O'reilly® Jason Hunter
Total Page:16
File Type:pdf, Size:1020Kb
rr Help for Server-Side Java Developer, '" Jason Hunter O'REILLY® with William Crawford Page 1 of 94 J ava" Servlet Programming Page 2 of 94 THE JAVA"" SERIES Learning Java m Java'" Performance Tuning Java'" Threads Java'" Internationalization Java'· Network Programming JavaServer Pages" Database Programming with JDBC'Mand Java'" Java m Message Service Java'" Distributed Computing Developing Java Beans'M Java" Security Java" Cryptography Also from O'Reilly Java" Swing Java" Servlet Programming Java'M in a Nutshell Java" I/O J ava" Enterprise in a Nutshell J ava™ 2D Graphics Java'" Foundation Classes in a Nutshell Enterprise Javafleans" Java" Examples in a Nutshell Creating Effective JavaHelp'M JiniTM in a Nutshell Java'" and XML The Enterprise Java" CD Bookshelf Page 3 of 94 -, Javan, Servlet Programming Second Edition Jason Hunter with William Crawford O'REILLY® Beijing. Cambridge. Farnham» Koln » Paris > Sebastopol. Taipei. Tokyo Page 4 of 94 Java Servlet Programming, Second Edition byJason Hunter with William Crawford Copyright © 2001,1998 O'Reilly & Associates, Inc. All rights reserved. Printed in the United States of America. Published by O'Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472. Editors: Robert Eckstein and Paula Ferguson Production Editor: Colleen Gorman Cover Designer: Hanna Dyer Printing History: October 1998: First Edition. April 2001: Second Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks and The Java™ Series is a trademark of O'Reilly & Associates, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly & Associates, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. Some of the material in Chapter 2 was first published inJavaWorld magazine, December 1999, ITworld.com, Inc. The association between the image ofa common European bear and Java servlet programming is a trademark of O'Reilly & Associates, Inc. While every precaution has been taken in the preparation of this book, the publisher assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. ISBN: 0-596-00040-5 [M] [6/01] Page 5 of 94 Table oJContents Preface xi 1. Introduction 1 History of Web Applications 1 Support for Servlets 7 The Power of Servlets 11 2. HTTP Servlet Basics 14 flTIP Basics J 5 The Servlet API 17 Page Generation 19 Web Applications 27 Moving On 34 3. The Servlet Lifecycle 35 The Servlet Alternative 35 Servlet Reloading , 42 Init and Destroy 43 Single-Thread Model 50 Background Processing 53 Load on Startup 56 Client-Side Caching 57 Server-Side Caching 60 v Page 6 of 94 ~.~~~-~~-.-~. -----------------------""""'= vi TABLE OF CONTENTS 4. Retrieving Information 72 The Servlet 74 The Server 76 The Client 86 5. Sending HTML Information 129 The Structure of a Response 129 Sending a Normal Response 130 Using Persistent Connections 132 Response Buffering 133 Status Codes 136 HTTP Headers 139 When Things Go Wrong ............................•.................................................... 146 Six Ways to Skin a Servlet Cat 159 6. Sending Multimedia Content 163 WAP and WML 163 Images 174 Compressed Content 193 Server Push 196 7. Session Tracking 200 User Authentication 201 Hidden Form Fields 202 URL Rewriting 205 Persistent Cookies 207 The Session Tracking API 212 8. Security 230 HTTP Authentication 231 Form-Based Authentication 238 Custom Authentication 242 Digital Certificates 250 Secure Sockets Layer (SSL) 252 I L Page 7 of 94 TABLE OF CONTENTS vii 9. Database Connectivity 261 Relational Databases 263 The JDBC API 265 Reusing Database Objects 280 Transactions 282 A Guestbook Servlet 292 AdvancedJDBC Techniques 297 Beyond the Core 301 10. Applet-Servlet Communication 303 Communication Options 303 Daytime Server 310 Chat Server 346 11. Servlet Collaboration 366 Sharing Information 366 Sharing Control 370 12. Enterprise Servlets and J2EE 380 Distributing Load 381 Integrating withJ2EE 384 13. Internationalization 391 Western European Languages 392 Conforming to Local Customs 395 Non-Western European Languages 397 Multiple Languages 402 Dynamic Language Negotiation 406 HTML Forms : 416 14. The Tea Framework 422 The Tea Language 423 Getting Started 424 Request Information 426 Tea Administration 429 Tea Applications 434 Page 8 of 94 viii TABLE OF CONTENTS A Tool Application 440 Final Words 451 15. WebMacro 453 The WebMacro Framework 454 Installing WebMacro 458 WebMacro Directives 464 WebMacro Templates 467 A Tool Application 472 Filters 478 16. Element Construction Set 480 Page Components as Objects 480 Displaying a Result Set 482 17. XMLC 494 A Simple XML Compile 495 The Manipulation Class 501 A Tool Application ~ 506 18. lavaServer Pages 514 UsingJavaServer Pages 515 Behind the Scenes 516 Expressions and Declarations 519 Directives 521 JSP andJavaBeans 526 Includes and Forwards 531 A Tool Application 533 Custom Tag Libraries 538 19. Odds and Ends 544 Parsing Parameters 544 Sending Email 550 Using Regular Expressions 553 Executing Programs 557 Using Native Methods 562 I L Page 9 of 94 TABLE OF CONTENTS ix Acting as an RMI Client 563 Debugging : 565 Performance Tuning 573 20. What's New in the Servlet 2.3 API 576 Changes in the Servlet API 2.3 576 Conclusion 591 A. Servlet API Quick Reference 593 B. HTTP Servlet API Quick Reference 624 C. Deployment Descriptor DTD Reference 653 D. HTTP Status Codes 685 E. Character Entities 692 E Charsets 698 Index 701 Page 10 of 94 Preface Since I wrote the first edition of this book, servlets and the server-side Java platform have grown in popularity beyond everyone's wildest expectations. Adoption is peIVa• sive. Web server vendors now offer servlet support as a standard feature. The Java 2, Enterprise Edition a2EE), specification has included servlets as a core component, and application server vendors wouldn't be caught dead without a scalable servlet implementation. It's more than just vendor-driven hype too. Servlets have become the basis for JavaSeIVer Pages aSP) and other frameworks, and servlet technology now supports such high-traffic sites as ESPN.com and AltaVista.com. Not surprisingly, the servlet landscape looks somewhat different today than it did when the first edition went to print. The Servlet API has undergone two revisions, with a third revision on the way. The familiar startup companies Live Software and New Atlanta that once made money selling the JRun and Servletlixec servlet engines (now called serolet containers) have gotten themselves noticed and were purchased by larger web-focused companies, Allaire and Unify, respectively. They now offer features above and beyond basic servlet support in an effort to differen• tiate themselves. Amazingly, the official javax.servlet and javax.servlet.http packages have been the first Java classes to be officially released as open source. They were trans• ferred to the Apache Software Foundation (ASF) and now reside at http://jakarta. apache.org. The packages continue to follow the Servlet API specification, but bug fixes and specification updates can now be handled by a set of trusted open source developers-including yours truly, who recently had the chance to fix a bug to improve conditional GET request handling in HttpServlet. In addition, the server that acts as the Servlet API reference implementation was also transferred to the ASF and made available as open source under the name Apache Tomcat. xi Page 11 of 94 xii Tomcat has since become one of the most popular servlet containers. For more information, see http://opensource.org. The servlet world has changed, and this book brings you up-to-date. It explains everything you need to know about Java servlet programming, from start to finish. The first five chapters cover the basics: what servlets are, what they do, and how they work. The following 15 chapters are where the true meat is-they explore the things you are likely to do with servlets and the tools you're likely to use. You'll find numerous examples, several suggestions, a few warnings, and even a couple of true hacks that somehow made it past technical review. Servlet API 2.2 This edition of the book covers Version 2.2 of the Servlet API, which went to "pub• lic release" status in August 1999 and to "final release" status in December 1999. The first edition of this book covered Version 2.0. Changes between Versions 2.0 and 2.2 have been substantial: • Rules have been provided that define how servlets can be distributed across multiple backend servers. • Servlets now make use of pluggable web applications, which can be config- ured and deployed in a server-independent manner. • Servlet security has been greatly improved. • Servlets can now delegate request handling to other server components. • Servlets can now share information using their ServletContext. • There's a way to abstract servlet resources to support distributed access. • Servlets now have more control over session management. • Response output buffering has been added. • Control over HTTP headers has been enhanced. • More advanced error handling can now be used. • The API has been "cleaned up" to make method names more consistent and predictable. • The Servlet API is now defined by a formal specification document, with future API updates managed by the formal Java Specification Request (JSR) process. • Servlets are now integrated into the umbrella Java 2