MSAJSP

 

More Servlets and JavaServer Pages

by Marty Hall

Free PDF of the Book

This book is now freely available online in PDF.
Please see http://pdf.moreservlets.com/.


Table of Contents

Part I: The Basics

  • Chapter 1: Server Setup and Configuration
  • Chapter 2: A Fast Introduction to Basic Servlet Programming
  • Chapter 3: A Fast Introduction to Basic JSP Programming

Part II: Web Applications

  • Chapter 4: Using and Deploying Web Applications
  • Chapter 5: Controlling Web Application Behavior with web.xml.
  • Chapter 6: A Sample Web Application: An Online Boat Shop

Part III: Web Application Security

Part IV: Major New Servlet JSP Capabilities

Part V: New Tag Library Capabilities

End Matter

More Information

Executive Summary

INTRODUCTION

Reminder: the book is freely available online in PDF.
Acknowledgments xvii
About the Author xviii
Introduction xix
Who Should Read This Book xxi
Book Distinctives xxi
Integrated Coverage of Servlets and JSP xxii
Real Code xxii
Step-by-Step Instructions xxii
Server Configuration and Usage Details xxiii
How This Book Is Organized xxiii
Part I: The Basics xxiv
Part II: Web Applications xxiv
Part III: Web Application Security xxv
Part IV: Major New Servlet JSP Capabilities xxv
Part V: New Tag Library Capabilities xxvi
Conventions xxvii
About the Web Site xxvii

BOOK PART I
The Basics 2

CHAPTER 1
Server Setup and Configuration 4

1.1 Download the Java Development Kit (JDK) 5
1.2 Download a Server for Your Desktop 6
1.3 Change the Port and Configure Other Server Settings 8
Apache Tomcat 9
Allaire/Macromedia JRun 11
New Atlanta ServletExec 13
1.4 Test the Server 14
1.5 Try Some Simple HTML and JSP Pages 15
1.6 Set Up Your Development Environment 18
Create a Development Directory 18
Make Shortcuts to Start and Stop the Server 19
Set Your CLASSPATH 19
Bookmark or Install the Servlet and JSP API Documentation 21
1.7 Compile and Test Some Simple Servlets 21
Test 1: A Servlet That Does Not Use Packages 22
Test 2: A Servlet That Uses Packages 23
Test 3: A Servlet That Uses Packages and Utilities 25
1.8 Establish a Simplified Deployment Method 27
Copy to a Shortcut or Symbolic Link 28
Use the -d Option of javac 29
Let Your IDE Take Care of Deployment 29
Use ant or a Similar Tool 29
1.9 Deployment Directories for Default Web Application: Summary 30
Tomcat 30
JRun 31
ServletExec 32

CHAPTER 2
A Fast Introduction to Basic Servlet Programming 34

2.1 The Advantages of Servlets Over "Traditional" CGI 37
Efficient 37
Convenient 37
Powerful 38
Portable 38
Secure 38
Inexpensive 39
2.2 Basic Servlet Structure 39
A Servlet That Generates Plain Text 40
A Servlet That Generates HTML 41
Servlet Packaging 43
Simple HTML-Building Utilities 45
2.3 The Servlet Life Cycle 48
The init Method 48
The service Method 50
The doGet, doPost, and doXxx Methods 51
The SingleThreadModel Interface 52
The destroy Method 52
2.4 The Client Request: Form Data 53
Reading Form Data from CGI Programs 53
Reading Form Data from Servlets 53
Example: Reading Three Explicit Parameters 54
Filtering Query Data 57
2.5 The Client Request: HTTP Request Headers 58
Reading Request Headers from Servlets 59
Example: Making a Table of All Request Headers 61
Understanding HTTP 1.1 Request Headers 63
2.6 The Servlet Equivalent of the Standard CGI Variables 67
2.7 The Server Response: HTTP Status Codes 70
Specifying Status Codes 71
HTTP 1.1 Status Codes 72
A Front End to Various Search Engines 78
2.8 The Server Response: HTTP Response Headers 83
Setting Response Headers from Servlets 84
Understanding HTTP 1.1 Response Headers 85
2.9 Cookies 92
Benefits of Cookies 92
Some Problems with Cookies 93
The Servlet Cookie API 94
Examples of Setting and Reading Cookies 98
Basic Cookie Utilities 103
2.10 Session Tracking 105
The Need for Session Tracking 105
The Session-Tracking API 107
Terminating Sessions 111
A Servlet Showing Per-Client Access Counts 112
A Simplified Shopping Cart Application 114

CHAPTER 3
A Fast Introduction to Basic JSP Programming 120

3.1 JSP Overview 122
3.2 Advantages of JSP 123
Versus Active Server Pages (ASP) or ColdFusion 123
Versus PHP 123
Versus Pure Servlets 124
Versus JavaScript 124
3.3 Invoking Code with JSP Scripting Elements 125
Expressions 126
Scriptlets 131
Declarations 136
Predefined Variables 140
3.4 Structuring Autogenerated Servlets: The JSP page Directive 141
The import Attribute 142
The contentType Attribute 145
The isThreadSafe Attribute 147
The session Attribute 149
The buffer Attribute 149
The autoflush Attribute 149
The extends Attribute 150
The info Attribute 150
The errorPage Attribute 150
The isErrorPage Attribute 150
The language Attribute 151
The pageEncoding Attribute 151
XML Syntax for Directives 151
3.5 Including Files and Applets in JSP Documents 151
Including Files at Page Translation Time: The include Directive 152
Including Pages at Request Time: The jsp:include Action 153
Including Applets for the Java Plug-In 156
3.6 Using JavaBeans with JSP 165
Basic Bean Use 167
Example: StringBean 169
Setting Bean Properties 171
Sharing Beans 177
3.7 Defining Custom JSP Tag Libraries 181
The Components That Make Up a Tag Library 182
Defining a Basic Tag 186
Assigning Attributes to Tags 194
Including the Tag Body 198
Optionally Including the Tag Body 203
Manipulating the Tag Body 207
Including or Manipulating the Tag Body Multiple Times 211
Using Nested Tags 214
3.8 Integrating Servlets and JSP: The MVC Architecture 222
Forwarding Requests 223
Example: An Online Travel Agent 227
Forwarding Requests from JSP Pages 238

BOOK PART II
Web Applications 240

CHAPTER 4
Using and Deploying Web Applications 242

4.1 Registering Web Applications 243
Registering a Web Application with Tomcat 245
Registering a Web Application with JRun 249
Registering a Web Application with ServletExec 252
4.2 Structure of a Web Application 255
Locations for Various File Types 255
Sample Hierarchy 258
4.3 Deploying Web Applications in WAR Files 260
4.4 Recording Dependencies on Server Libraries 261
Creating a Manifest File 261
Contents of the Manifest File 262
4.5 Handling Relative URLs in Web Applications 264
4.6 Sharing Data Among Web Applications 268

CHAPTER 5
Controlling Web Application Behavior with web.xml 276

5.1 Defining the Header and Root Elements 277
5.2 The Order of Elements within the Deployment Descriptor 279
5.3 Assigning Names and Custom URLs 281
Assigning Names 282
Defining Custom URLs 284
Naming JSP Pages 286
5.4 Disabling the Invoker Servlet 288
Remapping the /servlet/ URL Pattern 288
Globally Disabling the Invoker: Tomcat 291
Globally Disabling the Invoker: JRun 293
5.5 Initializing and Preloading Servlets and JSP Pages 293
Assigning Servlet Initialization Parameters 293
Assigning JSP Initialization Parameters 297
Supplying Application-Wide Initialization Parameters 300
Loading Servlets When the Server Starts 300
5.6 Declaring Filters 301
5.7 Specifying Welcome Pages 305
5.8 Designating Pages to Handle Errors 305
The error-code Element 306
The exception-type Element 308
5.9 Providing Security 311
Designating the Authorization Method 311
Restricting Access to Web Resources 313
Assigning Role Names 316
5.10 Controlling Session Timeouts 317
5.11 Documenting Web Applications 317
5.12 Associating Files with MIME Types 318
5.13 Locating Tag Library Descriptors 319
5.14 Designating Application Event Listeners 319
5.15 J2EE Elements 321

CHAPTER 6
A Sample Web Application: An Online Boat Shop 324

6.1 General Configuration Files 326
6.2 The Top-Level Page 328
6.3 The Second-Level Pages 333
6.4 The Item Display Servlet 338
6.5 The Purchase Display Page 346

BOOK PART III
Web Application Security 350

CHAPTER 7
Declarative Security 352

7.1 Form-Based Authentication 354
Setting Up Usernames, Passwords, and Roles 356
Telling the Server You Are Using Form-Based Authentication;
Designating Locations of Login and Login-Failure Pages 360
Creating the Login Page 361
Creating the Page to Report Failed Login Attempts 362
Specifying URLs That Should Be Password Protected 362
Specifying URLs That Should Be Available Only with SSL 365
Turning Off the Invoker Servlet 367
7.2 Example: Form-Based Authentication 368
The Home Page 369
The Deployment Descriptor 370
The Password File 373
The Login and Login-Failure Pages 374
The investing Directory 375
The ssl Directory 377
The admin Directory 384
The Redirector Servlet 385
Unprotected Pages 386
7.3 BASIC Authentication 389
Setting Up Usernames, Passwords, and Roles 391
Telling the Server You Are Using BASIC Authentication; Designating
Realm 391
Specifying URLs That Should Be Password Protected 391
Specifying URLs That Should Be Available Only with SSL 392
7.4 Example: BASIC Authentication 392
The Home Page 393
The Deployment Descriptor 394
The Password File 396
The Financial Plan 397
The Business Plan 398
The Redirector Servlet 400
7.5 Configuring Tomcat to Use SSL 400

CHAPTER 8
Programmatic Security 408

8.1 Combining Container-Managed and Programmatic Security 410 Security Role References 412
8.2 Example: Combining Container-Managed and Programmatic Security 413
8.3 Handling All Security Programmatically 418
8.4 Example: Handling All Security Programmatically 420
8.5 Using Programmatic Security with SSL 424
Determining If SSL Is in Use 424
Redirecting Non-SSL Requests 425
Discovering the Number of Bits in the Key 425
Looking Up the Encryption Algorithm 426
Accessing Client X509 Certificates 426
8.6 Example: Programmatic Security and SSL 427

BOOK PART IV
Major New Servlet and JSP Capabilities 432

CHAPTER 9
Servlet and JSP Filters 434

9.1 Creating Basic Filters 436
Create a Class That Implements the Filter Interface 437
Put the Filtering Behavior in the doFilter Method 438
Call the doFilter Method of the FilterChain Object 438
Register the Filter with the Appropriate Servlets and JSP Pages 439
Disable the Invoker Servlet 441
9.2 Example: A Reporting Filter 442
9.3 Accessing the Servlet Context from Filters 450
9.4 Example: A Logging Filter 451
9.5 Using Filter Initialization Parameters 453
9.6 Example: An Access Time Filter 455
9.7 Blocking the Response 459
9.8 Example: A Prohibited-Site Filter 459
9.9 Modifying the Response 466
A Reusable Response Wrapper 467
9.10 Example: A Replacement Filter 468
A Generic Replacement Filter 469
A Specific Replacement Filter 472
9.11 Example: A Compression Filter 476
9.12 The Complete Filter Deployment Descriptor 482

CHAPTER 10
The Application Events Framework 488

10.1 Monitoring Creation and Destruction of the Servlet Context 491
10.2 Example: Initializing Commonly Used Data 493
10.3 Detecting Changes in Servlet Context Attributes 500
10.4 Example: Monitoring Changes to Commonly Used Data 501
10.5 Packaging Listeners with Tag Libraries 511
10.6 Example: Packaging the Company Name Listeners 515
10.7 Recognizing Session Creation and Destruction 522
10.8 Example: A Listener That Counts Sessions 523
Disabling Cookies 529
10.9 Watching for Changes in Session Attributes 531
10.10 Example: Monitoring Yacht Orders 532
10.11 Using Multiple Cooperating Listeners 540
Tracking Orders for the Daily Special 540
Resetting the Daily Special Order Count 547
10.12 The Complete Events Deployment Descriptor 553

BOOK PART V
New Tag Library Capabilities 432

CHAPTER 11
New Tag Library Features in JSP 1.2

11.1 Using the New Tag Library Descriptor Format 564
New DOCTYPE Declaration 564
Renamed Elements 565
New Elements 566
Summary 567
11.2 Bundling Listeners with Tag Libraries 568
Tracking Active Sessions 569
Testing Session Counts 577
11.3 Checking Syntax with TagLibraryValidator 580
Example: Tracing the Tag Structure 583
Example: Enforcing Tag Nesting Order 589
11.4 Aside: Parsing XML with SAX 2.0 599
Installation and Setup 599
Parsing 600
11.5 Handling Exceptions with the TryCatchFinally Interface 602
11.6 New Names for Return Values 607
11.7 Looping Without Generating BodyContent 608
JSP 1.1 Loop Tag 608
JSP 1.2 Loop Tag 612
11.8 Introducing Scripting Variables in the TLD File 614

CHAPTER 12
The JSP Standard Tag Library 618

12.1 Using JSTL: An Overview 620
The jr and jx Libraries 620
The forEach Iteration Tag 622
The forTokens Iteration Tag 623
Conditional Evaluation Tags 623
Expression Language Support Tags 624
12.2 Installing and Configuring JSTL 625
Downloading the JSTL Files 625
Accessing the JSTL Documentation 626
Making the JSTL Classes Available to the Server 626
Putting the JSTL TLD Files in the WEB-INF Directory 626
Creating Aliases for the TLD File Locations 626
Defining the Expression Language in web.xml 628
Downloading and Installing an XML Parser 629
12.3 Looping with the forEach Tag 629
Looping with Explicit Numeric Values 630
Looping with a Designated Step Size 634
Looping Down Arrays 640
Looping Down Enumerations 646
Looping Down Entries in a String 649
Looping Down Multiple Data Types 652
12.4 Accessing the Loop Status 663
12.5 Looping with the forTokens Tag 667
A Simple Token Loop 667
Nested Token Loops 670
12.6 Evaluating Items Conditionally 674
The if Tag 675
The choose, when, and otherwise Tags 679
The Use of the set Tag with the choose Tag 682
12.7 Using the Expression Language 686
The set Tag 687
The expr Tag 689
The declare Tag 692

END MATTER

APPENDIX
Server Organization and Structure 696

Download Sites 697
Starting and Stopping the Server 697
Servlet JAR File Locations 698
Locations for Files in the Default Web Application 698
Locations for Files in Custom Web Applications 700

Index 702

Note: the book index is available online in PDF.