lecture 10 12/3/12 1. $_server server and execution environment information an array containing...
TRANSCRIPT
$_SERVER• Server and execution environment information • An array containing information such as headers, paths, and
script locations• The entries in this array are created by the web server• $_SERVER['PHP_SELF']
This is the filename of the currently executing script
2
Server-side scripting• web server technology in which a user's request is fulfilled by
running a script directly on the web server to generate dynamic web pages
• It is usually used to provide interactive web sites that interface to databases or other data stores
• This is different from client-side scripting where scripts are run by the viewing web browser, usually in JavaScript
• The primary advantage to server-side scripting is the ability to highly customize the response based on the user's requirements, access rights, or queries into data stores
4
PHP and .NET
Compiled Code vs. PHP Interpreted Code • NET compiles code, such as C#, into what its creators have
termed MSIL, or Microsoft Intermediate Language
• This roughly resembles Java's bytecode, the "binary" you have after you compile the source code
6
Compiled Code vs. PHP Interpreted Code• PHP pages will compile into smaller pieces than the equivalent
ASP.NET page, because there is more overhead with the intermediate compilation with the CLR
7
Declaration of Independence from <%• When a function is declared in ASP.NET it must appear in a
<script runat=server> block with the language declared
• Functions must exist in these blocks or else they will generate an error
8
Arrays • In ASP.NET the first value will be in the 0 position. This is
concurrent with other compiled languages
• Secondly, in order to access the values in an array from a querystring or the like the GetValues method must be called
9
Error Messages • When an ASP.NET page is run, if you are on the machine that
the code is being executed on, or you have a web.config file in the root directory of the website configured properly, error messages that appear are quite intuitive
11
Multiple Languages • ASP.NET enables you to switch between multiple languages on
the same page
• ASP.NET adds another language to the fold, C#, known as C sharp
12
File Extension • ASP.NET pages require a different extension
• When a page is created in ASP.NET it requires an .aspx extension, which you may notice this web page has as well
• When a page has this extension IIS knows to treat it as an ASP.NET
13
Useful Resources
• http://www.oracle.com/technology/pub/columns/hull_php2.html
• http://marty.anstey.ca/programming/php/articles/
14
Web Services: Definition• Available online (addressable)• Uses XML messaging (I, O, or both)• Operating system/programming language independent
(provider and consumer can be different)• Self-describing via a common XML grammar (or at least
human-documented)• Discoverable via a simple mechanism
15
Web Services Protocol Stack • Service transport layer - responsible for transporting messages
between applications.
• XML messaging layer - responsible for encoding messages in a common XML format so that messages can be understood at either end.
• Service description layer - responsible for describing the public interface to a specific web service.
• Service discovery layer - responsible for centralizing services into a common registry, and providing easy publish/find functionality.
20
Web Services Roles • Service provider - implements
the service and makes it available on the Internet.
• Service requestor - utilizes an existing web service by opening a network connection and sending an XML request.
• Service registry - provides a central place where developers can publish new services or find existing ones. It therefore serves as a centralized clearinghouse for companies and their services.
21
25
1. The Transport Layer• HTTP currently the most popular • Pros: simple, stable, widely deployed, works well
with firewalls• Cons: Security and performance concerns
• can be encrypted via the Secure Sockets Layer (SSL) but problems arise when a single web service comprises a chain of applications
• "SOAP is going to open up a whole new avenue for security vulnerabilities." (Bruce Schneier)
• Schneier's argument: • HTTP was designed for document retrieval not RPC• HTTP + SOAP enables remote clients to invoke commands and
procedures, exactly what firewalls are designed to prevent
27
The Messaging Layer• REST uses raw XML as output
• transform with XSLT• manipulate with DOM• uses as ASP.NET data source• RSS and other feeds are related
• SOAP – for typed data exchange and method invocation• Envelope - rules for encapsulating data being transferred
between computers (e.g. method name and parameters, return values, error handling)
• Data encoding rules - data types mostly based on the W3C XML Schema specification
• RPC conventions - conventions for representing remote procedure calls and responses
29
Example SOAP Request<?xml version='1.0' encoding='UTF-8'?> <SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body> <ns1:getTemp xmlns:ns1="urn:xmethods-Temperature" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><zipcode xsi:type="xsd:string">10016</zipcode> </ns1:getTemp>
</SOAP-ENV:Body> </SOAP-ENV:Envelope>
30
• Envelope – root element• Body – required child• getTemp – the “payload” (RPC)• Zipcode – the parameter• Namespaces:
• SOAP Envelope http://schemas.xmlsoap.org/soap/envelope/
• data encoding via XML Schemas http://www.w3.org/2001/XMLSchema-instance and http://www.w3.org/2001/XMLSchema
• application identifiers specific to XMethods urn:xmethods-Temperature
31
Example SOAP Response<?xml version='1.0' encoding='UTF-8'?> <SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body> <ns1:getTempResponse xmlns:ns1="urn:xmethods-
Temperature“SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/
encoding/"> <return xsi:type="xsd:float">71.0</return> </ns1:getTempResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
33
3. DescriptionWeb Service Descriptions (WSDL)
• Describe the abstract interface through which a service consumer communicates with a service provider
• defines specific details of how a given web service has implemented that interface
• Defines four types of things: • data• messages• interfaces• services
35
Data<?xml version="1.0" encoding="UTF-8"?> <wsdl:definitions name="HelloWorldDescription"
targetNamespace="urn:HelloWorld" xmlns:tns="urn:HelloWorld" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsdl:message name="sayHello_IN"> <part name="name" type="xsd:string" />
</wsdl:message> <wsdl:message name="sayHello_Out">
<part name="greeting" type="xsd:string" /></wsdl:message>
36
Messages
<wsdl:portType name="HelloWorldInterface"> <wsdl:operation name="sayHello">
<wsdl:input message="tns:sayHello_IN" /><wsdl:output message="tns:sayHello_OUT" />
</wsdl:operation> </wsdl:portType>
37
Interfaces<wsdl:binding name="HelloWorldBinding"
type="tns:HelloWorldInterface"> <soap:binding style="rpc"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsdl:operation name="sayHello"> <soap:operation soapAction="urn:Hello" /> <wsdl:input>
<soap:body use="encoded" namespace="urn:Hello" encodingStyle=http://schemas.xmlsoap.org/soap/encoding/ />
</wsdl:input> <wsdl:output>
<soap:body use="encoded" namespace="urn:Hello" encodingStyle=http://schemas.xmlsoap.org/soap/encoding/ />
</wsdl:output></wsdl:operation></wsdl:binding>
38
Services
<wsdl:service name="HelloWorldService"> <wsdl:port name="HelloWorldPort"
binding="tns:HelloWorldBinding"> <!-- location of the Perl Hello World Service --> <soap:address location="http://localhost:8080" /> </wsdl:port> </wsdl:service> </wsdl:definitions>
39
4. Discovery Layer
• UDDI – Universal Description, Discovery and Integration• A technical specification for building distributed directories of
businesses and web services• White pages
• General company information like business name, business description, contact information, address and phone numbers.
• Yellow pages • General company/service classification data (e.g. industry, product, or
geographic codes) • Green pages
• Technical information about a web service (e.g. pointer to an external specification and an address for invoking the web service)
• UDDI is not restricted to describing web services based on SOAP but can be used to describe any service, from a single web page or email address all the way up to SOAP, CORBA, and Java RMI services.
40
Technical Components• UDDI data model
• An XML Schema for describing businesses and web services. The data model is described in detail in the "UDDI Data Model" section, later in this chapter.
• UDDI API • A SOAP-based API for searching and publishing UDDI
data.• UDDI cloud services
• Operator sites that provide implementations of the UDDI specification and synchronize all data on a scheduled basis.
• Private UDDI registries