Web Applications, Concepts&Tools, by Dr. Khalil 1 Web Applications Development (Approaches &...

Web Applications, Concepts&Tools, by Dr. Khalil

1

Web Applications Development

(Approaches & Techniques)

Dr. Awad KhalilDr. Awad Khalil

Computer Science DepartmentComputer Science Department

AUCAUC


2

Content The Web as an Application PlatformThe Web as an Application Platform Development Approaches Development Approaches Client-side ApproachClient-side Approach

Scripting languages such as JavaScript, Perl, and PHPScripting languages such as JavaScript, Perl, and PHP Server-side ApproachServer-side Approach

CGI (Common Gateway Interface)CGI (Common Gateway Interface) API (Application Programming Interface)API (Application Programming Interface)

Examples of APIs and development PlatformsExamples of APIs and development Platforms Netscape API (NSAPI). Netscape API (NSAPI). Microsoft’s Web Solution Platform with Active Server Pages (ASPs) and Microsoft’s Web Solution Platform with Active Server Pages (ASPs) and

Active Data Objects (ADO)Active Data Objects (ADO) Java Solutions (SQLJ, Servlets, and JavaServer Pages, and JDBC.Java Solutions (SQLJ, Servlets, and JavaServer Pages, and JDBC.

Database Connectivity APIsDatabase Connectivity APIs ODBC (Open Data Base Connectivity)ODBC (Open Data Base Connectivity) JDBC (Java Data Base Connectivity)JDBC (Java Data Base Connectivity)


3

The Web as an Application PlatformRequirements

An open-architecture approach to allow interoperability with a variety of An open-architecture approach to allow interoperability with a variety of systems and technologies; for example, support for:systems and technologies; for example, support for:

Different Web servers;Different Web servers; Microsoft’s (Distributed) Common Object Model (DCOM/COM);Microsoft’s (Distributed) Common Object Model (DCOM/COM); CORBA/IIOP (Internet Inter-ORB protocol);CORBA/IIOP (Internet Inter-ORB protocol); Java/RMI (Remote Method Invocation).Java/RMI (Remote Method Invocation).

The ability to access valuable corporate data in a secure manner.The ability to access valuable corporate data in a secure manner. Data and vendor independent connectivity to allow freedom of choice in the Data and vendor independent connectivity to allow freedom of choice in the

selection of the DBMS now and in the futureselection of the DBMS now and in the future The ability to interface to the database independent of any proprietary Web The ability to interface to the database independent of any proprietary Web

browser or Web server.browser or Web server. A connectivity solution that takes advantage of all the features of an A connectivity solution that takes advantage of all the features of an

organization’s DBMS.organization’s DBMS. A cost-effective solution that allows for scalability, growth, and changes in A cost-effective solution that allows for scalability, growth, and changes in

strategic directions.strategic directions. Support for transactions that span multiple HTTP requests.Support for transactions that span multiple HTTP requests. Support for session- and application-based authentication.Support for session- and application-based authentication. Minimal administration overhead.Minimal administration overhead.


4

Web Application

Advantages SimplicitySimplicity Platform independencePlatform independence Graphical User InterfaceGraphical User Interface StandardizationStandardization Cross-platform supportCross-platform support Transparent network Transparent network

accessaccess Scalable deploymentScalable deployment InnovationInnovation

Disadavantages ReliabilityReliability SecuritySecurity CostCost ScalabilityScalability Limited functionality of Limited functionality of

HTMLHTML StatelessStateless BandwidthBandwidth PerformancePerformance Immaturity of development Immaturity of development

toolstools


5

Web Application Architecture

Web applications may be created Web applications may be created using various approaches. using various approaches. However, there are a number of However, there are a number of components that will form components that will form essential building blocks for such essential building blocks for such applications. Typically, the Web applications. Typically, the Web application architecture is a three-application architecture is a three-tier architecture in which:tier architecture in which: A Web Browser acting A Web Browser acting

as the “thin” client.as the “thin” client.

A Web Server acting as A Web Server acting as the application server.the application server.

A Database Server acting A Database Server acting as the third tier.as the third tier.


6


7

Browser Layer The browser is the client of a Web application, and it The browser is the client of a Web application, and it

has two major functions:has two major functions: First, it handles the layout and display of HTML First, it handles the layout and display of HTML

documents. documents.

Second, it executes the client-side extension Second, it executes the client-side extension functionality such as Java, JavaScript, and ActiveX functionality such as Java, JavaScript, and ActiveX (a method to extend a browser’s capabilities). (a method to extend a browser’s capabilities).

The two most popular browsers at the present are The two most popular browsers at the present are Netscape Navigator (Netscape for short) and Microsoft Netscape Navigator (Netscape for short) and Microsoft Internet Explorer (IE). They have their own advantages Internet Explorer (IE). They have their own advantages and disadvantages with respect to Web applications.and disadvantages with respect to Web applications.


8

IE versus Netscape Both browsers support Java, JavaScript, and IE also Both browsers support Java, JavaScript, and IE also

support ActiveX.support ActiveX.

Netscape is supported on numerous platforms, whereas Netscape is supported on numerous platforms, whereas IE runs only on Microsoft systems (e.g., Windows 2000, IE runs only on Microsoft systems (e.g., Windows 2000, 98 and NT).98 and NT).

IE offers compatibility with other Microsoft products and IE offers compatibility with other Microsoft products and can easily be integrated with existing tools such as Word, can easily be integrated with existing tools such as Word, Excel and PowerPoint. The drawback is that IE heavily Excel and PowerPoint. The drawback is that IE heavily dependent on the Windows platforms and other dependent on the Windows platforms and other Microsoft proprietary systems. Microsoft proprietary systems.

ActiveX is designed to extend the functionality of IE, and ActiveX is designed to extend the functionality of IE, and works only on Windows platforms and Macintosh works only on Windows platforms and Macintosh System 7+.System 7+.


9

The Application Logic Layer The application logic layer is the part of a Web The application logic layer is the part of a Web

application with which a developer will spend the application with which a developer will spend the most time. It is responsible for:most time. It is responsible for:

Implementing the business rules;Implementing the business rules;

collecting data for a query (e.g., an SQL collecting data for a query (e.g., an SQL statement);statement);

preparing and sending the query to the preparing and sending the query to the database via the database connection layer;database via the database connection layer;

retrieving the results from the connection layer;retrieving the results from the connection layer;

formatting the data for display.formatting the data for display.


10

The Database Connection Layer

This is the component which actually links a database to the Web server.This is the component which actually links a database to the Web server.

Many current Web database building tools offer database connectivity solutions Many current Web database building tools offer database connectivity solutions and they are used to simplify the connection process.and they are used to simplify the connection process.

The database connection layer provides a link between the application logic layer The database connection layer provides a link between the application logic layer and the DBMS. Connection solutions come in many forms, such asand the DBMS. Connection solutions come in many forms, such as DBMS net protocols, DBMS net protocols, API (Application Programming Interface) or class libraries, and programs that API (Application Programming Interface) or class libraries, and programs that

are themselves database clients. Some of these solutions resulted in tools being are themselves database clients. Some of these solutions resulted in tools being specifically designed for developing Web database applications.specifically designed for developing Web database applications.

In Oracle, for example, there are native API libraries for connection and a number In Oracle, for example, there are native API libraries for connection and a number of tools, such as of tools, such as Web Publishing AssistantWeb Publishing Assistant, for developing Oracle applications on , for developing Oracle applications on the Web. the Web.

The connection layer within a Web database application must accomplish a number of goals. The connection layer within a Web database application must accomplish a number of goals. They have to provide access to the underlying database, and they also need to be easy to use, They have to provide access to the underlying database, and they also need to be easy to use, efficient, flexible, robust, reliable, and secure. Different tools and methods fulfill these goals efficient, flexible, robust, reliable, and secure. Different tools and methods fulfill these goals to different extents.to different extents.


11

The Database Layer

This is the place where the underlying database resides This is the place where the underlying database resides within the Web database application.within the Web database application.

The database is responsible for storing, retrieving, and The database is responsible for storing, retrieving, and updating data based on user requirements, and the updating data based on user requirements, and the DBMS can provide efficiency and security measures.DBMS can provide efficiency and security measures.

In many cases, when developing a Web application, the In many cases, when developing a Web application, the underlying database has already been in existence. A underlying database has already been in existence. A major task, therefore, is to link the database to the Web major task, therefore, is to link the database to the Web (the connection layer) and to develop the application (the connection layer) and to develop the application logic layer.logic layer.


12

Database Gateways for Database Connectivity A Web database A Web database gatewaygateway ( (middleware)middleware)is a bridge between the Web and a DBMS, is a bridge between the Web and a DBMS,

and its objective is to provide a Web-based application the ability to manipulate and its objective is to provide a Web-based application the ability to manipulate data stored in the database.data stored in the database.

Web database gateways link stateful systems (i.e., databases) with a stateless, Web database gateways link stateful systems (i.e., databases) with a stateless, connectionless protocol (i.e., HTTP). connectionless protocol (i.e., HTTP).

HTTP is a stateless protocol in the sense that each connection is closed once the HTTP is a stateless protocol in the sense that each connection is closed once the server provides a response. Thus, a Web server will not normally keep any record server provides a response. Thus, a Web server will not normally keep any record about previous requests. This results in an important difference between a Web-about previous requests. This results in an important difference between a Web-based client-server application and a traditional client-server application.based client-server application and a traditional client-server application.

In a Web-based application, only one transaction can occur on a connection. In In a Web-based application, only one transaction can occur on a connection. In other words, the connection is created for a specific request from the client. Once other words, the connection is created for a specific request from the client. Once the request has been satisfied, the connection is closed. Thus, every request the request has been satisfied, the connection is closed. Thus, every request involving access to the database will have to incur the overhead of making the involving access to the database will have to incur the overhead of making the connection.connection.

In a traditional application, multiple transactions can occur on the same connection. In a traditional application, multiple transactions can occur on the same connection. The overhead of making the connection will only occur once at the beginning of The overhead of making the connection will only occur once at the beginning of each database session.each database session.


13

Web Development Approaches

There are a number of There are a number of different ways for creating different ways for creating web applications. web applications. Generally, they can be Generally, they can be grouped into two grouped into two categories: categories:

Client-Side Solutions.Client-Side Solutions. Server-Side Solutions.Server-Side Solutions.


14

Client-side Solutions The client-side solutions include two types of approaches for web applications’ The client-side solutions include two types of approaches for web applications’

development: development: browser extensions browser extensions external applications.external applications.

Browser extensions are add-ons to the core Web browser that enhance and augment Browser extensions are add-ons to the core Web browser that enhance and augment the browser’s original functionality. Specific methods include plug-ins for Netscape the browser’s original functionality. Specific methods include plug-ins for Netscape and IE, and ActiveX controls for IE. Also, both types of browsers (Netscape and IE) and IE, and ActiveX controls for IE. Also, both types of browsers (Netscape and IE) support Java and JavaScript languages (i.e., Java applets and JavaScript can be used support Java and JavaScript languages (i.e., Java applets and JavaScript can be used to extend browsers’ capabilities).to extend browsers’ capabilities).

External applications are helper applications or viewers. They are typically existing External applications are helper applications or viewers. They are typically existing database clients that reside on the client machine and are launched by the Web database clients that reside on the client machine and are launched by the Web browser in a particular Web application. Using external applications is a quick and browser in a particular Web application. Using external applications is a quick and easy way to bring legacy database applications online, but the resulting system is easy way to bring legacy database applications online, but the resulting system is neither open nor portable. Legacy database clients do not take advantages of the neither open nor portable. Legacy database clients do not take advantages of the platform independence and language independence available through many Web platform independence and language independence available through many Web solutions. Legacy clients are resistant to change, meaning that any modification to solutions. Legacy clients are resistant to change, meaning that any modification to the client program must be propagated via costly manual installations throughout the the client program must be propagated via costly manual installations throughout the user base.user base.


15

Browser Extensions These types of gateways take advantage of the resources of the These types of gateways take advantage of the resources of the

client machine to aid server-side applications. client machine to aid server-side applications.

Remember, however, it is advantageous to have a thin client. Remember, however, it is advantageous to have a thin client. Thus, the scope of such programming on the client-side should Thus, the scope of such programming on the client-side should be limited. be limited.

A very large part of the web application should be on the server-A very large part of the web application should be on the server-side.side.

Browser extensions can be created by incorporating support can be created by incorporating support for:for: Scripting Languages (JavaScript, Jscript, VBScript, Perl, and Scripting Languages (JavaScript, Jscript, VBScript, Perl, and

PHP)PHP) Java (Applets)Java (Applets) ActiveXActiveX Plug-InsPlug-Ins


16

Scripting LanguagesJavaScript & JScript

JavaScript and Jscript are virtually identical interpreted scripting languages from JavaScript and Jscript are virtually identical interpreted scripting languages from Netscape and MicroSoft, respectively.Netscape and MicroSoft, respectively.

JavaScript is a scripting language that allows programmers to create and customize JavaScript is a scripting language that allows programmers to create and customize applications on the Internet and Intranets. applications on the Internet and Intranets.

On the client-side, it can be used to perform simple data manipulation such as On the client-side, it can be used to perform simple data manipulation such as mathematical calculations and form validation.mathematical calculations and form validation.

JavaScript code is normally sent as a part of HTML document and is executed by JavaScript code is normally sent as a part of HTML document and is executed by the browser upon receipt (the browser must have the script language interpreter). the browser upon receipt (the browser must have the script language interpreter). On the server-side, LiveWire (an online development environment for server-side On the server-side, LiveWire (an online development environment for server-side JavaScript) works with Netscape, providing gateway functionality such as access JavaScript) works with Netscape, providing gateway functionality such as access to databases.to databases.

It should note that JavaScript has little to do with Java language. JavaScript was It should note that JavaScript has little to do with Java language. JavaScript was originally called LiveScript, but it was changed to benefit from the excitement originally called LiveScript, but it was changed to benefit from the excitement surrounding Java. The only relationship between JavaScript and Java is a gateway surrounding Java. The only relationship between JavaScript and Java is a gateway between the former and Java applets (Web applications written in Java). JavaScript between the former and Java applets (Web applications written in Java). JavaScript provides developers a simple way to access certain properties and methods of Java provides developers a simple way to access certain properties and methods of Java applets on the same page without having to understand or modify the Java source applets on the same page without having to understand or modify the Java source code of the applet.code of the applet.


17

Scripting Languages JavaScript & JScript

As a development tool, JavaScript on the client-side does not offer much As a development tool, JavaScript on the client-side does not offer much without the aid of a complementary tools such as Java, plug-ins, and CGI without the aid of a complementary tools such as Java, plug-ins, and CGI (Common Gateway Interface). For examples,(Common Gateway Interface). For examples,

If a Java applet on a page of HTML has access to a database, a If a Java applet on a page of HTML has access to a database, a programmer can write JavaScript code to manipulate the applet.programmer can write JavaScript code to manipulate the applet.

If there is a form on the HTML document and if an action parameter for If there is a form on the HTML document and if an action parameter for that form refers to a CGI program that has access to a database, a that form refers to a CGI program that has access to a database, a programmer can write JavaScript code to manipulate the data elements programmer can write JavaScript code to manipulate the data elements within the form and then submit it (i.e., submit a kind of request to a within the form and then submit it (i.e., submit a kind of request to a DBMS).DBMS).

JavaScript can improve the performance of a Web application if it is used for JavaScript can improve the performance of a Web application if it is used for client-side state management. It can eliminate the need to transfer state data client-side state management. It can eliminate the need to transfer state data repeatedly between the browser and the Web server. Instead of sending an repeatedly between the browser and the Web server. Instead of sending an HTTP request each time it updates an application state, it sends the state only HTTP request each time it updates an application state, it sends the state only once as the final action. However, there are some side effects resulted from once as the final action. However, there are some side effects resulted from this gain in performance. For example, it may result in the application this gain in performance. For example, it may result in the application becoming less robust if state management is completely on the client-side. If becoming less robust if state management is completely on the client-side. If the client accidentally or deliberately exits, the session state is lost.the client accidentally or deliberately exits, the session state is lost.


18

Scripting Languages VBScript

VBScript is a Microsoft proprietary interpreted VBScript is a Microsoft proprietary interpreted scripting language whose goals and operations scripting language whose goals and operations are virtually identical to those JavaScript/Jscript.are virtually identical to those JavaScript/Jscript.

VBScript, however, has syntax more like Visual VBScript, however, has syntax more like Visual Basic than Java.Basic than Java.

VBScript is a procedural language and so uses VBScript is a procedural language and so uses subroutines as the basic unit.subroutines as the basic unit.


19

Scripting Languages Perl & PHP

Perl (Practical Extraction and (Practical Extraction and Report Language) is an Report Language) is an interpreted programming interpreted programming language with extensive, easy-to-language with extensive, easy-to-use text processing capabilities.use text processing capabilities.

It is now one of the most widely It is now one of the most widely used languages for server-side used languages for server-side programming.programming.

Although Perl was originally Although Perl was originally developed on the Unix platform, developed on the Unix platform, it was always intended as a cross-it was always intended as a cross-platform language and there is platform language and there is now a version of Perl for the now a version of Perl for the Windows platform (called Windows platform (called ActivePerlActivePerl))

PHP (Hypertext Processor) is (Hypertext Processor) is another popular open source HTML-another popular open source HTML-embedded scripting language that is embedded scripting language that is supported by many Web servers supported by many Web servers including Apache HTTP Server and including Apache HTTP Server and Microsoft’s Internet Information Microsoft’s Internet Information Server (IIS), and is the preferred Server (IIS), and is the preferred linux Web scripting language.linux Web scripting language.

The goal of the language is to allow The goal of the language is to allow Web developers to write Web developers to write dynamically-generated pages dynamically-generated pages quickly.quickly.

A popular choice nowadays is to use A popular choice nowadays is to use the open source combinations of the open source combinations of Apache HTTP Server, PHP, and one Apache HTTP Server, PHP, and one of the database systems mySQL or of the database systems mySQL or PostgreSQL.PostgreSQL.


20

Java (Applets)

As mentioned earlier, As mentioned earlier, Java applets can be manipulated by can be manipulated by JavaScript functions to perform several tasks (for example, JavaScript functions to perform several tasks (for example, accessing a databases). accessing a databases).

In general, Java applets can be downloaded into a browser and In general, Java applets can be downloaded into a browser and executed on the client-side (the browser should have the bytecode executed on the client-side (the browser should have the bytecode interpreter). interpreter).

The connection to the database is made through appropriate The connection to the database is made through appropriate APIs (Application Programming Interface, such as JDBC and (Application Programming Interface, such as JDBC and ODBC). ODBC).


21

JavaScript Java (Applets)Interpreted (not compiled) by Interpreted (not compiled) by clientclient

Compiled on server before Compiled on server before execution on clientexecution on client

Object-based, Code uses built-in, Object-based, Code uses built-in, extensible objects, but no classes extensible objects, but no classes or inheritanceor inheritance

Object-oriented, Applets consist Object-oriented, Applets consist of object classes with inheritanceof object classes with inheritance

Code integrated with, and Code integrated with, and embedded in HTMLembedded in HTML

Applets distinct from HTML, but Applets distinct from HTML, but accessed from HTML pagesaccessed from HTML pages

Variable data types not declared Variable data types not declared (loose typing)(loose typing)

Variables data types must be Variables data types must be declared (strong typing)declared (strong typing)

Dynamic binding. Object Dynamic binding. Object references checked at runtimereferences checked at runtime

Static binding. Object references Static binding. Object references must exist at compile-timemust exist at compile-time

Cannot automatically write to Cannot automatically write to hard diskhard disk

Cannot automatically write to Cannot automatically write to hard diskhard disk


22

ActiveX ActiveX is a way to extend Microsoft IE’s (Internet Explorer) capabilities.ActiveX is a way to extend Microsoft IE’s (Internet Explorer) capabilities.

An ActiveX control is a component on the browser that adds functionality An ActiveX control is a component on the browser that adds functionality which cannot be obtained in HTML, such as access to file on the client, other which cannot be obtained in HTML, such as access to file on the client, other applications, complex user interfaces, and additional hardware devices.applications, complex user interfaces, and additional hardware devices.

ActiveX is similar to Microsoft OLE (Object Linking and Embedding), and ActiveX is similar to Microsoft OLE (Object Linking and Embedding), and ActiveX controls can be developed by any organization and individual.ActiveX controls can be developed by any organization and individual.

At the present, there are more than one thousand ActiveX controls, including At the present, there are more than one thousand ActiveX controls, including controls for database access, are available for developers to incorporate into controls for database access, are available for developers to incorporate into Web applications.Web applications.

A number of commercial ActiveX controls offer several functionalities. A number of commercial ActiveX controls offer several functionalities. Because ActiveX has abilities similar to OLE, it supports most or all the Because ActiveX has abilities similar to OLE, it supports most or all the functionality available to any Windows program.functionality available to any Windows program.

Like JavaScript, ActiveX can aid in minimizing network traffic. In many cases, Like JavaScript, ActiveX can aid in minimizing network traffic. In many cases, this technique results in improved performance. ActiveX can also offer rich this technique results in improved performance. ActiveX can also offer rich GUIs. The more flexible interface, executed entirely on the client-side, make GUIs. The more flexible interface, executed entirely on the client-side, make operations more efficient for users.operations more efficient for users.


23

Plug-Ins Plug-ins are Dynamic Link Libraries (DLL) that allow data of new MIME Plug-ins are Dynamic Link Libraries (DLL) that allow data of new MIME

(Multipurpose Internet Mail Extensions) to be viewed or heard. (Multipurpose Internet Mail Extensions) to be viewed or heard. Plug-ins can be installed to run seamlessly inside the browser window, transparent to Plug-ins can be installed to run seamlessly inside the browser window, transparent to

the user. the user. They have full access to the client’s resources. They have full access to the client’s resources.

To create a plug-in, the developer writes an application using the plug-in API and To create a plug-in, the developer writes an application using the plug-in API and native calls. The code is then compiled as a DLL. Installing a plug-in is just a matter native calls. The code is then compiled as a DLL. Installing a plug-in is just a matter of copying the DLL into the directory where the browser looks for plug-ins. The next of copying the DLL into the directory where the browser looks for plug-ins. The next time that the browser is run, the MIME type(s) that the new plug-in supports will be time that the browser is run, the MIME type(s) that the new plug-in supports will be opened with the plug-in. One plug-in may support multiple MIME types.opened with the plug-in. One plug-in may support multiple MIME types.

There are a number of important issues concerning plug-ins:There are a number of important issues concerning plug-ins: Plug-ins incur installation requirements. Because they are native code not Plug-ins incur installation requirements. Because they are native code not

packaged with the browser itself, plug-ins must be installed on the client machine.packaged with the browser itself, plug-ins must be installed on the client machine. Plug-ins are platform-dependent. Whenever a change is made, it must be made Plug-ins are platform-dependent. Whenever a change is made, it must be made

on all supported platforms.on all supported platforms. The latest version of IE supports the same plug-in architecture as Netscape. Thus, The latest version of IE supports the same plug-in architecture as Netscape. Thus,

a plug-in should work on both browsers provided they are running on the same a plug-in should work on both browsers provided they are running on the same platform.platform.


24

Plug-Ins

Connection to databasesConnection to databases Plug-ins can operate like any stand-alone applications on the Plug-ins can operate like any stand-alone applications on the

client-side. For example, they can be used to create direct socket client-side. For example, they can be used to create direct socket connections to databases via the DBMS net protocols (such as connections to databases via the DBMS net protocols (such as SQL*Net for Oracle). Plug-ins can also use JDBC, ODBC, OLE, SQL*Net for Oracle). Plug-ins can also use JDBC, ODBC, OLE, and any other methods to connect to databases.and any other methods to connect to databases.

PerformancePerformance Plug-ins are loaded on demand. When a user starts up a browser, Plug-ins are loaded on demand. When a user starts up a browser,

the installed plug-ins are registered with the browser along with the installed plug-ins are registered with the browser along with their supported MIME types, but the plug-in themselves are not their supported MIME types, but the plug-in themselves are not loaded. When a plug-in for a particular MIME type is requested, loaded. When a plug-in for a particular MIME type is requested, the code is then loaded into memory. Because plug-ins use the code is then loaded into memory. Because plug-ins use native code, their executions are fast.native code, their executions are fast.


25

External Applications External helper applications can be new or legacy database clients, or a terminal External helper applications can be new or legacy database clients, or a terminal

emulator. If there are existing traditional client-server database applications which emulator. If there are existing traditional client-server database applications which reside on the same machine as the browser, then they can be launched by the browser reside on the same machine as the browser, then they can be launched by the browser and execute as usual. and execute as usual.

This approach may be an appropriate interim solution for migrating from an existing This approach may be an appropriate interim solution for migrating from an existing client-server application to a purely Web-based one.client-server application to a purely Web-based one.

It is straightforward to configure the browser to launch existing applications. It just It is straightforward to configure the browser to launch existing applications. It just involves the registration of a new MIME type and the associated application name.involves the registration of a new MIME type and the associated application name.

Using the external applications approach, the existing database applications need not Using the external applications approach, the existing database applications need not be changed. However, it means that all the maintenance burdens associated with be changed. However, it means that all the maintenance burdens associated with traditional client-server applications will remain. Any change to the external traditional client-server applications will remain. Any change to the external application will require a very costly reinstallation on all client machines. Because application will require a very costly reinstallation on all client machines. Because this is not a pure Web-based solution, many advantages offered by Web-based this is not a pure Web-based solution, many advantages offered by Web-based applications cannot be realized.applications cannot be realized.

Traditional client-server database applications usually offer good performance. They Traditional client-server database applications usually offer good performance. They do not incur the overhead of requiring repeated connections to the database. External do not incur the overhead of requiring repeated connections to the database. External database clients can make one connection to the remote database and use that database clients can make one connection to the remote database and use that connection for as many transactions as necessary for the session, closing it only when connection for as many transactions as necessary for the session, closing it only when finished.finished.


26

Server-side Web Programming

Server-side solutions are more widely adopted than the Server-side solutions are more widely adopted than the client-side solutions.client-side solutions.

A main reason for this is that the Web application A main reason for this is that the Web application architecture requires the client to be as thin as possible. architecture requires the client to be as thin as possible.

The Web server should not only host all the documents, The Web server should not only host all the documents, but should also be responsible for dealing with all the but should also be responsible for dealing with all the requests from the client.requests from the client.


27

Server-side Solutions

Server Side listening for HTTP requests.listening for HTTP requests. checking the validity of the checking the validity of the

request.request. finding the requested resource.finding the requested resource. requesting authentication if requesting authentication if

necessary.necessary. delivering requested resource.delivering requested resource. spawning programs if required.spawning programs if required. passing variables to programs.passing variables to programs. delivering output of programs to delivering output of programs to

the requester.the requester. displaying error message if displaying error message if

necessary.necessary.

Client Side rendering HTML documents.rendering HTML documents. allowing users to navigate HTML allowing users to navigate HTML

links.links. displaying image.displaying image. sending HTML form data to a sending HTML form data to a

URL.URL. interpreting Java applets.interpreting Java applets. executing plug-ins.executing plug-ins. executing external helper executing external helper

applications.applications. interpreting JavaScript and other interpreting JavaScript and other

scripting language programs.scripting language programs. executing ActiveX controls in case executing ActiveX controls in case

of IE.of IE.


28

Server-side Solutions CGI (Common Gateway Interface)CGI (Common Gateway Interface) APIs (Application Programming Interface)APIs (Application Programming Interface)


29

CGI (Common Gateway Interface)

CGI is a protocol for allowing Web browsers to communicate with Web CGI is a protocol for allowing Web browsers to communicate with Web servers, such as sending data to the servers. Upon receiving the data, the Web servers, such as sending data to the servers. Upon receiving the data, the Web server can then pass them to a specified external program (residing on the server can then pass them to a specified external program (residing on the server host machine) via environment variables or standard input stream server host machine) via environment variables or standard input stream (STDIN). (STDIN).

The external program is called a CGI program or CGI script. Because CGI is a The external program is called a CGI program or CGI script. Because CGI is a protocol, not a library of functions written specifically for any particular Web protocol, not a library of functions written specifically for any particular Web server, CGI programs/scripts are language-independent. server, CGI programs/scripts are language-independent.

As long as the program/script conforms to the specification of the CGI As long as the program/script conforms to the specification of the CGI protocol, it can be written in any language such as C, C++ or Java. protocol, it can be written in any language such as C, C++ or Java.

In short, CGI is the protocol governing communications among browsers, In short, CGI is the protocol governing communications among browsers, servers, and CGI programs.servers, and CGI programs.

In general, a Web server is only able to send documents and to tell a browser In general, a Web server is only able to send documents and to tell a browser what kinds of documents it is sendingwhat kinds of documents it is sending. By using CGI, the server can also . By using CGI, the server can also launch external programs (i.e., CGI programs). When the server recognizes launch external programs (i.e., CGI programs). When the server recognizes that a URL points to a file, it returns the contents of that file. When the URL that a URL points to a file, it returns the contents of that file. When the URL points to a CGI program, the server will execute it and then sends back the points to a CGI program, the server will execute it and then sends back the output of the program’s execution to the browser as if it were a file.output of the program’s execution to the browser as if it were a file.


30


Before the server launches a CGI program, it prepares a number of Before the server launches a CGI program, it prepares a number of environment variables representing the current state of the server, who is environment variables representing the current state of the server, who is requesting the action, and so on. requesting the action, and so on.

The program collects this information and reads STDIN. It then carries out The program collects this information and reads STDIN. It then carries out the necessary processing and writes its output to STDOUT (the standard the necessary processing and writes its output to STDOUT (the standard output stream). output stream).

In particular, the program must send the MIME header information prior to In particular, the program must send the MIME header information prior to the main body of the output. This header information specifies the type of the main body of the output. This header information specifies the type of the output.the output.

For example, the CGI approach enables access to databases from the For example, the CGI approach enables access to databases from the browser. The Web client can invoke a CGI program/script via a browser, browser. The Web client can invoke a CGI program/script via a browser, and then the program performs the required action and accesses the and then the program performs the required action and accesses the database via the gateway. The outcome of accessing the database is then database via the gateway. The outcome of accessing the database is then returned to the client via the Web serverreturned to the client via the Web server..


31

The CGI Environment


32

CGI (Common Gateway Interface) Invoking and executing CGI programs from a Web browser is mostly Invoking and executing CGI programs from a Web browser is mostly

transparent to the user. The following steps need to be taken in order for a transparent to the user. The following steps need to be taken in order for a CGI program to execute successfully:CGI program to execute successfully: The user (Web client) calls the CGI program by clicking on a link or by The user (Web client) calls the CGI program by clicking on a link or by

pressing a button. The program can also be invoked when the browser pressing a button. The program can also be invoked when the browser loads an HTML document (hence being able to create a dynamic Web loads an HTML document (hence being able to create a dynamic Web page).page).

The browser contacts the Web server asking for permission to run the CGI The browser contacts the Web server asking for permission to run the CGI program.program.

The server checks the configuration and access files to ensure that the The server checks the configuration and access files to ensure that the program exists and the client has access authorization to the program.program exists and the client has access authorization to the program.

The server prepares the environment variables and launches the program.The server prepares the environment variables and launches the program. The program executes and reads the environment variables and STDIN.The program executes and reads the environment variables and STDIN. The program sends the appropriate MIME headers to STDOUT followed The program sends the appropriate MIME headers to STDOUT followed

by the remainder of the output and terminates.by the remainder of the output and terminates. The server sends the data in STDOUT (i.e., the output from the program’s The server sends the data in STDOUT (i.e., the output from the program’s

execution) to the browser and closes the connection.execution) to the browser and closes the connection.


33

CGI with HTTP Cookies

One way to make CGI scripts more interactive is to use cookies.One way to make CGI scripts more interactive is to use cookies. A cookie is a piece of information that the client stores on behalf of the server.A cookie is a piece of information that the client stores on behalf of the server. The information that is stored in the cookie comes from the server as part of the server’s The information that is stored in the cookie comes from the server as part of the server’s

response to an HTTP request.response to an HTTP request. A client may have many cookies stored at any given time, each one associated with a A client may have many cookies stored at any given time, each one associated with a

particular Web site or Web page.particular Web site or Web page. Each time the client visits that site/page, the browser packages the cookie with the HTTP Each time the client visits that site/page, the browser packages the cookie with the HTTP

request.request. The Web server can then use the information in the cookie to identify the user and, The Web server can then use the information in the cookie to identify the user and,

depending on the nature of the information collected, possibly personalize the appearance depending on the nature of the information collected, possibly personalize the appearance of the Web page.of the Web page.

The Web server can also add or change the information within the cookie before returning The Web server can also add or change the information within the cookie before returning it.it.

Cookies can be used to store registration information or preferences.Cookies can be used to store registration information or preferences. Example:Example:$!/bin/shecho “Content-type:text/html”echo “Set-cookie: UserID=conn-ci0; expires = Friday 30-Apr-02 12:00:00 GMT”eCHO “Set-cookie: Password=guest; expires = Friday 30-Apr-02 12:00:00 GMT”echo “”


34


AdvantagesAdvantages

CGI is the CGI is the de factode facto standard for interfacing Web clients and servers with standard for interfacing Web clients and servers with external applications, and is arguably the most commonly adopted external applications, and is arguably the most commonly adopted approach for interfacing Web applications to data sources (such as approach for interfacing Web applications to data sources (such as databases). databases).

The main advantages of CGI areThe main advantages of CGI are Simplicity, Simplicity, Language independence, Language independence, Web server independence, Web server independence, Wide acceptance.Wide acceptance.


35

CGI (Common Gateway Interface)DisadvantagesDisadvantages

The first notable drawback of CGI is that the communication between a client (browser) The first notable drawback of CGI is that the communication between a client (browser) and the database server must always go through the Web server in the middle, which may and the database server must always go through the Web server in the middle, which may cause a bottleneck if there is a large number of users accessing the Web server cause a bottleneck if there is a large number of users accessing the Web server simultaneously. For every request submitted by a Web client or every response delivered simultaneously. For every request submitted by a Web client or every response delivered by the database server, the Web server has to convert data from or to an HTML document. by the database server, the Web server has to convert data from or to an HTML document. This incurs a significant overhead to query processing.This incurs a significant overhead to query processing.

The second disadvantage of CGI is the lack of efficiency and transaction support in a CGI The second disadvantage of CGI is the lack of efficiency and transaction support in a CGI program. For every query submitted through CGI, the database server has to perform the program. For every query submitted through CGI, the database server has to perform the same logon and logout procedure, even for subsequent queries submitted by the same same logon and logout procedure, even for subsequent queries submitted by the same user. The CGI program could handle queries in batch mode, but then support for online user. The CGI program could handle queries in batch mode, but then support for online database transactions that contain multiple interactive queries would be difficult.database transactions that contain multiple interactive queries would be difficult.

The third major shortcoming of CGI is due to the fact that the server has to generate a new The third major shortcoming of CGI is due to the fact that the server has to generate a new process or thread for each CGI program. For a popular site (like Yahoo), there can easily process or thread for each CGI program. For a popular site (like Yahoo), there can easily be hundreds or even thousands of processes competing for memory, disk, and processor be hundreds or even thousands of processes competing for memory, disk, and processor time. This situation can incur significant overhead. time. This situation can incur significant overhead.

Last but not least, extra measures have to be taken to ensure server security. CGI itself Last but not least, extra measures have to be taken to ensure server security. CGI itself does not provide any security measures, and therefore, developers of CGI programs must does not provide any security measures, and therefore, developers of CGI programs must be security conscious. Any request for unauthorized action must be spotted and stopped.be security conscious. Any request for unauthorized action must be spotted and stopped.


36

APIs (Application Programming Interface) HTTP server (Web server) APIs and modules are the server equivalent of HTTP server (Web server) APIs and modules are the server equivalent of

browser extensions. browser extensions. The central theme of Web database sites created with HTTP server APIs or The central theme of Web database sites created with HTTP server APIs or

modules is that the database access programs coexist with the server. They modules is that the database access programs coexist with the server. They share the address space and run-time process of the server. share the address space and run-time process of the server.

This approach is in direct contrast with the architecture of CGI, in which CGI This approach is in direct contrast with the architecture of CGI, in which CGI programs run as separate processes and in separate memory spaces from the programs run as separate processes and in separate memory spaces from the HTTP server.HTTP server.

At the present, there are two main APIs: the Netscape Server API (NSAPI) At the present, there are two main APIs: the Netscape Server API (NSAPI) and Microsoft Information Server API (ISAPI). and Microsoft Information Server API (ISAPI).

Instead of creating a separate process for each CGI program, the API offers a Instead of creating a separate process for each CGI program, the API offers a way to create an interface between the server and the external programs using way to create an interface between the server and the external programs using dynamic linking or shared objects. dynamic linking or shared objects.

Programs are loaded as part of the server, giving them full access to all the I/O Programs are loaded as part of the server, giving them full access to all the I/O functions of the server. functions of the server.

In addition, only one copy of the program is loaded and shared among In addition, only one copy of the program is loaded and shared among multiple requests to the server.multiple requests to the server.


37

APIs Server modules are just prefabricated applications written in Server modules are just prefabricated applications written in

some server APIs. some server APIs. Developers can often purchase commercial modules to aid or Developers can often purchase commercial modules to aid or

replace the development of an application feature. replace the development of an application feature. Sometimes, the functionality required in a Web database Sometimes, the functionality required in a Web database

application can be found as an existing server module.application can be found as an existing server module. Vendors of Web servers usually provide proprietary server Vendors of Web servers usually provide proprietary server

modules to support their products. modules to support their products. There are a very large number of server modules that are There are a very large number of server modules that are

commercially available, and the number is still rising.commercially available, and the number is still rising. For example, Oracle provides the “For example, Oracle provides the “Oracle PL/SQL” module, ” module,

which contains procedures to drive database-backed Web sites.which contains procedures to drive database-backed Web sites. The Oracle module supports both NSAPI and ISAPI.The Oracle module supports both NSAPI and ISAPI.


38

APIsAdvantagesAdvantages

Having database access programs coexist with the HTTP server improves Web Having database access programs coexist with the HTTP server improves Web database access by improving speed, resource sharing, and the range of functionality.database access by improving speed, resource sharing, and the range of functionality.

SpeedSpeed Server API programs run as dynamically loaded libraries or modules. A server API Server API programs run as dynamically loaded libraries or modules. A server API

program is usually loaded the first time the resource is requested, and therefore, only program is usually loaded the first time the resource is requested, and therefore, only the first user who requests that program will incur the overhead of loading the the first user who requests that program will incur the overhead of loading the dynamic libraries. Alternatively, the server can force this first instantiation so that no dynamic libraries. Alternatively, the server can force this first instantiation so that no user will incur the loading overhead. This technique is called preloading. Either way, user will incur the loading overhead. This technique is called preloading. Either way, the API approach is more efficient than CGI.the API approach is more efficient than CGI.

Resource sharingResource sharing Unlike a CGI program, a server API program shares address space with other Unlike a CGI program, a server API program shares address space with other

instances of itself and with the HTTP server. This means that any common data instances of itself and with the HTTP server. This means that any common data required by the different threads and instances need exist only in one place. This required by the different threads and instances need exist only in one place. This common storage area can be accessed by concurrent and separate instances of the common storage area can be accessed by concurrent and separate instances of the server API program. The same principle applies to common functions and code. The server API program. The same principle applies to common functions and code. The same set of functions and code are loaded just once and can be shared by multiple same set of functions and code are loaded just once and can be shared by multiple server API programs. The above techniques save space and improve performance.server API programs. The above techniques save space and improve performance.


39

APIs Range of functionalityRange of functionality CGI programs have access to a Web transaction only at certain limited points. It has CGI programs have access to a Web transaction only at certain limited points. It has

no control over the HTTP authentication scheme. It has no contact with the inner no control over the HTTP authentication scheme. It has no contact with the inner workings of the HTTP server, because a CGI program is considered external to the workings of the HTTP server, because a CGI program is considered external to the server. server.

In contrast, server API programs are closely linked to the server; they exist in In contrast, server API programs are closely linked to the server; they exist in conjunction with or as part of the server. They can customize the authentication conjunction with or as part of the server. They can customize the authentication method as well as transmission encryption methods. Server API programs can also method as well as transmission encryption methods. Server API programs can also customize the way access logging is performed, providing more detailed transaction customize the way access logging is performed, providing more detailed transaction logs than are available by default.logs than are available by default.

Provide Web page or site security by inserting an authentication “layer” requiring an Provide Web page or site security by inserting an authentication “layer” requiring an identifier and a password outside that of the Web browser’s own security methods.identifier and a password outside that of the Web browser’s own security methods.

Log incoming and outgoing activity by tracking more information than the Web Log incoming and outgoing activity by tracking more information than the Web server does, and store it in a format not limited to those available with the Web server.server does, and store it in a format not limited to those available with the Web server.

Serve data out to browsing clients in a different way than the Web server would (or Serve data out to browsing clients in a different way than the Web server would (or even could) by itself. even could) by itself.

Overall, server APIs provide a very flexible and powerful solutions in extending the Overall, server APIs provide a very flexible and powerful solutions in extending the capabilities of Web servers. However, the approach is much more complex than CGI, capabilities of Web servers. However, the approach is much more complex than CGI, requiring specialized programmers with a deep understanding of the Web server and requiring specialized programmers with a deep understanding of the Web server and with sophisticated programming skills. with sophisticated programming skills.


40

APIs

Important issuesImportant issues

Server architecture dependenceServer architecture dependence Server APIs are closely tied to the server they work with. The only way to provide Server APIs are closely tied to the server they work with. The only way to provide

efficient cross-server support is for vendors to adhere to the same API standard. If a efficient cross-server support is for vendors to adhere to the same API standard. If a common API standard is used, programs written for one server will work just as well common API standard is used, programs written for one server will work just as well with another server. However, setting up standards involves compromises among with another server. However, setting up standards involves compromises among competitors. In many cases, they are hard to come by.competitors. In many cases, they are hard to come by.

Platform dependencePlatform dependence Server APIs and modules are also dependent on computing platforms. Netscape servers Server APIs and modules are also dependent on computing platforms. Netscape servers

are supported on multiple platforms. Nevertheless, each supporting version is dependent are supported on multiple platforms. Nevertheless, each supporting version is dependent on that platform. Similarly, Microsoft server is only available for Windows NT.on that platform. Similarly, Microsoft server is only available for Windows NT.

Programming languageProgramming language Both Netscape servers and Microsoft Web servers can be extended using a variety of Both Netscape servers and Microsoft Web servers can be extended using a variety of

programming languages and facilities. In addition, Microsoft provides an application programming languages and facilities. In addition, Microsoft provides an application environment called Active Server Pages. environment called Active Server Pages. Active Server Pages is an open, compile-free Active Server Pages is an open, compile-free application environment in which developers can combine HTML, scripts and reusable application environment in which developers can combine HTML, scripts and reusable ActiveX server components to create dynamic and powerful web-based business ActiveX server components to create dynamic and powerful web-based business solutions.solutions.


41

FeaturesFeatures CGICGI APIsAPIs

Language-independentLanguage-independent Runs in differentRuns in differentprocess from core Web serverprocess from core Web server

Open standardOpen standard Web server architecture- Web server architecture- independentindependent

Supports distributed computingSupports distributed computing Multiple, extensible rolesMultiple, extensible roles Memory sharing with other Memory sharing with other processesprocesses Does NOT create new process Does NOT create new process for each instance for each instance

Easy to useEasy to use


42

Examples of APIs

Netscape API (NSAPI) and Microsoft Netscape API (NSAPI) and Microsoft Information Server API (ISAPI).Information Server API (ISAPI).

Microsoft’s Web Solution Platform with Active Microsoft’s Web Solution Platform with Active Server Pages (ASPs) and Active Data Objects Server Pages (ASPs) and Active Data Objects (ADO).(ADO).

Java solutions (SQLJ, Servlets, and JavaServer Java solutions (SQLJ, Servlets, and JavaServer Pages, and JDBC).Pages, and JDBC).


43

Netscape API Netscape LiveWire Pro provides server-side JavaScript constructs Netscape LiveWire Pro provides server-side JavaScript constructs

for database connectivity using the Netscape API (NSAPI).for database connectivity using the Netscape API (NSAPI). JavaScript is compiled into bytecode and the interpreted by the JavaScript is compiled into bytecode and the interpreted by the

LiveWire Pro server extension running in conjunction with the LiveWire Pro server extension running in conjunction with the Netscape server.Netscape server.

JavaScript can accomplish many of the tasks usually associated JavaScript can accomplish many of the tasks usually associated with retrieving and working with information from a database, with retrieving and working with information from a database, including:including: Connecting to and disconnecting from the database;Connecting to and disconnecting from the database; Beginning, , and rolling back an SQL query;Beginning, , and rolling back an SQL query; Displaying the results of an SQL query;Displaying the results of an SQL query; Creating updateable cursors for viewing, inserting, deleting, Creating updateable cursors for viewing, inserting, deleting,

and modifying data.and modifying data. Accessing binary large objects (BLOBs) for multimedia Accessing binary large objects (BLOBs) for multimedia

content, such as images and sounds. content, such as images and sounds.


44

Netscape API – An Example

//Connect to the database, and check connection successful

database.connect(ORACLE, my_server, auser_name, auser_password, Company_db)

If (!database.connected())

write(“Error connecting to database”)

else {

// Set up a cursor for query; second parameter indicates that updates will occur through cursor

myCursor = database.cursor(“SELECT * FROM Employee”, TRUE)

// Loop over all the records and update salary field

while (myCursor.next()) {

myCursor.salary = myCursor.salary * 1.05

myCursor.updateRow(Employee)

}

// Finally, disconnect from the database

database.disconnect()

}


45

Microsoft Web Solution PlatformObject Linking and Embedding (OLE)

OLE is an object-oriented technology that enables OLE is an object-oriented technology that enables development of development of reusable software components.reusable software components.

Instead of traditional procedural programming in which each Instead of traditional procedural programming in which each component implements the functionality it requires, the OLE component implements the functionality it requires, the OLE architecture allows applications to use shared objects that provide architecture allows applications to use shared objects that provide specific functionality.specific functionality.

Objects like text documents, charts, spreadsheets, e-mail Objects like text documents, charts, spreadsheets, e-mail messages, graphics, and sound clips all appear as objects to the messages, graphics, and sound clips all appear as objects to the OLE application.OLE application.

When objects are embedded or linked, they appear within the When objects are embedded or linked, they appear within the client application.client application.

When the linked data needs to be edited, the user double-clicks When the linked data needs to be edited, the user double-clicks the object, and the application that created it is started.the object, and the application that created it is started.


46

Microsoft Web Solution Platform Component Object Model

Component objects are objects that provide services to other are objects that provide services to other client applications.client applications.

The The Component Object Model ( (COM) is an object-based ) is an object-based model consisting of both a specification that defines the interface model consisting of both a specification that defines the interface between objects within a system and a concrete implementation, between objects within a system and a concrete implementation, packaged as a packaged as a Dynamic Link Library (DLLDynamic Link Library (DLL).).

COM is a service to establish a connection between a client COM is a service to establish a connection between a client application and an object and its associated services.application and an object and its associated services.

COM provides a standard method of finding and instantiating COM provides a standard method of finding and instantiating objects, and for the communication between the client and the objects, and for the communication between the client and the component.component.

One of the major strengths of COM lies in the fact that it One of the major strengths of COM lies in the fact that it provides a provides a binary interoperability standardbinary interoperability standard; that is, the method ; that is, the method for bringing the client and object together is independent of any for bringing the client and object together is independent of any programming language that created the client and object.programming language that created the client and object.


47

Microsoft Web Solution Platform Distributed Component Object (DCOM)

Distributed Component Object Model (DCOM) extends the extends the COM architecture to provide a COM architecture to provide a distributed component-based distributed component-based computing environmentcomputing environment, allowing components to look the same to , allowing components to look the same to clients on a remote machine as on a local machine.clients on a remote machine as on a local machine.

DCOM does this by replacing the interprocess communication DCOM does this by replacing the interprocess communication between client and component with an appropriate network between client and component with an appropriate network protocol.protocol.

DCOM is very suited to the three-tier architecture.DCOM is very suited to the three-tier architecture.


48

Microsoft Web Solution Platform COM+

COM+ provides the basis for Microsoft’s new framework for provides the basis for Microsoft’s new framework for unifying and integrating the PC and the Internet.unifying and integrating the PC and the Internet.

The Web Solution Platform is “AThe Web Solution Platform is “An architectural framework for n architectural framework for building modern, scalable, multi-tier distributed computing building modern, scalable, multi-tier distributed computing solutions, that can be delivered over any networksolutions, that can be delivered over any network”, which defines ”, which defines a common set of services including components.a common set of services including components.

There are several core components to this architecture:There are several core components to this architecture: Active Server Pages (ASP)Active Server Pages (ASP) ActiveX Data Objects (ADO)ActiveX Data Objects (ADO)


49

Microsoft Web Solution Platform Universal Data Access

The Microsoft ODBC technology provides a common interface for accessing The Microsoft ODBC technology provides a common interface for accessing heterogeneous SQL databases.heterogeneous SQL databases.

ODBC has many limitations when used as a programming interface.ODBC has many limitations when used as a programming interface. Microsoft packaged Access and Visual C++ with Data Access Objects (DAO).Microsoft packaged Access and Visual C++ with Data Access Objects (DAO). The object model of ADO consists of objects such as Databases, TableDefs, The object model of ADO consists of objects such as Databases, TableDefs,

QueryDefs, Recordsets, fields, and properties.QueryDefs, Recordsets, fields, and properties. Next, Microsoft defined a set of data objects, collectively known as OLE DB Next, Microsoft defined a set of data objects, collectively known as OLE DB

(Object Linking Embedding for DataBases), that allows OLE-oriented (Object Linking Embedding for DataBases), that allows OLE-oriented applications to share and manipulate sets of data as objects.applications to share and manipulate sets of data as objects.

OLE DB provides low-level access to any data source, including relational OLE DB provides low-level access to any data source, including relational and non-relational databases, e-mail and file systems, text and graphics, and non-relational databases, e-mail and file systems, text and graphics, custom business objects, and more.custom business objects, and more.

OLE DB is an object-oriented specification based on a C++ API.OLE DB is an object-oriented specification based on a C++ API.


50

Microsoft Web Solution Platform Universal Data Access


51

Active Server Pages and ActiveX Data Objects

Active Server Pages (ASP) is a programming model that is a programming model that allows dynamic, interactive Web pages to be created on the Web allows dynamic, interactive Web pages to be created on the Web serverserver, analogous to JavaServer Pages (JSP)., analogous to JavaServer Pages (JSP).

The pages can be based on what browser type the user has, on The pages can be based on what browser type the user has, on what language the user’s machine supports, and on what personal what language the user’s machine supports, and on what personal preferences the user has chosen.preferences the user has chosen.

ASP was introduced with the Microsoft Internet Information ASP was introduced with the Microsoft Internet Information Server (IIS) and supports ActiveX scripting, allowing a large Server (IIS) and supports ActiveX scripting, allowing a large number of different scripting engines to be used, within a single number of different scripting engines to be used, within a single ASP script if necessary.ASP script if necessary.

Native support is provided for VBScript (the default scripting Native support is provided for VBScript (the default scripting language for ASP) and JScript. language for ASP) and JScript.


52

ASP Architecture


53

ASP Architecture

ASP provide the flexibility of CGI, without the performance overhead.ASP provide the flexibility of CGI, without the performance overhead. Unlike CGI, ASP runs in-process with the server, and is multi-threaded and Unlike CGI, ASP runs in-process with the server, and is multi-threaded and

optimized to handle a large volume of users.optimized to handle a large volume of users. ASP is built around files with the extension “.asp”, which can contain any ASP is built around files with the extension “.asp”, which can contain any

combination of the following:combination of the following: Text;Text; HTML tags, HTML tags, Script commands and output expressions.Script commands and output expressions.

An ASP script starts to run when a browser requests an “.asp” file from the An ASP script starts to run when a browser requests an “.asp” file from the Web server.Web server.

The Web server then calls ASP, which reads through the requested file from The Web server then calls ASP, which reads through the requested file from top to bottom, executes any commands, and sends the generated HTML page top to bottom, executes any commands, and sends the generated HTML page back to the browser.back to the browser.

It is possible to generate client-side scripts within a server-side generated It is possible to generate client-side scripts within a server-side generated HTML file by simply including the script as text within the ASP script.HTML file by simply including the script as text within the ASP script.


54

ActiveX Data Objects

Active Data Objects (ADO) is a programming extension of ASP supported is a programming extension of ASP supported by the Microsoft Internet Information Server (IIS) for database connectivityby the Microsoft Internet Information Server (IIS) for database connectivity..

ADO is designed as an easy-to-use application level interface to OLE DB.ADO is designed as an easy-to-use application level interface to OLE DB. ADO supports the following key features:ADO supports the following key features:

Independent-created objects;Independent-created objects; Support for stored procedures, with input and output parameters and return Support for stored procedures, with input and output parameters and return

parameters;parameters; Different cursor types, including the potential for the support of different Different cursor types, including the potential for the support of different

back-end-specific cursors;back-end-specific cursors; Batch updating;Batch updating; Support for limits on the number of returned rows and other query goals;Support for limits on the number of returned rows and other query goals; Support for multiple recordsets returned from stored procedures or batch Support for multiple recordsets returned from stored procedures or batch

statements.statements.


55

Microsoft Access and Web Page Generation

Microsoft Access 2000 provides three wizards for automatic generating Microsoft Access 2000 provides three wizards for automatic generating HTML pages based on tables, queries, forms, or reports in the database:HTML pages based on tables, queries, forms, or reports in the database:

Static pagesStatic pages – the user can export data to HTML format. – the user can export data to HTML format. Dynamic pagesDynamic pages, using Active Server Pages – with this approach, the user , using Active Server Pages – with this approach, the user

can export data to an .asp file on the Web server, by specifying the name can export data to an .asp file on the Web server, by specifying the name of the current database, a username, and password to connect to the of the current database, a username, and password to connect to the database, and the URL of the Web server that will store the ASP file.database, and the URL of the Web server that will store the ASP file.

Dynamic pages, using data access pagesDynamic pages, using data access pages – Data access pages are Web – Data access pages are Web pages bound directly to the data in the database. Data access pages can be pages bound directly to the data in the database. Data access pages can be used like Access forms, except that these pages are stored as external files, used like Access forms, except that these pages are stored as external files, rather than within the database or database project. Data access pages are rather than within the database or database project. Data access pages are written in dynamic HTML (DHTML), an extension of HTML that allows written in dynamic HTML (DHTML), an extension of HTML that allows dynamic objects as part of the Web page. Unlike ASP files, a data access dynamic objects as part of the Web page. Unlike ASP files, a data access page is created within Access using a wizard or in design view employing page is created within Access using a wizard or in design view employing many of the same tools that are used to create Access forms.many of the same tools that are used to create Access forms.


56

Microsoft .net

Microsoft is launching a platform called Microsoft is launching a platform called .net – a vision for the – a vision for the next generation of Internet.next generation of Internet.

This vision is motivated by a shift from individual Web sites to This vision is motivated by a shift from individual Web sites to clusters of computers, devices, and mechanisms that collaborate clusters of computers, devices, and mechanisms that collaborate to provide improved user services.to provide improved user services.

The intention is to allow people to control how, when, and what The intention is to allow people to control how, when, and what information is delivered to them. Among the components in this information is delivered to them. Among the components in this new platform are ASP.net and ADO.net:new platform are ASP.net and ADO.net:

ASP.netASP.net – is the next version of ASP that has been – is the next version of ASP that has been reengineered to improve performance and scalability.reengineered to improve performance and scalability.

ADO.netADO.net – is the next version of ADO with new classes that – is the next version of ADO with new classes that expose data access services to programmer.expose data access services to programmer.


57

Java Solutions Java is a proprietary language Java is a proprietary language

developed by Sun developed by Sun Microsystems.Microsystems.

Java is rapidly becoming the Java is rapidly becoming the de de factofacto standard programming standard programming language for Web computing.language for Web computing.

Java is a type-safe, object-Java is a type-safe, object-oriented, distributed, interpreted, oriented, distributed, interpreted, robust, secure, architecture robust, secure, architecture neutral, portable, high-neutral, portable, high-performance, multi-threaded, performance, multi-threaded, and dynamic programming and dynamic programming language that is interesting language that is interesting because of its potential for because of its potential for building Web applications building Web applications ((appletsapplets) and server applications ) and server applications ((servletsservlets).).


58

J2EE – Java 2 Enterprise Edition

J2EE – Java 2 Enterprise Edition – J2EE – Java 2 Enterprise Edition – aimed at robust, scalable, multi-aimed at robust, scalable, multi-user, and secure enterprise user, and secure enterprise application. The cornerstone of application. The cornerstone of J2EE is Enterprise J2EE is Enterprise JavaBeansJavaBeans ( (EJBEJB), ), a standard for building server-side a standard for building server-side components in Java.components in Java.

We are particularly interested in two We are particularly interested in two J2EE components:J2EE components: JDBCJDBC JavaServer Pages JavaServer Pages

Enterprise JavaBeans (EJB) is a Enterprise JavaBeans (EJB) is a server-side component architecture server-side component architecture for the business tier, encapsulating for the business tier, encapsulating business and data logic. business and data logic.


59

SQLJ

SQLJ is a specification for Java with static embedded SQLJ is a specification for Java with static embedded SQL.SQL.

SQLJ comprises a set of clauses that extend Java to SQLJ comprises a set of clauses that extend Java to include SQL constructs.include SQL constructs.

An SQLJ translator transforms the SQLJ clauses into An SQLJ translator transforms the SQLJ clauses into standard Java code that accesses the database through a standard Java code that accesses the database through a call-level interface.call-level interface.

SQLJ is based on static embedded SQL while JDBC is SQLJ is based on static embedded SQL while JDBC is based on dynamic SQL (allows a calling program to based on dynamic SQL (allows a calling program to compose SQL at runtimecompose SQL at runtime). ).


60

Java Servlets

Servlets are programs that run on a are programs that run on a Java-enabled Web serverJava-enabled Web server and build Web and build Web pages, analogous to CGI programming.pages, analogous to CGI programming.

Servlets have a number of advantages over CGI, such as:Servlets have a number of advantages over CGI, such as: Improved performanceImproved performance – with servlets a lightweight thread inside JVM – with servlets a lightweight thread inside JVM

handles each request.handles each request. PortabilityPortability – Java servlets adhere to the “ – Java servlets adhere to the “write once, run anywherewrite once, run anywhere” ”

philosophy of Java.philosophy of Java. Extensibility Extensibility – Java servlets can utilize Java code from any source and can – Java servlets can utilize Java code from any source and can

access the large set of APIs available for the Java platform.access the large set of APIs available for the Java platform. Simpler session management – Simpler session management – A typical CGI program uses cookies on A typical CGI program uses cookies on

either the client or server (or both) to maintain some sense of state or either the client or server (or both) to maintain some sense of state or session. On the other hand, servlets can maintain state and session identity session. On the other hand, servlets can maintain state and session identity because they are persistent and all client requests are processed until the because they are persistent and all client requests are processed until the servlet is shut down by the Web server.servlet is shut down by the Web server.

Improved security and reliabilityImproved security and reliability – servlets have the added advantages of – servlets have the added advantages of benefiting from the in-built Jave security model and inherit Java type benefiting from the in-built Jave security model and inherit Java type safety, making the servlets more reliable. safety, making the servlets more reliable.


61

JSP (JavaServer Pages) JSP is a Java-based server-side scripting language that allows static HTML to is a Java-based server-side scripting language that allows static HTML to

be mixed with dynamically-generated HTMLbe mixed with dynamically-generated HTML.. The HTML developers can use their normal Web page building tools (for The HTML developers can use their normal Web page building tools (for

example, Microsoft’s FrontPage or Macromedia’s Dreamweaver) and then example, Microsoft’s FrontPage or Macromedia’s Dreamweaver) and then modify the HTML file and embed the dynamic content within special tags.modify the HTML file and embed the dynamic content within special tags.

JSP works with most Web servers including Apache HTTP Server and JSP works with most Web servers including Apache HTTP Server and Microsoft Internet Information Server (with plug-ins from IBM’s WebSphere, Microsoft Internet Information Server (with plug-ins from IBM’s WebSphere, LiveSoftware’s Jrun, or New Atlanta’s ServletExec).LiveSoftware’s Jrun, or New Atlanta’s ServletExec).

The The JSP engineJSP engine transforms JSP tags, Java code, and static HTML content into transforms JSP tags, Java code, and static HTML content into Java code, which is then automatically organized by the JSP engine into an Java code, which is then automatically organized by the JSP engine into an underlying Java servlet, after which the servlet is then automatically compiled underlying Java servlet, after which the servlet is then automatically compiled into Java bytecodes.into Java bytecodes.

Thus, when a client requests a JSP page, a generated precompiled servlet does Thus, when a client requests a JSP page, a generated precompiled servlet does all the work.all the work.

JSP gives both efficient performance and the flexibility of rapid development JSP gives both efficient performance and the flexibility of rapid development with no need to manually compile code.with no need to manually compile code.


62

Comparison of ASP and JSP

ASP and JSP are designed to enable developers to separate page design from ASP and JSP are designed to enable developers to separate page design from programming logic through the use of callable components, and both provide programming logic through the use of callable components, and both provide an alternative to CGI programming that simplifies Web page development and an alternative to CGI programming that simplifies Web page development and deployment.deployment. Platform and Server IndependencePlatform and Server Independence – JSP conforms to the “Write Once, Run – JSP conforms to the “Write Once, Run

Anywhere” philosophy of the Java environment. Thus, JSP can run on any Anywhere” philosophy of the Java environment. Thus, JSP can run on any Java-enabled Web server and is supported by a wide variety of vendor Java-enabled Web server and is supported by a wide variety of vendor tools. In contrast, ASP is primarily restricted to Microsoft Windowa-based tools. In contrast, ASP is primarily restricted to Microsoft Windowa-based platforms.platforms.

ExtensibilityExtensibility – Although both technologies use a combination of scripting – Although both technologies use a combination of scripting and tagging to create dynamic Web pages, JSP allows developers to extend and tagging to create dynamic Web pages, JSP allows developers to extend the JSP tags available.the JSP tags available.

ReusabilityReusability – JSP components (JavaBeans, EJB, and custom tags) are – JSP components (JavaBeans, EJB, and custom tags) are reusable across platforms. For example, an EJB component can access reusable across platforms. For example, an EJB component can access distributed databases across a variety of platforms (e.g., UNIX, Windows).distributed databases across a variety of platforms (e.g., UNIX, Windows).

Security and reliabilitySecurity and reliability – JSP has the added advantages of benefiting from – JSP has the added advantages of benefiting from the in-built Java security model and the inherent Java type safety, making the in-built Java security model and the inherent Java type safety, making JSP potentially more reliable.JSP potentially more reliable.


63

Connecting to the Database

We have seen various approaches that enable browsers We have seen various approaches that enable browsers to communicate with Web servers, and in turn allow to communicate with Web servers, and in turn allow Web clients to have access to databases.Web clients to have access to databases.

For example, CGI and API programs can be invoked by For example, CGI and API programs can be invoked by the Web client to access the underlying database.the Web client to access the underlying database.

In general, database connectivity solutions include the In general, database connectivity solutions include the use of:use of: Native database APIs.Native database APIs. Database-independent APIs (such as ODBC).Database-independent APIs (such as ODBC). Template-driven database access packages.Template-driven database access packages. Third party class libraries.Third party class libraries.


64

ODBC (Open DataBase Connectivity)

ODBC is an SQL-based product of Microsoft with the objective of providing a common ODBC is an SQL-based product of Microsoft with the objective of providing a common interface for accessing heterogeneous SQL databases. interface for accessing heterogeneous SQL databases.

This interface (built on the ‘C’ language) provides a high degree of interoperability: a This interface (built on the ‘C’ language) provides a high degree of interoperability: a single application can access different SQL DBMSs through a common set of code.single application can access different SQL DBMSs through a common set of code.

This enables a developer to build and distribute a client-server application without This enables a developer to build and distribute a client-server application without targeting a specific DBMS.targeting a specific DBMS.

ODBC has emerged as a de facto industry standard for the following reasons:ODBC has emerged as a de facto industry standard for the following reasons:

Applications are not tied to a proprietary vendor API;Applications are not tied to a proprietary vendor API; SQL statements can be explicitly included in source code or constructed SQL statements can be explicitly included in source code or constructed

dynamically at runtime;dynamically at runtime; An application can ignore the underlying data communications protocols;An application can ignore the underlying data communications protocols; Data can be sent and received in a format that is convenient to the application;Data can be sent and received in a format that is convenient to the application; ODBC is designed in conjunction with the X/Open and ISO Call-Level Interface ODBC is designed in conjunction with the X/Open and ISO Call-Level Interface

(CLI) standards;(CLI) standards; There are ODBC drivers available today for many of the popular DBMSs;There are ODBC drivers available today for many of the popular DBMSs;


65

ODBC Architecture

The ODBC interface defines the following:The ODBC interface defines the following: A library of function calls that allow an application to connect to a DBMS, execute A library of function calls that allow an application to connect to a DBMS, execute

SQL statements, and retrieve results;SQL statements, and retrieve results; A standard way to connect and log on to DBMSs;A standard way to connect and log on to DBMSs; A standard representation of data types;A standard representation of data types; A standard set of error codes;A standard set of error codes; SQL syntax based on the X/Open and ISO Call-Level Interface (CLI) SQL syntax based on the X/Open and ISO Call-Level Interface (CLI)

specifications.specifications. The ODBC architecture has four components:The ODBC architecture has four components:

Application – which performs processing and calls ODBC functions to submit SQL Application – which performs processing and calls ODBC functions to submit SQL statements to the DBMS and to retrieve results from DBMS.statements to the DBMS and to retrieve results from DBMS.

Driver Manager – which loads and unloads drivers on behalf of an application.Driver Manager – which loads and unloads drivers on behalf of an application. Driver and Database Agent – which process ODBC function calls, submit SQL Driver and Database Agent – which process ODBC function calls, submit SQL

requests to a specific data source, and return results to the applications.requests to a specific data source, and return results to the applications. Data source – which consists of the data the user wants to access and its associated Data source – which consists of the data the user wants to access and its associated

DBMS, its host operating system, and network platform, if any.DBMS, its host operating system, and network platform, if any.


66

ODBC Architecture


67

Windows Applications Use ODBC to Access Databases


68

JDBC


69

JDBC Modeled after the Open Database Connectivity (ODBC) specification, the JDBC package Modeled after the Open Database Connectivity (ODBC) specification, the JDBC package

defines a database access API that supports basic SQL functionality and enables access to a defines a database access API that supports basic SQL functionality and enables access to a wide range of relational DBMS products.wide range of relational DBMS products.

With JDBC, higher-level APIs can be built.With JDBC, higher-level APIs can be built. A number of higher-level APIs can be developed on top of JDBC:A number of higher-level APIs can be developed on top of JDBC:

An embedded SQL for Java – with this approach, JDBC requires that SQL statements be An embedded SQL for Java – with this approach, JDBC requires that SQL statements be passed as strings to Java methods.passed as strings to Java methods.

A direct mapping of relational database tables to Java classes – In this ‘object-relational’ A direct mapping of relational database tables to Java classes – In this ‘object-relational’ mapping, each row of the table becomes an instance of that class, and each column value mapping, each row of the table becomes an instance of that class, and each column value corresponds to an attribute of that instance.corresponds to an attribute of that instance.

Applications can access database using ODBC drivers and existing database client libraries, Applications can access database using ODBC drivers and existing database client libraries, or using the JDBC API with pure Java JDBC drivers. The options are as follows:or using the JDBC API with pure Java JDBC drivers. The options are as follows:

The JDBC-ODBC bridgeThe JDBC-ODBC bridge provides JDBC access using ODBC drivers. provides JDBC access using ODBC drivers. The partial JDBC driverThe partial JDBC driver converts JDBC calls into calls on the client API for the DBMS. converts JDBC calls into calls on the client API for the DBMS. The pure Java JDBC driver for database middlewareThe pure Java JDBC driver for database middleware translates JDBC calls into the translates JDBC calls into the

middleware vendor’s protocol, which is subsequently translated to a DBMS protocol by a middleware vendor’s protocol, which is subsequently translated to a DBMS protocol by a middleware server.middleware server.

The pure Java JDBC driver with a direct database connectionThe pure Java JDBC driver with a direct database connection converts JDBC calls into converts JDBC calls into the network protocol used directly by the DBMS, allowing a direct call from the client the network protocol used directly by the DBMS, allowing a direct call from the client machine to the DBMS server.machine to the DBMS server.


70

JDBC Connectivity Using The Pure JDBC platformODBC drivers


71

Microsoft Web Solution Platform

Microsoft Web Solution Platform has been created for building Microsoft Web Solution Platform has been created for building and deploying interoperable Web solutions.and deploying interoperable Web solutions.

It is the precursor to Microsoft’s “.net” – a vision for the third It is the precursor to Microsoft’s “.net” – a vision for the third generation of the Internet where “generation of the Internet where “software is delivered as a service, accessible by any device, any time, any place, and is fully programmable and personalizable”.”.

There are various tools, services, and technologies in the platform There are various tools, services, and technologies in the platform such as Windows 2000, Exchange Server, BizTalkServer, Visual such as Windows 2000, Exchange Server, BizTalkServer, Visual Studio, HTML/XML, scripting (JScript, VBScript, …), and Studio, HTML/XML, scripting (JScript, VBScript, …), and components (Java or ActiveX).components (Java or ActiveX).


72

Oracle Internet Platform The Oracle Internet Platform, comprising Oracle Internet The Oracle Internet Platform, comprising Oracle Internet

Application Server (Application Server (iiAS) and Oracle DBMS, is aimed AS) and Oracle DBMS, is aimed particularly at providing extensibility for distributed particularly at providing extensibility for distributed environment.environment.

It is n-tier architecture based on industry standards such as:It is n-tier architecture based on industry standards such as: HTTP and HTML/XML for Web enablement.HTTP and HTML/XML for Web enablement. The Object Management Group’s CORBA technology for The Object Management Group’s CORBA technology for

manipulating objects.manipulating objects. Internet Inter-Object Protocol (IIOP) for object Internet Inter-Object Protocol (IIOP) for object

interoperability and Remote Method Invocation (RMI).interoperability and Remote Method Invocation (RMI). Java, Enterprise JavaBeans (EJB), JDBC and SQLJ for Java, Enterprise JavaBeans (EJB), JDBC and SQLJ for

database connectivity, Java servlets, and JSP. It also supports database connectivity, Java servlets, and JSP. It also supports Java Messaging Service (JMS), Java Naming and Directory Java Messaging Service (JMS), Java Naming and Directory Interface (JNDI), and it allows stored procedures to be Interface (JNDI), and it allows stored procedures to be written in Java.written in Java.


73

Oracle Internet Application Server (iAS)


74

Thank you

Web Applications, Concepts&Tools, by Dr. Khalil 1 Web Applications Development (Approaches &...

Documents

Transcript of Web Applications, Concepts&Tools, by Dr. Khalil 1 Web Applications Development (Approaches &...