Web Technology and DBMS’s(CB 29)

CPSC 356 Database Design

Ellen Walker

Hiram College

(Includes figures from Database Systems by Connolly & Begg, © Addison Wesley 2005)

What is the Internet?

• Interconnected Networks– Interoperable via standards (TCP, IP)

• History– ARPANet (late 60’s, early 70’s) - military– NSF took over, provided funding (1986)– Commercial backbones (1996 - present)

Internet vs. Intranet

• Internet– Global, open, public– Called “extranet” to distinguish from Intranet

• Intranet– Private network for exclusive use of an

organization– Behind a firewall

• Typically, limited interaction

Internet Evolution of a Business (Cisco)

• E-mail• Web site• E-Commerce

– Customers can place and pay for orders via web

• E-Business– Complete integration of Internet technology into

business’s infrastructure

• Ecosystem– Entire business process automated - customers,

suppliers, alliance partners, corporate infrastructure merged into seamless system

Web vs. Internet

• Internet provides infrastructure of information transmission across the network

• Web contains interlinked information (web pages)– Servers: contain pages and transmit on

request– Clients (browsers): request and display

pages to users

Languages of the Web

• HTTP - protocol for sending / receiving web pages. Includes GET vs. POST

• HTML - basic markup language (represents complex pages as text). Includes mechanism (href) to reference other pages.

• XML - extended markup language - generalization of HTML to represent more complex document information

• (etc) -- this is not a complete list!

Limitations of HTTP

• Each transaction consists of a single request for data and a single response.– GET = request data– POST = response (or data from form)

• Protocol is “stateless” - does not retain information beteween transactions– Workarounds: cookies or hidden text

Static vs. Dynamic Web Page

• Static web page– Contents of page stored in a file, served as

originally written

• Dynamic web page– Generated as needed– Only instructions for generating the page

are stored (e.g. php query/display based on argument)

Dynamic Web Pages

• Input provided as parameters or from forms in the page

• Data generated from queries

• Pages written in a “scripting language” (PHP is one example)

Requirements for Web-DBMS Integration

• Ability to maintain data security• Not tied to a single DBMS• Not tied to a single browser• Availability of all features of DBMS• Open-architecture approach, supporting

multiple servers, standard interoperability languages (e.g. DCOM, CORBA, XML, SOAP)

Advantages of Web Approach

• Simplicity

• Platform independence

• Graphical User Interface

• Standardization

• Transparent network access

• Simplified deployment

• Global access

Disadvantages

• (lack of) Reliability

• (lack of) Security

• Cost (!)

• Heavy (unpredictable) loads

• HTML limitations

• Bandwidth & Performance limitations

• Immaturity of platform & tools

Tools to Integrate the Web

• Scripting Languages– Client-side or Server-side

• Common Gateway Interface (CGI)– Server-side

• Web server extensions• Java, J2EE, SQLJ, etc.• Microsoft .Net• Oracle’s Internet platform

Scripting languages

• Programs embedded in HTML files on server

• Behavior of all clients changed by changing script on server

• Scripts are generally interpreted, not compiled

JavaScript

• Server-side or Client-side (client-side more common)

• Allows immediate reaction to user interface widgets

• Object-based (Document Object Model)• Limited relative to Java• (VBScript : Visual Basic = JavaScript :

Java)

Perl, PHP

• Server side languages

• Heavy Unix flavor (e.g. use of regular expressions)

• PHP preferred for Linux– Integrates with Apache HTTP Server– Works well with MySQL or PostgreSQL

Common Gateway Interface (CGI)

• Defines how scripts communicate with web servers– Uses Environment variables, standard I/O on

server side– Uses HTML Forms on client side (original impetus

for forms)

• Nearly any programming language can run on server (std. output returned to browser)

• Server runs script based on filename (x.cgi, x.php, etc) - this is configurable

CGI Environment

Advantages of CGI

• Standardized interface

• Programming-language independent

• Web-server independence

• Simplicity

• Wide acceptance

Disadvantages of CGI

• Web server can be bottleneck• Problems from HTTP Statelessness

– No validation of user input (must go “back” to repopulate form)

– No transactions (must connect to database on every page)

• Security risks– Scripts with greater privileges than server– Risk of unanticipated (or malicious) user input

HTTP Cookies

• Stored by browser in a file on client

• Cookies set / retrieved by HTTP request

• Issues:– Not supported by all browsers– For privacy reasons, users disable cookies

Non-CGI Gateways

• API Extensions to server (NSAPI, ISAPI)

• Scripts loaded as part of server – Direct interaction with back end– One copy per server, not per request– Changes server executable (risk?)

• Requires specialized programmers

Vendor Specific Scripting

• Developed by vendors as server add-ons– JSP - Java Server pages (Sun)– ASP - Active Server pages (Microsoft)

• Flexibility of CGI, without performance overhead and I/O limitations

• Better integration with vendor’s other web solutions

• Some compatibility limitations

Sun’s Java Platform

• Java language: “write once run anywhere”

• Assorted “editions”– ME (embedded)– SE (standard) - for desktop & workstation– EE (enterprise) - for multi-tier, robust,

multiuser applications

Java 2 Platform (1999)

Microsoft .NET Platform

• Integrated across servers, OS, applications, programming language environments

• OLE - Object Linking and Embedding– Shared objects that provide specific functionality

(e.g. sound clip)

• [D]COM([Distributed] Component Object Model)– Connects client application and object (binary-

compatible components)

MS OLE - DB

.NET Framework

Oracle’s Approach

• Aimed at distributed environments• N-tier architecture, based on industry

standards• Designed for e-business • Components include:

– TopLink (relate Java objects to relational databases)

– Portal (entry point for web access)– Business Intelligence (Reports, Discoverer, etc)

Oracle Internet Platform