chapter 4: core web technologies. contents - chapter 1 o exchanging information over the internet...
Post on 22-Dec-2015
213 views
TRANSCRIPT
Contents - Chapter 1 Exchanging information over the Internet
HTTP, HTML URI, URI Web server, web browser
Web services for supporting remote clients Applets Common Gateway Interface (CGI) Servlets
Application servers Middleware for Web applications J2EE
Web technologies for application integration Middleware extensions Firewalls and tunneling
Before and after the web Early protocols, applications
Telnet: to log in to a remote machine SMTP: Simple Mail Transfer Protocol FTP: File Transfer Protocol Archie: FTP to create a distributed file system Gopher: GUI for publishing and accessing text files over the Internet
Web technologies Web server Web browser HTTP: HyperText Transfer Protocol HTML: HyperText Markup Language URI: Uniform Resource Identifier URL: Uniform Resource Locator
Proxy
Acts as a server and client Caching Block undesired sites Log usage Bypass blocks Scan outgoing traffic
HTTPclient
wid
e a
rea n
etw
ork
(In
tern
et)
HTTPproxy
HTTPserver
HTTPgateway
fire
wall
fire
wall
HTTP tunnel
Gateway
Acts as an intermediary for a server Keeps machines anonymous Controls access to the network Performs load-balancing,
authentication, decryption
HTTPclient
wid
e a
rea n
etw
ork
(In
tern
et)
HTTPproxy
HTTPserver
HTTPgateway
fire
wall
fire
wall
HTTP tunnel
Firewall
Blocks unauthorized access, permits authorized communications
permit / deny / encrypt / decrypt / proxy all computer traffic between different security domains
HTTPclient
wid
e a
rea n
etw
ork
(In
tern
et)
HTTPproxy
HTTPserver
HTTPgateway
fire
wall
fire
wall
HTTP tunnel
Tunnel
Acts as a blind relay between two connections
Encapsulate protocols within HTTP or SSH (Secure Shell) to get through what the firewall would prevent
HTTPclient
wid
e a
rea n
etw
ork
(In
tern
et)
HTTPproxy
HTTPserver
HTTPgateway
fire
wall
fire
wall
HTTP tunnel
Secure Socket Layer (SSL)
Normally HTTP traffic is not encrypted, it can be “sniffed” SSL uses public key encryption HTTPS: HyperText Transfer Protocol over Secure sockets layer HTTP “cookies” are used to store data on the client machine
HTTPSclient
Secure Sockets Layer (SSL)
HTTPSserver
TCP/IP
network layer
application layer
client
client
server (resource manager)
middleware
wid
e a
rea n
etw
ork
(In
tern
et) HTTP
clientHTTPserver
Copyright Springer Verlag Berlin Heidelberg 2004
A 3-tier architecture on the web
“Let’s put an ATM” in every home”
Business-to-consumer (B2C) interaction
The web browser is a universal client
middleware
Web server
client
browser
java virtual machine
applet
wid
e a
rea n
etw
ork
(In
tern
et)
fire
wall
server (resource manager)
Copyright Springer Verlag Berlin Heidelberg 2004
Applets
HTTP is a document exchange protocol, it’s static
Applets are downloadable programs
The server sends the appropriate program each time
The web browser becomes a universal client
Code must be small for rapid transfer
middleware
Web server
browser
wid
e a
rea n
etw
ork
(In
tern
et)
fire
wall
HTTP GET request
client
CGI program
server (resource manager)
Copyright Springer Verlag Berlin Heidelberg 2004
Common Gateway Interface
The CGI program is on the server and it has a URL
When the URL is accessed, the CGI program is executed and its output is saved as an HTML document
This saved document is returned to the web browser which then displays it
It is possible to pass parameters to CGI programs
middleware
browser
wid
e a
rea n
etw
ork
(In
tern
et)
fire
wall
HTTP GET request
client
Web server
Java server process
Java thread
server (resource manager)
Copyright Springer Verlag Berlin Heidelberg 2004
Servlets
Similar to CGI, but “lightweight”
Run as Java threads Saves the cost of
context switching Memory efficient Can be stateless
connection to resource mgmt layer
presentation layer
resource management layer
application logic layer
client
application server
Web server
wid
e a
rea n
etw
ork
(In
tern
et)
fire
wall HTTP
browser
other protocols
other servers (email,
SOAP,..)
Copyright Springer Verlag Berlin Heidelberg 2004
Application servers
It’s a middleware platform that provides support for Web access
Covers both the application logic and the presentation layer
Prepares, dynamically generates, manages document
support for communication and presentation
Servlets JavaServer Pages (JSP)
Enterprise Java Beans (EJB)
Java DataBase Connectivity
(JDBC)
Java Naming and Directory Interface
(JNDI)
support for the application integration
Java 2 Connector Architecture (J2CA)
Java Message Service (JMS)
Java transaction API (JTA)
Java API for XML Processing (JAXP)
JavaMail
Java Authentication and Authorization Service (JAAS)
support for access to resource managers
Copyright Springer Verlag Berlin Heidelberg 2004
J2EE – main components
Enterprise Java Beans (EJB) Implement the application logic Deliver application specific functionality Three types of beans
Session beans: handle session with a client (stateful/stateless) Entity beans: persistent beans stored in a database Message-driven beans: can create asynchronous interaction with clients
EJB container provides the environment in which the beans are run Web server Web browser HTTP: HyperText Transfer Protocol HTML: HyperText Markup Language URI: Uniform Resource Identifier URL: Uniform Resource Locator
application logic layer
presentation layerserv
ices
(load
bala
ncin
g,
poolin
g,
cach
ing
, tr
an
sacti
on
, p
ers
iste
nce,…
)
ad
min
istr
ati
on
(man
ag
em
en
t an
d
secu
rity
)
application
server
EJB EJB
JDBC
EJB
JNDI
J2CA resource adapter
J2CA resource adapter
other adapters
DBMS applications
enterprise system 1
enterprise system 2
enterprise system n
EJB container
JMS
Copyright Springer Verlag Berlin Heidelberg 2004
Web server
E-mail serverservers for other connections (e.g.,
WAP)
presentation layer
Servlets JSPs
multidevice content delivery
personalization logic
connection to resource mgmt layer
resource management layer
application logic layer
serv
ices
(load
bala
ncin
g,
poolin
g,
cach
ing
,…
) XML support
Web services support
ad
min
istr
ati
on
(man
ag
em
en
t an
d
secu
rity
)
application server
client
Copyright Springer Verlag Berlin Heidelberg 2004
Clients supported by an application server Web browsers requesting HTML pages with or without applets
Use HTTP or HTTPS. Applications similar to those in conventional middleware Devices such as cell phones or PDAs
Wireless application protocol (WAP), wireless markup language (WML) E-mail programs
Simple mail transport protocol (SMTP) Web services clients
Simple Object Access Protocol (SOAP)
client
server (resource manager)
middleware
client
server (resource manager)
middleware
wid
e a
rea n
etw
ork
(In
tern
et)
Copyright Springer Verlag Berlin Heidelberg 2004
Possible ways to connect
client
server (resource manager)
middleware
client
server (resource manager)
middleware
wid
e a
rea n
etw
ork
(In
tern
et)
remote-middlewareprotocol
WAN communicationprotocol
remote-middlewareprotocol
WAN communicationprotocol
Copyright Springer Verlag Berlin Heidelberg 2004
Direct integration of middleware platforms
client
wid
e a
rea n
etw
ork
(In
tern
et)
Web server
clientWeb
server
fire
wall
fire
wall
HTTP tunnel
server (resource manager)
server (resource manager)
middlewareremote-middleware
protocol
WAN communicationprotocol
middlewareremote-middleware
protocol
WAN communicationprotocol
Copyright Springer Verlag Berlin Heidelberg 2004
Using integrated platforms Firewalls and tunneling
Tunneling: protocols which would be blocked by the firewall are hidden under protocols that are accepted by the firewall
Mostly done through HTTP or SSH (Secure Shell) Results in a cumbersome architecture
EDIFACT (Electronic Data Interchange for Administration, Commerce, and Transport) Provides standard templates for messages and contents of messages Contains fields such as:
• Interchange header (ID, password, date/time)
• Message header (type of message)
• User data segments (the payload)
• Message Trailer (end message, check for completeness)
• Interchange trailer (end interchange, check for completeness)