COMP9321 Web Application Engineering
Semester 1, 2017
Dr. Amin Beheshti
Service Oriented Computing Group, CSE, UNSW Australia
Week 12
(Wrap-up)
http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2457
COMP9321, 17s1, Week12
1
Assignments
COMP9321, 17s1, Week12
2
Assignments
Assignment 1 – GradeBook
Assignment 2 – GradeBook
Assignment 3 – Due end of Week 12 (Sunday, May 28 2017, 23:59:59)
COMP9321, 17s1, Week12
3
Final Exam
COMP9321, 17s1, Week12
4
Final Exam
COMP9321, 17s1, Week12
5
Final Exam
COMP9321, 17s1, Week12
6
Final Exam
COMP9321, 17s1, Week12
7
Sample Final Exam
COMP9321, 17s1, Week12
8
COMP9321, 17s1, Week12
9
Sample Question:
Why is the stateless nature of HTTP a problem in Web application development? You
Must illustrate your answer with an example.
COMP9321, 17s1, Week12
10
Sample Question:
Why is the stateless nature of HTTP a problem in Web application development? You
Must illustrate your answer with an example.
COMP9321, 17s1, Week12
11
Sample Question:
Describe the Model-View-Controller (MVC) architecture pattern in detail. What are
the advantages of using MVC over an architecture based solely on JSP pages?
COMP9321, 17s1, Week12
12
Sample Question:
Describe the Model-View-Controller (MVC) architecture pattern in detail. What are
the advantages of using MVC over an architecture based solely on JSP pages?
COMP9321, 17s1, Week12
13
Week 1 – 11
Review
COMP9321, 17s1, Week12
14
Different Layers in an Application
COMP9321, 17s1,
review->Week 2
15
Presentation Layer
HTML <form> method attribute
specifies
how to send form-data
as
 URL variables (with method="get") , or
 HTTP post transaction (with method="post").
Method? Get/Post
COMP9321, 17s1,
review->Week 2
16
Static vs. Dynamic Web Page
A static web page is delivered to the user exactly as stored, in contrast to
dynamic web pages which are generated by a web application, and on demand!
is-a
web page whose construction is controlled by an
application server processing server-side scripts.
is-a
software framework that provides both facilities to create web
applications and a server environment to run them.
e.g.
Java application servers
http://docs.oracle.com/javaee/6/tutorial/doc/
It's core set of API and features are defined by Java EE.
The Web modules include Java Servlets and Java Server Pages.
COMP9321, 17s1,
review->Week 2
17
Java Servlets
http://java.sun.com/products/servlet/index.jsp
http://docs.oracle.com/javaee/6/tutorial/doc/bnafd.html
COMP9321, 17s1,
review->Week 2
18
A Lifecycle of a Servlet
The Web container controls the lifecycle of a servlet class:
•
•
•
•
COMP9321, 17s1,
review->Week 2
initialisation
ServletConfig
ServletContext
…
19
Attributes and Sharing Attributes
COMP9321, 17s1,
review->Week 2
20
Managing the User State
A problem in HTTP request/response:
• HTTP is a stateless protocol.
• A single request/response;
• Nothing is remembered 'between requests' from the same user;
• Web applications need to maintain users + their data.
It is a programmer's responsibility:
• The term "session" is used to represent the data associated with one user while
she navigates around a Web application.
• Session is a conversional state between client and server.
• Session can consists of multiple request and response between client and server.
• Since HTTP is stateless, the only way to maintain a session is when some unique
information about the session (session id) is passed between server and client in
every request and response.
COMP9321, 17s1,
review->Week2
21
Cookies
• Cookies are text files stored on the client computer and they are kept for
various information tracking purpose.
• Java Servlets transparently supports HTTP cookies.
• There are three steps involved in identifying returning users:
• Server script sends a set of cookies to the browser. e.g. session id
• Browser stores this information on local machine for future use.
• Next time, browser sends request + those cookies to the server
and server uses that information to identify the user.
COMP9321, 17s1,
review->Week2
22
JavaServer Pages (JSP) Technology
• JavaServer Pages (JSP) technology allows you to easily create
web content that has both static and dynamic components.
• JSP technology makes available all the dynamic capabilities of
Java Servlet technology; but provides a more natural approach
to creating static content.
• JSP is similar to PHP, but it uses the Java programming
language.
• To deploy and run JavaServer Pages, a compatible web server
with a servlet container, such as Apache Tomcat, is required.
COMP9321, 17s1,
review->Week3
23
JSP
COMP9321, 17s1,
review->Week3
24
JSP Basics
Traditional
Scripting
Elements
Modern
Scriptlet
Expression
Declaration
Comments
EL Scripting
${…}
JSP Elements
Directive
Elements
JSP Page
Page
Include
Taglib
custom
Action
Elements
Standard
Template Text (HTML bits…)
COMP9321, 17s1,
review->Week3
<abc:mytag>
<jsp:useBean>
<jsp:getProperty>
<jsp:setProperty>
<jsp:include>
<jsp:forward>
<jsp:param>
25
Extensible Markup Language (XML)
• XML originally designed to meet the challenges of large-scale
electronic publishing.
• XML separates presentation issues from the actual data.
• XML plays an increasingly important role in the exchange of a
wide variety of data on the Web and elsewhere.
• Needs a communication protocol?
• e.g. SOAP stands for Simple Object Access Protocol
• SOAP is based on XML
• SOAP is a W3C recommendation
• SOAP uses XML Information Set for its message format.
COMP9321, 17s1,
review->Week4
26
The XML Family
XML: a markup language used to describe information.
DOM: a programming interface for accessing and updating documents.
DTD and XML Schema: describes the structure and content of XML documents.
XSLT: a language for transforming XML documents
XPath: a query language for navigating XML documents.
XPointer: for identifying fragments of a document.
XLink: generalises the concept of a hypertext link.
XInclude: for merging documents.
XQuery: a language for making queries across documents.
RDF: a language for describing resources.
COMP9321, 17s1,
review->Week4
27
Semantic Web
• It is a collection of standard technologies to realize a
Web of Data!
RDF, OWL, SPARQL, etc.
Web of Data beyond the Web of Documents!
Machine Readable
Human Readable
The amount of information is growing exponentially.
COMP9321, 17s1,
review->Week5
28
W3C's "Semantic Web Vision“
1. Web information has exact meaning
2. Web information can be understood and processed by computers
3. Computers can integrate information from the web
COMP9321, 17s1,
review->Week5
29
Resource Description Framework (RDF)
• RDF is a framework for describing resources on the web.
e.g.
• Web documents
• concepts from the real world (e.g. people, organisations, topics, things)
• Publishing such descriptions on the Web creates the Semantic Web.
• RDF uses Web identifiers (URIs) to identify resources.
• URIs (Uniform Resource Identifiers) are very important, providing both the
core of the framework itself and the link between RDF and the Web.
COMP9321, 17s1,
review->Week5
30
Web Ontology Language (OWL)
• Ontology is about the exact description of things (web information) and their
relationships.
• OWL was designed to provide a common way to process the content of web information
• OWL and RDF are much of the same thing, but OWL is a stronger language with greater
machine interpretability than RDF.
• OWL provides additional vocabulary along with a formal semantics
• OWL making it easier for machines to automatically process and integrate
information available on the Web.
• OWL has three sublanguages
• OWL Lite
• OWL DL
• OWL Full
• OWL is complex:
• OWL is a large set of additional terms
COMP9321, 17s1,
review->Week5
http://www.w3.org/TR/owl-features/
31
Rules
• There is a long history of rule languages and rule-based
systems
• eg: logic programming (Prolog), production rules
• Lots of small and large rule systems
• E.g. from mail filters to expert systems
• Why rules on the Semantic Web?
• There are conditions that ontologies (ie, OWL) cannot express
• a well known example is Horn rules: (P1 ∧ P2 ∧ …) → C
http://www.w3.org/TR/rif-overview/
COMP9321, 17s1,
review->Week5
32
A new requirement: exchange of rules
• Applications may want to exchange their rules:
• e.g. negotiate eBusiness contracts across platforms
• e.g. describe privacy requirements and policies
• Rule Interchange Format (RIF):
• Goals:
• expresses the rules a bit like a rule language
• can be used to exchange rules among engines
• Challenges:
• Rule based systems can be very different
• different rule semantics
• A universal exchange format is not feasible
http://www.w3.org/TR/rif-overview/
COMP9321, 17s1,
review->Week5
33
Linking Open Data (LOD)
- Goal: “expose” open datasets in RDF
- Set RDF links among the data items from different datasets
- Set up query endpoints
- Result: billions of triples and millions of links…
- The important point here is that :
•
the data becomes available to the World via a unified format
(ie, RDF).
•
the various datasets are interlinked together
•
e.g. DBpedia project
COMP9321, 17s1,
review->Week5
34
Query RDF Data (SPARQL)
• SPARQL Protocol And RDF Query Language, is an RDF query language.
• This specification defines the syntax and semantics of the SPARQL query
language for RDF.
• SPARQL can be used to express queries across diverse data sources.
• SPARQL contains capabilities for querying required and optional graph
patterns
• The results of SPARQL queries can be results sets or RDF graphs.
http://www.justanswer.com/
COMP9321, 17s1,
review->Week5
35
Data Persistence
• When you work with a relational database in a Java
application, the Java code issues SQL statements to the
database via the JDBC API.
• The Java Database Connectivity (JDBC) API provides
universal data access from the Java programming language.
• Using the JDBC API, you can access virtually any data
source, from relational databases to spreadsheets and flat
files.
• The JDBC API is comprised of two packages:
• java.sql
• javax.sql
COMP9321, 17s1,
review->Week6
(Hibernate, pp.5-29)
36
Accessing DB from an Application
COMP9321, 17s1,
review->Week6
37
PreparedStatement object
• A more realistic case is that the same kind of SQL statement is processed over and
over (rather than a static SQL statement).
• In PreparedStatement, a place holder (?) will be bound to an incoming value before
execution (no recompilation).
COMP9321, 17s1,
review->Week6
38
Data Access Objects (DAO)
COMP9321, 17s1,
review->Week6
39
Object-Relational Impedance Mismatch Problems
COMP9321, 17s1,
review->Week6
40
Object-Relational Impedance Mismatch Problems
https://docs.oracle.com/cd/E16162_01/user.1112/e17455/img/mismatch.gif
COMP9321, 17s1,
review->Week6
41
What is NoSQL?
• Stands for No-SQL or Not Only SQL??
• Class of non-relational data storage systems
• E.g. BigTable, Dynamo, PNUTS/Sherpa, ..
• Usually do not require a fixed table schema nor do
they use the concept of joins
• Distributed data storage systems
• All NoSQL offerings relax one or more of the ACID
properties (will talk about the CAP theorem)
Chapter 19: Distributed Databases
COMP9321, 17s1,
review->Week6
42
CAP Theorem
Three properties of a system
• Consistency (all copies have same value)
• Availability (system can run even if parts have
failed) Via replication.
• Partitions (network can break into two or more
parts, each with active systems that can’t talk to
other parts)
•
Brewer’s CAP “Theorem”: You can have at most two of these three
properties for any system.
•
Very large systems will partition at some point.
COMP9321, 17s1,
review->Week6
43
Design Patterns
A pattern is a proven solution to a problem in a context.
Each pattern expresses a relation between a certain context, a problem, and a solution.
A design pattern represents a solutions to problems that arise when developing a software.
Design pattern are granular and applied at different levels such as:
Categories include:
COMP9321, 17s1,
review->Week7
Frameworks
Subsystems
Sub-subsystems
Design
Architectural
Analysis
Creational
Structural
Behavioral
44
J2EE Design Patterns
COMP9321, 17s1,
review->Week7
45
General Guideline for Servlet/JSP/JavaBeans
COMP9321, 17s1,
review->Week7
46
Securing your Web Application: Threats!
COMP9321, 17s1,
review->Week9
47
Securing your Web Application: Threats!
COMP9321, 17s1,
review->Week9
48
Session Management…
COMP9321, 17s1,
review->Week9
49
Transport Layer Security (e.g. HTTPS)
COMP9321, 17s1,
review->Week9
50
Performance
COMP9321, 17s1,
review->Week10
51
Performance Metrics
•
•
•
•
•
Response Time
Throughput
Availability
Reliability
Resource Utilization
COMP9321, 17s1,
review->Week10
52
Scalability
COMP9321, 17s1,
review->Week10
53
Operational Laws
• Utilization Law
• Little’s Law
• Forced Flow Law
COMP9321, 17s1,
review->Week10
54
Architectural Considerations - Network
COMP9321, 17s1,
review->Week11
55
General Techniques for Improving Performance and Scalability
1.
2.
3.
4.
5.
Caching/Replication
Parallelism
Redundancy
Asynchrony
Resource Pooling
COMP9321, 17s1,
review->Week11
56
Improving Performance using HTTP features
COMP9321, 17s1,
review->Week11
57
Improving Database Access
COMP9321, 17s1,
review->Week11
58
COMP9322 !!
…from building a web site (cs9321) to building web services (cs9322) ...
context: “global/distributed/complex” business applications
• Goals:
• understand the concept of services and business processes
• articulate the motivation behind web service-based technologies
• apply the knowledge in practical situations
COMP9322 course aims:
• provide students with a deep understanding of SOA, service-orientation
paradigm, business processes and Web services as an implementation
technology.
COMP9321, 17s1, Week12
59
Good Luck!
COMP9321, 17s1, Week12
60
COMP9321, 17s1, Week12
61