CCS375 – Web Technologies

Dr. F. R. Shiny Malar

Professor & Head
Department of CSE
1
 UNIT - III
SERVER SIDE PROGRAMMING

Servlets: Java Servlet Architecture- Servlet Life

Cycle- Form GET and POST actions- Session
Handling- Understanding Cookies- DATABASE
CONNECTIVITY: JDBC.

2
 Servlets: Java Servlet Architecture
 Servlets are grouped under the Advanced Java tree.
 It is used to create dynamic web applications.
 Java Servlet is a Java program that runs on a Java-
enabled web server or application server.
 It handles client requests,
 processes them,
 generates responses dynamically.
 Servlets are the backbone of many server-side
Java applications due to their efficiency and
scalability. 3
 Contd…
 The properties of Servlets are as follows:
 Servlets work on the server side.
 Servlets are capable of handling complex requests
obtained from the web server.
Other tasks that a servlet can do effectively are:
 Can easily manage/control the application flow.
 Suitable to implement business logic.
 Can effectively balance the load on the server side.
 Easily generate dynamic web content.
 Handle HTTP Request and Response
 Also act as an interceptor or filter for a specific group
of requests. 4
 Types of Servlet
 There are 2 types of servlet.
 Generic Servlets
 HTTP Servlets
 Generic Servlets:
 That provide functionality for implementing a
servlet.
 It is a generic class from which all the customizable
servlets are derived.
 It is protocol-independent and provides support for
HTTP, FTP, and SMTP protocols. 5
 Contd…
 It has 2 methods – init() to initialize & allocate
memory to the servlet and destroy() to deallocate
the servlet.
 HTTP Servlets:
 That provides support for HTTP request and
response.
 It is typically used to create web apps.
 It has two of the most used methods – doGET() and
doPOST() each serving their own purpose.

6
 Contd…
 There are three potential ways in which we can
employ to create a servlet:
 Implementing Servlet Interface
 Extending Generic Servlet
 Extending HTTP Servlet
Components of Servlet Architecture
 Servlet Architecture contains the business logic to
process all the requests made by client.

7
 Contd…

Fig. Components of Servlet Architecture.

8
 Contd…
1. Client
The client shown in the architecture above is the web
browser
it primarily works as a medium that sends out HTTP
requests over to the web server.
The web server generates a response based on some
processing in the servlet and the client further processes
the response.
2. Web Server
Primary job of a web server is to process the requests
and responses that a user sends over time.
Maintain how a web user would be able to access the
files that has been hosted over the server.
9
 Contd…
 The server is a software which manages access to a
centralized resource or service in a network.
 There are precisely two types of webservers:
 Static web server
 Dynamic web server
3. Web Container
 Web container is another typical component in
servlet architecture.
 Which is responsible for communicating with the
servlets.
10
 Contd…
 Two prime tasks of a web container are:
 Managing the servlet lifecycle
 URL mapping
 Web container sits at the server-side managing and
handling all the requests that are coming in either
from the servlets or from some JSP pages or
potentially any other file system.

11
 How does a Servlet Request flow?
 Every servlet should override the following 3
methods namely:
 init(): To initialize/instantiate the servlet container.
 service(): This method acts like an intermediatory
between the HTTP request and the business logic to
serve that particular request.
 destroy(): This method is used to deallocate the
memory allocated to the servlet.

12
 Contd…
 The steps in which a request flows through a servlet
which can be observed in the architecture diagram:
 The client sends over a request.
 The request is accepted by the web server and
forwarded to the web container.
 In order to obtain the servlet’s address, the web
container traces web.xml file corresponding to the
request URL pattern.
 By the time above process takes place, the servlet
should have been instantiated and initialized.
 The init() method is invoked to initialize the servlet.
13
 Contd…
By passing ServletRequest and Response object,
public service() method is called by the container.
In the next step, the ServletRequest &
ServletResponse objects are type casted to
HttpServletRequest and HttpServletResponse objects
by the public service() method.
Now protected service() method is called by the
public service() method.
The protected service() method dispatches the
request to the correct handler method based on the type
of request.
When servlet container shuts down, it unloads all
the servlets and calls destroy() method for each
initialized servlet. 14
 Contd…
Advantages
Servlets are also protocol-independent supporting
FTP, HTTP, SMTP, etc.
Until destroyed manually, servlets can be retained in
the memory helping process several requests over time.
Once a database connection is established, it can
facilitate process several requests for a database in the
very same database session.
Servlets inherit Java’s property of portability and
hence are compatible with nearly any web server.
Servlets are first converted into byte codes and then
executed, which helps in increasing the processing
time.
15
 Contd…
Disadvantages
Designing a servlet can be pretty laborious.
Exceptions need to be handled while designing a
servlet since they are not thread safe.
Developers may need additional skills to program
a servlet.

16
 Servlet Life Cycle
 The entire life cycle of a Servlet is managed by the
Servlet container .
 which uses the javax.servlet.Servlet interface to
understand the Servlet object and manage it.
 before creating a Servlet object, let’s first
understand the life cycle of the Servlet object
which is actually understanding how the Servlet
container manages the Servlet object.

17
States of the Servlet Life Cycle

Fig. States of Servlet Life Cycle

18
 Contd…
 The Servlet life cycle consist of four stages.
1. Loading a Servlet
 The first stage of the Servlet lifecycle involves
loading and initializing the Servlet.
 The Servlet container performs the following
operations:
Loading: The Servlet container loads the Servlet class
into memory.
Instantiation: The container creates an instance of the
Servlet using the no-argument constructor.
19
 Contd…
 The Servlet container can load the Servlet at one of
the following times:
 During the initialization of the web application.
 When the Servlet is first requested by a client.
2. Initializing a Servlet
 After the Servlet is instantiated, the Servlet
container initializes it by calling the
init(ServletConfig config) method.
 This method is called only once during the
Servlet’s life cycle.
20
 Contd…
3. Handling request
Once the Servlet is initialized, it is ready to handle client
requests.
The Servlet container performs the following steps for each
request:
Create Request and Response Objects:
 The container creates ServletRequest & ServletResponse
objects.
 For HTTP requests, it creates HttpServletRequest and
HttpServletResponse objects.
Invoke the service() Method:
The container calls the service(ServletRequest req,
ServletResponse res) method.
The service() method determines the type of HTTP request
(GET, POST, PUT, DELETE, etc.) and delegates the request to
the appropriate method (doGet(), doPost(), etc).
21
 Contd…
4. Destroying a Servlet
When the Servlet container decides to remove the
Servlet,
it follows these steps.
Allow Active Threads to Complete: The container
ensures that all threads executing the service() method
complete their tasks.
Invoke the destroy() Method: The container calls the
destroy() method to allow the Servlet to release
resources.
Release Servlet Instance: After the destroy() method is
executed, the Servlet container releases all references to
the Servlet instance, making it eligible for garbage
collection 22
 Contd…
Servlet Life Cycle Methods
There are three life cycle methods of a Servlet:
init()
service()
destroy()

23
 Contd…
 init()
 This method is called by the Servlet container to
indicate that this Servlet instance is executed
successfully and is about to put into the service.
 service()
 This method is used to inform the Servlet about the
client requests
 This method uses ServletRequest object to collect
the data requested by the client & generate the
output content

24
 Contd…
 destroy()
 This method runs only once during the lifetime of
a Servlet and signals the end of the Servlet
instance.

25
 Form GET and POST actions

 using the GET method puts the data in the web

address.
 The POST method sends the data quietly in the
background, like a secret message that's not shown
in the web address.

26
 Contd…
GET Method
Data in URL: GET sends form data as part of the
URL and Information is visible in the browser's
address bar.
Bookmarking and Caching: Form submissions with
GET can be bookmarked and cached easily and it is
useful for sharing links but not suitable for sensitive
data.
Limit on Data Size: Using GET Limited data size for
submission (typically up to 2048 characters)

27
 Contd…
Syntax

<form action="/submit" method="GET">

<label for="username">Username:</label>
<input type="text" id="username"
name="username">
<input type="submit" value="Submit">
</form>

28
 Contd…
POST Method:
Data in Request Body: POST sends form data in the
body of the HTTP request and Information is not
visible in the URL.
Security and Sensitivity: It is suitable for sensitive
data like passwords and it is more secure as data is
not exposed in the URL.
No Data Size Limit: No strict size limit for data
submission and it is suitable for large amounts of
information.

29
 Contd…
Syntax
<form action="/submit" method="POST">
<label for="password">Password:</label>
<input type="password" id="password"
name="password">
<input type="submit" value="Submit">
</form>

30
 Session Handling
 Servlets are the Java programs that run on the
Java-enabled web server or application server.
 used to handle the request obtained from the
webserver, process the request, produce the
response, then send a response back to the
webserver
 HTTP is a “stateless” protocol, which means that
each time a client requests a Web page, the client
establishes a new connection with the Web server,
and the server does not retain track of prior
requests. 31
 Contd…
 The conversation of a user over a period of time is
referred to as a session.
 In general, it refers to a certain period of time.
 The recording of the object in session is known as
tracking.
 Session tracking is the process of remembering
and documenting customer conversations over
time.
 The term “stateful web application” refers to a web
application that is capable of remembering and
recording client conversations over time.
32

Contd…
Session Tracking employs Four Different techniques
 Cookies
 Hidden Form Field
 URL Rewriting
 HttpSession
 Cookies:
 Cookies are little pieces of data delivered by the web
server.
 Each web client can be assigned a unique session ID
by a web server.
 Cookies are used to keep the session going. Cookies
can be turned off by the client. 33
 Contd…
 Hidden Form Field
 The information is inserted into the web pages via
the hidden form field, which is then transferred to
the server.
 These fields are hidden from the user’s view.

Illustration:
<input type = hidden' name = 'session' value =
'12345' >

34
 Contd…
 URL Rewriting
 With each request and return, append some more
data via URL as request parameters.
 URL rewriting is a better technique to keep session
management and browser operations in sync.
 HttpSession
 A user session is represented by the HttpSession
object.
 A session is established between an HTTP client
and an HTTP server using the HttpSession
interface.
35
 Contd…
 URL Rewriting
 With each request and return, append some more
data via URL as request parameters.
 URL rewriting is a better technique to keep session
management and browser operations in sync.
 HttpSession
 A user session is represented by the HttpSession
object.
 A session is established between an HTTP client
and an HTTP server using the HttpSession
interface.
36
 Understanding Cookies
 The Cookie is a small message from a web server
passed to the user's browser when you visit a
website.
 Cookies are small text files of information
created/updated when visiting a website and stored
on the user's web browser.
 Cookies are commonly used for information about
user sections, user preferences and other data on
the website.
 Cookies help websites remember users and track
their activities to provide a personalized
experience.
37
 Contd…
Where are cookies stored?
These data files are typically stored in the user's
web browser.
Depending on the browser and platform, cookies
can be found in different locations.
Commonly, cookies are stored in a specific folder
or directory on the user's computer or device.
In Windows, they are often found in the C:\
Users[username]\AppData\Roaming[browser name]\
Cookies directory,
38
 Contd…
Types of Cookies:
the 4 main types of cookies.

Session cookies
Persistent cookies
First-party cookies
Third-party cookies

39
 Contd…
 Session cookies:
 Session cookies are also known as temporary
cookies.
 which are present as long as the user browser is
open.
 Session cookies are deleted once the browser is
closed and the user's session is inactive (time-
based).
 Session cookies are most often used to maintain
the user's session on the browser.

40
 Contd…
 Persistent cookies:
 Persistent cookies are also known as
permanent/long-term cookies.
 Persistent cookies can last longer than session
cookies.
 Persistent cookies are stored on the user's device
for a specific period.
 Persistent cookies are most often used for long-
term tracking and remembering user preferences.

41
 Contd…

 First-party cookies:
 First-party cookies are set by the website that you
are currently visiting.
 First-party cookies are generally used to provide a
good user experience, collect the analytics data,
remember language settings etc.

42
 Contd…
Third-party cookies:
 Third-party cookies are set by the domains that
you are not visiting.
 It is used for cross-site tracking and advertising
purposes these cookies collect data about your
browsing habits and serve ads according to it.
For example, when you visit a website, it may include
content from third-party domains. These third-
party domains can set cookies on your browser to
track your online activity and build profiles for
targeted advertising or analytics.
43
 Contd…
Benefits:
User Convenience: Cookies mainly enhance user
experience by storing user preferences like language
settings, shopping cart items, etc.
Tracking: Cookies are used as trackers to collect
user's behavior which will be helpful for marketing
strategies, improving content, etc.
Authentication: Cookies are essential for
maintaining the user's session and authentication to
stay logged in.
44
 DATABASE CONNECTIVITY: JDBC
 JDBC (Java Database Connectivity) is an API in
Java that enables applications to interact with
databases.
 It allows a Java program to connect to a database,
execute queries, and retrieve and manipulate
data.
 By providing a standard interface, JDBC ensures
that Java applications can work with different
relational databases like MySQL, Oracle.

45
JDBC Architecture

46
 Contd…
Application: It is a Java applet or a servlet that
communicates with a data source.
The JDBC API: It allows Java programs to execute
SQL queries and retrieve results. Key interfaces
include Driver, ResultSet, RowSet,
PreparedStatement, and Connection.
DriverManager: It plays an important role in the
JDBC architecture. It uses some database-specific
drivers to effectively connect enterprise applications
to databases.
JDBC drivers: These drivers handle interactions
between the application and the database.
47