CMU J2EE网络开发课程总结笔记
2017-02-10 16:16
302 查看
CMU 08-672 J2EE Web Development 课程笔记,部分英文内容摘自课件
URL – UniformResource Locator: Specifies the location of the resource
Newer:
URI –Universal Resource Identifier
–Identifies the resource
– Recognizes it’s not necessarily correlated to a location
HTML超文本标记语言: Mixes the structure
of the document with the formatting
XML: Only structure,no formatting
XHTML: a standardization of HTML, more restrictive and well-formed in structure
CSS: Separate document structure from formatting
Servlets &Tomcat
Java runtime environment
In web browsers:using Applets
In web servers:using Servlets
Advantages of Server-side Java
• No Java version mismatch
–Just generate HTML
• No long download problems
–Many “real” apps have many big .class files
• Right way to access server data
–Secure: Your program, running on your server
–Fast: Your program, running on your server
Apache Tomcat: an open source implementation of the Java Servlet
Tomcat Server Structure
• It’s the same loop as any HTTP Server while (true) {
request =readHttpRequest(...);
response =processHttpRequest(request);
sendHttpResponse(..., response);
}
• Request is an object that contains all the info about the HTTP Request
• Response is an object containing info needed to send the HTTP Response
Sessions & Cookies
• Server sends cookies to browser in HTTP Response
•
Cookies are server generated data
–Typically identify user (or browser), preferences, etc
• Browser does not “understand” the cookie data
• Browser sends cookies back in subsequent requests – Server will now knows “who” is making the request
Problems with cookies:
Cookies can only contain a little data (up to 4kb)
Cookies can be modified by the user.
Cookies might not be accepted by the browser. (You can configure your browser not to accept cookies)
Sessions
• Maintain data correlated with browser session
• Cookies are typically used to implement sessions
–A session id is stored in the cookie
• It’s big and ugly
–Maintains a list of (name, object) pairs in the server
• Implemented by HttpSession class
–Handles stale sessions
ORM: Object Relation Mapping
JavaBean:
• In simplest terms:
–An instance of a Java class with getter and setter methods
• When usingJavaBeans for storing data
–Private instance variables hold the data
–Getters and setters provide data access
Example JavaBean to Store a User
public class User{
private String userName;
private String password;
public String getUserName() { return userName; }
public String getPassword() { return password; }
public void setUserName(String s) {userName = s; }
public void setPassword(String s) {password = s; }
}
Security
–
Man-in-the-middle Attack
• Someone that can intercept network traffic
• Can read the messages (coming and going)
• Can change the messages before sending them on (to the correct or incorrect destination)
–
Sniffing
–
Spoofing
Pretending to be someone your not
Public Key: Key Pair(key1 & key2)
– Either key can be used to encrypt (key 1 or key 2)
– You can only decrypt using the “other key” (key 2 or key 1)
– One key is given out (the public key)
– The other key is kept secret (the private key)
Secret Key:
– Shared Secret
– Used to encrypt and decrypt
Certificate Authority
• A Certificate Authority (CA) tells you what someone’s (something’s) public key is
– Usually this will be a server’s public key
• Companies get paid to do this
– They “check out”the information
– They issue a“certificate” with the information
• The CA’s public key is well-known
– It’s usually pre-installed with server and client software (i.e., it’s in your browser already)
Ajax
Asynchronous JavaScript And XML
• AJAX is a technique for creating more interactive web applications
– Use an XMLHttpRequest object to make requests to the web server for data asynchronously (or synchronously)
– Receive server data as XML (or text or JSON)
– Convert the XML into a DOM tree
– Extract data from the XML DOM tree and change the HTML document’s DOM tree (thereby updating the page)
AJAX Advantages
• More interactive web sites
–The page is not reloaded
•You only change parts of the page
–Requests can be executed asynchronously
•So the user can continue to interact with the page during
requests to the server
• Reduces load on server
–A lot of the formatting of the result is offloaded to the client browser
URL – UniformResource Locator: Specifies the location of the resource
Newer:
URI –Universal Resource Identifier
–Identifies the resource
– Recognizes it’s not necessarily correlated to a location
HTML超文本标记语言: Mixes the structure
of the document with the formatting
XML: Only structure,no formatting
XHTML: a standardization of HTML, more restrictive and well-formed in structure
CSS: Separate document structure from formatting
Servlets &Tomcat
Java runtime environment
In web browsers:using Applets
In web servers:using Servlets
Advantages of Server-side Java
• No Java version mismatch
–Just generate HTML
• No long download problems
–Many “real” apps have many big .class files
• Right way to access server data
–Secure: Your program, running on your server
–Fast: Your program, running on your server
Apache Tomcat: an open source implementation of the Java Servlet
Tomcat Server Structure
• It’s the same loop as any HTTP Server while (true) {
request =readHttpRequest(...);
response =processHttpRequest(request);
sendHttpResponse(..., response);
}
• Request is an object that contains all the info about the HTTP Request
• Response is an object containing info needed to send the HTTP Response
Sessions & Cookies
• Server sends cookies to browser in HTTP Response
•
Cookies are server generated data
–Typically identify user (or browser), preferences, etc
• Browser does not “understand” the cookie data
• Browser sends cookies back in subsequent requests – Server will now knows “who” is making the request
Problems with cookies:
Cookies can only contain a little data (up to 4kb)
Cookies can be modified by the user.
Cookies might not be accepted by the browser. (You can configure your browser not to accept cookies)
Sessions
• Maintain data correlated with browser session
• Cookies are typically used to implement sessions
–A session id is stored in the cookie
• It’s big and ugly
–Maintains a list of (name, object) pairs in the server
• Implemented by HttpSession class
–Handles stale sessions
ORM: Object Relation Mapping
JavaBean:
• In simplest terms:
–An instance of a Java class with getter and setter methods
• When usingJavaBeans for storing data
–Private instance variables hold the data
–Getters and setters provide data access
Example JavaBean to Store a User
public class User{
private String userName;
private String password;
public String getUserName() { return userName; }
public String getPassword() { return password; }
public void setUserName(String s) {userName = s; }
public void setPassword(String s) {password = s; }
}
Security
–
Man-in-the-middle Attack
• Someone that can intercept network traffic
• Can read the messages (coming and going)
• Can change the messages before sending them on (to the correct or incorrect destination)
–
Sniffing
–
Spoofing
Pretending to be someone your not
Public Key: Key Pair(key1 & key2)
– Either key can be used to encrypt (key 1 or key 2)
– You can only decrypt using the “other key” (key 2 or key 1)
– One key is given out (the public key)
– The other key is kept secret (the private key)
Secret Key:
– Shared Secret
– Used to encrypt and decrypt
Certificate Authority
• A Certificate Authority (CA) tells you what someone’s (something’s) public key is
– Usually this will be a server’s public key
• Companies get paid to do this
– They “check out”the information
– They issue a“certificate” with the information
• The CA’s public key is well-known
– It’s usually pre-installed with server and client software (i.e., it’s in your browser already)
Ajax
Asynchronous JavaScript And XML
• AJAX is a technique for creating more interactive web applications
– Use an XMLHttpRequest object to make requests to the web server for data asynchronously (or synchronously)
– Receive server data as XML (or text or JSON)
– Convert the XML into a DOM tree
– Extract data from the XML DOM tree and change the HTML document’s DOM tree (thereby updating the page)
AJAX Advantages
• More interactive web sites
–The page is not reloaded
•You only change parts of the page
–Requests can be executed asynchronously
•So the user can continue to interact with the page during
requests to the server
• Reduces load on server
–A lot of the formatting of the result is offloaded to the client browser
相关文章推荐
- Django开发BBS---51网络课程笔记(1)
- Coursera吴恩达机器学习课程 总结笔记及作业代码——第4周神经网络
- Django开发BBS---51网络课程笔记(2)
- Django开发BBS---51网络课程笔记(目录)
- ios开发笔记之 网络编程总结
- 【J2EE核心开发学习笔记 003】网络基础
- Coursera吴恩达机器学习课程 总结笔记及作业代码——第5周神经网络续
- Sundy嵌入式底层开发课程笔记6 --网络配置管理
- Django开发BBS---51网络课程笔记(3)
- iOS开发笔记(六)网络编程总结
- J2EE开发总结之常用开源或免费工具
- 没头没尾--项目开发笔记:项目问题的阶段性总结,下一步…………
- ACE网络开发中,各种Reactor实现的总结
- RHCE课程-RH033Linux基础笔记六之编辑工具VIM、网络配置、进程优先、日志文件简介 推荐
- J2EE学习笔记四:开发第一个Session Bean
- J2EE开发中几个主流框架的简短使用总结
- jsp/servlet:j2ee开发环境配置个人总结
- J2EE开发架构大总结
- 网络开发的一些总结
- ADO.NET开发总结(学习笔记)