed by all of the JSPs, the attribute will be de-referenced.
page
the attribute is available for the current page only.
session
the attribute is available for the lifetime of the user's session.
application
the attribute is available to every instance and is never de-referenced. Same as a global variable.
The example above will use a Bean Manager to create an instance of the class com.foo.MyBean and store the instance in the attribute named "myBean". The attribute will be available for the life-time of the request. It can be shared among all of the JSPs that were included or forwarded-to from the main JSP that first received the request.
[edit] JSP Tag Libraries
In addition to the pre-defined JSP actions, developers may add their own custom actions using the JSP Tag Extension API. Developers write a Java class that implements one of the Tag interfaces and provide a tag library XML description file that specifies the tags and the java classes that implement the tags.
Consider the following JSP.
<%@ taglib uri="mytaglib.tld" prefix="myprefix" %>
...
<%-- the start tag %>
...
<%-- the end tag %>
...
The JSP compiler will load the mytaglib.tld XML file and see that the tag 'myaction' is implemented by the java class 'MyActionTag'. The first time the tag is used in the file, it will create an instance of 'MyActionTag'. Then (and each additional time that the tag is used), it will invoke the method doStartTag() when it encounters the starting tag. It looks at the result of the start tag, and determines how to process the body of the tag. The body is the text between the start tag and the end tag. The doStartTag() method may return one of the following:
SKIP_BODY
The body between the tag is not processed.
EVAL_BODY_INCLUDE
Evaluate the body of the tag.
EVAL_BODY_TAG
Evaluate the body of the tag and push the result onto stream (stored in the body content property of the tag).
Note: If tag extends the BodyTagSupport class, the method doAfterBody() will be called when the body has been processed just prior to calling the doEndTag(). This method is used to implement looping constructs.
When it encounters the end tag, it invokes the doEndTag() method. The method may return one of two values:
EVAL_PAGE
This indicates that the rest of the JSP file should be processed.
SKIP_PAGE
This indicates that no further processing should be done. Control leaves the JSP page. This is what is used for the forwarding action.
The myaction tag above would have an implementation class that looked like something below:
public class MyActionTag extends TagSupport {
//Releases all instance variables.
public void release() {...}

public MyActionTag() { ... }

//called for the start tag
public int doStartTag() { ... }

//called at the end tag
public int doEndTag(){ ... }
}
Add Body Tag description.
If you want to iterate the body a few times, then the java class (tag handler) implements IterationTag interface. It returns EVAL_BODY_AGAIN - which means to invoke the body again.
[edit] JSP Standard Tag Library (JSTL)
The JavaServer Pages Standard Tag Library (JSTL), is a component of the Java EE Web application development platform. It extends the JSP specification by adding a tag library of JSP tags for common tasks, such as XML data processing, conditional execution, loops and internationalization.
[edit] Internationalization
Internationalization in JSP is accomplished the same way as in a normal Java application, that is by using resource bundles.
[edit] JSP 2.0
The new version of the JSP specification includes new features meant to improve programmer productivity. Namely:
• An Expression Language (EL) which allows developers to create Velocity-style templates (among other things).
• A faster/easier way to create new tags.
Hello, ${param.visitor} <%-- same as: Hello, <%=request.getParameter("param").getVisitor()%> --%>
[edit] Model-view-controller paradigm
Sun recommends that the Model-view-controller pattern be used with the JSP files in order to split the presentation from request processing and computer data storage. Either regular servlets or separate JSP files are used to process the request. After the request processing has finished, control is passed to a JSP used only for creating the output. There are several platforms based on Model-view-controller pattern for web tiers (such as Barracuda, Apache Struts or Spring framework).
[edit] Example
Regardless of whether the JSP compiler generates Java source code for a servlet or emits the byte code directly, it is helpful to understand how the JSP compiler transforms the page into a Java servlet. For example, consider the following input JSP and its resulting generated Java Servlet.
Input JSP
<%@ page errorPage="myerror.jsp" %>
<%@ page import="com.foo.bar" %>



<%! int serverInstanceVariable = 1;%>

<% int localStackBasedVariable = 1; %>


Resulting servlet
package jsp_servlet;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.jsp.*;
import javax.servlet.jsp.tagext.*;

import com.foo.bar; //imported as a result of <%@ page import="com.foo.bar" %>
import ...

class _myservlet implements javax.servlet.Servlet, javax.servlet.jsp.HttpJspPage {
//inserted as a
//result of <%! int serverInstanceVariable = 1;%>
int serverInstanceVariable = 1;
...

public void _jspService( javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response )
throws javax.servlet.ServletException,
java.io.IOException
{
javax.servlet.ServletConfig config = ...;//get the servlet config
Object page = this;
PageContext pageContext = ...;//get the page context for this request
javax.servlet.jsp.JspWriter out = pageContext.getOut();
HttpSession session = request.getSession( true );
try {
out.print( "\r\n" );
out.print( "\r\n" );
...
//from <% int localStackBasedVariable = 1; %>
int localStackBasedVariable = 1;
...
out.print( "
<%= toStringOrBlank( "expanded inline data " + 1 ) %>
\r\n" );
out.print( " \r\n" );
...
} catch ( Exception _exception ) {
//clean up and redirect to error page in <%@ page errorPage="myerror.jsp" %>
}
}
}

[hide] Java

Java platform Java ME • Java SE • Java EE • Java Card


Sun technologies Java programming language • Squawk • Java Development Kit • OpenJDK • Java Virtual Machine • Java Runtime Environment • JavaFX

Major third-party technologies GNU Classpath • GNU Compiler for Java • Kaffe • Apache Harmony • Apache Struts • Spring framework • Hibernate • JBoss application server

History Java version history • Criticism of Java • Java Community Process • Sun Microsystems • Free Java implementations

Language features Bytecode • Syntax • Applets • Servlets • JavaServer Pages • Web Start

Scripting languages Java Tcl • Jython • JRuby • BeanShell • Groovy • Judoscript • Sleep • Bean Scripting Framework • Yoix • Rhino


JSP Environment

Enterprise Java JSPs or Servlets--Which Architecture is Right for You? SINCE THE INTRODUCTION of JSP technology, two architectures have emerged for building server-side Web applications in Java. The first involves JSPs only, and the second uses JSPs and Servlets together. Referred to as Model 1 and Model 2 architectures, respectively, each model has its advantages and disadvantages. The Model 2 architecture has become quite popular recently, and has received a great deal of coverage on the Web and in trade magazines. In fact, many developers mistakenly believe this architecture has replaced the Model 1 architecture and is the "right" way to use JSPs.
Understanding JavaServer Pages Model 2 architecture By developing a familiar Web-based shopping cart, you'll learn how to utilize the Model-View-Controller (MVC) design pattern and truly separate presentation from content when using JavaServer Pages. Govind Seshadri shows you out how easy it can be
JSP Architecture When Sun introduced Java ServerPages, some were quick to claim that Servlets had been replaced as the preferred request handling mechanism in web-enabled enterprise architectures. Although JSP is a key component of the Java 2 Platform Enterprise Edition (J2EE) specification, serving as the preferred request handler and response mechanism, we must investigate further to understand its relationship with Servlets
More on JSP Architecture This chapter will examine a variety of ways to architect a system with JavaServer Pages, Servlets, and JavaBeans. We will see a series of different architectures, each a development of the one before. The diagram below shows this process in outline; the individual parts of the diagram will be explained in turn later in the chapter.
JAVASERVER PAGESTM Powering the Web Experience with Dynamic Content With JavaServer PagesTM (JSPTM) technology, Sun makes creating dynamic HTML and XML Web pages even simpler. JSP technology is a major extension of Java Servlet technology that makes building and maintaining dynamic pages much easier, and supports the distributed development model common in larger enterprises. JSP technology opens up dynamic pages to a wide range of page authors, while offering all of the benefits of the Java platform.
JSP Professional, Chapter 12 JSP/Servlets Architecture Quiz This short quiz is based on JSP Professional: Chapter 12, JSP Architecture. Test your knowledge on the differences between servlets and JavaServer PagesTM (JSPTM), factor forward-factor back, page-centric versus the dispatcher approach, and more. Then read the source code and see how this quiz was developed.
JSP Architecture The JDC is pleased to present two chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create dynamic and customizable web content, by multiple authors (see below), and published in May 2000 by Wrox Press Ltd.
Case Study: J2EE, EJBs, and Tag Libraries The JDC is pleased to present two chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create dynamic and customizable web content, by multiple authors (see below), and published in May 2000 by Wrox Press Ltd.

JSP Directives

Enterprise Java JSPs or Servlets--Which Architecture is Right for You? SINCE THE INTRODUCTION of JSP technology, two architectures have emerged for building server-side Web applications in Java. The first involves JSPs only, and the second uses JSPs and Servlets together. Referred to as Model 1 and Model 2 architectures, respectively, each model has its advantages and disadvantages. The Model 2 architecture has become quite popular recently, and has received a great deal of coverage on the Web and in trade magazines. In fact, many developers mistakenly believe this architecture has replaced the Model 1 architecture and is the "right" way to use JSPs.
Understanding JavaServer Pages Model 2 architecture By developing a familiar Web-based shopping cart, you'll learn how to utilize the Model-View-Controller (MVC) design pattern and truly separate presentation from content when using JavaServer Pages. Govind Seshadri shows you out how easy it can be
JSP Architecture When Sun introduced Java ServerPages, some were quick to claim that Servlets had been replaced as the preferred request handling mechanism in web-enabled enterprise architectures. Although JSP is a key component of the Java 2 Platform Enterprise Edition (J2EE) specification, serving as the preferred request handler and response mechanism, we must investigate further to understand its relationship with Servlets
More on JSP Architecture This chapter will examine a variety of ways to architect a system with JavaServer Pages, Servlets, and JavaBeans. We will see a series of different architectures, each a development of the one before. The diagram below shows this process in outline; the individual parts of the diagram will be explained in turn later in the chapter.
JAVASERVER PAGESTM Powering the Web Experience with Dynamic Content With JavaServer PagesTM (JSPTM) technology, Sun makes creating dynamic HTML and XML Web pages even simpler. JSP technology is a major extension of Java Servlet technology that makes building and maintaining dynamic pages much easier, and supports the distributed development model common in larger enterprises. JSP technology opens up dynamic pages to a wide range of page authors, while offering all of the benefits of the Java platform.
JSP Professional, Chapter 12 JSP/Servlets Architecture Quiz This short quiz is based on JSP Professional: Chapter 12, JSP Architecture. Test your knowledge on the differences between servlets and JavaServer PagesTM (JSPTM), factor forward-factor back, page-centric versus the dispatcher approach, and more. Then read the source code and see how this quiz was developed.
JSP Architecture The JDC is pleased to present two chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create dynamic and customizable web content, by multiple authors (see below), and published in May 2000 by Wrox Press Ltd.
Case Study: J2EE, EJBs, and Tag Libraries The JDC is pleased to present two chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create dynamic and customizable web content, by multiple authors (see below), and published in May 2000 by Wrox Press Ltd

JSP STANDARD TAGS

Anatomy of a JSP page In this article we will study the anatomy of a JSP page and how you can use each of these elements for your own use.
Forwarding and Including Response from other Servlets. In this article we will learn how to pass control from one Servlet to another using RequestDispatcher.forward() method and how to include response from another Servlet within the caller Servlet using RequestDispatcher.include() method.
JSP Actions JSP actions use constructs in XML syntax to control the behavior of the servlet engine. You can dynamically insert a file, reuse JavaBeans components, forward the user to another page, or generate HTML for the Java plugin.
JAVASERVER PAGESTM SYNTAX REFERENCE

JSP Syntax Basics Moving beyond installation, we'll now go into the JSP syntax. For a cheat sheet, you can download a syntax card. And if you're not familiar with Java programming, you may want to visit Sun's tutorial; however, Web builders shouldn't have to do too much Java development. Other than a few method calls, the Java code in your JSP Web pages should be minimal.
JSP Technology Syntax When Sun introduced Java ServerPages, some were quick to claim that Servlets had been replaced as the preferred request handling mechanism in web-enabled enterprise architectures. Although JSP is a key component of the Java 2 Platform Enterprise Edition (J2EE) specification, serving as the preferred request handler and response mechanism, we must investigate further to understand its relationship with Servlets
JAVASERVER PAGESTM SYNTAX CARD The Syntax Card is available for download in both PDF and Postscript formats.
Comments and Character Quoting Conventions There are a small number of special constructs you can use in various cases to insert comments or characters that would otherwise be treated specially.

JSP SCRIPLETS

Using Scripting Elements JSP, like ASP, is scripting language independent. Java is the default, and part of the JSP specification says that any spec-compliant JSP container must support Java scripting. Java is an excellent language to use. Nevertheless, other useful scripting languages are available and may be more familiar to the majority of JSP adopters. The most likely alternative to Java for the initial adopters of JSP is JavaScript. JavaScript is very similar to Java in its core syntax, is much simpler overall than Java, and is already known by thousands of Web programmers.
Presenting Application Pages with JavaServer Pages This chapter describes how to use JavaServer Pages (JSPs) as page templates in an iPlanet Application Server web applications
Setting Up JSP Tags and Scriptlets for Campaigns Campaigns require a minimal set of JSP tags and scriptlets to support their services. In some cases, you might have already added the required JSP tags to implement other Campaign Manager for WebLogic services.

JSP AND JAVABEANS
Process JSPs effectively with JavaBeans The JavaServer Pages Model II concept is well known in the JSP community. The basic idea is that the presentation (HTML) should be separated from the processing code. This article offers an effective, reusable design for moving the dynamic content, processing, and validation from a JavaServer Page to a corresponding JavaBean.
Building Your Own JSP Components This article is written for developers who want to create their own Beans for use as JSP components, and for interested web designers who want to understand how these components are implemented behind the scenes. It is not necessary to understand the details of Beans development to work with JSP.
Site User Logon with XML, Java Beans and JSP By asking a user for a logon and password, you can verify the user's access to the site and ensure they are shown only the information they need. During this tutorial, we will use XML and Java Server Pages to verify the user's logon - and then store the results in a session Java Bean for easy access.
Putting JSP and JavaBeans Together The jsp useBean tag is JSP's gateway to using a JavaBean, and its most important functions are to provide an identifier (so you may reference the bean in your JSP page) and a scope (so you may control the bean's life span).

JSP SESSIONS

What is Session Tracking? There are a number of problems that arise from the fact that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping, it is a real annoyance that the Web server can't easily remember previous transactions.
Session Tracking HTTP is a “stateless” protocol: each time a client retrieves a Web page, it opens a separate connection to the Web server, and the server does not auto-matically maintain contextual information about a client.
How can I enable session tracking for JSP pages if the browser has disabled cookies? We know that session tracking uses cookies by default to associate a session identifier with a unique user. If the browser does not support cookies, or if cookies are disabled, you can still enable session tracking using URL rewriting.
How to do session tracking in JSP I want to do session tracking in my JSP pages.Say once after the user logs in,on every page I can get his username for further use.Thank you for your help!
Session tracking with Cocoon Maintaining state is a common problem for web server frameworks because HTTP is a stateless protocol. There are many solutions known to obtain stateful information. Client-side storage of state information like the usage of cookies will not be discussed here, since this depends heavily on the client's browser.
Session Tracking Session tracking is a mechanism that servlets use to maintain state about a series of requests from the same user (that is, requests originating from the same browser) across some period of time.
Session Tracking HTTP is a stateless protocol: it provides no way for a server to recognize that a sequence of requests are all from the same client. Privacy advocates may consider this a feature, but it causes problems because many web applications aren't stateless. The shopping cart application is a classic example--a client can put items in his virtual cart, accumulating them until he checks out several page requests later. Other examples include sites that offer stock brokerage services or interactive data mining.
WebSphere Application Server Best Practices using HTTP Sessions A session is a series of requests to a servlet, originating from the same user at the same browser. Sessions allow JSPs running on a JSP engine to keep trac of individual users, a concept known as personalization.
Survey: Hole in JSP ignored by many (IDG.net) Java Application Servers based on Sun's reference implementation of the Java Servlet Developers Kit (JSDK 2.0), without enhancements to the session management code, may be vulnerable.
2 Ways To Implement Session Tracking This article explains how to implement session tracking using two of the simplest & oldest methods available to programmers. I feel that in order to understand the beauty of new technologies that exist today it is often necessary to understand what used to be done before that technology came into being.
State and session tracking with Java servlets Part 1: Using cookies When the Hyper-Text Transfer Protocol (HTTP) was developed, its designers chose to create a protocol which does not maintain a persistent connection. Each request made by a Web browser, for an image, an HTML page, or other Web object, is made via a new connection. It would have been handy if Web browsers established a single connection, through which multiple requests could be made.
State and session tracking with Java servlets Part 2: Securing data In the second part of this tutorial on state and session management, we'll further examine how cookies can be used to maintain state information between servlet requests, as well as some of the security implications of storing state data in cookies. We'll also examine the topic of session management, and the advanced session-tracking features that the Servlet API offers.
Deciding between session tracking approaches Suppose a servlet implementing sessions is receiving requests from three different users. For each user request, the servlet must be able to figure out the session to which the user request pertains. Each user request belongs to just one of the three user sessions being tracked by the servlet. Currently, the product offers three ways to address the problem.
Deciding between session tracking approaches Suppose a servlet implementing sessions is receiving requests from three different users. For each user request, the servlet must be able to figure out the session to which the user request pertains. Each user request belongs to just one of the three user sessions being tracked by the servlet. Currently, the product offers three ways to address the problem.


JSP AND COOKIES

What is Session Tracking? There are a number of problems that arise from the fact that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping, it is a real annoyance that the Web server can't easily remember previous transactions
The Session Tracking API Using sessions in servlets is quite straightforward, and involves looking up the session object associated with the current request, creating a new session object when necessary, looking up information associated with a session, storing information in a session, and discarding completed or abandoned sessions.
Handling Cookies Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting the same Web site or domain later.
Can cookies only be set in terms of seconds? What if I want to set one for a year? There are no convenience methods for setting a cookie's lifespan in terms of days, months or years. However, you can still have a cookie exist for these amounts of time.
How can I enable session tracking for JSP pages if the browser has disabled cookies? We know that session tracking uses cookies by default to associate a session identifier with a unique user. If the browser does not support cookies, or if cookies are disabled, you can still enable session tracking using URL rewriting.
Questions and Answers - Session state in the client tier A session is a sequence of service requests by a single user using a single client to access a server. The information maintained in the session across requests is called session state. Session state may include both information visible to the user (shopping cart contents, for example) and invisible application control information (such as user preferences).

IMPORTANT DBMS CONCEPTS


1. Database
A database is a logically coherent collection of data with some inherent meaning, representing some aspect of real world and which is designed, built and populated with data for a specific purpose


2. DBMS
It is a collection of programs that enables user to create and maintain a database. In other words it is general-purpose software that provides the users with the processes of defining, constructing and manipulating the database for various applications.

3. Database system
The database and DBMS software together is called as Database system.

4. Advantages of DBMS?

Ø Redundancy is controlled.
Ø Unauthorized access is restricted.
Ø providing multiple user interfaces.
Ø Enforcing integrity constraints.
Ø Providing backup and recovery.

5. Disadvantage in File Processing System

Ø Data redundancy & inconsistency.
Ø Difficult in accessing data.
Ø Data isolation.
Ø Data integrity.
Ø Concurrent access is not possible.
Ø Security Problems.

6.The three levels of data abstraction

Ø Physical level: The lowest level of abstraction describes how data are stored.
Ø Logical level: The next higher level of abstraction, describes what data are stored in database and what relationship among those data.
Ø View level: The highest level of abstraction describes only part of entire database.

11. Data Independence

Data independence means that “the application is independent of the storage structure and access strategy of data”. In other words, The ability to modify the schema definition in one level should not affect the schema definition in the next higher level.

Two types of Data Independence:

Ø Physical Data Independence: Modification in physical level should not affect the logical level.
Ø Logical Data Independence: Modification in logical level should affect the view level.
NOTE: Logical Data Independence is more difficult to achieve

12. View & How is it related to data independence?

A view may be thought of as a virtual table, that is, a table that does not really exist in its own right but is instead derived from one or more underlying base table. In other words, there is no stored file that direct represents the view instead a definition of view is stored in data dictionary.
Growth and restructuring of base tables is not reflected in views. Thus the view can insulate users from the effects of restructuring and growth in the database. Hence accounts for logical data independence.

13 Data Model
A collection of conceptual tools for describing data, data relationships data semantics and constraints.

14. E-R model
This data model is based on real world that consists of basic objects called entities and of relationship among these objects. Entities are described in a database by a set of attributes.

15. Object Oriented model
This model is based on collection of objects. An object contains values stored in instance variables with in the object. An object also contains bodies of code that operate on the object. These bodies of code are called methods. Objects that contain same types of values and the same methods are grouped together into classes.

16 Entity
It is a 'thing' in the real world with an independent existence.

17. Entity type
It is a collection (set) of entities that have same attributes.

18. Entity set
It is a collection of all entities of particular entity type in the database.

19. Extension of entity type
The collections of entities of a particular entity type are grouped together into an entity set.

20.Weak Entity set
An entity set may not have sufficient attributes to form a primary key, and its primary key compromises of its partial key and primary key of its parent entity, then it is said to be Weak Entity set.

21.Attribute
It is a particular property, which describes the entity.

22 Relation Schema & Relation

A relation Schema denoted by R(A1, A2, …, An) is made up of the relation name R and the list of attributes Ai that it contains. A relation is defined as a set of tuples. Let r be the relation which contains set tuples (t1, t2, t3, ..., tn). Each tuple is an ordered list of n-values t=(v1,v2, ..., vn).

23. Degree of a Relation
It is the number of attribute of its relation schema.

24. Relationship
It is an association among two or more entities.

25 Relationship set
The collection (or set) of similar relationships.

26. Relationship type
Relationship type defines a set of associations or a relationship set among a given set of entity types.

27. Degree of Relationship type
It is the number of entity type participating.

25. DDL (Data Definition Language)
A data base schema is specifies by a set of definitions expressed by a special language called DDL.

26. VDL (View Definition Language)
It specifies user views and their mappings to the conceptual schema.

29. DML (Data Manipulation Language)
This language that enable user to access or manipulate data as organised by appropriate data model.
Ø Procedural DML or Low level: DML requires a user to specify what data are needed and how to get those data.
Ø Non-Procedural DML or High level: DML requires a user to specify what data are needed without specifying how to get those data

30. Relational Algebra
It is procedural query language. It consists of a set of operations that take one or two relations as input and produce a new relation.

37. Relational Calculus
It is an applied predicate calculus specifically tailored for relational databases proposed by E.F. Codd. E.g. of languages based on it are DSL ALPHA, QUEL.

38. Difference between Tuple-oriented relational calculus & domain-oriented relational calculus
The tuple-oriented calculus uses a tuple variables i.e., variable whose only permitted values are tuples of that relation. E.g. QUEL
The domain-oriented calculus has domain variables i.e., variables that range over the underlying domains instead of over relation. E.g. ILL, DEDUCE.

39. Normalization
It is a process of analysing the given relation schemas based on their Functional Dependencies (FDs) and primary key to achieve the properties
Ø Minimizing redundancy
Ø Minimizing insertion, deletion and update anomalies.

40. Functional Dependency
A Functional dependency is denoted by X Y between two sets of attributes X and Y that are subsets of R specifies a constraint on the possible tuple that can form a relation state r of R. The constraint is for any two tuples t1 and t2 in r if t1[X] = t2[X] then they have t1[Y] = t2[Y]. This means the value of X component of a tuple uniquely determines the value of component Y.

41. When is a functional dependency F said to be minimal?
Ø Every dependency in F has a single attribute for its right hand side.
Ø We cannot replace any dependency X A in F with a dependency Y A where Y is a proper subset of X and still have a set of dependency that is equivalent to F.
Ø We cannot remove any dependency from F and still have set of dependency that is equivalent to F.

42. Multivalued dependency

Multivalued dependency denoted by X Y specified on relation schema R, where X and Y are both subsets of R, specifies the following constraint on any relation r of R: if two tuples t1 and t2 exist in r such that t1[X] = t2[X] then t3 and t4 should also exist in r with the following properties
Ø t3[x] = t4[X] = t1[X] = t2[X]
Ø t3[Y] = t1[Y] and t4[Y] = t2[Y]
Ø t3[Z] = t2[Z] and t4[Z] = t1[Z]
where [Z = (R-(X U Y)) ]

43. Lossless join property
It guarantees that the spurious tuple generation does not occur with respect to relation schemas after decomposition.

44. 1 NF (Normal Form)
The domain of attribute must include only atomic (simple, indivisible) values.

45. Fully Functional dependency
It is based on concept of full functional dependency. A functional dependency X Y is full functional dependency if removal of any attribute A from X means that the dependency does not hold any more.

46. 2NF
A relation schema R is in 2NF if it is in 1NF and every non-prime attribute A in R is fully functionally dependent on primary key.

47. 3NF

A relation schema R is in 3NF if it is in 2NF and for every FD X A either of the following is true
Ø X is a Super-key of R.
Ø A is a prime attribute of R.
In other words, if every non prime attribute is non-transitively dependent on primary key.

48. BCNF (Boyce-Codd Normal Form)
A relation schema R is in BCNF if it is in 3NF and satisfies an additional constraint that for every FD X A, X must be a candidate key.

49. 4NF
A relation schema R is said to be in 4NF if for every Multivalued dependency X Y that holds over R, one of following is true
Ø X is subset or equal to (or) XY = R.
Ø X is a super key.

50. 5NF
A Relation schema R is said to be 5NF if for every join dependency {R1, R2, ..., Rn} that holds R, one the following is true
Ø Ri = R for some i.
Ø The join dependency is implied by the set of FD, over R in which the left side is key of R.

51. Atomicity and Aggregation
Atomicity:
Either all actions are carried out or none are. Users should not have to worry about the effect of incomplete transactions. DBMS ensures this by undoing the actions of incomplete transactions.
Aggregation:
A concept which is used to model a relationship between a collection of entities and relationships. It is used when we need to express a relationship among relationships.

Subscribe to: Posts (Atom)
" );
//from <%= toStringOrBlank( "expanded inline data " + 1 ) %>
out.print( toStringOrBlank( "expanded inline data " + 1 ) );
out.print( "