Core Servlets and Javaserver Pages: Advanced Technologies

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Java EE is the technology of choice for e-commerce applications, interactive Web sites, and Web-enabled services. Servlet and JSP technology provides the link between Web clients and server-side applications on this platform. Core Servlets and JavaServer Pages, Volume 2: Advanced Technologies, Second Edition, is the definitive guide to the advanced features and capabilities provided by servlets and JSP.

Volume 2 presents advanced capabilities like custom tag libraries, filters, declarative security, JSTL, and Struts. Like the first volume, it teaches state-of-the-art techniques and best practices illustrated with complete, working, fully documented programs.

Volume 2 explains in detail the advanced tools and techniques needed to build robust, enterprise-class applications. You'll learn how to control application behavior through the web.xml deployment descriptor file, how to enhance application security through both declarative and programmatic methods, and how to use servlet and JSP filters to encapsulate common behavior. You'll also learn how to control major application lifecycle events, best practices for using JSTL, and how to build custom tag libraries. Volume 2 concludes with an in-depth introduction to the Jakarta Struts framework.

Complete source code for all examples is available free for unrestricted use at www.volume2.coreservlets.com. For information on Java training from Marty Hall, go to courses.coreservlets.com.

Volume 1 presents comprehensive coverage of the servlets and JSP specifications, including HTTP headers, cookies, session tracking, JSP scripting elements, file inclusion, the MVC architecture, and the JSP expression language. It also covers HTML forms, JDBC, and best practices for design and implementation.

Author(s): Marty Hall, Larry Brown, Yaakov Chaikin
Series: Core Series
Edition: 2
Publisher: Prentice Hall
Year: 2007

Language: English
Pages: 735

CORE SERVLETS AND JAVASERVER PAGES: ADVANCED TECHNOLOGIES, VOL. 2......Page 1
CONTENTS......Page 6
INTRODUCTION......Page 18
Who Should Read This Book......Page 19
Conventions......Page 20
About the Web Site......Page 21
ACKNOWLEDGMENTS......Page 22
ABOUT THE AUTHORS......Page 23
1 USING AND DEPLOYING WEB APPLICATIONS......Page 25
1.1 Purpose of Web Applications......Page 26
Separation......Page 27
Locations for Various File Types......Page 28
1.3 Registering Web Applications with the Server......Page 32
Registering a Web Application with Tomcat......Page 33
Registering a Web Application with Other Servers......Page 35
1.4 Development and Deployment Strategies......Page 37
Copying to a Shortcut or Symbolic Link......Page 38
Using Ant, Maven, or a Similar Tool......Page 39
1.5 The Art of WAR: Bundling Web Applications into WAR Files......Page 40
Download and Rename app-blank to testApp......Page 41
Add test.html, test.jsp to the testApp Web Application......Page 42
Compile TestServlet.java......Page 43
Declare TestServlet.class and the URL That Will Invoke It in web.xml......Page 44
Access testApp with the URL of the Form http://localhost/testApp/someResource......Page 46
1.7 Sharing Data Among Web Applications......Page 48
2 CONTROLLING WEB APPLICATION BEHAVIOR WITH WEB.XML......Page 57
2.1 Purpose of the Deployment Descriptor......Page 58
2.2 Defining the Header and the Root Element......Page 59
2.3 The Elements of web.xml......Page 60
Version 2.4......Page 61
Version 2.3......Page 63
Assigning Names......Page 65
Defining Custom URLs......Page 67
Naming JSP Pages......Page 73
2.5 Disabling the Invoker Servlet......Page 75
Remapping the /servlet/ URL Pattern......Page 76
Globally Disabling the Invoker: Tomcat......Page 78
Assigning Servlet Initialization Parameters......Page 79
Assigning JSP Initialization Parameters......Page 83
Supplying Application-Wide Initialization Parameters......Page 86
Loading Servlets When the Server Starts......Page 87
2.7 Declaring Filters......Page 91
2.8 Specifying Welcome Pages......Page 94
2.9 Designating Pages to Handle Errors......Page 95
The error-code Element......Page 96
The exception-type Element......Page 98
Designating the Authentication Method......Page 101
Restricting Access to Web Resources......Page 103
2.11 Controlling Session Timeouts......Page 106
2.12 Documenting Web Applications......Page 107
2.13 Associating Files with MIME Types......Page 108
Locating Tag Library Descriptors......Page 109
Configuring JSP Page Properties......Page 110
2.16 Designating Application Event Listeners......Page 116
2.17 Developing for the Clustered Environment......Page 118
2.18 J2EE Elements......Page 120
3 DECLARATIVE SECURITY......Page 127
3.1 Form-Based Authentication......Page 129
Setting Up Usernames, Passwords, and Roles......Page 131
Telling the Server You Are Using Form-Based Authentication; Designating Locations of Login and Login-Failure Pages......Page 133
Creating the Login Page......Page 134
Creating the Page to Report Failed Login Attempts......Page 137
Specifying URLs That Should Be Password Protected......Page 138
Listing All Possible Abstract Roles......Page 141
Specifying URLs That Should Be Available Only with SSL......Page 142
Turning Off the Invoker Servlet......Page 143
The Home Page......Page 145
The Deployment Descriptor......Page 146
The Password File......Page 150
The Login and Login-Failure Pages......Page 151
The investing Directory......Page 152
The ssl Directory......Page 155
The admin Directory......Page 161
The NoInvoker Servlet......Page 163
Unprotected Pages......Page 164
3.3 BASIC Authentication......Page 166
Telling the Server You Are Using BASIC Authentication; Designating Realm......Page 168
Listing All Possible Abstract Roles......Page 169
The Home Page......Page 170
The Deployment Descriptor......Page 172
The Password File......Page 174
The Financial Plan......Page 175
The Business Plan......Page 177
3.5 Configuring Tomcat to Use SSL......Page 179
3.6 WebClient: Talking to Web Servers Interactively......Page 187
3.7 Signing a Server Certificate......Page 190
Exporting the CA Certificate......Page 193
Using WebClient with Tomcat and SSL......Page 198
4 PROGRAMMATIC SECURITY......Page 201
4.1 Combining Container-Managed and Programmatic Security......Page 203
Security Role References......Page 205
4.2 Example: Combining Container-Managed and Programmatic Security......Page 206
4.3 Handling All Security Programmatically......Page 211
4.4 Example: Handling All Security Programmatically......Page 213
Redirecting Non-SSL Requests......Page 218
Looking Up the Encryption Algorithm......Page 219
4.6 Example: Programmatic Security and SSL......Page 220
5 SERVLET AND JSP FILTERS......Page 225
5.1 Creating Basic Filters......Page 227
Create a Class That Implements the Filter Interface......Page 228
Call the doFilter Method of the FilterChain Object......Page 229
Register the Filter with the Appropriate Servlets and JSP Pages......Page 230
Disable the Invoker Servlet......Page 232
5.2 Example: A Reporting Filter......Page 233
5.3 Accessing the Servlet Context from Filters......Page 240
5.4 Example: A Logging Filter......Page 241
5.5 Using Filter Initialization Parameters......Page 244
5.6 Example: An Access Time Filter......Page 246
5.7 Blocking the Response......Page 249
5.8 Example: A Prohibited-Site Filter......Page 250
5.9 Modifying the Response......Page 257
A Reusable Response Wrapper......Page 258
A Generic Modification Filter......Page 260
A Specific Modification Filter......Page 262
5.11 Example: A Compression Filter......Page 268
5.12 Configuring Filters to Work with RequestDispatcher......Page 274
5.13 Example: Plugging a Potential Security Hole......Page 276
5.14 The Complete Filter Deployment Descriptor......Page 283
6 THE APPLICATION EVENTS FRAMEWORK......Page 289
6.1 Monitoring Creation and Destruction of the Servlet Context......Page 293
6.2 Example: Initializing Commonly Used Data......Page 294
6.3 Detecting Changes in Servlet Context Attributes......Page 300
6.4 Example: Monitoring Changes to Commonly Used Data......Page 301
6.5 Packaging Listeners with Tag Libraries......Page 311
6.6 Example: Packaging the Company Name Listeners......Page 313
6.7 Recognizing Session Creation and Destruction......Page 320
6.8 Example: A Listener That Counts Sessions......Page 321
Disabling Cookies......Page 328
6.9 Watching for Changes in Session Attributes......Page 329
6.10 Example: Monitoring Yacht Orders......Page 330
6.11 Identifying Servlet Request Initialization and Destruction......Page 337
6.12 Example: Calculating Server Request Load......Page 338
6.13 Watching Servlet Request for Attribute Changes......Page 345
6.14 Example: Stopping Request Frequency Collection......Page 346
6.15 Using Multiple Cooperating Listeners......Page 348
Tracking Orders for the Daily Special......Page 349
Resetting the Daily Special Order Count......Page 357
6.16 The Complete Events Deployment Descriptor......Page 362
7 TAG LIBRARIES: THE BASICS......Page 369
The Tag Handler Class......Page 371
The Tag Library Descriptor File......Page 372
The JSP File......Page 375
7.2 Example: Simple Prime Tag......Page 376
Tag Attributes: Tag Handler Class......Page 380
Tag Attributes: Tag Library Descriptor......Page 381
7.4 Example: Prime Tag with Variable Length......Page 382
Tag Bodies: Tag Handler Class......Page 385
Tag Bodies: JSP File......Page 386
7.6 Example: Heading Tag......Page 387
7.7 Example: Debug Tag......Page 391
7.8 Creating Tag Files......Page 394
7.9 Example: Simple Prime Tag Using Tag Files......Page 395
7.10 Example: Prime Tag with Variable Length Using Tag Files......Page 397
7.11 Example: Heading Tag Using Tag Files......Page 399
8 TAG LIBRARIES: ADVANCED FEATURES......Page 401
8.1 Manipulating Tag Body......Page 403
8.2 Example: HTML-Filtering Tag......Page 404
Dynamic Attribute Values: Tag Handler Class......Page 408
Dynamic Attribute Values: JSP File......Page 409
8.4 Example: Simple Looping Tag......Page 410
Complex Dynamic Attribute Values: Tag Library Descriptor......Page 414
Complex Dynamic Attribute Values: JSP File......Page 415
8.6 Example: Table Formatting Tag......Page 416
8.7 Creating Looping Tags......Page 421
8.8 Example: ForEach Tag......Page 422
8.9 Creating Expression Language Functions......Page 427
8.10 Example: Improved Debug Tag......Page 430
8.11 Handling Nested Custom Tags......Page 433
8.12 Example: If-Then-Else Tag......Page 435
9 JSP STANDARD TAG LIBRARY (JSTL)......Page 441
9.1 Installation of JSTL......Page 443
9.2 c:out Tag......Page 444
9.3 c:forEach and c:forTokens Tags......Page 445
9.4 c:if Tag......Page 447
9.5 c:choose Tag......Page 448
9.6 c:set and c:remove Tags......Page 450
9.7 c:import Tag......Page 453
9.8 c:url and c:param Tags......Page 456
9.9 c:redirect Tag......Page 458
9.10 c:catch Tag......Page 460
10 THE STRUTS FRAMEWORK: BASICS......Page 463
Different Views of Struts......Page 464
Advantages of Apache Struts (Compared to MVC with RequestDispatcher and the EL)......Page 465
Disadvantages of Apache Struts (Compared to MVC with RequestDispatcher and the EL)......Page 467
Installing Struts......Page 469
Making Your Own Struts Applications......Page 471
Adding Struts to an Existing Web Application......Page 472
Struts Flow of Control......Page 473
The Six Basic Steps in Using Struts......Page 477
Understanding Actions......Page 481
Example: One Result Mapping......Page 486
Example: Multiple Result Mappings......Page 493
Combining Shared Condition (Forward) Mappings......Page 502
10.5 Handling Request Parameters with Form Beans......Page 504
Struts Flow of Control: Updates for Bean Use......Page 505
The Six Basic Steps in Using Struts......Page 507
Understanding Form Beans......Page 509
Displaying Bean Properties......Page 511
Example: Form and Results Beans......Page 513
Struts Flow of Control......Page 527
The Six Basic Steps in Using Struts......Page 529
Using Struts html: Tags......Page 531
Prepopulating Forms......Page 533
Example: Prepopulating Forms......Page 534
URL Design Strategies for Actions......Page 546
Redisplaying Forms......Page 548
Example: Redisplaying Forms......Page 551
11 THE STRUTS FRAMEWORK: DOING MORE......Page 561
11.1 Using Properties Files......Page 562
Struts Flow of Control—Updates for Properties Files......Page 563
Steps for Using Properties Files......Page 565
Example: Simple Messages......Page 569
Dynamic Keys......Page 575
Parameterized Messages......Page 576
Setting Language Preferences in Browsers......Page 577
Example: Internationalizing for English, Spanish, and French......Page 578
Results......Page 579
Prerequisites for Tiles......Page 581
The Four Basic Steps in Using Tiles......Page 583
Example: Simple Tiles......Page 586
Handling Relative URLs......Page 591
Example: e-boats Application......Page 593
11.4 Using Tiles Definitions......Page 605
The Five Basic Steps in Using Tiles Definitions......Page 606
Example: e-boats Application with Tiles Definitions......Page 609
12 THE STRUTS FRAMEWORK: VALIDATING USER INPUT......Page 615
Struts Flow of Control......Page 617
Performing Validation in the Action......Page 619
Example: Choosing Colors and Font Sizes for Resume......Page 622
Struts Flow of Control......Page 630
Performing Validation in the ActionForm......Page 632
Example: Choosing Colors and Font Sizes for a Resume (Take 2)......Page 635
Example: Validation with Parameterized Messages......Page 643
Client-Side versus Server-Side Validation......Page 647
Struts Flow of Control......Page 648
Steps in Using Automatic Validation......Page 650
Example: Automatic Validation......Page 656
APPENDIX: DEVELOPING APPLICATIONS WITH APACHE ANT......Page 667
A.2 Installing and Setting Up Ant......Page 669
Defining the Ant Project......Page 671
Writing Targets......Page 673
Running an Ant Target......Page 674
The echo Task......Page 675
The tstamp Task......Page 676
The delete Task......Page 677
The copy Task......Page 679
The javac Task......Page 681
A.5 Example: Writing a Simple Ant Project......Page 684
A.6 Using Ant to Build a Web Application......Page 691
Ant Dependencies......Page 692
The prepare Target......Page 693
The copy Target......Page 694
The build Target......Page 695
A.8 Using Ant to Create a WAR File......Page 698
The jar Task......Page 699
The manifest Task......Page 701
The war Target......Page 702
A......Page 706
B......Page 708
C......Page 709
D......Page 711
E......Page 712
F......Page 713
G......Page 715
H......Page 716
I......Page 717
J......Page 718
L......Page 720
M......Page 721
N......Page 722
P......Page 723
R......Page 724
S......Page 726
T......Page 730
U......Page 732
W......Page 733
Z......Page 735