http/2 comes to java - what servlet 4.0 means to you

HTTP/2 Comes to JavaWhat Servlet 4.0 Means to You JAZOON 2014

David Delabassee (@delabassee) Oracle

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |


Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

2


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features

How Servlet Might Expose These Features

Java SE 9 Support for HTTP/2

Summary and Current Status

3


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




4

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.

Java EE 7

ENTERPRISE EDITION

▪Batch ▪Concurrency ▪Simplified JMS

▪More annotated POJOs ▪Less boilerplate code ▪Cohesive integrated platform

DEVELOPER PRODUCTIVITY

▪WebSockets ▪JSON ▪Servlet 3.1 NIO ▪REST

MEETING ENTERPRISE

DEMANDS

Java EE 7

5


Industry Trends We're Seeing

Cloud

MobileHTTP/2

SECURITY

Reactive Programming

User Experience

6


Java EE 8 Community Survey

• 3 parts over 3½ months – 47 questions – 15 fill-‐ins – 1000’s of comments

• 4500+ respondents • Prioritization of most-‐popular features

7


Community-‐Prioritized Features

9


Java EE 8 Themes

• HTML5 / Web Tier Enhancements • Infrastructure for running in the Cloud • Ease of Development / CDI alignment

10


Ease of Development / CDI Alignment

• Security interceptors • Simplified messaging through CDI-‐based “MDBs” • JAX-‐RS injection alignment • WebSocket scopes • Pruning of EJB 2.x client view and IIOP interoperability

11


Modernize the Infrastructure

• Java EE Management 2.0 – REST-‐based APIs for Management and Deployment

• Java EE Security 1.0 – Authorization – Password Aliasing – User Management – Role Mapping – Authentication – REST Authentication

For On-‐Premise and for in the Cloud

12


HTML5 Support / Web Tier Enhancements

• JSON Binding • JSON Processing enhancements • Server-‐sent events • Action-‐based MVC • HTTP/2 support

13


Java EE 8 JSRs

• Java EE 8 Platform • CDI 2.0 • JSON Binding 1.0 • JAX-‐RS 2.1 • MVC 1.0 • Java Servlet 4.0 • JSF 2.3 • JMS 2.1

• JSON-‐P 1.1 • Java EE Security 1.0 • Java EE Management 2.0 • … and more to follow …

So far….. Coming soon …..

14


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




15


A Real Life Example

index.html

style1.css

style2.css. . .

script1.js

script9.js

pic1.jpg

pic8.jpg

.

.

.

photo1.png

photo2.png

.

.

.


Problems in HTTP 1.1

• HTTP Pipelining • Head-‐of-‐Line blocking

style1.cssstyle2.css

Client Server

index.html

index.html

style1.cssstyle2.cssscript1.js

.

.

.

script2.js

.

.

.

script1.jsscript2.js


• Inefficient use of TCP sockets

Client ServerClient Server

Client Server

Client Server

Client Server

Client Server

Problems in HTTP 1.1


At the beginning…

19

<img/>


File Concatenation and Image SpritesTCP Efficiency Improves with Larger Files

20

• Modern web page now consists of more than 90 resources fetched from 15 distinct hosts - http://httparchive.org

• Solution – Shoving more than one logical file into one physical file

http://httparchive.org



21

.ic-‐AerospaceAndDefense-‐wht-‐on-‐gray, .ic-‐AerospaceAndDefense-‐wht-‐on-‐red, .ic-‐Airline-‐wht-‐on-‐gray, .ic-‐Airline-‐wht-‐on-‐red{ background: url(sprites.png) no-‐repeat;} .ic-‐AerospaceAndDefense-‐wht-‐on-‐gray{ background-‐position: 0 0; width: 80px; height: 80px;} .ic-‐AerospaceAndDefense-‐wht-‐on-‐red{ background-‐position: -‐81px 0; width: 80px; height: 80px;} .ic-‐Airline-‐wht-‐on-‐gray{ background-‐position: 0 -‐80px ; width: 80px; height: 80px;} .ic-‐Airline-‐wht-‐on-‐red{ background-‐position: -‐81px -‐79px ; width: 80px; height: 80px;}



22


Domain ShardingSplit page resources across several hosts to work around browser limits

23


Inlined Assets

• data URLs • <img src="data:image/gif;base64,R0lGODlhEAAOALMAAOazToeHh0tLS/7LZv0jvb29tf3Ubge8WSLrhf3kdbW1mxsbPmfyH5BAAAjAAAALAAfhGHhcjAAAAQAA4lsjkhfkjfhGHhcjGDSHJUYgJvhgtyrHgfGfHyt56HGfGH56ge8WSLf6GGHvvhdsbxusbaOiQA4lsjkhfkjf4lsjkhfkjf4lsjkhfkjfhfkjfhpBREzxvt6QAA4lsjkhfkjfhdxwqBnuIoYtyGhBKoOjJj6GGHvvhdsbxus38GV3DcPjjBceXsplojj…” />

Base64 Encoding Will Never Die

24


• HTTP uses TCP poorly - HTTP flows are short and bursty

- TCP was built for long-‐lived flows

• Solutions – Sprites – Domain sharding – Assets Inlining – File concatenations –…

25

HTTP 1.1 circa 1999Problems Vs Solutions


• “Conversion Rate” Vs Latency - 1 in 4 people abandons surfing to a site if the page takes longer than 4 seconds to loads

- Page load slowdown of 1 second could cost Amazon $1.6 billion in sales each year

- Slowing search results by just 4/10 of a second, Google could lose 8 million searches per day

- http://www.fastcompany.com/1825005/how-‐one-‐second-‐could-‐cost-‐amazon-‐16-‐billion-‐sales

26

Time is Money!

http://www.fastcompany.com/1825005/how-one-second-could-cost-amazon-16-billion-sales


google.fr (1st) • 3 HTTP Requests • 21.355 bytes

- 1 HTML

- 1 image

- 1 ?

27

Top .FR examples

lefigaro.fr (15th) • 140 HTTP Requests • 2.736.562 bytes

- 1 HTML

- 130 images

- 6 .js

- 2 .css

- 1 ?

http://google.fr

http://lefigaro.fr


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




28

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |29

HTTP/2 Big Ticket Features Review

• Binary Framing • Request/Response multiplexing • Stream Prioritization • Server Push • Header Compression • Upgrade from HTTP 1.1

- ALPN (or NPN)

- 101 Switching Protocols


HTTP/2 Request Response Multiplexing

• Fully bi-‐directional – ConnectionA TCP socket

– Stream A “channel” within a connection

–Message A logical message, such as a request or a response

– FrameThe smallest unit of communication in HTTP/2

30

Lets you do more things with a single TCP connection



31

Connections, Streams, Messages, Frames



• Communication broken into frames • Logical streams can be interweaved over a single TCP connection

32

Connections, Streams, Messages, Frames


HTTP/2 Binary Framing

• Frame Header

!• Types

- HEADERS, DATA, PRIORITY, RST_STREAM, SETTINGS, PUSH_PROMISE, PING, GOAWAY, WINDOW_UPDATE, CONTINUATION

33

Enabled by dumping newline delimited ASCII

Length (24)

Type (8) Flags (8)

R Stream Identifier (31)

Frame Payload (0 …)



GET /index.html HTTP/1.1Host: example.comAccept: text/html

34

Example 1

HEADERS + END_STREAM + END_HEADERS :method: GET :scheme: http :path: /index.html :authority: example.org accept: text/html



HTTP/1.1 200 OKContent-‐Length: 11Content-‐Type: text/html Hello World

35

Example 2

HEADERS -‐ END_STREAM + END_HEADERS :status: 200 content-‐length: 11 content-‐type: text/html DATA + END_STREAM Hello World


HTTP/2 Stream Prioritization

• Stream Dependency in HEADERS Frame • PRIORITY frame type • An additional 40 bytes

– Stream id (31) –Weight (8): [1, 256] – Exclusive bit (1)

• Only an advice

36

A

B C

4 12

A

B CD

4 16 12

exclusive = 0

A

B C

D

4 12

16

exclusive = 1


HTTP/2 Server Push

• Eliminates the need for resource inlining • Lets the server populate the browser’s cache in advance of the browser asking for the resource to put in the cache

• No corresponding JavaScript API • Can be combined with SSE

– Server pushes stuff into the browser’s cache – Server uses SSE to tell the browser to go fetch it

37


HTTP/2 Header Compression

• Most of the headers are the same in a given stream – Host: Accept: user-‐agent: etc. –Why send them every time?

• Server and the client keep tables of headers – Send tables references and updates

38

Known as HPACK


HTTP/2 Header Compression

39


HTTP/2 Upgrade from HTTP 1.1

• Not secure – Port 80 – HTTP 1.1 101 Protocol Switching

• Secure – Next Protocol Negotiation (NPN) – Application Layer Protocol Negotiation (ALPN)

40

Secure or not-‐secure?


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




41


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




42


• API was designed for “One Request == One Response” • HTTP/2 destroys this assumption • It will be challenging to do justice to the new reality of “One Request == One or More Responses”

• We must not simply bolt the “One or More Responses” concept onto some convenient part of the existing API

43

Challenges in Exposing HTTP/2 Features in Servlet API

Servlet 4.0 Big Ticket New Features


• Request/Response multiplexing • Binary Framing • Stream Prioritization • Server Push • Header Compression • Upgrade from HTTP 1.1

– ALPN or (NPN) – 101 Switching Protocols

44



• Request/Response Multiplexing • Binary Framing • Stream Prioritization • Server Push • Header Compression • Upgrade from HTTP 1.1

– ALPN or (NPN) – 101 Switching Protocols

45

HTTP/2 Features Potentially Exposed in Servlet API



• Add method HttpServletRequest and HttpServletResponse – int getStreamId()

46

HTTP/2 Features Potentially Exposed in Servlet API



• Add a new class Priority – boolean exclusive – int streamId – int weight

• Add method to HttpServletRequest – Priority getPriority()

• Add methods to HttpServletResponse – Priority getPriority() – void setPriority(Priority p)

47

Stream Prioritization



• Push resource to client for a given url and headers • May add callback for completion or error of a push • Not a replacement for WebSocket • Really useful for frameworks that build on Servlet, such as JSF

48

Server Push



Server Push

public class FacesServlet implements Servlet {public void service(ServletRequest req, ServletResponse resp) throws IOException, ServletException { //.. HttpServletRequest request = (HttpServletRequest) req; try { ResourceHandler handler = context.getApplication().getResourceHandler(); if (handler.isResourceRequest(context) || request.isPushRequest()) { handler.handleResourceRequest(context); } else { lifecycle.attachWindow(context); lifecycle.execute(context); lifecycle.render(context); } } }

Example of Potential Use from JSF

50


Server Push

public class ExternalContextImpl extends ExternalContext { //… public String encodeResourceURL(String url) { if (null == url) { String message = MessageUtils.getExceptionMessageString (MessageUtils.NULL_PARAMETERS_ERROR_MESSAGE_ID, "url"); throw new NullPointerException(message); } Map attrs = getResourceAttrs(); ((HttpServletRequest) request).dispatchPushRequest(url, attrs); return ((HttpServletResponse) response).encodeURL(url); } //…}

Example of Potential Use from JSF

51


Reactive Programming

52

Responsive

Message Driven

ResilientElastic

image credit: reactivemanifesto.org


Servlet 4.0 and Reactive Programming

• Asynchronous in Servlet 3.0 – ServletRequest#startAsync – AsyncContext

• #addListener, #dispatch, #complete

– AsyncListener • #onComplete, #onError, #onStartAsync, #onTimeout

• Event-‐driven – Server-‐Sent Events

53


Servlet 4.0 and Reactive Programming

• Non-‐blocking IO in Servlet 3.1 – ServletInputStream

• #setReadListener, #isReady

– ServletOutputStream • #setWriteListener, #isReady

– ReadListener • #onDataAvailable, #onAllDataRead, #onError

– WriteListener • #onWritePossible, #onError

54


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




55


Java SE 9 Support for HTTP/2• JEP 110

- http://openjdk.java.net/jeps/110

• Easy to use API • Covers only the most common use cases • Supports both HTTP 1.1 and 2

56



• Two classes (working titles) – HttpRequestGroup

• configuration for multiple requests

– HttpRequest • one request/response interaction

Small footprint

57



• Blocking mode: one thread per request/response – send request – get response

• Non-‐blocking mode: handle multiple request/response interactions in single thread using non-‐blocking API – analogous to NIO selectors

Small footprint

58



• Responses handled through lambda style callback handlers – Invoked on the calling thread –Must allocate threads to responses manually

• Request/Response bodies handled as InputStream/OutputStream

Callback handlers

59


Java SE 9 Support for HTTP/2HttpRequestGroup group = HttpRequestGroup.create();

HttpRequest req = group.createRequest()

.setRequestMethod("POST")

.setRequestURI(new URI("http://www.foo.com/a/b")

.setRequestBody("Param1=1,Param2=2")

.onResponseHeader("X-‐Foo", (request, name, value) -‐> {

System.out.printf(" received an X-‐Foo header");

})

.sendRequest()

.waitForCompletion();

60


Java SE 9 Support for HTTP/2HttpRequestGroup group = HttpRequestGroup.create();

HttpRequest req = group.createRequest() …

.onResponseBody((HttpRequest request, InputStream in) -‐> {

if (request.getResponseCode() == 200) {

Path out = Paths.get("/tmp/out");

try { Files.copy(in, out); } finally { in.close(); }

}

})

.sendRequest()

.waitForCompletion();

61


Agenda

Java EE 8

Why HTTP/2?

HTTP/2 Big Features




62


Summary and Current Status• Dec 2014 Submit HTTP/2 to IESG for consideration as a Proposed Standard • Jan 2015 Submit HTTP/2 to RFC Editor • Feb 2015 Publish HTTP/2 as an RFC

63


Summary and Current Status• Servlet 4.0 brings HTTP/2 to Java EE

– 100% compliant implementation of HTTP/2 – Expose key features to the API

• Server Push • Stream Prioritization • HTTP 1.1 upgrade

64


Summary and Current Status• Tentative Delivery Schedule

–Q3 2014: JSR 369 Expert Group formed –Q1 2015: early draft –Q3 2015: public review –Q4 2015: proposed final draft –Q3 2016: final release

• Contribute!

65


How to Get Involved

• Join an Expert Group project – http://javaee-‐spec.java.net

• Adopt a JSR – http://glassfish.org/adoptajsr

• The Aquarium – http://blogs.oracle.com/theaquarium

• Java EE 8 Reference Implementation – http://glassfish.org

66

http://javaee-spec.java.net

http://glassfish.org/adoptajsr




http://blogs.oracle.com/theaquarium

http://glassfish.org


Resources

• https://java.net/projects/servlet-‐spec/ • https://jcp.org/en/jsr/detail?id=369 • http://openjdk.java.net/jeps/110 • http://http2.github.io • http://chimera.labs.oreilly.com/books/1230000000545/ch12.html

67

https://java.net/projects/servlet-spec/

https://jcp.org/en/jsr/detail?id=369

http://openjdk.java.net/jeps/110

http://http2.github.io

http://chimera.labs.oreilly.com/books/1230000000545/ch12.html

http/2 comes to java - what servlet 4.0 means to you

Technology