0% found this document useful (0 votes)
19 views60 pages

313 41 - Web Technology - Part 1 5 Marks XML (Extensible Markup Language)

Uploaded by

gayukalai87
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
19 views60 pages

313 41 - Web Technology - Part 1 5 Marks XML (Extensible Markup Language)

Uploaded by

gayukalai87
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 60

313 41 – Web Technology – Part 1

5 Marks

1. Discuss about applications of XML?


 XML (eXtensible Markup Language)
o XML stands for eXtensible Markup Language. It is designed to transport and
store data.
o It is a markup language much like HTML but unlike HTML, XML was designed to
carry data, not to display data XML tags are not predefined.
o You must define your own tags d designed to be self-descriptive.
 XML Benefits
o XML provides the following benefits, they are,
 XML Holds Data, Nothing More
 XML does not really do much of anything. Rather, developers
can create XML-based languages that store data in a structure
way.
 Applications can then use this data to do any number of things
 XML Separates Structure from Formatting
 One of the difficulties with HTML documents, word processor
documents, spreadsheets, and other forms of documents is that
they mix structure with formatting.
 This makes it difficult to manage content and design,
 The XML document does not specify how the content of either
tag should be displayed. Rather, the formatting is left up to an
external stylesheet
 XML Promotes Data Sharing
 All the applications share data in this XML format.
 Each application only has to know two structures, its own and
the XML structure, to be able to share data with many other
applications
 XML is Free
 XML doesn't cost anything to use.
 It can be written with a simple text editor or one of the many
freely available XML authoring tools, such as XML Notepad.
 XML is Human-Readable
 XML documents are (or can be) read by people.
 Perhaps this doesn't sound so exciting, but compare it to data
stored in a database
2. Write notes on advantages of java beans?

 Portable : Written in java with no platform-native code

1
 Lightweight: It should be possible to implement a component as small as a push button or as
large as a complete spreadsheet or word processor.
 Simple to create: it should be a simple job to create a java component with our
implementing countless methods.
 Hostable in other component models : It should be possible to use JavaBeans as a first-class
ActiveX, OpenDoc, or other component
 Able to access remote data: A Java component may use any of the standard distributed
objects (Remote Method Invocation RMI) or distributed data mechanisms to access remote
data

3. Design a HTML form for railway reservation system using suitable background design and
text color

<html>

<head>

<script type="text/javascript" src ="validate.js"></script>

</head>

<body>

<form action ="#" name ="RailwayReservationSystem"

onsubmit="return(validate());">

<table cellpadding ="2" width ="20%"bgcolor="99FFF"

align="center"cellpadding="2">

<tr>

<td colspan="2"

<center><font size = "4"><b>Railway RailwayReservationSystem</b></font></center>

</td>

</tr>

<tr>

<td>From</td>

<td><input type ="text" name ="form" id = "from"

size="30"></td>

</tr>

2
<tr>

<td>To</td>

<td><input type="text" name ="to" id ="to" size ="30"></td>

</tr>

<tr>

<td>Train No/Name</td>

<td><input type ="text" name ="trainno"

id="trainno"size="30"></td>

</tr>

<tr>

<td>class</td>

<td><select name="class">

<option value="-1"selected>select</option>

<option value ="SL">SL</option>

<option value="3A">3A</option>

<option value="2A">2A</option>

</select></td>

</tr>

<tr>

<td>NO.of seats</td>

<td><select name="No of seats">

<option value="-1"selected>select</option>

<option value="1">1</option>

<option value="2">2</option>

<select></td>

</tr>

<tr><td>passenger</td>

<tr><td>age</td></tr>

3
<tr><td>Gender</td></tr>

</tr>

<td><input type="text"name="p1"size="30"></td>

<td><input type="text"name="age"size="2"></td>

<td><select name="Gender"

<option value ="M">M</option>

<option value ="F">F</option></select>

</td></tr>

<tr>

<td><input type="text name = "P2"size ="30"></td>

<td><input type ="text" name = "age"size ="2"></td>

<td><select name="Gender">

<option value ="M">M</option>

<option value ="F">F</option></option><select>

</td></tr>

<tr>

<td>Address</td>

<td><input type="text" name="address"id ="address"

size="50"></td>

</tr>

<tr>

<td>Payment Mode</td>

<td><input type="radio"name"paymentmode"value="credit/Debit card">Credit/Debit


card

<input type ="radio" name ="Paymentmode"value ="Wallet/UPI">Wallet UPI</td>

<td><input type = "radio" name="Paymentmode"value


="netbanking">NetBanking</td>

</tr>

4
<tr>

<td>Mobile no.</td>

<td><input type ="text"name=Mobileno"id="mobileno."

size="30"></td>

</tr>

<tr>

<td><input type ="reset"></td>

<td colspan ="2"><input type ="submit" value = "submit Form"></td><td>

<input type"cancel"value ="cancel">

</td>

</tr>

</table>

</form>

</body>

</html>

Output of the form

4. Elucidate about the directory structure of a typical web server.

5
o A web server is also known as an HTTP Server.
o It responds to request from a web browser by returning Html images, applets or other
data.
o It is also responsible for enforcing security policies, storing frequently requested files in
cache memory logging request and much more.
 Example web server is Tomcat web server.
o Exploring The Tomcat Directory Structure

bin/

 Contains startup.sh, shutdown.sh and other scripts/programs.

 The *.sh files (for Unix and Mac OS systems) are functional duplicates of the *.bat files (for
Windows systems).

conf/

 Server-wide Tomcat configuration.

 You will modify server.xml and tomcat-users.xml to adjust logging, authentication and access
control, enable TLS/SSL, etc.

 Web applications can override some server-wide settings in their own configuration file (e.g.,
the web deployment descriptor).

webapps/

 Contains web applications directories and WAR files.

 This is where we will be putting the TDS web application.

 You will also be using the manager application that comes with the Tomcat Servlet Container
during this tutorial.

logs/

 Tomcat log files are here by default.

 This is one of the directories you will be looking for log files (the TDS logs elsewhere by default).

 The log files should be your first stop for troubleshooting Tomcat and TDS issues. (Hint, hint).

 Logs files may contain useful information for assessing the security of your system.

 Make a point of becoming familiar with the Tomcat-generated catalina.out, catalina.yyyy-mm-


dd.log, and localhost_access_log.yyyy-mm-dd.log files.

5. Describe about the methods of servlet interface.

6
Servlet interface needs to be implemented for creating any servlet (either directly or indirectly).
It provides 3 life cycle methods that are used to initialize the servlet, to service the requests, and
to destroy the servlet and 2 non-life cycle methods.

Methods of Servlet interface

There are 5 methods in Servlet interface. The init, service and destroy are the life cycle methods
of servlet. These are invoked by the web container.

6. Illustrate about client server script execution with example.


The client-side script executes in the client browser whereas server-side script is executed
in the respective server.

Client-side script

step1: A site is loaded in a browser from the server.

step2: Client-side script run in the browser and process request without call-backs to the server.

step3: when a call to the database required JavaScript and ajax requests to the back end.

Server Side Script

step4: The back-end server-side scripts process the request. pull what they read from the database then
send it back.

step5: Server-side scripts process the data, then update the site.

7
7. Write a java script that scrolls a text message in the status bar of the browser window?

<html>

<head>

<title>Scrolling Text</title>

<script language="JavaScript">

var scrollPos = 0

var maxScroll = 100

var blanks = ""

function scrollText(text, milliseconds) {

window.setInterval("displayText('"+text+"')", milliseconds)

function displayText(text) {

window.defaultStatus = blanks + text

++scrollPos

blanks += " "

8
if(scrollPos > maxScroll) {

scrollPos = 0

blanks = ""

</script>

</head>

<body onload="scrollText('Watch this text scroll!!!', 300)">

<p>Watch the text scroll at the bottom of this window!</p>

</body>

</html>

8. Explain about creating, installing and running a JSP page

JSP Page  Java Server Pages

 JSP pages allow you to separate front-end presentation from business logic (middle and back-
end tiers).
 It is a great Rapid Application Development (RAD) approach to Web applications.

Creating JSP Page

 When working with JSP pages, you just need a regular text editor such as Notepad on Windows
or Emacs on Unix

Creating a simple JSP Page


hello.JSP :
 JSP simply puts Java inside HTML pages.
 You can take any existing HTML page and change its extension to “.jsp” instead of “.html”.
 In fact, this is the perfect exercise for your first JSP.
 Take the HTML file you used in the previous exercise. change its extension from “.html” to
“jsp”.
 Now load the new file, with the “.jsp” extension, in your browser.
 You will see the same output, but it will take longer! But only the first time.
 If you reload it again, it will load normally.
 What is happening behind the scenes is that your JSP is being turned into a Java file, compiled,
and loaded. This compilation only happens once, so after the first load, the file doesn’t take
long to load anymore. (But every time you change the JSP file, it will be re-compiled again.)

9
Installing JSP
Setting up the Java Development Kit
Step1: It involves downloading an implementation of the Java Software Development Kit (SDK) and
fixing the environment variable. You can download SDK from Oracle’s Java site by visiting the below URL:

https://www.oracle.com/java/technologies/javase-downloads.html

Step2: You download your Java implementation, follow the given instructions to put in, and configure
the setup. Finally set the JAVA_HOME environment variables to ask the directory that contains java and
javac, typically java_install_dir/bin and java_install_dir respectively.
set PATH = C:\jdk1.8.0_181\bin;%PATH%
set JAVA_HOME = C:\jdk1.8.0_181

Setting up Web Server: Tomcat


Apache Tomcat is an open-source software implementation of the JavaServer Pages and Servlet
technologies. It should act as a standalone server for testing JSP and Servlets. It should be integrated
with the Apache Web Server. Here are the steps to line up Tomcat on your machine −
1. Download the latest version of Tomcat from https://tomcat.apache.org/
2. After downloading, unpack the binary distribution into a convenient location. For
example, in C:\apache-tomcat-9.0 on windows
3. After unpacking pointing to the same location create CATALINE_HOME environment
variables

Start Tomcat Server


Tomcat is often started by executing the subsequent commands on the Windows machine:
C:\apache-tomcat-9.0\bin\startup.bat
After a successful startup, the default web applications included with Tomcat are available by
visiting http://localhost:8080/

Run a Simple JSP Page:


Step-1: Save the JSP file using “.jsp” extension (ex- “hello.jsp”)
Step-2: Start the server
Step-3: Place your application inside a folder
Step-4: To execute the JSP script, simply start tomcat server and use a browser to browse an URL of
the JSP page i.e.
http://localhost:portnumber/YourApplicationContextRoot/jspfile then you will see the jsp file is being
compiled.

9. Discuss the need for client side scripting.

10
 Client-side scripting refers to a procedure where the code with an HTML web page is sent to
the client via the server.

 In this case, the code is linked to the Script. In simpler terms, client-side scripting refers to
an approach where scripts are executed by browsers without connecting to the server.

 The code runs in the browser of the client's computer, either when the web page is loading
or when the page has loaded.

 Client-side scripting is mostly utilized to create dynamic user interface elements like pull-
down menus and animation buttons, navigation tools, data validation, and more.

 Nowadays, it is increasing and evolving every day. This means that writing web
programming for clients is now much easier and quicker and, in turn, reduces the load on
servers.

 JavaScript, as well as jQuery, are the most significant web scripting languages that are
widely used to create responsive and dynamic web pages.

 A browser (temporarily) is able to download the Script locally on the computer and begins
processing it in the absence of the server. Thus, the scripting on the client is dependent on
the browser.

10. Differentiate between private assembly and shared assembly.


In the .NET framework, there are two types of assemblies: private assemblies and shared
assemblies.
These assemblies serve as units of deployment and encapsulate one or more .NET code
modules, such as classes, interfaces, resources, and metadata

11
11. Differentiate static web pages and dynamic web pages.

Parameter Static Web Pages Dynamic Web Pages

Basics The content on web pages remains the This type of web page is behavioral. The
same unless someone physically makes content of pages is capable of differing for
any changes on its hard disk (manual different visitors. It keeps changing with
alterations). time and other parameters.

Definition A static web page is a simple HTML written A dynamic web page is a type of page
page that serves as a type of direct written in complex languages like AJAX,
response from a browser to the server. All ASP.NET, etc. The data here gets rendered
the data and info remains static in nature, to some capacity and interpretation for
and it stays the same unless someone producing varied content for different users
manually makes any changes to it. visiting the page at different times.

Complexity These types of web pages are very simple. These types of web pages are complicated.
The data in these pages remain static and They go through the process of
require no interpretation before the interpretation- making the data dynamic in
process of rendering. Thus, it comes with nature. Due to this, such pages become way
no complexity. more complex as compared to any static
web pages.

Frequency of Content and information rarely change on The content and information change
Information a static web page. frequently on a dynamic web page.
Change

Loading Time These web pages take a very short time to These web pages take longer to load as
load as compared to the dynamic ones. It compared to the static ones. It is because of
is because they contain very static data the more complex, dynamic data present in
and info on the pages. these web pages.

Use of Database The static web pages generally do not use The dynamic web pages use databases

12
databases. They do not require data because it involves frequent data and info
redecoration very often. redecoration.

Languages Used Languages like CSS, JavaScript, HTML, etc., Languages like ASP.NET, ASP, AJAX, CGI,
come into play when writing static web etc., come into play when writing dynamic
pages. It uses only simple languages. web pages. It requires some very complex
languages for a stable operation.

Application These do not contain any application These contain application programs for
Program programs. various services.

Work Required Less work and complexity go into designing More work and complexity go into
static web pages. designing dynamic web pages.

Cost of Designing static web pages requires very Designing dynamic web pages is more costly
Development low cost as compared to dynamic ones. as compared to static ones.

Rendered Data The data in static web pages don’t change The data and info in dynamic web pages
automatically. One needs to manually first stay interoperate at the server-side.
make necessary changes on it- making it Due to this, the data doesn’t remain similar
static in nature. on each call- making the data contained in it
dynamic in nature.

12. Difference between scripting language and markup language


 Markup languages are used to structure and format text and other content on a
webpage
 They use tags to define the structure of the content and to apply formatting such as
bold, italic, and font size. Markup languages do not have the ability to perform
complex operations or calculations like programming languages do. They are simply
used to define the structure and layout of content on a webpage
 HTML (HyperText Markup Language) is the most widely used markup language for
creating webpages

13
 Scripting languages are a type of programming language that is used to write scripts.
 A script is a series of instructions that tells a computer how to perform a specific
task.
 Scripts are typically used to automate tasks or to add functionality to an application.
 JavaScript is a scripting language that is used to add interactivity to webpages. It is
commonly used in conjunction with HTML and CSS to create dynamic and
responsive web applications

13. What are the two fundamental objects in ADO.NET?


 ADO.NET is designed to help developers work efficiently with multi-tier databases,
across intranet or Internet scenarios.

 The ADO.NET object model consists of two key components as follows:


o Connected model (.NET Data Provider - a set of components including the
Connection, Command, DataReader, and DataAdapter objects)
o Disconnected model (DataSet).

Connected Model  Connection


 The Connection object is the first component of ADO.NET. The connection object opens a
connection to your data source.
 Connection object helps in accessing and manipulating a database. Database transactions are
also dependent upon the Connection object.

14
 In ADO.NET the type of the Connection is depended on what Database system you are working
with. The following are the commonly used connections in the ADO.NET
 SqlConnection
 OleDbConnection
 OdbcConnection

Command
The Command object is used to perform an action on the data source. Command object can execute
stored procedures and T-SQL commands.

You can execute SQL queries to return data in a DataSet or a DataReader object. Command object
performs the standard Select, Insert, Delete, and Update T-SQL operations.

DataReader
The data returned by a DataReader is always read-only
The DataReader is built as a way to retrieve and examine the rows returned in response to your query as
quickly as possible

DataAdapter
The DataAdapter takes the results of a database query from a Command object and pushes them into a
DataSet using the DataAdapter.Fill() method. Additionally the DataAdapter.Update() method will
negotiate any changes to a DataSet back to the original data source

Command Builder
The work of Command Builder is to generate Command as per changes in DataRows.

Transaction
The Transaction object is used to execute the backend transaction. Transactions are used to ensure that
multiple changes to database rows occur as a single unit of work

Parameters
Parameter object is used to solve the SQL Injection attack problem while dealing with the user input
parameters.

Disconnected Model
Data Set
 The DataSet Object is the parent object to most of the other objects in the System.Data
namespace
 Its primary role is to store a collection of DataTables and the relations and constraints between
those DataTables.
 DataSet also contains several methods for reading and writing XML, as well as merging other
DataSets, DataTables and DataRows.

15
DataTable
 DataTable stores a table of information, typically retrieved from a data source. DataTable allows
you to examine the actual rows of a DataSet through rows and columns collections.
 Once the DataTable is filled the database connection is released and operates disconnected
only.

DataRows
 The DataRow class permits you to reference a specific row of data in a DataTable. This is the
class that permits you to edit, accept, or reject changes to the individual DataColumns of the
row

DataColumns
 DataColumns is the building block of the DataTable. A number of such objects make up a table.
Each DataColumn object has a DataType property that determines the kind of data that the
column is holding. data table

14. Discus about SQL basics: Select, Update, Insert, Delete.

The SQL SELECT Statement

The SELECT statement is used to select data from a database.

Syntax

SELECT column1, column2, ...


FROM table_name;

Here, column1, column2, ... are the field names of the table you want to select data from.

The table_name represents the name of the table you want to select data from.

The SQL UPDATE Statement

The UPDATE statement is used to modify the existing records in a table.

UPDATE Syntax

UPDATE table_name
SET column1 = value1, column2 = value2, ...
WHERE condition;

16
Note: Be careful when updating records in a table! Notice the WHERE clause in the UPDATE statement.
The WHERE clause specifies which record(s) that should be updated. If you omit the WHERE clause, all
records in the table will be updated!

The SQL DELETE Statement

The DELETE statement is used to delete existing records in a table.

DELETE Syntax

DELETE FROM table_name WHERE condition;

Note: Be careful when deleting records in a table! Notice the WHERE clause in the DELETE statement.
The WHERE clause specifies which record(s) should be deleted. If you omit the WHERE clause, all records
in the table will be deleted!

The SQL INSERT INTO Statement

The INSERT INTO statement is used to insert new records in a table.

INSERT INTO Syntax

It is possible to write the INSERT INTO statement in two ways:

1. Specify both the column names and the values to be inserted:

INSERT INTO table_name (column1, column2, column3, ...)


VALUES (value1, value2, value3, ...);

2. If you are adding values for all the columns of the table, you do not need to specify the column names
in the SQL query. However, make sure the order of the values is in the same order as the columns in the
table. Here, the INSERT INTO syntax would be as follows:

INSERT INTO table_name


VALUES (value1, value2, value3, ...);

15. What is conditional processing? How can we give conditions in JSP?


o We make use of the condition to check if the entered value is correct.
o It correct then what will be the output, and in case if it is wrong then what output will
be displayed to the browser.
o In this program we are using the switch statement to check the conditions.

17
o In this program we are making the using of html form.
o When the values are entered in the html form then these values are checked by the
controller, then on checking the values the output will be displayed to the user.
o The code of the program is given below:
<html>
<head>
<title>Conditional Test</title>
</head>
<body>
<form method = "get" action = "Conditional.jsp">
Enter the number<input type = "text" name = "number" value = "">
<input type = "submit" name = "submit" value = "submit">
</form>
</body>

</html>
<% switch (Integer.parseInt(request.getParameter("number")))
{
case 0: %>
You have entered the number 0
<% break;
case 1: %>
You have entered the number 1
<% break;
default: %>
You can enter either o or 1
<%
}
%>

Output

18
16. How does a web server and browser communicate with each other?
 Web Server - A web server is also known as an HTTP Server. It responds to request from a web
browser by returning Html images, applets or other data.
 Web browsers communicate with web servers using the HyperText Transfer Protocol (HTTP).
When you click a link on a web page, submit a form, or run a search, the browser sends an HTTP
Request to the server. This request includes:

 A URL identifying the target server and resource (e.g. an HTML file, a particular data point on the
server, or a tool to run).
 A method that defines the required action (for example, to get a file or to save or update some
data). The different methods/verbs and their associated actions are listed below:
o GET: Get a specific resource (e.g. an HTML file containing information about a product,
or a list of products).
o POST: Create a new resource (e.g. add a new article to a wiki, add a new contact to a
database).
o HEAD: Get the metadata information about a specific resource without getting the body
like GET would. You might for example use a HEAD request to find out the last time a
resource was updated, and then only use the (more "expensive") GET request to
download the resource if it has changed.
o PUT: Update an existing resource (or create a new one if it doesn't exist).
o DELETE: Delete the specified resource.
o TRACE, OPTIONS, CONNECT, PATCH: These verbs are for less common/advanced tasks,
so we won't cover them here.
 Additional information can be encoded with the request (for example, HTML form data).
Information can be encoded as:
o URL parameters: GET requests encode data in the URL sent to the server by adding
name/value pairs onto the end of it — for example http://example.com?
name=Fred&age=11. You always have a question mark (?) separating the rest of the URL
from the URL parameters, an equals sign (=) separating each name from its associated
value, and an ampersand (&) separating each pair. URL parameters are inherently

19
"insecure" as they can be changed by users and then resubmitted. As a result URL
parameters/GET requests are not used for requests that update data on the server.
o POST data. POST requests add new resources, the data for which is encoded within the
request body.
o Client-side cookies. Cookies contain session data about the client, including keys that
the server can use to determine their login status and permissions/accesses to
resources.
 Web servers wait for client request messages, process them when they arrive, and reply to the
web browser with an HTTP Response message. The response contains an HTTP Response status
code indicating whether or not the request succeeded (e.g. "200 OK" for success, "404 Not
Found" if the resource cannot be found, "403 Forbidden" if the user isn't authorized to see the
resource, etc.). The body of a successful response to a GET request would contain the requested
resource.
 When an HTML page is returned it is rendered by the web browser. As part of processing, the
browser may discover links to other resources (e.g. an HTML page usually references JavaScript
and CSS files), and will send separate HTTP Requests to download these files.
 Both static and dynamic websites (discussed in the following sections) use exactly the same
communication protocol/patterns.

17. Difference between custom controls and user controls?


 In the .NET framework, there are two types of controls that are used to build
reusable UI components for Windows Forms and WPF applications: user controls
and custom controls.
 Their levels of abstraction and reusability are the primary differences between
them.
 User controls are simple to create but can only be used within the unique Windows
Forms or WPF applications in which they are made, limiting their potential for reuse.
They are frequently used to create composite controls by merging existing controls
because they were created for certain UI applications.
 Custom controls are more flexible and can be used in various applications. Custom
controls are also more difficult to develop than user controls.

Characteristics User Controls Custom Controls

Creation It is easy to create It is not easy to create

User Controls cannot have toolboxes Custom Controls can include a


Toolbox
added to them. Toolbox.

Layout It is a static layout It is a Dynamic layout

20
It only takes one copy to use it in Individual copies are needed for each
Usability multiple projects or applications. project or application.

Flexibility There is less user control flexibility. Custom control flexibility is more

Coupled It is tightly coupled. It is loosely coupled.

The user interface is fixed and cannot be The Custom Controls interface will be
User Interface
altered. changed.

18. Discuss in detail authorization and security.

 Authorization is the procedure of permitting someone to do something. It defines it an


approach to check if the user has permission to need a resource or not. It can represent that
what data and information one user can access.
 It is also called as AuthZ. The authorization generally works with authentication so that the
system can understand who is accessing the information. Authorization is a security
structure used to decide user/client privileges or access levels associated with system
resources, such as computer programs, files, services, data and application features.
 Authorization is generally preceded by authentication for customer identity verification.
System administrators (SA) are generally assigned permission levels covering some system
and customer resources.
 During authorization, a system checks an authenticated user's access rules and either grants
or waste resource access. Modern and multiuser operating systems based on efficiently
designed authorization processes to support application deployment and administration.
 Key factors such as user type, number, and credentials needing verification and associated
actions and roles. For instance, role-based authorization can be designated by user groups
needing definite user resource tracking privileges.

Security

Information security is the practice of protecting information by mitigating information risks.

It involves the protection of information systems and the information processed, stored and
transmitted by these systems from unauthorized access, use, disclosure, disruption, modification or
destruction.

This includes the protection of personal information, financial information, and sensitive or
confidential information stored in both digital and physical forms. Effective information security

21
requires a comprehensive and multi-disciplinary approach, involving people, processes, and
technology.

Information Security is not only about securing information from unauthorized access.

Information Security is basically the practice of preventing unauthorized access, use, disclosure,
disruption, modification, inspection, recording or destruction of information.

Information can be a physical or electronic one. Information can be anything like Your details or we
can say your profile on social media, your data on mobile phone, your biometrics etc.

Thus Information Security spans so many research areas like Cryptography, Mobile Computing, Cyber
Forensics, Online Social Media, etc.

19. Write short notes on list with suitable code

HTML Supports several ways of arranging items in lists. The most commonly used are:
• Ordered List (Numbered List)
• Unordered List (Bulleted List)

Ordered List <OL>


Ordered list also called as Numbered list, is used to present a numbered list of item in the order of
importance or the item (paragraph) is marked with a number. An ordered list must begin with the <OL>
followed by an <LI> list item tag.
Example: An HTML document orderedList.html shows the use of Ordered List
<HTML>
<HEAD>
<TITLE>

An Ordered List
</TITLE>
</HEAD>
<BODY>
<H1><U> Various Terms Used In Internet</U></H1>
<OL>
<LI> WWW-World Wide Web
<LI> URL-Uniform Resource Locator
<LI> HTTP-Hypertext Transfer Protocol
<LI> FTP-File Transfer Protocol
<LI> HTML-Hypertext Markup Language
</OL>
</BODY>
</HTML>

Unordered List <UL>

22
Unordered List also called as bulleted list, used to present list of items marked with bullets. An
unordered list starts with in <UL>followed by <LI> (List Item) tag. Use of <UL> is very similar to
<OL>(ordered list).
Example: Use of Unordered List and Various Attributes
<HTML>
<HEAD>
<TITLE> Use of Unordered List </TITLE>
</HEAD>
<BODY>
<UL>
<LI> FRUITS
<UL>
<LI> Banana

<LI> Jack

<LI> Orange
</UL>
<LI> VEGETABLE
<UL>
<LI> Potato
<LI> Cabbage
<LI> Tomato
</UL>
</UL>
</BODY>
</HTML>

Output of the above code displays like this

23
20. Write briefly about XML schemas
 XML Schema is an XML-based language used to create XML-based languages and
data models.
 An XML schema defines element and attribute names for a class of XML documents.
 The schema also specifies the structure that those documents must adhere to and
the type of content that each element can hold.
 An XML schema describes the structure of an XML instance document by defining
what each element must or may contain.
 An element is limited by its type. For example, an element of complex type can
contain child elements and attributes, whereas a simple-type element can only
contain text

21. Write a simple code to set the properties of Java Beans.


A JavaBean is a Java class that should follow the following conventions

o It should have a no-arg constructor.


o It should be Serializable.
o It should provide methods to set and get the values of the properties, known as getter and
setter methods.

Adding a Color Property to SimpleBean

Make the following changes to SimpleBean.java to add a color property:

Create and initialize a private instance variable.

24
private Color color = Color.green;

Write a public getter method.

public Color getColor(){


return color;
}

Write a public setter method.

public void setColor(Color newColor){


color = newColor;
repaint();
}

Override the paint() method inherited from Canvas.

public void paint(Graphics g) {


g.setColor(color);
g.fillRect(20, 5, 20, 30);
}

Compile the Bean, load it in the ToolBox, and create an instance in the BeanBox.

22. What is introspection in Java Beans. Explain.


This the process of analyzing a bean to determine its capabilities.
This is an essential feature of the java beans API because it allows another application, such as a design
tool, to obtain information about a component.
There are two ways in which the developer of a bean can indicate which of its properties, events, and
methods should be exposed.

1. With the first method, simple naming conventions to infer the introspection
mechanisms to infer information about a bean.

2. In the second way, an additional class that extends the Beaninfo interface is provided that
explicitly supplies this information.

Introspection is the process of exposing the properties, methods, and events that a JavaBean
component supports. This process is used at run-time, as well as by a visual development tool at design-
time. The default behavior of this process allows for the automatic introspection of any Bean. A low-
level reflection mechanism is used to analyze the Bean’s class to determine its methods. Next it applies

25
some simple design patterns to determine the properties and events that are supported. To take
advantage of reflection, you only need to follow a coding style that matches the design pattern. This is
an important feature of JavaBeans. It means that you don’t have to do anything more than code your
methods using a simple convention. If you do, your Beans will automatically support introspection
without you having to write any extra code

23. Explain life cycle of servlet./ Phases of Servlet life cycle

The life cycle of a servlet can be categorized into four parts:

Loading and Instantiation:


The servlet container loads the servlet during startup or when the first request is made. The
loading of the servlet depends on the attribute <load-on-startup> of web.xml file.
If the attribute <load-on-startup> has a positive value then the servlet is load with loading of the
container otherwise it load when the first request comes for service.
After loading of the servlet, the container creates the instances of the servlet.

Initialization:
After creating the instances, the servlet container calls the init() method and passes the servlet
initialization parameters to the init() method.
The init() must be called by the servlet container before the servlet can service any request. The
initialization parameters persist untill the servlet is destroyed. The init() method is called only
once throughout the life cycle of the servlet.
The servlet will be available for service if it is loaded successfully otherwise the servlet container
unloads the servlet.

26
Servicing the Request:
After successfully completing the initialization process, the servlet will be available for service. Servlet
creates seperate threads for each request. The sevlet container calls the service() method for servicing
any request. The service() method determines the kind of request and calls the appropriate method
(doGet() or doPost()) for handling the request and sends response to the client using the methods of the
response object.

Destroying the Servlet:


If the servlet is no longer needed for servicing any request, the servlet container calls the
destroy() method . Like the init() method this method is also called only once throughout the life

27
cycle of the servlet. Calling the destroy() method indicates to the servlet container not to sent
the any request for service and the servlet releases all the resources associated with it. Java
Virtual Machine claims for the memory associated with the resources for garbage collection.

24. Discuss the security issues in the servlet


 Before installing servlets in the web server, make sure that they come from trusted
sources
 The concept of sandbox may be incorporated
i. Servlet is a container of servlets where restrictions of imposed
ii. This concept is similar to how browsers control applets and its known as
sandboxing
iii. A servlet can originate from several sources
iv. Webmaster may have written it
v. Servlet may have been downloaded from another website
vi. It may have been bought as part of third party package
vii. Based on the sources of servlet certain level of trust should be associated
with it
viii. A Servlet sandbox is an area where servlets are given restricted authority on
the server
ix. They may not have access to file system or network or they may have been
granted a more trusted status
x. Its upto the web server administrator to decide which servlets are granted
this status
xi. Note that the fully trusted servlets has full access to servlets file systems
and networking capabilities , it could even perform a system.exit() stopping
web server
 Access Control List
o Many webservers allows you to restrict the access to certain web pages via
Access Control List [ACL]
o ACL is a list of users who are allowed to perform specific functions on the
server like,
 What kind of access is allowed?
 What object the access is applies to ?
 Which users are granted for access?
 Administrator of web servers decides which servlets are given which permissions
 In addition to this security issues, author of servlet should consider the following
points
 Take sufficient care while writing file upload code
 Review the code that access files/database based on the user input
 Make sure that the request comes from an authorized user
 Don’t rely on the existence of session variable

28
 Make sure that you have not used System.exit() method anywhere
in your program
 Do not display sensitive parameter values in web page like
password
25. How do you install the Java Software Development Kit? Explain the steps.
The JDK can be installed on the following Platforms:
1. Microsoft Windows
2. Linux
3. macOS

Install JDK on Microsoft Windows


Step 1: Download and Install Java Development Kit (JDK)
The very first step is to download the Oracle Java Development Kit (JDK) from the Official Oracle
Website
You need to identify your system specifications to choose the Product/file description.

The website will contain the latest version for your corresponding system. For Windows, we’ll be
downloading the latest x64 Installer of Java SE Development Kit

After the download is complete, proceed to install the JDK

Step 2: Configure Environment Variables


After the installation is complete, we have to configure environment variables to notify the system
about the directory in which JDK files are located.

If you are running Windows and installed the SDK in C:\jdk1.5.0_20, you would put the following line in
your C:\autoexec.bat file.
set PATH=C:\jdk1.5.0_20\bin;%PATH%
set JAVA_HOME=C:\jdk1.5.0_20

Step 3: Check the Java Version


Open Command Prompt and enter the following commands
java -version

javac -version

26. Write a sample code to pass the data between pages.


 JSP provides different scopes for sharing data objects between pages, requests, and
users.
 The scope defines how long the object is available and whether it's available only to one
user or to all application users.
 The following scopes are defined: page, request, session, and application.

29
 The <jsp:useBean> action has a scope attribute you use to specify the scope for the
bean.
 The <jsp:useBean> action ensures that the bean already exists in this scope or that a
new one is created and placed in the specified scope.
 It first looks for a bean with the name specified by the id attribute in the specified scope.
 If it already exists, for instance created by a previously invoked <jsp:useBean> action or
by a servlet, it does nothing.1
 If it can't find it, it creates a new instance of the class specified by the class attribute and
makes it available with the specified name within the specified scope
 Example :
 Jsp code
 <HTML>
 <HEAD>
 <TITLE>Getting a Property Value</TITLE>
 </HEAD>
 <BODY>
 <H1>Getting a Property Value</H1>
 <jsp:useBean id="bean1" class="beans.Test" /> The message is: <jsp:getProperty
name="bean1" property="message" />
 <BR>
 <jsp:setProperty name="bean1" property="message" value="Hello again!" />
 Now the message is: <jsp:getProperty name="bean1" property="message" />
 </body>
 </html>

Test.java
package beans;
import java.io.Serializable;
public class Test implements Serializable
{
public Test()
{

}
private String message = "Hello from JSP!";
public void setMessage(String message)
{
this.message = message;
}
public String getMessage()
{

30
return this.message;
}
}

27. Write a simple Java Bean to display a plain text.


28. 14. (a) Write a JSP code for pass data from one page to another.

JavaBeans are classes that encapsulate many objects into a single object (the bean). It is a Java class
that should follow the following conventions:
1. Must implement Serializable.
2. It should have a public no-arg constructor.
3. All properties in java bean must be private with public getters and setter methods
// Java Program of JavaBean class
package geeks;

public class Student implements java.io.Serializable {


private String name;

// Constructor
public Student()
{
}

// Setter for Name


public void setName(String name)
{
this.name = name;
}

// Getter for Name


public String getName()
{
return name;
}
}

29. Discuss about various built-in Objects in javascript.


The JavaScript object model is a simple one. The bulk of these objects deal with window content are
documents, links, forms, and so forth.

31
In addition to window-content objects, JavaScript supports a small handful of "built-in" objects. These
built-in objects are available regardless of window content and operate independently of whatever page
Netscape has loaded.

There are 3 built in objects are available in system.

 String Object
 Math Object
 Date Object

String Object

 String object is bona fide object and the string keyword is used to create new strings
 For ex string objects
o Var myString = new String ();
o myString = “This is String”
o alert (“This is String”. Length())

Math Object

 Math objects provides built in constants and methods to perform calculations with in the scripts
 For ex, to return the valud of pi, you can use

Var pi = Math.PI;

Date Object

 Date object is similar to the string object in that you create a new instances of an object
When you assign it to variable
 The syntax for creating new date object is
 VariableName = new Date(Parameters)
o Ex: Today = new Date();
 You have several optional parameters to send to the date objects that are as follows,
o variableName = new Date()
o variableName = new Date(year, month, day)
o variableName = new Date(year, month, day, hours, minutes, seconds)

30. Explain about various types of List tags in HTML. -- Already covered
Orderedlist
Unordered list

31. Briefly explain the types of Enterprise javabeans.


 Enterprise JavaBeans (EJB) is a comprehensive technology that provides the infrastructure for
building enterprise-level server-side distributed Java components.
 Enterprise JavaBeans server-side components come in two fundamentally different types:

32
o Entity Beans
o Session Beans

Session Beans

 Session beans are for managing processes or tasks.


 A session bean is mainly for coordinating kinds of activities.
 A session bean does not represent anything in a database, but it can access the database.
 Session beans are transaction aware.
 Session beans are further divided as two categories.
o Stateful Session Beans
o Stateless Session beans

Stateful Session Beans

 Stateful session beans maintains a conversational state when used by a client.


 It maintains the state of the client across multiple requests.
o Conversational state is not written into database, but it can store some state in
private variables during one method call and sub sequent method call can rely on
this state
o Diagrammatic explanation provided here – State remains same and maintained only
on that system, for an another request sent to another system, state is varying

Stateless session Beans

o It does not maintains a state of the client between multiple method calls
o It can be accessed by one client at a time

33
o In case of concurrent access, EJB container routes each request to different instance
o One can specify whether a bean is stateful or not in the bean's deployment
descriptor.
o Because of stateless session beans can supports multiple clients , they can offer
better scalability for applications that require large number of clients

Entity Beans

 An “Entity bean” is a type of Enterprise Java Bean, that represents persistent data
maintained in data base.
 Users Data can be saved to database via entity beans, and later on can be retrieved from the
database in the entity bean
 Entity beans are normally used to manage complex coarse – grained persistent data for a
remote client
 There are two types of entity beans and they are distinguished by how they manage
persistence
o Container Managed Persistence
o Bean Managed Persistence

Container Managed Persistence

 Container Managed Persistence are Enterprise Bean that persists across the database
 In this Method container take care of database calls

Bean Managed Persistence

 Bean Managed Persistence is a type of Entity Bean, where the programmer has to write the
code for database calls
 It persists across multiple sessions and multiple clients

32. (b) Write short note on : Bean Persistence


 A bean has the property of persistence when its properties, fields, and state information are
saved to and retrieved from storage.
 Component models provide a mechanism for persistence that enables the state of the
components to be stored in non-volatile place for lateral retrieval.
 The mechanism that makes persistence possible is called serialization
 Object Serialization means, converting the object into Data stream and write it into storage
 Any applet, application or tool that uses that bean may reconstitute it by deserialization
 The object is then restored to its original state
 All beans must persist.
 To persist, your beans must support serialization by implementing either java.io.serializable or
java.io.externalizable interface
 These interfaces offers the choice of automatic serialization and customized serialization

34
33. 13. (a)Describe servlet life cycle with neat diagram. – Already covered

34. (b) Write short note on: Servlet API

 Servlets are Java programs that runs on the java enabled web server or application server
 They are used to handle request obtained from web server, process the request, produce the
response and then send response back to the web server
 In Java to create applications we use servlets
 To Create Java Servlets, We need to use Servlet API which contains all necessary interfaces and
classes
 Servlet API has two packages namely
o Javax.servlet
o Javax.servlet.http

 Servlets implement the javax.servlet.Servlet interface.


 The javax.servlet package contains the generic interfaces and classes that are implemented and
extended by all servlets.
 javax.servlet package contains the following classes
o GenericServlet
o ServletInputStream
o ServletOutputStream
 javax.servlet package contains the following interfaces
o filter
o filterchain
o filterconfig
o servlet
o servletconfig

 While the javax.servlet.http package contains the classes that are used when developing HTTP -
specific servlets
 The HttpServlet is extended from GenericServlet base class and it implements the Servlet
interface. HttpServlet class provides a framework for handling the HTTP requests.
 Classes available in javax.servlet.http package:
o Cookie
o Httpservlet

 Interfaces available in javax.servlet.http package:


o HttpServletRequest
o HttpServletResponse
o HttpSession
o HttpSessionListener

35
35. (b) Explain about various types of JDBC Drivers.
 JDBC stands for Java Data Base Connectivity
 JDBC drivers are the set of classes that enable java applications to communicate with database
 JDBC drivers are divided in to 4 types
 Each Types defines a JDBC driver implementation with higher level of platform independence,
performance and deployment administration
 The four types of JDBC drivers are
o Type 1 - JDBC – ODBC Bridge
o Type 2 – Native API – Partially java technology enabled driver
o Type 3 – Net Protocol – Fully java technology enabled driver
o Type 4 – Native protocol – Fully Java technology enabled driver

Type 1 – JDBC – ODBC Bridge


 It translates all JDBC calls into ODBC calls and sends them to ODBC drivers
 The JDBC – ODBC drivers from sun & InterSlov are the only existing examples for type 1 driver
Advantages
 JDBC – ODBC Bridge allows us to almost any database since the database ODBC Drivers are
already available
Disadvantages
 The performance is degraded, since the JDBC Calls goes through the data bridge to the native
database
 Type 1 drivers may not be useful for large scale application.
 The ODBC Driver must already be installed on the client machine.

Type 2 – Native API


 It converts JDBC calls into database specific calls for the databases like sql server, informatics ,
oracle or cybase
 Type 2 drivers are implemented with native code
 Type 2 drivers directly communicate with drivers however it requires some binary code
Advantages:
 It offers significantly better performance than JDBC-ODBC Bridge
Disadvantages
 Vender database library needs to be loaded in each client machine
 Type 2 drivers cannot be used for internet

Type 3- Net Protocol


 Type 3 protocol follows three-tiered approach as JDBC calls pass through the network through
middle tier server
 The middle tier server further translates the request to database specific native connectivity
interface

36
 Example of type 3 drivers are BEA’s Weblogic
 These servers are especially used in applet deployment
Advantages
 There is no need for vendor database library
 Its highly portable, performance, and scalable
Disadvantages
 Traversing the record set may take time, as the data comes from backend server

Type 4 Driver – Native Protocol


 Type 4 drivers are entirely written in Java
 They understand the database specific networking protocols and can access the database
directly without any additional software

Advantages
 It does not require any specific software to be installed on client or server
 These drivers can be downloaded dynamically
 Better performance than Type1 and Type 3 Drivers

Disadvantages
 User needs different drivers for each database

36. Explain about MVC Architecture.

 MVC Architecture stands for Model, View & Controller


 Main Aim of MVC architecture is to separate the business logic and application data from the
presentation data to user.
 The reason why we should use MVC design pattern is they are re-usable,
o When the problem recurs, there is no need to invent a new solution, instead we have to
just follow the pattern and adapt as necessary
 They are expressive,
o by using MVC design pattern our application becomes more expressive

Model
 The Model in MVC Design pattern acts as Data Layer for the application
 It represents business logic for an application and also contains state of the application
 Its an object that contain data, that also carry logic to update the controller if data is changed

View
 The View in MVC Design Pattern act as Presentation Layer of the application
 As the name indicates, view represents the visualization of the data received from Model

37
 View Layer consists of user Interface for the application
 It sends the data requested to the client which is fetched from Model Layer by controller

Controller
 It works on Both Model and view
 Its uses to manage the flow of application, I,e data flow in the model object and to update the
view whenever data is changed
 Its acts as an interface between model and view layer
 The controller layer get the user requests from View layer and sends them to model layer for
data processing , once they are processed, the data are send back to controller and displayed in
view

10- Marks
1.Explain in detail about arrays in Javascript with suitable examples.

Array
 Java Script Array is a data structure that allows you to store and organize multiple values with in
single variable
 Its versatile and dynamic object
 It can hold various data types including numbers, strings, objects, and even other arrays
 Java script arrays are indexed as 0
 First element of an array starts from 0th index and second element starts from 1st index and so
on

Declaring an array
 There are basically two ways to create array
o Array constructor
o Array literal

Creating an array using Array literal


 Creating an array using array literal involves square bracket to define and initialize array
 This method is concise and widely preferred for its simplicity

Syntax:
Arrayname = [array1, array2….arrayn];

Example
Let name = [];
Console.log(name);

38
Let courses = [“HTML”,”CSS”,”JAVA”];
Console.log(courses);

O/p
[]
[[“HTML”,”CSS”,”JAVA”]

Creating an array using Array constructor [Javascript new keyword]


 This approach allows for dynamic initialization and can be used to create arrays with specified
length or elements

Syntax:
Let array = new array ();

Example
Creating an empty array
Let names = new array ();
Console.log(names);

Creating and initializing an array with values


Let courses = new array (“HTML”,”JAVA”,”PHP”);
Console.log(courses);

Initializing an array while declaring


Let aereer= new array(3);
Aerreer[0]=1;
Aerreer[1]=1;
Aerreer[2]=3;
Aerreer[3]=2;
Console.log(aereer);

Output
[]

[ 'HTML', 'CSS', 'Javascript', 'React' ]

[ 10, 20, 30 ]

2. What is CSS and briefly explain about CSS and DTD?

39
 CSS stands for Cascading Style Sheets
 It’s a style sheet language which is used to describe the look and feel of a document written in
markup language
 It provides an additional features to HTML
 Its generally used with HTML page to change the style of webpages and UI.
 There are three types of CSS
a. Inline Style sheet
b. Internal or embedded style sheet
c. External style sheet

Inline style sheet


 Inline Style sheet is used to to apply style on single specific element or individual element.
Ex:
<HTML>
<HEAD>
<TITLE> INLINE STYLE </TITLE>
</HEAD>
<BODY>
<P STYLE = “COLOR: RED; BACKGROUND-COLOR: GREEN;” >
PARAGRAPH
</P>
</BODY>
</HTML>

Internal or Embedded Style sheet


 Internal or Embedded style sheet used to apply a style on whole Document or entire web pages.
EX:
<HTML>
<HEAD>
<TITLE> INTERNAL OR EMBEDDED STYLE SHEET </TITLE>
<STYLE>
P
{
COLOR: RED;
FONT-SIZE: 10PX;
}
</STYLE>

<BODY>
<P> PARAGRAPH </P>

40
Here whenever paragraph tag is used in the page, it appears in the properties specified
</BODY>
</HTML>

External Style Sheet


 External style sheet is used to apply a style on multiple web pages of a web site

EXAMPLE

DTD
 Document Type Definition is DTD
 DTD is a type of schema
 The purpose of DTDs is to provide framework for validating XML documents
 DTD is, a set of rules defining relationships within a document
 DTDs can be "internal" (within a document) or "external" (links to another document).

XML Documents are made up of following building blocks


 Elements
 Tags
 Attributes
 Entities
 PCDATA &
 CDATA

Elements
Elements are the main building blocks of both xml and html documents
Examples of html elements are “body” & “table”

41
Example of xml elements are “note” & “message”

Tags
 Tags are used to markup elements
 Starting tag like <element name > mark up the beginning of elements and ending tag like
</element name> mark up the end of an element
 Ex: HTML tags <body>……….. </body>
 Ex: XML Tags <message> ……</message>

Attributes
 Attributes provides an extra information about elements

3. Write a program using cookies

 A cookie is a http mechanism that is used for maintaining specific user settings and managing
state. A cookie is a simple mechanism which is used to store and retrieve user specified info on
the web.
 When a httpserver receives an request the server may choose to return some state information
that is stored by a cookie enabled client.
 This state information includes URL range whenever an Client receives http request it checks the
URL of the request against the URL range of all stored cookies.

For Example,
A servlet uses the getCookies() method of HTTPServletRequest to retrieve cookies as request.
The addCookie() method of HTTPServletResponse sends a new cookie to the browser.
You can set the age of cookie by setMaxAge() method.
Here is the code which defines cookie and shows how to set the maximum age of cookie.

import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class UseCookies extends HttpServlet
{
public void doGet ( HttpServletRequest request,
HttpServletResponse response )throws ServletException, IOException
{
PrintWriter out;
response.setContentType("text/html");
out = response.getWriter();
Cookie cookie = new Cookie("CName","Cookie Value");
cookie.setMaxAge(100);

42
response.addCookie(cookie);
out.println("<HTML><HEAD><TITLE>");
out.println(" Use of cookie in servlet");
out.println("</TITLE></HEAD><BODY BGCOLOR='cyan'>");
out.println(" <b>This is a Cookie example</b>");
out.println("</BODY></HTML>");
out.close();
}
}
In the above example, a servlet class UseCookies defines the cookie class.
Here the age of cookie has been set as setMaxAge(100). If its value is set to 0, the cookie will delete
immediately.
After the time provided been expired, cookie will automatically deleted.

4. Explain about various events handling mechanism in Javascript.


 Event Handling is a software routine that processes actions, such as keystrokes and mouse
movements.
 It is the receipt of an event at some event handler from an event producer and subsequent
processes.

Functions of Event Handling

 Event Handling identifies where an event should be forwarded.


 It makes the forward event.
 It receives the forwarded event.
 It takes some kind of appropriate action in response, such as writing to a log, sending an error
or recovery routine or sending a message.
 The event handler may ultimately forward the event to an event consumer.

Event Description
Handler

onAbort It executes when the user aborts loading an image.

onBlur It executes when the input focus leaves the field of a text, textarea or a select option.

onChange It executes when the input focus exits the field after the user modifies its text.

onClick In this, a function is called when an object in a button is clicked, a link is pushed, a checkbox is checked or
image map is selected. It can return false to cancel the action.

onError It executes when an error occurs while loading a document or an image.

43
onFocus It executes when input focus enters the field by tabbing in or by clicking but not selecting input from the
field.

onLoad It executes when a window or image finishes loading.

onMouseOver The JavaScript code is called when the mouse is placed over a specific link or an object.

onMouseOut The JavaScript code is called when the mouse leaves a specific link or an object.

onReset It executes when the user resets a form by clicking on the reset button.

onSelect It executes when the user selects some of the text within a text or textarea field.

onSubmit It calls when the form is submitted.

onUnload It calls when a document is exited.

5. How will you download and install tomcat server? Explain


Tomcat is an open source web server developed by Apache Group.
Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java
Servlet and JavaServer Pages technologies.

Here we are illustrating the installation process only for Windows. Steps involved in installation and
configuration process for Tomcat 6.0.10 are illustrated below:

Step 1:
Installation of JDK: Don't forget to install JDK on your system (if not installed) because any tomcat
requires the Java 1.5 (Java 5) and Java 1.6 (Java 6) and then set the class path (environment variable) of
JDK.

Step 2: Setting the class path variable for JDK: Two methods are there to set the classpath.
1. Set the class path using the following command.

set PATH="C:\Program Files\Java\jdk1.5.0_08\bin";%PATH%


2. The other way of setting the class path variable is:

First right click on the My Computer->properties->advance->Environment Variables->path. Set bin


directory path of JDK in the path variable.

Step 3:
Now it's time to shift on to the installation process of Tomcat 6.0.10. It takes various steps for installing
and configuring the Tomcat 6.0.For Windows, Tomcat comes in two forms : .zip file and the Windows
installer (.exe file). Here we are exploring the installation process by using the .exe file. The directory C:\

44
apache-tomcat-6.0.10 is the common installation directory as it is pre-specified C:\ as the top-level
directory. First unpack the zipped file and simply execute the .exe file.

The above shown screen shot is the first one shown in the installation process. Just click on the Next
button to proceed the installation process.

45
46
of the people change the port number to 80 because in this case the user is not required to specify the
port number at request time. But we are using here the default port number as 8080. Choose the user
name and password as per your convenience. We can change the port number even the installation
process is over. For that, go to the specified location as " Tomcat 6.0 \conf \server.xml ". Within the
server.xml file choose "Connector" tag and change the port number.

e.g While using the port number 8080, give the following request in the address bar as:
Default Port: http//localhost:8080/index.jsp
In case of port number number 80 just type the string illustrated below in the address bar:
New Port: http://localhost/index.jsp
Note that we do no need to specify any port number in the URL.
Now click on the Next button to proceed the installation process.

47
48
After successfully installing, a shortcut icon to start the tomcat server appears in the icon tray of the task
bar as shown above. Double clicking the icon displays the window of Apache Manager for Tomcat. It will
show the "Startup type" as manual since we have changed the destination folder for tomcat during the
installation process. Now we can configure the other options like "Display name" and "Description" .We
can also start, stop and restart the service from here

Now , set the environment variable for tomcat :

step 4:
Setting the JAVA_HOME Variable: Purpose of setting the environment variable JAVA_HOME is to specify
the location of the java run time environment needed to support the Tomcat else Tomcat server does

49
not run. This variable contains the path of JDK installation directory. Note that it should not contain the
path up to bin.
set JAVA_HOME=C:\Program Files\Java\jdk1.5.0_08
Here, we have taken the URI path according to our installation convention
For Windows XP, Go through the following steps:
Start menu->Control Panel->System->Advanced tab->Environment Variables->New->set the Variable
Name as JAVA_HOME and Variable Value as C:\Program Files\Java\jdk1.6.0 and then click on the entire
three ok buttons one by one. It will set the JDK path.

Now , Start the Tomcat Server : Start the tomcat server from the bin folder of Tomcat 6.0 directory by
double clicking the " tomcat6.exe " file. You can also create a shortcut of this .exe file at your desktop.
Stop the Tomcat Server: Stop the server by pressing the "Ctrl + c" keys.

6. Discuss in detail about the framework of Struts.

Struts is an open source framework used for developing J2EE web


applications using Model View Controller (MVC) design pattern.
It uses and extends the Java Servlet API to encourage developers to adopt an
MVC architecture.
Struts framework provides three key components

A request handler provided by the application developer that is used to mapped to a particular URI

A response handler which is used to transfer the control to another resource which will be responsible
for completing the response

A tag library which helps developers to create the interactive form based applications with server pages

Struts provides you the basic infrastructure infrastructure for implementing MVC allowing the
developers to concentrate on the business logic

Overview of the Struts Framework


The Struts Controller Components:
Whenever a user request for something, then the request is handled
by the Struts Action Servlet. When the ActionServlet receives the request,
it intercepts the URL and based on the Struts Configuration files, it gives
the handling of the request to the Action class. Action class is a part of the
controller and is responsible for communicating with the model layer.

The Struts View Components:


The view components are responsible for presenting information to

50
the users and accepting the input from them. They are responsible for
displaying the information provided by the model components. Mostly we
use the Java Server Pages (JSP) for the view presentation. To extend the
capability of the view we can use the Custom tags, java script etc.

The Struts model component:


The model components provides a model of the business logic
behind a Struts program. It provides interfaces to databases or back- ends
systems. Model components are generally a java class. There is not any
such defined format for a Model component, so it is possible for us to
reuse Java code which are written for other projects. We should choose the
model according to our client requirement.

7. Illustrate about introspection feature of java beans with suitable examples.


This the process of analyzing a bean to determine its capabilities.
This is an essential feature of the java beans API because it allows another application, such as a design
tool, to obtain information about a component.
There are two ways in which the developer of a bean can indicate which of its properties, events, and
methods should be exposed.

1. With the first method, simple naming conventions to infer the introspection mechanisms to
infer information about a bean.
2. In the second way, an additional class that extends the Beaninfo interface is provided that
explicitly supplies this information.

Introspection is the process of exposing the properties, methods, and events that a JavaBean
component supports. This process is used at run-time, as well as by a visual development tool at design-
time. The default behavior of this process allows for the automatic introspection of any Bean. A low-
level reflection mechanism is used to analyze the Bean’s class to determine its methods. Next it applies
some simple design patterns to determine the properties and events that are supported. To take
advantage of reflection, you only need to follow a coding style that matches the design pattern. This is
an important feature of JavaBeans. It means that you don’t have to do anything more than code your
methods using a simple convention. If you do, your Beans will automatically support introspection
without you having to write any extra code

The following example represents code to perform introspection:


import java.beans.BeanInfo;
import java.beans.Introspector;
import java.beans.IntrospectionException;

51
import java.beans.PropertyDescriptor;
public class SimpleBean
{
private final String name = "SimpleBean";
private int size;
public String getName()
{
return this.name;
}
public int getSize()
{
return this.size;
}
public void setSize( int size )
{
this.size = size;
}
public static void main( String[] args ) throws IntrospectionException
{
BeanInfo info = Introspector.getBeanInfo( SimpleBean.class );
for ( PropertyDescriptor pd : info.getPropertyDescriptors() )
System.out.println( pd.getName() );
}
}
This example creates a non-visual bean and displays the following properties derived from the BeanInfo
object:
class
name
size

8. Explain about limitations of Ajax and security issues.

Limitations of Ajax.

- Back functionality cannot work because the dynamic pages don’t register themselves to the
browsers history engine. Hence the need of Iframe becomes essential.
- The page cannot be bookmarked if implemented using Ajax.
- If java script is disabled , Ajax will not work
- Because different components of the pages are loaded at different times, response time may
be slow.
- Because different components of the pages are loaded at different times it may create
confusion for the user.

52
Security Issues
AJAX is the most commonly used web technique to send and receive data to and from the web server
asynchronously without disturbing the functionality of the other components of the client-side
application. Although AJAX itself does not provide any security vulnerabilities, still we have to keep some
security measurements while implementing AJAX. The security measurements are –

Cross-Site Scripting(XSS) − AJAX applications should be vulnerable to XSS attacks. If proper input
validation and output encoding are not implemented, then a hacker can easily inject malicious scripts
inside the AJAX response. These malicious scripts are used to steal sensitive data from the system or can
manipulate the content.

Cross-Site Request Forgery(CSRF) − In this attack, the attacker tricks the browser by doing unwanted
actions with the help of an authentication session. It can exploit the AJAX request and can perform
unauthorized actions.

Insecure Direct Object References(IDOR) − The request generally accesses the specified resource from
the server with the help of a unique identifier. But if the attacker gets this identifier then it can easily
manipulate or can access unauthorized resources

Content Security Policies(CSP) − It is a policy which helps users/developers to save themselves from
malicious activities or unauthorized access.
Server-Side validation − Server-side validation is very important because it ensures that the submitted
data meets the specified criteria and it is safe for further process.

Secure Session Management − The AJAX application should properly maintain user sessions and session
tokens to save the session from attacks
Input Validation and Sanitization − Server should perform validation and sanitization of the data
received from the client side to prevent attacks.

Regular Update and Security − As we know that AJAX uses external libraries or frameworks. So keeping
them up to date is an important task. To avoid various vulnerabilities and improve the security of the
application.

9. Discuss about JDK technology


 The Java Development Kit (JDK) is a cross-platformed software development environment that
offers a collection of tools and libraries necessary for developing Java-based software
applications and applets.
 It is a core package used in Java, along with the JVM (Java Virtual Machine) and the JRE (Java
Runtime Environment)

53
 Beginners often get confused with JRE and JDK, if you are only interested in running Java
programs on your machine then you can easily do it using Java Runtime Environment.
 However, if you would like to develop a Java-based software application then along with JRE
you may need some additional necessary tools, which is called JDK
 JDK is a combination of JRE+ Development Tools
 Java Development Kit is an implementation of one of the JAVA platform

Contents of JDK
 The JDK has a private Java Virtual Machine (JVM) and a few other resources necessary for the
development of a Java Application.

JDK contains:
 Java Runtime Environment (JRE),
 An interpreter/loader (Java),
 A compiler (javac),
 An archiver (jar) and many more.

Important Components of JDK

 Below there is a comprehensive list of mostly used components of Jdk which are very useful
during the development of a java application.

Use
Component

javac Java compiler converts source code into Java bytecode

java The loader of the java apps.

javadoc Documentation generator,

jar Java Archiver helps manage JAR files.

appletviewer Debugging of Java applets without a web browser,

jdb Debugger,

54
10. Explain about functions of javax.sql package
This package provides the APIs for accessing and processing data which is stored in the database
especially relational database by using the java programming language.
It includes a framework where we different drivers can be installed dynamically to access different
databases especially relational databases.

2 Marks

1.State the role of Keyhole Markup Language

Keyhole Markup Language (KML) is a markup language based on XML and useful for describing and
implementing 2D and 3D visual shapes on HTML-based browsers.

11. What is document type definition


 Document Type Definition is DTD
 DTD is a type of schema
 The purpose of DTDs is to provide framework for validating XML documents
 DTD is, a set of rules defining relationships within a document
 DTDs can be "internal" (within a document) or "external" (links to another document).

12. List the implications of java beans bound property


A bound property notifies listeners when its value changes.
This has two implications:
The bean class includes addPropertyChangeListener() and removePropertyChangeListener()
methods for managing the bean's listeners.
When a bound property is changed, the bean sends a PropertyChangeEvent to its registered
listeners.

13. Define persistence in java beans


Persistence is the ability to save the current state of a Bean, including the values of a
Bean’s properties and instance variables, to nonvolatile storage and to retrieve them at a
later time

14. What is meant by JSDK?


 JSDK  Java Servlet Development Kit
 Servlets are server side programs
 Servlets are loaded and executed by web server
 The Java Servlet Development Kit (JSDK) are reference implementation of Java
Servlet API
 The same can be used for developing, running , testing and debugging of java
servlets

55
15. Differentiate cookies and session variables.

Basis of Cookie Session


Comparison

Cookies are client-side files that Sessions are server-side files


Definition are stored on a local computer that store user information.
and contain user information.

Cookies expire after the user The session ends when the
Expiry specified lifetime. user closes the browser or
logs out of the program.

It can only store a limited amount It is able to store an unlimited


Data storage
of data. amount of information.

Cookies are used to store The data is saved in an


Data Format information in a text file. encrypted format during
sessions

16. Mention the importance of Model-View-Controller pattern.


 Its shortly called as MVC
 The main aim of MVC is to separate the business logic and application data from the
presentation data to the user
 The main reason for using MVC pattern is
a. They are reusable  when the problem occurs, there is no
need to invent a new solution  We just have to follow a
pattern and adapt it as necessary
b. They are expressive By using MVC design pattern, our
application is more expressive

17. What are implicit objects in JSP?


Implicit objects in jsp are the objects that are created by the container automatically and the
container makes them available to the developers, the developers do not need to create
them explicitly.
Since these objects are created automatically by the container and are accessed using
standard variables; hence, they are called implicit objects.
These are some main implicit objects in JSP which we use most
 Response Object

56
 Request Object
 Session Object
 Out Object
 PageContext Object
 Application Object
 Config Object
 Page Object
 Exception Object

18. What is mean by database?


A database is a collection of information that is organized so that it can easily be accessed,
managed, and updated. In one view, databases can be classified according to types of
content: bibliographic, full-text, numeric, and images

19. State the use of Concatenation Function in Python.


Concatenation in Python programming means combining two or more strings to merge their
values and create a new string. In Python string concatenation, strings are merged end-to-
end

20. Define web clients


 Web client is an application that communicates with a webserver using HyperText Transfer
Protocol [HTTP]
 Web client typically refers to the web browser in the users machine or mobile device
 It’s a client side [User Side ] of the web
 Web Browser is best example for Web Clients

21. What are the two major protocols for accessing email from servers?
 Email protocols are a collection of protocols that are used to send and receive
emails properly.
 The email protocols provide the ability for the client to transmit the mail to or
from the intended mail server.

Types of Email Protocols:

Three basic types of email protocols involved for sending and receiving mails are:

 SMTP  Simple Mail Transfer Protocol  Used to send mails over the internet
 POP3  Post Office Protocol  Used to retrieve mail for single client. POP 3 version is the
current version of POP used
 IMAP  Internet Message Access Protocol  Used to retrieve mails for multiple clients

57
22. Define HTTP protocol.
 HTTP stands for HyperText Transfer Protocol.
 It is a protocol used to access the data on the World Wide Web (www).
 The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.

23. What is XML namespace


 XML Namespaces provide a method to avoid element name conflicts.
 An XML namespace is declared using the reserved XML attribute. This attribute name must be
started with "xmlns".
 A Namespace is a set of unique names. Namespace is a mechanisms by which element and
attribute name can be assigned to a group

24. What are web services?


A web service is a set of open protocols and standards that allow data to be exchanged
between different applications or systems. Web services can be used by software
programs written in a variety of programming languages and running on a variety of
platforms to exchange data via computer networks such as the Internet in a similar way to
inter-process communication on a single computer.

16. What is the use of WSDL?

 WSDL Stands for Web Services Description Language and its XML Based language
 WSDL is used to describe Web services
 The WSDL file is used to describe in a nutshell what the web service does and gives the client all
the information required to connect to the web service and use all the functionality provided by
the web service.
 The WSDL file contains the location of the web service and
 The methods which are exposed by the web service
 The WSDL file itself can look very complex to any user, but it contains all the necessary
information that any client application would require to use the relevant web service.

17. Write the expansion for the following:


(a) SOAP  Simple Object Access Protocol
(b) ODBC  Open Data Base Connectivity
18. What is UDDI?
 UDDI stands for Universal Description, Discovery, and Integration.

 UDDI is an XML-based standard for describing, publishing, and finding web services.

58
19. What is the role of server?
Server roles – servers can be configured to perform a number of roles. The applications that the server is
running specify the particular server’s role. Servers typically need services and additional features
installed to perform its specific role. When compared to workstations, servers have more disk space and
memory and faster processors. The server’s role determines the hardware that servers require. A few
common server roles are listed below
 Domain controller
 Database server
 Backup server
 File server
 Print server
 Infrastructure server
 Web server
 E-mail server

20. Define WWW.

 World Wide Web is abbreviated as WWW


 WWW can be defined as the collection of different websites around the world, containing
different information shared via local servers (or computers).
 World Wide Web, which is also known as a Web, is a collection of websites or web pages stored
in web servers and connected to local computers through the internet.
 These websites contain text pages, digital images, audios, videos, etc.
 Users can access the content of these sites from any part of the world over the internet using
their devices such as computers, laptops, cell phones, etc.
 The WWW, along with internet, enables the retrieval and display of text and media to your
device.

21. State the issues in Javascript.


 Syntax Errors
 Undefined or Null references
 Scope issues
 Incorrect reference of ‘this’ keyword
 Misusing Arrays & Object Methods
 Boolean value errors

22. What is meant by Document Type Definition (DTD)? – Already covered

23. Write any two benefits of Java Beans.


Simple to create  It should be simple job to create a java component with our implementing countless
methods

59
Its portable  its written in Java, with no platform native code

24. What is BDK?


 BDK Stands for Bean Development Kit
 Bean Development Kit (BDK) is a tool for testing whether your Javabeans meets the JavaBean
specification
 The Beans Development Kit (BDK) is intended to support the early development of JavaBeans
components and to act as a standard reference base for both bean developers and tool vendors.

25.

60

You might also like