book

Java Server Pages

Name: Java Server Pages
Author: Hans Bergsten
ISBN: 9781565927469

by Hans Bergsten

December 2000

Intermediate to advanced

574 pages

17h 3m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Java Server Pages
Preface
What’s in This Book
Audience
What You Need to Know
Organization
Part I, JSP Application BasicsPart II, JSP Application DevelopmentPart III, JSP in J2EE and JSP Component DevelopmentPart IV, Appendixes
About the Examples
Conventions Used in This Book
How to Contact Us
Acknowledgments
I. JSP Application Basics
1. Introducing JavaServer Pages
What Is JavaServer Pages?

Why Use JSP?
Embedding Elements in HTML PagesUsing the Right Person for Each TaskPrecompilationIntegration with Enterprise Java APIsOther SolutionsActive Server Pages (ASP)PHPColdFusionJava servlet template enginesThe JSP Advantage
What You Need to Get Started
2. HTTP and Servlet Basics
The HTTP Request/Response ModelRequests in DetailResponses in DetailRequest ParametersRequest MethodsState Management
Servlets
Advantages Over Other Server-Side TechnologiesServlet Life CycleServlet ContainersServlet ContextsSessions
Packaging Java Web Applications
3. JSP Overview
The Problem with Servlets
The Anatomy of a JSP Page
JSP Elements
JSP Processing
JSP Application Design with MVC
4. Setting Up the JSP Environment
Installing the Java Software Development Kit
Installing the Tomcat Server
Windows PlatformsUnix Platforms
Testing Tomcat
Installing the Book Examples
Example Web Application Overview
II. JSP Application Development
5. Generating Dynamic Content
What Time Is It?Using JSP DirectivesUsing Template TextUsing JavaBeansAccessing JavaBean Properties
Input and Output
Using JavaBeans to Process InputSetting JavaBeans properties from user inputValidating user inputKeep On Doing It ‘til You Get It RightFormatting HTML Output
6. Using Scripting Elements
Java PrimerClasses and ObjectsDataMethodsStatementsInheritancePrimitive TypesCommentsStandard Classes Commonly Used in JSP PagesString and StringBufferArraysFlow Control StatementsOperators
Implicit JSP Objects
Conditional Processing
Using JavaBeans PropertiesUsing Request InformationWorking with Arrays
Displaying Values
PackagesChecking Off Checkboxes DynamicallyUsing More Request Methods
Using an Expression to Set an Attribute
Declaring Variables and Methods
jspInit( ) and jspDestroy( )
7. Error Handling and Debugging
Dealing with Syntax ErrorsElement Syntax ErrorsScripting Syntax Errors
Debugging a JSP-Based Application
Dealing with Runtime Errors
8. Sharing Data Between JSP Pages, Requests, and Users
Passing Control and Data Between PagesPassing Control from One Page to AnotherPassing Data from One Page to AnotherAll Together Now
Sharing Session and Application Data
Counting Page HitsThread-safe beansURL Rewriting
Using Custom Actions
Online Shopping
Number FormattingUsing Request ParametersRedirect Versus Forward
Memory Usage Considerations
9. Database Access
Accessing a Database from a JSP PageExample Application ArchitectureExample TablesReading and Storing Information in a DatabaseJDBC drivers and the DataSource classReading database informationInserting database informationUpdating database informationGenerating HTML from a Query ResultSearching for Rows Based on Partial InformationDeleting Database Information
Input Validation Without a Bean
Using Transactions
Application-Specific Database Actions
10. Authentication and Personalization
Container-Provided AuthenticationAuthenticating UsersControlling Access to Web Resources
Application-Controlled Authentication
A Table for Personalization InformationLogging InUsing cookies to remember the username and passwordAuthentication Using a DatabaseCreating the validation objectSetting and deleting cookiesRedirect to the application pageChecking for a Valid SessionProviding personalized contentUpdating the User ProfileLogging Out
Other Security Concerns
11. Internationalization
How Java Supports Internationalization and LocalizationThe Locale ClassFormatting Numbers and DatesUsing Localized Text
Generating Localized Output
Using One Page for Multiple LocalesUsing a Separate Page for Each Locale
A Brief History of Bits
Handling Localized Input
Dealing with Non-Western European Input
12. Bits and Pieces
Buffering
Including Page Fragments
XML and JSP
Generating an XML DocumentTransforming XML into HTMLTransforming XML into a Request-Dependent Format
Mixing Client-Side and Server-Side Code
Generating JavaScript CodeUsing Java Applets
Precompiling JSP Pages
Preventing Caching of JSP Pages
How URLs Are Interpreted
III. JSP in J2EE and JSP Component Development
13. Web Application Models
The Java 2 Enterprise Edition Model
The MVC Model
Using Only JSPUsing Servlets and JSPUsing Servlets, JSP, and EJB
Scalability
Preparing for Distributed Deployment
14. Combining Servlets and JSP
Using a Servlet as the ControllerInitializing Application Scope ObjectsCentralized Request ProcessingMapping a URI Pattern to a ServletAccess Control for JSP Pages
A More Modular Design Using Action Objects
Sharing Data Between Servlets and JSP Pages
Using a JSP Error Page for All Runtime Errors
15. Developing JavaBeans for JSP
JavaBeans as JSP ComponentsJavaBeans Naming ConventionsHandling session events
JSP Bean Examples
Value BeansUtility BeansMultithreading Considerations
Unexpected <jsp:setProperty> Behavior
16. Developing JSP Custom Actions
Tag Extension Basics
Developing a Simple Action
Processing the Action Body
Letting Actions Cooperate
Creating New Variables Through Actions
Developing an Iterating Action
Creating the Tag Library Descriptor
Validating Syntax
How Tag Handlers May Be Reused
Packaging and Installing a Tag Library
17. Developing Database Access Components
Using Connections and Connection PoolsUsing a JDBC 2.0 Optional Package Connection PoolMaking a JDBC 1.0 Connection Pool Behave as a JDBC 2.0 Connection PoolMaking a Connection Pool Available to Application Components
Using a Generic Database Bean
The SQLCommandBean and Value ClassesThe Row and Column Classes
Developing Generic Database Custom Actions
The <ora:sqlQuery> and <ora:sqlUpdate> ActionsThe <ora:intValue> ActionThe <ora:sqlTransaction> Action
Developing Application-Specific Database Components
IV. Appendixes
A. JSP Elements Syntax Reference
Directive Elementsinclude Directivepage Directivetaglib Directive
Scripting Elements
DeclarationExpressionScriptlet
Action Elements
<jsp:fallback><jsp:forward><jsp:getProperty><jsp:include><jsp:param><jsp:params><jsp:plugin><jsp:setProperty><jsp:useBean>Custom Actions
Comments
Escape Characters
B. JSP API Reference
Implicit Variables
application
config
exception
out
page
pageContext
request
response
session
Servlet Classes Accessible Through Implicit Variables
Cookie
RequestDispatcher
Tag Extension Classes
BodyContent
BodyTag
BodyTagSupport
Tag
TagAttributeInfo
TagData
TagExtraInfo
TagInfo
TagLibraryInfo
TagSupport
VariableInfo
Other JSP Classes
HttpJspPage
JspEngineInfo
JspException
JspFactory
JspPage
JspTagException
C. Book Example Custom Actions and Classes Reference
Generic Custom Actions<ora:addCookie><ora:encodeHTML><ora:encodeURL><ora:getCookieValue><ora:loop><ora:menuItem><ora:noCache><ora:param><ora:redirect><ora:useProperty><ora:validateSession>
Internationalization Custom Actions
<ora:getLocalDate><ora:getLocalNumber><ora:getLocalPageName><ora:getLocalText><ora:useLocaleBundle>
Database Custom Actions
<ora:sqlQuery><ora:sqlTransaction><ora:sqlUpdate><ora:useDataSource>Value Action Elements
Utility Classes
ArraySupport
CookieUtils
DebugBean
StringFormat
Database Access Classes
Reference SectionReference SectionReference SectionReference SectionReference SectionValue ClassesColumn Classes
ConnectionPool
ConnectionWrapper
DataSourceWrapper
Row
SQLCommandBean
D. Web-Application Structure and Deployment Descriptor Reference
Web Application File StructurePlacing Java Class Files in the Right Directory
Web Application Deployment Descriptor
<icon>, <display-name>, and <description><distributable><context-param><servlet><servlet-mapping><session-config><mime-mapping><welcome-file-list><error-page><taglib><security-constraint>, <security-role>, and <login-config><resource-ref >, <env-entry>, and <ejb-ref >Example Application Deployment Descriptor
Creating a WAR File
E. JSP Resource Reference
JSP-Related ProductsSyntax-Aware EditorsWeb Page Authoring ToolsJava IDEs with JSP supportJSP Component SuitesWeb and Application Servers with JSP 1.1 Support
Web Hosting
Information and Specifications
Index
Colophon

Content preview from Java Server Pages

Other Security Concerns

In this chapter we have discussed only authentication and access control, but there’s a lot more to web application security. You also need to ensure that no one listening on the network can read the data. In addition, you need to consider ways to verify that the data has not been modified. The common terms for these concepts (also used in the Servlet 2.2 specification) are confidentiality and data privacy for the first, and integrity checking for the second.

On an intranet, users can usually be trusted not to use network listeners to get to data they shouldn’t see. But on the Internet, you can make no assumptions. If you provide access to sensitive data, you have to make sure it’s protected appropriately. Network security is a huge subject area, and clearly not within the scope of this book. Therefore I will touch on only the most common way to take care of both confidentiality and integrity checking: the Secure Socket Layer (SSL) protocol.

SSL is a protocol based on public key cryptography: it relies on a public key and a private key pair. Messages sent by someone, or something (such as a server), are encoded using the private key, and can be decoded by the receiver only by using the corresponding public key. Besides confidentiality and integrity checking, public key cryptography also provides the means for very secure authentication: if a message can be decoded with a certain public key, you know it was encoded with the corresponding private key. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 156592746XCatalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Java Server Pages

by Hans Bergsten

Other Security Concerns

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

Java EE 7 Development with WildFly

Java 9 Modularity

What's New in Java 11?

Professional Java for Web Applications

Publisher Resources