Applying Zero Trust Principles to Enterprise Mobility
Mobile application development and app security vetting need greater scrutiny to While the ZT architectural principles and the available mobile security ...
Mobile Applications (Apps) Security Guidelines
A. Mobile Application Architecture i) App owners shall develop a standard architecture based on prescribed set of security principles rules
ENTERPRISE ARCHITECTURE OF AN APPLICATION OF MOBILE
This study was conducted on a mobile referral marketing application owned by a consumer finance company. Identify and Establish Architecture Principles.
Get Free Microsoft Net Application Architecture Guide ? - covid19
you manage your app in a cloud-based environment. NET solution architect and explore solution architecture principles DevOps solutions
Device Management Architecture - Candidate Version 2.0
10.12.2013 the schedule to the Open Mobile Alliance Application Form. ... The design of the architecture follows the OMA architecture principle ...
Download File PDF Msdn Architecture Guide Copy - covid19.gov.gd
understanding core Azure principles and foundational concepts Key Features Get complete the app including UI design
CSE 5236 (Approved): Mobile Application Development
Mobile application development frameworks; Architecture design and engineering m an ability to apply mathematical foundations
Gartner Application Architecture Development & Integration Summit
Ten Essential Principles of Modern. Application Architecture: Learning From the Leaders Yefim V. Natis. E6. Custom. Mobile So. Play Key R.
Principles in the Design of Mobile Medical Apps: Guidance for
Keywords: mobile health mobile medical app
Headless Architecture in a Digital Landscap
Microservices in Headless Architecture. Web Apps. Mobile Apps. 3rd Party. Apps. Load. Balancer. Routing an architectural style a set of principles
[PDF] Mobile Application Architecture Guide - Rob Tiffany
Design applications using the principles and practices in the guide and benefit from the lessons learned • Create training Create training from the concepts
(PDF) Mobile Application Architectures - ResearchGate
In this paper we go through mobile architectural structures and analysis of these with empirical mobile application development We used different architectural
[PDF] Mobile Application Architectures - University of Pittsburgh
How should one architect (i e organize system to support a mobile application?) • Basic architecture options – Wireless Internet • Thin client approach •
[PDF] Introduction to Mobile Application Development - eGyanKosh
This course introduces software and hardware architectures of Mobile devices The emphasis will be on development of applications for Mobile devices Not to
[PDF] Information Architecture Principles for Mobile - Toptal
Mobile Navigation Patterns Adapted from Dan Brown's Eight Principles of Information Architecture For mobile sites (not native apps) expect
[PDF] Architecture for Adaptive Mobile Applications - Global Vision Press
across hardware devices at runtime and execute on mobile hardware platforms The principles of software architecture are intrinsic to the development
6 Application Architecture - De Gruyter
Software application architecture is con- The onion principle requires to keep the app's model classes independent of 8_mvc_krasner_and_pope pdf
[PDF] Web Application Architecture: Principles Protocols and Practices
up numbers from a phone book database using a Web browser ) The ideal Web application architect must in some sense be a 'jack of all trades'
[PDF] Best Practices for Modern Application Architectures
Customers expect fast consumer-grade digital experiences whenever and wherever So your challenge isn't just building “an app”—it's creating a unified
Web Application Architecture
Principles, protocols and practices
Leon Shklar
Richard Rosen
Dow Jones and Company
Web Application Architecture
Web Application Architecture
Principles, protocols and practices
Leon Shklar
Richard Rosen
Dow Jones and Company
Copyright2003 by John Wiley & Sons Ltd,
The Atrium, SouthernGate, Chichester,
West Sussex PO19 8SQ, England
Telephone (+44) 1243 779777
Email (for orders and customer service enquiries): cs-books@wiley.co.uk Visit our Home Page on www.wileyeurope.com or www.wiley.comAll Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in
any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the
terms of the Copyright, Designs and Patents Act 1988 or under the termsof a licence issued by the Copyright
Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP, UK, without the permission in writing of the
Publisher with the exception of any material supplied specifically for the purpose of being entered and executed on a
computer system for exclusive use by the purchase of the publication. Requests to the Publisher should be addressed
to the Permissions Department, John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19
8SQ, England, or emailed to permreq@wiley.co.uk, or faxed to (+44) 1243 770620.
This publication is designed to provide accurate and authoritative information in regard to the subject matter
covered. It is sold on the understanding that the Publisher is not engaged in rendering professional services. If
professional advice or other expert assistance is required, the services of a competent professional should be sought.
Other Wiley Editorial Offices
John Wiley & Sons Inc., 111 River Street, Hoboken, NJ 07030, USA Jossey-Bass, 989 Market Street, San Francisco, CA 94103-1741, USA Wiley-VCH Verlag GmbH, Boschstr. 12, D-69469 Weinheim, Germany John Wiley & Sons Australia Ltd, 33Park Road, Milton, Queensland 4064, Australia John Wiley & Sons (Asia) Pte Ltd, 2 ClementiLoop #02-01, Jin Xing Distripark, Singapore 129809 John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W 1L1 Wiley also publishes its books in a variety of electronic formats. Somecontent that appears in print may not be available in electronic books. Library of Congress Cataloging-in-Publication DataShklar, Leon.
Web application architecture : principles, protocols, and practices /Leon Shklar, Richard Rosen.
p. cm.Includes bibliographical references and index.
ISBN 0-471-48656-6 (Paper : alk. paper)
1. Web sites"Design. 2. Application software"Development. I.
Rosen, Richard. II. Title.
TK5105.888.S492 2003
005.72"dc21
2003011759
British Library Cataloguing in Publication Data
A catalogue record for this book is available from the British LibraryISBN 0-471-48656-6
Typeset in 10/12.5pt Times by Laserwords Private Limited, Chennai, India Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham, Wiltshire This book is printed on acid-free paper responsibly manufactured from sustainable forestry in which at least two trees are planted for each one used for paper production.Contents
Acknowledgements xiii
1. Introduction 1
1.1 The Web in Perspective 1
1.2 The Origins of the Web 2
1.3 From Web Pages to Web Sites 3
1.4 From Web Sites to Web Applications 4
1.5 How to Build Web Applications in One Easy Lesson 5
1.5.1 Web page design resources 5
1.5.2 Web site design resources 5
1.5.3 Web application design resources 6
1.5.4 Principles of web application design 7
1.6 What is Covered in this Book 8
Bibliography 9
2. Before the Web: TCP/IP 11
2.1 Historical Perspective 11
2.2 TCP/IP 13
2.2.1 Layers 13
2.2.2 The client/server paradigm 14
2.3 TCP/IP Application Services 16
2.3.1 Telnet 16
2.3.2 Electronic mail 16
2.3.3 Message forums 24
2.3.4 Live messaging 25
2.3.5 File servers 25
2.4 And Then Came the Web...27
2.5 Questions and Exercises 27
Bibliography 28
viContents3. Birth of the World Wide Web: HTTP 29
3.1 Historical Perspective 29
3.2 Building Blocks of the Web 30
3.3 The Uniform Resource Locator 30
3.4 Fundamentals of HTTP 32
3.4.1 HTTP servers, browsers, and proxies 33
3.4.2 Request/response paradigm 33
3.4.3 Stateless protocol 34
3.4.4 The structure of HTTP messages 35
3.4.5 Request methods 37
3.4.6 Status codes 42
3.5 Better Information Through Headers 46
3.5.1 Type support through content-type 48
3.5.2 Caching control through Pragma and Cache-Control
headers 513.5.3 Security through WWW-Authenticate and
Authorization headers 53
3.5.4 Session support through Cookie and Set-Cookie
headers 563.6 Evolution 59
3.6.1 Virtual hosting 60
3.6.2 Caching support 61
3.6.3 Persistent connections 62
3.7 Summary 63
3.8 Questions and Exercises 63
Bibliography 64
4. Web Servers 65
4.1 Basic Operation 66
4.1.1 HTTP request processing 67
4.1.2 Delivery of static content 69
4.1.3 Delivery of dynamic content 71
4.2 Advanced Mechanisms for Dynamic Content Delivery 81
4.2.1 Beyond CGI and SSI 81
4.2.2 Native APIs (ISAPI and NSAPI) 81
4.2.3 FastCGI 81
4.2.4 Template processing 82
4.2.5 Servlets 84
4.2.6 Java server pages 85
4.2.7 Future directions 87
Contentsvii
4.3 Advanced Features 88
4.3.1 Virtual hosting 88
4.3.2 Chunked transfers 89
4.3.3 Caching support 90
4.3.4 Extensibility 91
4.4 Server Configuration 91
4.4.1 Directory structure 92
4.4.2 Execution 92
4.4.3 Address resolution 93
4.4.4 MIME support 94
4.4.5 Server extensions 95
4.5 Server Security 96
4.5.1 Securing the installation 96
4.5.2 Dangerous practices 97
4.5.3 Secure HTTP 98
4.5.4 Firewalls and proxies 98
4.6 Summary 100
4.7 Questions and Exercises 100
Bibliography 102
5. Web Browsers 103
5.1 Architectural Considerations 105
5.2 Processing Flow 107
5.3 Processing HTTP Requests and Responses 112
5.3.1 HTTP requests 113
5.3.2 HTTP responses 120
5.4 Complex HTTP Interactions 125
5.4.1 Caching 125
5.4.2 Cookie coordination 128
5.4.3 Authorization: challenge and response 129
5.4.4 Re-factoring: common mechanisms for storing
persistent data 1315.4.5 Requesting supporting data items 133
5.4.6 Multimedia support: helpers and plug-ins 134
5.5 Review of Browser Architecture 136
5.6 Summary 139
5.7 Questions and Exercises 139
Bibliography 140
viiiContents6. HTML and its Roots 141
6.1 Standard Generalized Markup Language 141
6.1.1 The SGML declaration 143
6.1.2 Document type definition 146
6.2 HTML 150
6.2.1 HTML evolution 151
6.2.2 Structure and syntax 152
6.3 HTML Rendering 157
6.3.1 Cascading style sheets 158
6.3.2 Associating styles with HTML documents 159
6.4 JavaScript 161
6.5 DHTML 164
6.5.2 Form validation 165
6.5.3 Layering techniques 167
6.6 Summary 168
6.7 Questions and Exercises 169
Bibliography 169
7. XML Languages and Applications 171
7.1 Core XML 172
7.1.1 XML documents 172
7.1.2 XML DTD 175
7.1.3 XML schema 177
7.2 XHTML 182
7.3 WML 183
7.4 XSL 186
7.4.1 XSLT 186
7.4.2 XSL formatting objects 189
7.4.3 What is so important about XSL? 195
7.5 Summary 197
7.6 Questions and Exercises 198
Bibliography 199
8. Dynamic Web Applications 201
8.1 Historical Perspective 201
8.1.1 Client-server applications 201
8.1.2 Web applications 202
8.1.3 Multi-tier web applications 203
Contentsix
8.2 Application Architecture 203
8.2.1 Interpreting and routing client requests 205
8.2.2 Controlling user access to the application 208
8.2.3 Enabling data access 216
8.2.4 Accessing and modifying content 223
8.2.5 Customizing content for presentation 231
8.2.6 Transmitting the formatted response 235
8.2.7 Logging and recording application activity 235
8.3 Database Processing Issues 237
8.3.1 Configuration 238
8.3.2 Transactions 239
8.3.3 Best practices 241
8.4 Summary 242
8.5 Questions and Exercises 242
Bibliography 243
9. Approaches to Web Application Development 245
9.1 Programmatic Approaches 246
9.1.1 CGI 246
9.1.2 Java Servlet API 247
9.2 Template Approaches 247
9.2.1 Server-Side Includes (SSI) 249
9.2.2 Cold Fusion 250
9.2.3 WebMacro/Velocity 252
9.3 Hybrid Approaches 254
9.3.1 PHP 254
9.3.2 Active Server Pages (ASP) 255
9.3.3 Java Server Pages 256
9.4 Separation of Content from Presentation 259
9.4.1 Application "exibility 259
9.4.2 Division of responsibility for processing
modules 2619.5 Frameworks: MVC Approaches 262
9.5.2 Struts 264
9.6 Frameworks: XML-Based Approaches 266
9.7 Summary 267
9.8 Questions and Exercises 269
Bibliography 270
xContents10. Application Primer: Virtual Realty Listing Services 271
10.1 Application Requirements 273
10.2 Application Development Environment 274
10.3 Anatomy of a Struts Application 276
10.4 The Structure of the VRLS Application 278
10.4.1 Controller: ActionServlet and custom actions 282
10.4.2 View: JSP Pages and ActionForms 288
10.4.3 Model: JavaBeans and auxiliary service classes 295
10.5 Design Decisions 297
10.5.1 Abstracting functionality into service classes 297
10.5.2 Using embedded page inclusion to support
co-branding 29810.5.3 A single task for creation and modification of
customer profiles 30010.6 Enhancements 301
10.6.1 Administrative interface 301
10.6.2 Enhancing the signup process through e-mail
authentication 30410.6.3 Improving partner recognition through a persistent
cookie 30510.6.4 Adding caching functionality to the DomainService
Class 306
10.6.5 Paging through cached search results using the value
list handler pattern 30710.6.6 Using XML and XSLT for view presentation 308
10.6.7 Tracking user behavior 310
10.7 Summary 311
10.8 Questions and Exercises 311
Bibliography 312
11. Emerging Technologies 313
11.1 Web Services 314
11.1.1 SOAP 314
11.1.2 WSDL 317
11.1.3 UDDI 319
11.2 Resource Description Framework 322
11.2.1 RDF and Dublin Core 322
11.2.2 RDF Schema 326
11.3 Composite Capability/Preference Profiles 328
11.4 Semantic Web 331
11.5 XML Query Language 332
Contentsxi
11.6 The Future of Web Application Frameworks 335
11.6.1 One more time: separation of content from
presentation 33511.6.2 The right tools for the job 337
11.6.3 Simplicity 338
11.7 Summary 343
11.8 Questions and Exercises 344
Bibliography 344
Index 347
Acknowledgements
I would like to thank my wife Rita and daughter Victoria for their insightful ideas about this project. I also wish to thank my mother and the rest of my family for their support and understanding.Leon Shklar
Thanks to my wife, Celia, for tolerating and enduring all the insanity associated with the writing process, and to my parents and the rest of my family for all they have done, not only in helping me finish this book, but in enabling Celia and me to have the most fantastic wedding ever in the midst of all this.Rich Rosen
We would both like to acknowledge the following people for their guidance and assistance: Karen Mosman and Jill Jeffries at John Wiley & Sons, Ltd for getting this book off the ground,Our editor, Gaynor Redvers-Mutton, and her assistant, Jonathan Shipley, for light-ing the fire underneath us that finally got us to finish it.
Nigel Chapman and Bruce Campbell for taking the time to review our work and provide us with valuable insights and advice.And finally, our friends and colleagues from the glory days of Pencom WebWorks"especially Howard Fishman, Brad Lohnes, Dave Makower, and Evan
Coyne Maloney"whose critiques, comments, and contributions were as thor- ough, methodical, and nitpicky (and we mean that in agoodway!) as an author could ever hope for. 1Introduction
1.1 THE WEB IN PERSPECTIVE
A little more than a decade ago at CERN (the scientific research laboratory near Geneva, Switzerland), Tim Berners-Lee presented a proposal for an information management system that would enable the sharing of knowledge and resources over a computer network. The system he proposed has propagated itself into what can truly be called a World Wide Web, as people all over the world use it for a wide variety of purposes:Educational institutions and research laboratories were among the very first usersof the Web, employing it for sharing documents and other resources across
the Internet. Individuals today use the Web (and the underlying Internet technologies that sup- port it) as an instantaneous international postal service, as a worldwide community bulletin board for posting virtual photo albums, and as a venue for holding global yard sales. Businesses engage ine-commerce, offering individuals a medium for buying and selling goods and services over the net. They also communicate with other busi- nesses throughB2B(business-to-business) data exchanges, where companies can provide product catalogues, inventories, and sales records to other companies.The Web vs. the Internet
There is an often-overlooked distinction between the Web and the Internet. The line between the two is often blurred, partially because the Web is rooted in the fundamental protocols associated with the Internet. Today, the lines are even more blurred, as2Introduction
into the realms of wireless devices, personal digital assistants, and the next generation of Internet appliances.1.2 THE ORIGINS OF THE WEB
Tim Berners-Lee originally promoted the World Wide Web as a virtual library, a doc- ument control system for sharing information resources among researchers. Online documents could be accessed via a unique document address, aUniversal Resource Locator(URL). These documents could be cross-referenced viahypertext links.Hypertext
choice to the reader." Unlike the static text of print media, it is intended for use with an interactive computer screen. It is open, "uid and mutable, and can be connected to The term was extended under the name hypermedia to refer not only to text, but to other media as well, including graphics, audio, and video. However, the original term hypertext persists as the label for technology that connects documents and information resources through links. From the very beginnings of Internet technology, there has been a dream of using the Internet as a universal medium for exchanging information over computer networks. Many people shared this dream. Ted Nelson"sXanaduproject aspired to make that dream a reality, but the goals were lofty and were never fully real- ized. Internet file sharing services (such asFTPandGopher) and message forum services (such asNetnews) provided increasingly powerful mechanisms for this sort of information exchange, and certainly brought us closer to fulfilling those goals. However, it took Tim Berners-Lee to (in his own words) "marry together" the notion of hypertext with the power of the Internet, bringing those initial dreams to fruition in a way that the earliest developers of both hypertext and Internet technology might never have imagined. His vision was to connect literallyeverything together, in a uniform and universal way.From Web Pages to Web Sites 3
Internet Protocols are the Foundation of Web Technology It should be noted that the Web did not come into existence in a vacuum. The Web is built on top of core Internet protocols that had been in existence for many years prior to underlying Internet protocols is fundamental to the design and implementation of true1.3 FROM WEB PAGES TO WEB SITES
The explosively exponential growth of the Web can at least partially be attributed to its grass roots proliferation as a tool forpersonal publishing. The fundamental tech- nology behind the Web is relatively simple. A computer connected to the Internet, running aWeb server, was all that was necessary to serve documents. Both CERN and the National Center for Supercomputer Applications (NCSA) at the University of Illinois had developed freely available Web server software. A small amount of HTMLknowledge (and the proper computing resources) got you something that couldbecalledaWeb site.Primitive Web Sites from the Pre-Cambrian Era
Early Web sites were, in fact, just loosely connected sets of pages, branched off hierarchically from a home page. HTML lets you link one page to another, and a in this day and age is more than just a conglomeration of Web pages. Granted, when the Web was in its infancy, the only computers connected to the Internet and capable of running server software were run by academic institutions and well-connected technology companies. Smaller computers, in any case, were desktop was still a rarity. If you wanted access to any sort of computing power, you connection or dialup phone line. Still, among those associated with such organizations, it quickly became a very simple process to create your own Web pages. Moreover, all that was needed was a simple text editor. The original HTML language was simple enough that, even4Introduction
without the more sophisticated tools we have at our disposal today, it was an easy task for someone to create a Web page. (Some would saytooeasy.) "Welcome to My Home Page, Here Are Photos of My Cat and A Poem I Wrote" In those pioneer days of the Web, academic and professional organizations used the Web to share information, knowledge, and resources. But once you got beyond those hallowed halls and cubicle walls, most people"s Web pages were personal showcases for publishing bad poetry and pictures of their pets. The thought of a company offer- ing information to the outside world through the Web, or developing an intranet to provide information to its own employees, was no more than a gleam in even the most prophetic eyes. There is a big difference between a Web page and a Website. A Web site is morequotesdbs_dbs22.pdfusesText_28[PDF] mobile application development course syllabus
[PDF] mobile application development lab manual for mca
[PDF] mobile application development tutorial
[PDF] mobile application development using android lecture notes
[PDF] mobile application learning english
[PDF] mobile application penetration testing book pdf
[PDF] mobile application penetration testing pdf
[PDF] mobile application performance testing tools
[PDF] mobile application reference architecture
[PDF] mobile application security pdf
[PDF] mobile application security ppt
[PDF] mobile application security testing approach
[PDF] mobile application security testing checklist
[PDF] mobile application security testing pdf