Java web hosting at CERN Computing Seminar, 1 November 2005 Michał Kwiatek, IT-DES.

Java web hosting at CERNComputing Seminar, 1 November

2005

Michał Kwiatek, IT-DES

Michał Kwiatek, IT-DES 2

What we’ll be doing

• A few words about servlets and JSPs

• How to deploy them at CERN• Scope, SLA and architecture of

J2EE Public Service• Some „advanced” examples


What is a JSP?

<%@ page contentType="text/html;charset=iso-8859-1" %><html><header><title>Age example</title></header><body><h1>Age example</h1><%

String yearString = request.getParameter("year");int year;if (yearString==null || yearString.equals("")) {

out.print("Please specify your year of birth using year parameter");} else {

try {year = new Integer(yearString).intValue();%>You are <%=2005-year%> years old.<%

} catch (NumberFormatException e) {%><font color="red">Year of birth incorrect!</font><

%}

}%><%--static inclusion--%><%@ include file="footer.html" %></body></html>


JSP implicit variables

• request• session• application• response• out


What is a servlet?

• A java class that lives inside web container to serve client requests

• extends javax.servlet.http.HttpServlet• defining one or more of the following methods:

– doGet – doPost– doPut– doDelete– service– init– destroy

Note: the same servlet object will be usedsimultaneously to serve many request!


Your servlets should be thread-safe!

package ch.cern.example;import ...public class ServletA extends HttpServlet {

SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"

);

public void service (HttpServletRequest request, HttpServletResponse response) {

response.write("Current date and time is: ");response.write(sdf.format(new Date()));

}}

Javadoc: Date formats are not synchronized. It is recommended

to create separate format instances for each thread. If

multiple threads access a format concurrently, it must be synchronized externally.


JSP is a servlet!

JSP

servet class source code

compiled servet class

translation

compilation

<%@ page laguage="java"%><html><body><%! int count=0 %>Welcome, you are visitor

number<%=++count%></body></html>

Declaration!

package ch.cern.example;import ...public class MyServlet extends HttpServlet {int count = 0;public void service (HttpServletRequest request, HttpServletResponse

response) {response.write("<html><body>Welcome, you are visitor number"+(++count)+"</body></html>");}

}


Did you make a nice jack’o lantern?


There’s more to JSP than just the pages

• Object-oriented programming• Java libriaries, java beans• Custom tag libraries• Model-View-Controler model• Java Server Faces• It is vendor and platform

independent


How to deploy them at CERN?

• Go to CERN Web Service:http://webservices.web.cern.ch/WebServices/

• Choose „java web application (servlet/jsp)” as site type


So what is this WAR file?

• WAR file is simply a zip archive with a specific structure

• jar files go to WEB-INF/lib• classes go to

WEB-INF/classes• Application configuration

files• The rest is regular web

content• Use your IDE or Ant to

package your application

jdbc_example.war

WEB-INF

META-INF

context.xml *)

classes

lib

web.xml

...

index.jsp

...

some.html

*) context.xml file is tomcat-specific


J2EE Public Service

• server-side infrastructure for deployment of java (servlet/jsp) web applications provided by IT-DES

• we provide:– servlet/JSP container– support for deployment– backup, monitoring

• we don’t provide:– an EJB container– support for development– telnet/ssh/ftp access to the servers

• SLA: aimed for medium-sized, non-critical applications; full support within CERN working hours; the support outside working hours is provided on best effort basis.


„Standard” approach

servlet containter

Machine 2 pro

xy

web applications

servlet containter

Machine 1

web applications

!


J2EE Public Service - approach

pro

xy

Machine 1

servlet containers and applications

Machine 2

servlet containers and applications

!


J2EE Public Server architecture

not configured, meant for hosting user applications

in the same way as j2eeps03

j2eeps01.cern.ch j2eeps02.cern.ch j2eeps03.cern.ch j2eeps04.cern.ch j2eeps05.cern.ch

jpsmanager.cern.ch j2eeps.cern.ch

ithp01.cern.ch ithp02.cern.ch ithp03.cern.ch ithp04.cern.ch ithp05.cern.ch

jpss

tun

nel 4)

(ld

ap c

onne

ctio

n to

CE

RN

’s A

ctiv

e D

irect

ory)

tomcat running prod-

jpsmanager 3)

(used by app owners for managing

their applications)

jpsmanager httpd 1)

(httpd in front of tomcats

running dev and prod

jpsmanager)

tomcat running

dev-jpsmanager 2)

jpss

tun

nel 4)

(ld

ap c

onne

ctio

n to

CE

RN

’s A

ctiv

e D

irect

ory)

Apache20ModProxyModJK 5)

(apache httpd in front of tomcats

running user applications)

jpss

tun

nel 4)

(ld

ap c

onne

ctio

n to

CE

RN

’s A

ctiv

e D

irect

ory)


jpsmanager 3)

(used by app owners to

check logs)


jpsmanager 3)

(used by app owners to

check logs)

idle, meant for hosting user applications

in the same way as j2eeps03

Symetrical, passwordless ssh/scp connectivity

web authors’ requests

web readers’ requests

container(tomcat)running

user app 6)


user app 6)


user app 6)

• software used:– Apache

Tomcat 5.5– JDK 1.5– Apache

httpd 2.0– jpsmanager

• The architecture is open!


Guess what!

• JDBC drivers to oracle are preinstalled (thin)• 3 usage scenarios


JDBC

Connection conn = null; Statement stmt = null; ResultSet rset = null;try {

Class.forName("oracle.jdbc.driver.OracleDriver");conn = DriverManager.getConnection(url, user,

password);stmt = conn.createStatement();rset = stmt.executeQuery(query);...

} catch(SQLException e) {...

} finally {try { rset.close(); } catch(Exception e) { }try { stmt.close(); } catch(Exception e) { }try { conn.close(); } catch(Exception e) { }

}

1. Basic example

2. Connection pooling


JDBC (cont’d)

// in Servlet, JSP, or simply a class:Connection conn = null; Statement stmt = null; ResultSet rset = null;try {

Context initContext = new InitialContext();Context envContext =

(Context)initContext.lookup("java:/comp/env");DataSource ds =

(DataSource)envContext.lookup("jdbc/devdb");conn = ds.getConnection();stmt = conn.createStatement();rset = stmt.executeQuery(query);...

} catch(SQLException e) {...

} finally {try { rset.close(); } catch(Exception e) { }try { stmt.close(); } catch(Exception e) { }try { conn.close(); } catch(Exception e) { }

}

3. Connection pooling & JNDI (1/2)


JDBC (cont’d)

// in META-INF/context.xml:<Context>

<Resource name="jdbc/devdb" auth="Container"type="javax.sql.DataSource"

driverClassName="oracle.jdbc.driver.OracleDriver"

url="jdbc:oracle:thin:@oradev.cern.ch:10521:D" username="XXXXX"

password="XXXXX" maxActive="10" maxIdle="5"

/></Context>

// in WEB-INF/web.xml:<resource-ref> ... </resource-ref>

3. Connection pooling & JNDI (2/2)


Authentication/authorisation

• Authentication:– my identity can be

confirmed using my CERN id card

• Authorisation– using my identity

and additional information (did I attend

the security course?) the system will let me into the Computer Centre or not


How to do it NICEly?

• method for authentication and authorisation– is provided by the container– uses existing mechanisms

• this method is NICE:– NICE login and password to

authenticate– NICE groups to authorise (CERN

Department/Group structure, or some project-specific groups)


NICE authentication

NICE authentication is set up by default• in WEB-INF/web.xml you specify which

areas of your application require authentication

• you also specify which groups of users are authorized to access these areas

• you can define these groups (and their members) at https://www.cern.ch/WinServices/Services/GroupManager/

• from your application, you may check who is logged on using:

request.getUserPrincipal()

http://j2ee-public-service.web.cern.ch/j2ee-public-service/examples/nice-web.xml




Resources

• http://j2ee-public-service.web.cern.ch/j2ee-public-service/– sla.html– faq.html– technical.html

• chapter 9, "Developing secure web applications" from SCWCD Exam Study Kit by Hanumant Deshmukh and Jignesh Malavia.

• http://tomcat.apache.org/tomcat-5.5-doc/jndi-datasource-examples-howto.html

• http://jakarta.apache.org/commons/dbcp/• http://ws.apache.org/axis/java/index.html• j2ee tutorial:

http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html


Questions?

Java web hosting at CERN Computing Seminar, 1 November 2005 Michał Kwiatek, IT-DES.

Documents

Transcript of Java web hosting at CERN Computing Seminar, 1 November 2005 Michał Kwiatek, IT-DES.