17 Static vs. Dynamic Web PageA static web page is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application, and on demand! is-a web page whose construction is controlled by an application server processing server-side scripts. is-a e.g. software framework that provides both facilities to create web applications and a server environment to run them. Java application servers It's core set of API and features are defined by Java EE. The Web modules include Java Servlets and Java Server Pages. COMP9321, 17s1, review->Week 2

18 Java Servlets http://java.sun.com/products/servlet/index.jsp COMP9321, 17s1, review->Week 2

19 A Lifecycle of a ServletThe Web container controls the lifecycle of a servlet class: initialisation ServletConfig ServletContext … COMP9321, 17s1, review->Week 2

20 Attributes and Sharing AttributesCOMP9321, 17s1, review->Week 2

21 Managing the User StateA problem in HTTP request/response: HTTP is a stateless protocol. A single request/response; Nothing is remembered 'between requests' from the same user; Web applications need to maintain users + their data. It is a programmer's responsibility: The term "session" is used to represent the data associated with one user while she navigates around a Web application. Session is a conversional state between client and server. Session can consists of multiple request and response between client and server. Since HTTP is stateless, the only way to maintain a session is when some unique information about the session (session id) is passed between server and client in every request and response. COMP9321, 17s1, review->Week2

22 Cookies Cookies are text files stored on the client computer and they are kept for various information tracking purpose. Java Servlets transparently supports HTTP cookies. There are three steps involved in identifying returning users: Server script sends a set of cookies to the browser. e.g. session id Browser stores this information on local machine for future use. Next time, browser sends request + those cookies to the server and server uses that information to identify the user. COMP9321, 17s1, review->Week2

23 JavaServer Pages (JSP) TechnologyJavaServer Pages (JSP) technology allows you to easily create web content that has both static and dynamic components. JSP technology makes available all the dynamic capabilities of Java Servlet technology; but provides a more natural approach to creating static content. JSP is similar to PHP, but it uses the Java programming language. To deploy and run JavaServer Pages, a compatible web server with a servlet container, such as Apache Tomcat, is required. COMP9321, 17s1, review->Week3

24 JSP COMP9321, 17s1, review->Week3

25 JSP Basics Scriptlet Expression Declaration Comments TraditionalScripting Elements EL Scripting ${…} Modern JSP Elements Page Include Taglib Directive Elements JSP Page custom Action Elements Standard Template Text (HTML bits…) COMP9321, 17s1, review->Week3

26 Extensible Markup Language (XML)XML originally designed to meet the challenges of large-scale electronic publishing. XML separates presentation issues from the actual data. XML plays an increasingly important role in the exchange of a wide variety of data on the Web and elsewhere. Needs a communication protocol? e.g. SOAP stands for Simple Object Access Protocol SOAP is based on XML SOAP is a W3C recommendation SOAP uses XML Information Set for its message format. COMP9321, 17s1, review->Week4

27 The XML Family XML: a markup language used to describe information.DOM: a programming interface for accessing and updating documents. DTD and XML Schema: describes the structure and content of XML documents. XSLT: a language for transforming XML documents XPath: a query language for navigating XML documents. XPointer: for identifying fragments of a document. XLink: generalises the concept of a hypertext link. XInclude: for merging documents. XQuery: a language for making queries across documents. RDF: a language for describing resources. COMP9321, 17s1, review->Week4

28 Semantic Web It is a collection of standard technologies to realize a Web of Data! RDF, OWL, SPARQL, etc. Web of Data beyond the Web of Documents! Machine Readable Human Readable The amount of information is growing exponentially.  COMP9321, 17s1, review->Week5

29 W3C's "Semantic Web Vision“Web information has exact meaning Web information can be understood and processed by computers Computers can integrate information from the web COMP9321, 17s1, review->Week5

30 Resource Description Framework (RDF)RDF is a framework for describing resources on the web. Publishing such descriptions on the Web creates the Semantic Web. RDF uses Web identifiers (URIs) to identify resources. e.g. Web documents concepts from the real world (e.g. people, organisations, topics, things) URIs (Uniform Resource Identifiers) are very important, providing both the core of the framework itself and the link between RDF and the Web. COMP9321, 17s1, review->Week5

31 Web Ontology Language (OWL)Ontology is about the exact description of things (web information) and their relationships. OWL was designed to provide a common way to process the content of web information OWL and RDF are much of the same thing, but OWL is a stronger language with greater machine interpretability than RDF. OWL provides additional vocabulary along with a formal semantics OWL making it easier for machines to automatically process and integrate information available on the Web. OWL has three sublanguages OWL Lite OWL DL OWL Full OWL is complex: OWL is a large set of additional terms COMP9321, 17s1, review->Week5

32 Rules There is a long history of rule languages and rule-based systemseg: logic programming (Prolog), production rules Lots of small and large rule systems E.g. from mail filters to expert systems Why rules on the Semantic Web? There are conditions that ontologies (ie, OWL) cannot express a well known example is Horn rules: (P1 ∧ P2 ∧ …) → C COMP9321, 17s1, review->Week5

33 A new requirement: exchange of rulesApplications may want to exchange their rules: e.g. negotiate eBusiness contracts across platforms e.g. describe privacy requirements and policies Rule Interchange Format (RIF): Goals: expresses the rules a bit like a rule language can be used to exchange rules among engines Challenges: Rule based systems can be very different different rule semantics A universal exchange format is not feasible COMP9321, 17s1, review->Week5

34 Linking Open Data (LOD)- Goal: “expose” open datasets in RDF - Set RDF links among the data items from different datasets - Set up query endpoints - Result: billions of triples and millions of links… - The important point here is that : the data becomes available to the World via a unified format (ie, RDF). the various datasets are interlinked together e.g. DBpedia project COMP9321, 17s1, review->Week5

35 Query RDF Data (SPARQL)SPARQL Protocol And RDF Query Language, is an RDF query language. This specification defines the syntax and semantics of the SPARQL query language for RDF. SPARQL can be used to express queries across diverse data sources. SPARQL contains capabilities for querying required and optional graph patterns The results of SPARQL queries can be results sets or RDF graphs. COMP9321, 17s1, review->Week5

36 Data Persistence When you work with a relational database in a Java application, the Java code issues SQL statements to the database via the JDBC API. The Java Database Connectivity (JDBC) API provides universal data access from the Java programming language. Using the JDBC API, you can access virtually any data source, from relational databases to spreadsheets and flat files.  The JDBC API is comprised of two packages: java.sql javax.sql (Hibernate, pp.5-29) COMP9321, 17s1, review->Week6

37 Accessing DB from an ApplicationCOMP9321, 17s1, review->Week6

38 PreparedStatement objectA more realistic case is that the same kind of SQL statement is processed over and over (rather than a static SQL statement). In PreparedStatement, a place holder (?) will be bound to an incoming value before execution (no recompilation). COMP9321, 17s1, review->Week6

39 Data Access Objects (DAO)COMP9321, 17s1, review->Week6

40 Object-Relational Impedance Mismatch ProblemsCOMP9321, 17s1, review->Week6

41 Object-Relational Impedance Mismatch Problemshttps://docs.oracle.com/cd/E16162_01/user.1112/e17455/img/mismatch.gif COMP9321, 17s1, review->Week6

42 What is NoSQL? Stands for No-SQL or Not Only SQL??Class of non-relational data storage systems E.g. BigTable, Dynamo, PNUTS/Sherpa, .. Usually do not require a fixed table schema nor do they use the concept of joins Distributed data storage systems All NoSQL offerings relax one or more of the ACID properties (will talk about the CAP theorem) Chapter 19: Distributed Databases COMP9321, 17s1, review->Week6

43 CAP Theorem Three properties of a systemConsistency (all copies have same value) Availability (system can run even if parts have failed) Via replication. Partitions (network can break into two or more parts, each with active systems that can’t talk to other parts) Brewer’s CAP “Theorem”: You can have at most two of these three properties for any system. Very large systems will partition at some point. COMP9321, 17s1, review->Week6

44 Design Patterns A pattern is a proven solution to a problem in a context. Each pattern expresses a relation between a certain context, a problem, and a solution. A design pattern represents a solutions to problems that arise when developing a software. Frameworks Subsystems Sub-subsystems Design pattern are granular and applied at different levels such as: Design Architectural Analysis Creational Structural Behavioral Categories include: COMP9321, 17s1, review->Week7

45 J2EE Design Patterns COMP9321, 17s1, review->Week7

46 General Guideline for Servlet/JSP/JavaBeansCOMP9321, 17s1, review->Week7

47 Securing your Web Application: Threats!COMP9321, 17s1, review->Week9

48 Securing your Web Application: Threats!COMP9321, 17s1, review->Week9

49 Session Management… COMP9321, 17s1, review->Week9

50 Transport Layer Security (e.g. HTTPS)COMP9321, 17s1, review->Week9

51 Performance COMP9321, 17s1, review->Week10

52 Performance Metrics Response Time Throughput Availability ReliabilityResource Utilization COMP9321, 17s1, review->Week10

53 Scalability COMP9321, 17s1, review->Week10

54 Operational Laws Utilization Law Little’s Law Forced Flow LawCOMP9321, 17s1, review->Week10

55 Architectural Considerations - NetworkCOMP9321, 17s1, review->Week11

56 General Techniques for Improving Performance and ScalabilityCaching/Replication Parallelism Redundancy Asynchrony Resource Pooling COMP9321, 17s1, review->Week11

57 Improving Performance using HTTP featuresCOMP9321, 17s1, review->Week11

58 Improving Database AccessCOMP9321, 17s1, review->Week11

59 COMP9322 !! …from building a web site (cs9321) to building web services (cs9322) ... context: “global/distributed/complex” business applications Goals: understand the concept of services and business processes articulate the motivation behind web service-based technologies apply the knowledge in practical situations COMP9322 course aims: provide students with a deep understanding of SOA, service-orientation paradigm, business processes and Web services as an implementation technology. COMP9321, 17s1, Week12

60 Good Luck! COMP9321, 17s1, Week12

61 COMP9321, 17s1, Week12