servlet 3 0
play

Servlet 3.0 Asynchronous, Extensibility, Ease of Development and - PowerPoint PPT Presentation

Jan 11, 2023 •674 likes •1.22k views

Servlet 3.0 Asynchronous, Extensibility, Ease of Development and more Rajiv Mordani Arun Gupta Oracle Corporation AGENDA > Overview > Ease of Development > Dynamic Registration of Servlets and Filters > Pluggability >

  1. Servlet 3.0 Asynchronous, Extensibility, Ease of Development and more Rajiv Mordani Arun Gupta Oracle Corporation

  2. AGENDA > Overview > Ease of Development > Dynamic Registration of Servlets and Filters > Pluggability > Asynchronous Support > Security Enhancements > Demo > Miscellaneous 2

  3. Overview > Java Servlet 3.0 done as part of JSR 315 – Final release done in December 2009. > ~20 members in the expert group – Good mix of representation from major Java EE vendors, open source web container developers and framework authors > Main areas of focus – Ease of Development – Pluggability – Asynchronous support – Security 3

  4. AGENDA > Overview > Ease of Development > Dynamic Registration of Servlets and Filters > Pluggability > Asynchronous Support > Security Enhancements > Demo > Miscellaneous 4

  5. Ease of Development > Focus on Ease of Development in the Servlet 3.0 API > Enhanced APIs to use new Java SE language features introduced since J2SE 5.0 > Annotations for declarative style of programming – web.xml optional > Generics for type safety in API where possible > Better defaults > Convention over configuration 5

  6. Ease of Development Use of annotations > Annotations to declare Servlets, Filters, Listeners and servlet security – @WebServlet – Define a Servlet – @WebFilter - Define a Filter – @WebListener – Define a Listener – @WebInitParam – Define init param – @MultipartConfig – Define file upload properties – @ServletSecurity – Define security constraints > Can use web.xml to override values specified in annotations 6

  7. Ease of Development Use of annotations (contd) > @WebServlet for defining a Servlet – Annotations MUST have at a minimum a URL pattern for the Servlet – All other attributes optional with reasonable defaults – For example, the default name of the Servlet is the fully qualified class name – Class MUST still extend HttpServlet – Method contracts for doGet , doPost (and others) derived from HttpServlet 7

  8. Servlet 2.5 example At least 2 files <!--Deployment descriptor web.xml /* Code in Java Class */ --> package com.sun; <web-app> public class MyServlet extends <servlet> HttpServlet <servlet-name>MyServlet { </servlet-name> public void <servlet-class> doGet(HttpServletRequest com.sun.MyServlet req,HttpServletResponse res) </servlet-class> { </servlet> ... <servlet-mapping> <servlet-name>MyServlet } </servlet-name> ... <url-pattern>/myApp/* } </url-pattern> </servlet-mapping> ... </web-app> 8

  9. Servlet 3.0 example @WebServlet(“/foo”) public class SimpleSample extends HttpServlet { public void doGet(HttpServletRequest req,HttpServletResponse res) { } } 9

  10. Servlet 3.0 example @WebServlet(urlPatterns=“/foo”, name=”MyServlet”, asyncSupported=true) public class SimpleSample extends HttpServlet { public void doGet(HttpServletRequest req,HttpServletResponse res) { } } 10

  11. AGENDA > Overview > Ease of Development > Dynamic Registration of Servlets and Filters > Pluggability > Asynchronous Support > Security Enhancements > Demo > Miscellaneous 11

  12. Dynamic Registration Register > Performed during ServletContext initialization > ServletContext#add[Servlet | Filter] – Overloaded versions take [Servlet | Filter] name and  Fully qualified [Servlet | Filter] class name or  Class <? extends [Servlet | Filter]> or  [Servlet | Filter] instance – User returned Registration handle to configure all aspects of [Servlet | Filter] 12

  13. Dynamic Registration Create and register > ServletContext#create[Servlet | Filter] – Takes Class<? Extends [Servlet | Filter]> argument – Supports resource injection by container – Returned [Servlet | Filter] instance may be fully customized before it is registered via the  ServletContext.add[Servlet | Filter] methods 13

  14. Dynamic Registration Lookup > ServletContext#get[Servlet | Filter]Registration – Takes [Servlet | Filter] name as argument – Returned Registration handle provides subset of configuration methods – May only be used to add initialization parameters and mappings – Conflict returned as  java.util.Set 14

  15. Dynamic Registration Register example ServletRegistration.Dynamic dynamic = servletContext.addServlet( "DynamicServlet", "com.mycom.MyServlet"); dynamic.addMapping("/dynamicServlet"); dynamic.setAsyncSupported(true); 15

  16. Dynamic Registration Lookup example ServletRegistration declared = servletContext.getServletRegistration("Declare dServlet"); declared.addMapping("/declaredServlet"); declared.setInitParameter("param", "value"); 16

  17. AGENDA > Overview > Ease of Development > Dynamic Registration of Servlets and Filters > Pluggability > Asynchronous Support > Security Enhancements > Demo > Miscellaneous 17

  18. Pluggability > Enable use of libraries and framework without boiler plate configuration in deployment descriptors – Put the burden on the framework developer > Modularize web.xml to allow frameworks to be self- contained within their own JAR file > Programmatic configuration APIs > Use of annotations 18

  19. Pluggability Motivation for web.xml modularization > Use of framework requires (possibly complex) configuration in web.xml > For example – Declare a controller Servlet – Logging and security Filters – Declare Listeners to perform actions at various points in the lifecycle of the application > Can get complex as dependencies increase > Frameworks also need to document all the configuration that needs to be done 19

  20. Pluggability web-fragment.xml > web-fragment.xml is descriptor for framework / library > Included in META-INF directory > Container responsible for discovering fragments and assembling the effective deployment descriptor > Almost identical to web.xml – Ordering related elements different > Only JAR files in WEB-INF/lib considered as fragments 20

  21. Pluggability web-fragment.xml <web-fragment> <servlet> <servlet-name>welcome</servlet-name> <servlet-class> WelcomeServlet </servlet-class> </servlet> <servlet-mapping> <servlet-name>welcome</servlet-name> <url-pattern>/Welcome</url-pattern> </servlet-mapping> ... </web-fragment> 21

  22. Pluggability Ordering > Compatible with JavaServer ™ Faces > Fragments identified by <name> > web.xml may declare absolute ordering of fragments via <absolute-ordering> > Fragments may declare ordering preferences relative to other fragments via <ordering> with nested <before> and <after> – Ignored if <absolute-ordering> specified > Special <others/> element moves fragment to beginning or end of list of sorted fragments 22

  23. Pluggability Shared libraries > Support plugging in of container installed JAR files – Examples: Mojarra(JSF RI), Jersey (JAX-RS) > Libraries may provide implementation of ServletContainerInitializer > Looked up via the JAR Services API in JDK 6 > Invoked before any Listeners during the initialization of the application 23

  24. Pluggability Shared libraries (contd) > ServletContainerInitializer expresses interest in Classes via @HandlesTypes > Container discovers classes that match @HandlesTypes and passes them to ServletContainerInitializer > ServletContainerInitializer inspects passed in Classes and may register Servlets and Filters based on them 24

  25. Pluggability ServletContainerInitializer example @HandlesTypes ({ ManagedBean.class, FacesComponent.class, FacesValidator.class, FacesConverter.class, FacesBehaviourRenderer.class }) public class FacesInitializer implements ServletContainerInitializer { private static final String FACES_SERVLET_CLASS = FacesServlet.class.getName(); 25

  26. Pluggability ServletContainerInitializer example public void onStartup(Set<Class<?>> classes, ServletContext servletContext) throws ServletException Map<String,? extends ServletRegistration> existing = servletContext.getServletRegistrations(); for (ServletRegistration registration : existing.values()) { if (FACES_SERVLET_CLASS.equals(registration.getClassName())) { // FacesServlet has already been defined return; } } ServletRegistration reg = servletContext.addServlet(“FacesServlet”, “javax.facess.webapp.FacesServlet”); reg.addMapping(“/faces/*”, “*.jsf”, “*.faces”); servletContext.setAttribute(RIConstants.FACES_INITIALIZER_MAPPINGS_ADDED, Boolean.TRUE); 26

  27. Pluggability Resource sharing > Static and JavaServer ™ Pages (JSP) resources no longer confined to web application's document root > May be placed inside WEB-INF/lib/[*.jar]/META- INF/resources > Container must honor this new location when processing HTTP requests and calls to ServletContext#getResource[AsStream] > Resources in document root take precedence over those in bundled JAR files 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

S e r v l e t v s R e a c t i v e in 5 use cases Rossen Stoyanchev Servlet

S e r v l e t v s R e a c t i v e in 5 use cases Rossen Stoyanchev Servlet

stacks S e r v l e t v s R e a c t i v e in 5 use cases Rossen Stoyanchev Servlet Stack Reactive Stack Servlet container Netty, Servlet 3.1+, Undertow Servlet API Reactive Streams Spring MVC Spring

744 views • 55 slides
Model 2 approach to JSP Servlet/JSP Integration 4 Dispatching Requests First, call the

Model 2 approach to JSP Servlet/JSP Integration 4 Dispatching Requests First, call the

Integrazione delle tecnologie Java Servlet e JSP Presentazione derivata da www.coreservlets.com Servlet/JSP Integration Why Combine Servlets &amp; JSP? Typical picture: use JSP to make it easier to develop and maintain the HTML content

455 views • 7 slides
Servlet vs Reactive Choosing the Right Stack Rossen Stoyanchev This talk Servlet and Reactive

Servlet vs Reactive Choosing the Right Stack Rossen Stoyanchev This talk Servlet and Reactive

Servlet vs Reactive Choosing the Right Stack Rossen Stoyanchev This talk Servlet and Reactive stacks Spring Framework 5 Big shift towards async Learn about the options, make choices About me Spring Framework committer Web development

584 views • 45 slides
is very helpful in understanding why a JSP/Servlet container is required. The exact life cycle

is very helpful in understanding why a JSP/Servlet container is required. The exact life cycle

falkner.ch1.qxd 8/21/03 4:42 PM Page 1 Chapter 1 Setting Up a Servlet and JSP Environment B efore you start developing with Servlets and JavaServer Pages, you need to understand two very important things: Why is using the technology

764 views • 30 slides
LAB3 : Client Request Servlet

LAB3 : Client Request Servlet

IT311 Server Side Programming: Lab Information Technology Division LAB3 : Client Request Servlet 1 Client

456 views • 8 slides
What Servlets Are and Why You Would Want to Use Them Java Servlets are an efficient and powerful

What Servlets Are and Why You Would Want to Use Them Java Servlets are an efficient and powerful

falkner.ch2.qxd 8/29/03 1:00 PM Page 31 Chapter 2 Java Servlets I n this chapter the concept of Servlets, not the entire Servlet specification, is explained; consider this an introduction to the Servlet specification starting strictly with

1.01k views • 78 slides
Session 9 Introduction to Servlets Lecture Objectives Understand the foundations for

Session 9 Introduction to Servlets Lecture Objectives Understand the foundations for

Internet Programming Session 9 Servlet Intro Session 9 Introduction to Servlets Lecture Objectives Understand the foundations for client/server Web interactions Understand the servlet life cycle 2 Robert Kelly, 2018 1

494 views • 18 slides
Anno Accademico 2007-2008 Laboratorio di Tecnologie Web Sviluppo di applicazioni web Servlet

Anno Accademico 2007-2008 Laboratorio di Tecnologie Web Sviluppo di applicazioni web Servlet

Universita degli Studi di Bologna Facolta di Ingegneria Anno Accademico 2007-2008 Laboratorio di Tecnologie Web Sviluppo di applicazioni web Servlet http://www-lia.deis.unibo.it/Courses/TecnologieWeb0708/ |Tecnologie Web L-A Before we

854 views • 19 slides
95-702 Distributed Systems Lecture 2: Server-Side Programming: An Introduction to Servlets

95-702 Distributed Systems Lecture 2: Server-Side Programming: An Introduction to Servlets

95-702 Distributed Systems Lecture 2: Server-Side Programming: An Introduction to Servlets 95-702 Distributed Systems 1 Master of Information System Management What is a Servlet? Created by Sun back in 1997 A Java class that extends

739 views • 53 slides
Testing in Future Space Why you neednt Await for the Future[ScalaTest] Bill Venners Artima,

Testing in Future Space Why you neednt Await for the Future[ScalaTest] Bill Venners Artima,

Testing in Future Space Why you neednt Await for the Future[ScalaTest] Bill Venners Artima, Inc. Escalate Software, LLC Northeast Scala Symposium March 4, 2016 // Javas original Servlet API encouraged blocking protected void

1.23k views • 30 slides
JSTL Tag-Library http://www.tutego.com/ Custom-Tags und Tag-Library JSPs bestehen im Kern aus

JSTL Tag-Library http://www.tutego.com/ Custom-Tags und Tag-Library JSPs bestehen im Kern aus

JSTL Tag-Library http://www.tutego.com/ Custom-Tags und Tag-Library JSPs bestehen im Kern aus Template-Code. Der JSP-Servlet-bersetzer kopiert sie die Ausgabeseite. Der JSP-Compiler kann jedoch bei gewissen Tags programmierte Aktionen

1.36k views • 68 slides
Webbit Evented, single-threaded WebSocket server http://webbitserver.org/ @aslak_hellesoy

Webbit Evented, single-threaded WebSocket server http://webbitserver.org/ @aslak_hellesoy

Webbit Evented, single-threaded WebSocket server http://webbitserver.org/ @aslak_hellesoy Webbit Overview Single threaded Non-blocking High throughput 1000+ connections No Servlet API No XML 1 Dependency: Netty

827 views • 23 slides
Objectives Servlets Review JSPs Web Application Organization Apr 30, 2019 Sprenkle -

Objectives Servlets Review JSPs Web Application Organization Apr 30, 2019 Sprenkle -

Objectives Servlets Review JSPs Web Application Organization Apr 30, 2019 Sprenkle - CS335 1 Servlets Review What is the servlet life cycle? Init parameters Where are init parameters defined? How do we access a

164 views • 13 slides
Session 10 Form Dataset Lecture Objectives Understand the relationship between HTML form

Session 10 Form Dataset Lecture Objectives Understand the relationship between HTML form

Session 10 Forms Session 10 Form Dataset Lecture Objectives Understand the relationship between HTML form elements and parameters that are passed to the servlet, particularly the form dataset 2 Robert Kelly, 2018 10/1/2018 1

437 views • 9 slides
Prof. Simon Pietro Romano Universit degli Studi di Napoli Federico II Facolt di Ingegneria

Prof. Simon Pietro Romano Universit degli Studi di Napoli Federico II Facolt di Ingegneria

Corso di Applicazioni Telematiche A.A. 2010-11 Prof. Simon Pietro Romano Universit degli Studi di Napoli Federico II Facolt di Ingegneria Simon Pietro Romano AT 2011 1 Some background: what is a servlet ? Suns definition: A

831 views • 38 slides
Java 2 Micro Edition Http connection F. Ricci 2010/2011 Content The Generic Connection

Java 2 Micro Edition Http connection F. Ricci 2010/2011 Content The Generic Connection

Java 2 Micro Edition Http connection F. Ricci 2010/2011 Content The Generic Connection Framework HttpConnection Review of HTTP Making a Connection with HTTP GET Introduction to Servlet Tomcat Posting a Form with HTTP

850 views • 58 slides
Towards an Open Identity Infrastructure with OpenSSO RMLL Nantes July 10 2009 Fulup Ar Foll

Towards an Open Identity Infrastructure with OpenSSO RMLL Nantes July 10 2009 Fulup Ar Foll

Towards an Open Identity Infrastructure with OpenSSO RMLL Nantes July 10 2009 Fulup Ar Foll Master Architect fulup@sun.com 1 1 Towards an Open Identity Infrastructure with OpenSSO OpenSSO Overview &gt; Integration with open source

290 views • 25 slides
System Administration Practice Homework 2: Shell Programming wlliou Computer Center, CS, NCTU

System Administration Practice Homework 2: Shell Programming wlliou Computer Center, CS, NCTU

System Administration Practice Homework 2: Shell Programming wlliou Computer Center, CS, NCTU Requirements q 2-1: Filesystem Statistics (20%) q 2-2: Web Crawler + Dialog(60%) shell column q

578 views • 14 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 18: Web

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 18: Web

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 18: Web Security Chapter 18: 2 Web 1.0 browser HTML + HTTP CSS data request web server backend systems Chapter 18: 3 Web 1.0 Shorthand for web

465 views • 29 slides
Program Analysis for Web Application Security Presented by Justin Samuel For UW CSE 504, Spring

Program Analysis for Web Application Security Presented by Justin Samuel For UW CSE 504, Spring

Program Analysis for Web Application Security Presented by Justin Samuel For UW CSE 504, Spring 10 Instructor: Ben Livshits Finding Security Vulnerabilities in Java Applications with Static Analysis V. Benjamin Livshits and Monica S. Lam

743 views • 34 slides
Web Security Instructor: Fengwei zhang SUSTech CS 315 Computer Security 1 The Web

Web Security Instructor: Fengwei zhang SUSTech CS 315 Computer Security 1 The Web

Web Security Instructor: Fengwei zhang SUSTech CS 315 Computer Security 1 The Web Security for the World-Wide Web (WWW) New vulnerabilities to consider: SQL injection, Cross-site Scripting (XSS), Session Hijacking, and Cross-site

854 views • 57 slides
The Ignorance towards Embedded Systems

The Ignorance towards Embedded Systems

The Ignorance towards Embedded Systems Felix FX Lindner, Fabian fabs Yamaguchi, Recurity Labs GmbH 22 nd FIRST Conference, Miami Your Other Network

651 views • 44 slides
Kernel Self Protection Kernel Summit 2016, Santa Fe Kees (Case) Cook keescook@chromium.org

Kernel Self Protection Kernel Summit 2016, Santa Fe Kees (Case) Cook keescook@chromium.org

Kernel Self Protection Kernel Summit 2016, Santa Fe Kees (Case) Cook keescook@chromium.org @kees_cook http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project http://www.openwall.com/lists/kernel-hardening/

494 views • 21 slides
CORS (In)Security HackInBo Winter Edition - Bologna, 27 Ottobre 2018 2 _ ABOUT Davide Danelon

CORS (In)Security HackInBo Winter Edition - Bologna, 27 Ottobre 2018 2 _ ABOUT Davide Danelon

CORS (In)Security HackInBo Winter Edition - Bologna, 27 Ottobre 2018 2 _ ABOUT Davide Danelon Founder &amp; CEO @ BeDefended MSc. in Computer Engineering CCSK, GWAPT, Comptia Security+, CCNA OWASP Testing Guide

1.03k views • 43 slides

More recommend