[PDF] [PDF] Web Application Architecture: Principles, Protocols and Practices

[PDF] Mobile Application Architecture Guide - Rob Tiffany

A mobile application will normally be structured as a multi-layered application consisting of user experience, business, and data layers When developing a mobile application, you may choose to develop a thin Web-based client or a rich client

[PDF] Software architectural principles in contemporary mobile software

ecosystem of apps by mining hundreds of Android apps in several app markets • Reflects on deviations from how architectural concepts have been prescribed in 

[PDF] Towards a Generic Reference Architecture for Mobile Applications

According to Microsoft Patterns Practices Team (2009a), an architectural pattern is a number of principles that pro- vides an abstract framework with solutions to 

[PDF] Best Practices for Modern Application Architectures - Progress

So your challenge isn't just building “an app”—it's creating a unified experience across channels The answer is a modern application architecture—one that allows for the speed and agility mandatory for Core principles of an agile mindset 

[PDF] The Enterprise Mobile Applications Development Framework

Enterprises face several challenges in deploying mobile applications, emanating from features Mobile Applications Development Framework offers a systematic and comprehensive Bhuvan Unhelkar is the founder and principle consul-

[PDF] Information Architecture Principles for Mobile - Toptal

For mobile sites (not native apps), expect nearly half of all tra c to arrive at a screen that isn't the home screen The Principle of Focused Navigation Define 

[PDF] Web Application Architecture: Principles, Protocols and Practices

Web application architecture : principles, protocols, and practices / Leon Shklar up numbers from a phone book database using a Web browser ) However, for  

[PDF] Principles in the Design of Mobile Medical Apps: Guidance - WI2017

Keywords: mobile health, mobile medical app, mobile patient monitoring, context model and a related application framework that focuses on alarm notification

[PDF] Guidelines for Architecting Android Apps: A Mixed - Ivano Malavolta

velopers architect Android apps, what architectural patterns and practices responsibility principle, the app architecture naturally supports the structure of 

[PDF] Sportswear E-commerce Mobile Application - Al Akhawayn University

7 SOFTWARE ARCHITECTURE Therefore, the development of a mobile application for online shopping is a very This among the basic principles of RAD

[PDF] mobile application development + lecture notes pdf

[PDF] mobile application development course syllabus

[PDF] mobile application development lab manual for mca

[PDF] mobile application development tutorial

[PDF] mobile application development using android lecture notes

[PDF] mobile application learning english

[PDF] mobile application penetration testing book pdf

[PDF] mobile application penetration testing pdf

[PDF] mobile application performance testing tools

[PDF] mobile application reference architecture

[PDF] mobile application security pdf

[PDF] mobile application security ppt

[PDF] mobile application security testing approach

[PDF] mobile application security testing checklist

[PDF] mobile application security testing pdf

Web Application Architecture

Principles, protocols and practices

Leon Shklar

Richard Rosen

Dow Jones and Company

Web Application Architecture

Web Application Architecture

Principles, protocols and practices

Leon Shklar

Richard Rosen

Dow Jones and Company

Copyright2003 by John Wiley & Sons Ltd,

The Atrium, SouthernGate, Chichester,

West Sussex PO19 8SQ, England

Telephone (+44) 1243 779777

Email (for orders and customer service enquiries): cs-books@wiley.co.uk Visit our Home Page on www.wileyeurope.com or www.wiley.com

All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in

any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the

terms of the Copyright, Designs and Patents Act 1988 or under the termsof a licence issued by the Copyright

Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP, UK, without the permission in writing of the

Publisher with the exception of any material supplied specifically for the purpose of being entered and executed on a

computer system for exclusive use by the purchase of the publication. Requests to the Publisher should be addressed

to the Permissions Department, John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19

8SQ, England, or emailed to permreq@wiley.co.uk, or faxed to (+44) 1243 770620.

This publication is designed to provide accurate and authoritative information in regard to the subject matter

covered. It is sold on the understanding that the Publisher is not engaged in rendering professional services. If

professional advice or other expert assistance is required, the services of a competent professional should be sought.

Other Wiley Editorial Offices

John Wiley & Sons Inc., 111 River Street, Hoboken, NJ 07030, USA Jossey-Bass, 989 Market Street, San Francisco, CA 94103-1741, USA Wiley-VCH Verlag GmbH, Boschstr. 12, D-69469 Weinheim, Germany John Wiley & Sons Australia Ltd, 33Park Road, Milton, Queensland 4064, Australia John Wiley & Sons (Asia) Pte Ltd, 2 ClementiLoop #02-01, Jin Xing Distripark, Singapore 129809 John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W 1L1 Wiley also publishes its books in a variety of electronic formats. Somecontent that appears in print may not be available in electronic books. Library of Congress Cataloging-in-Publication Data

Shklar, Leon.

Web application architecture : principles, protocols, and practices /

Leon Shklar, Richard Rosen.

p. cm.

Includes bibliographical references and index.

ISBN 0-471-48656-6 (Paper : alk. paper)

1. Web sites"Design. 2. Application software"Development. I.

Rosen, Richard. II. Title.

TK5105.888.S492 2003

005.7

2"dc21

2003011759

British Library Cataloguing in Publication Data

A catalogue record for this book is available from the British Library

ISBN 0-471-48656-6

Typeset in 10/12.5pt Times by Laserwords Private Limited, Chennai, India Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham, Wiltshire This book is printed on acid-free paper responsibly manufactured from sustainable forestry in which at least two trees are planted for each one used for paper production.

Contents

Acknowledgements xiii

1. Introduction 1

1.1 The Web in Perspective 1

1.2 The Origins of the Web 2

1.3 From Web Pages to Web Sites 3

1.4 From Web Sites to Web Applications 4

1.5 How to Build Web Applications in One Easy Lesson 5

1.5.1 Web page design resources 5

1.5.2 Web site design resources 5

1.5.3 Web application design resources 6

1.5.4 Principles of web application design 7

1.6 What is Covered in this Book 8

Bibliography 9

2. Before the Web: TCP/IP 11

2.1 Historical Perspective 11

2.2 TCP/IP 13

2.2.1 Layers 13

2.2.2 The client/server paradigm 14

2.3 TCP/IP Application Services 16

2.3.1 Telnet 16

2.3.2 Electronic mail 16

2.3.3 Message forums 24

2.3.4 Live messaging 25

2.3.5 File servers 25

2.4 And Then Came the Web...27

2.5 Questions and Exercises 27

Bibliography 28

viContents

3. Birth of the World Wide Web: HTTP 29

3.1 Historical Perspective 29

3.2 Building Blocks of the Web 30

3.3 The Uniform Resource Locator 30

3.4 Fundamentals of HTTP 32

3.4.1 HTTP servers, browsers, and proxies 33

3.4.2 Request/response paradigm 33

3.4.3 Stateless protocol 34

3.4.4 The structure of HTTP messages 35

3.4.5 Request methods 37

3.4.6 Status codes 42

3.5 Better Information Through Headers 46

3.5.1 Type support through content-type 48

3.5.2 Caching control through Pragma and Cache-Control

headers 51

3.5.3 Security through WWW-Authenticate and

Authorization headers 53

3.5.4 Session support through Cookie and Set-Cookie

headers 56

3.6 Evolution 59

3.6.1 Virtual hosting 60

3.6.2 Caching support 61

3.6.3 Persistent connections 62

3.7 Summary 63

3.8 Questions and Exercises 63

Bibliography 64

4. Web Servers 65

4.1 Basic Operation 66

4.1.1 HTTP request processing 67

4.1.2 Delivery of static content 69

4.1.3 Delivery of dynamic content 71

4.2 Advanced Mechanisms for Dynamic Content Delivery 81

4.2.1 Beyond CGI and SSI 81

4.2.2 Native APIs (ISAPI and NSAPI) 81

4.2.3 FastCGI 81

4.2.4 Template processing 82

4.2.5 Servlets 84

4.2.6 Java server pages 85

4.2.7 Future directions 87

Contentsvii

4.3 Advanced Features 88

4.3.1 Virtual hosting 88

4.3.2 Chunked transfers 89

4.3.3 Caching support 90

4.3.4 Extensibility 91

4.4 Server Configuration 91

4.4.1 Directory structure 92

4.4.2 Execution 92

4.4.3 Address resolution 93

4.4.4 MIME support 94

4.4.5 Server extensions 95

4.5 Server Security 96

4.5.1 Securing the installation 96

4.5.2 Dangerous practices 97

4.5.3 Secure HTTP 98

4.5.4 Firewalls and proxies 98

4.6 Summary 100

4.7 Questions and Exercises 100

Bibliography 102

5. Web Browsers 103

5.1 Architectural Considerations 105

5.2 Processing Flow 107

5.3 Processing HTTP Requests and Responses 112

5.3.1 HTTP requests 113

5.3.2 HTTP responses 120

5.4 Complex HTTP Interactions 125

5.4.1 Caching 125

5.4.2 Cookie coordination 128

5.4.3 Authorization: challenge and response 129

5.4.4 Re-factoring: common mechanisms for storing

persistent data 131

5.4.5 Requesting supporting data items 133

5.4.6 Multimedia support: helpers and plug-ins 134

5.5 Review of Browser Architecture 136

5.6 Summary 139

5.7 Questions and Exercises 139

Bibliography 140

viiiContents

6. HTML and its Roots 141

6.1 Standard Generalized Markup Language 141

6.1.1 The SGML declaration 143

6.1.2 Document type definition 146

6.2 HTML 150

6.2.1 HTML evolution 151

6.2.2 Structure and syntax 152

6.3 HTML Rendering 157

6.3.1 Cascading style sheets 158

6.3.2 Associating styles with HTML documents 159

6.4 JavaScript 161

6.5 DHTML 164

6.5.2 Form validation 165

6.5.3 Layering techniques 167

6.6 Summary 168

6.7 Questions and Exercises 169

Bibliography 169

7. XML Languages and Applications 171

7.1 Core XML 172

7.1.1 XML documents 172

7.1.2 XML DTD 175

7.1.3 XML schema 177

7.2 XHTML 182

7.3 WML 183

7.4 XSL 186

7.4.1 XSLT 186

7.4.2 XSL formatting objects 189

7.4.3 What is so important about XSL? 195

7.5 Summary 197

7.6 Questions and Exercises 198

Bibliography 199

8. Dynamic Web Applications 201

8.1 Historical Perspective 201

8.1.1 Client-server applications 201

8.1.2 Web applications 202

8.1.3 Multi-tier web applications 203

Contentsix

8.2 Application Architecture 203

8.2.1 Interpreting and routing client requests 205

8.2.2 Controlling user access to the application 208

8.2.3 Enabling data access 216

8.2.4 Accessing and modifying content 223

8.2.5 Customizing content for presentation 231

8.2.6 Transmitting the formatted response 235

8.2.7 Logging and recording application activity 235

8.3 Database Processing Issues 237

8.3.1 Configuration 238

8.3.2 Transactions 239

8.3.3 Best practices 241

8.4 Summary 242

8.5 Questions and Exercises 242

Bibliography 243

9. Approaches to Web Application Development 245

9.1 Programmatic Approaches 246

9.1.1 CGI 246

9.1.2 Java Servlet API 247

9.2 Template Approaches 247

9.2.1 Server-Side Includes (SSI) 249

9.2.2 Cold Fusion 250

9.2.3 WebMacro/Velocity 252

9.3 Hybrid Approaches 254

9.3.1 PHP 254

9.3.2 Active Server Pages (ASP) 255

9.3.3 Java Server Pages 256

9.4 Separation of Content from Presentation 259

9.4.1 Application "exibility 259

9.4.2 Division of responsibility for processing

modules 261

9.5 Frameworks: MVC Approaches 262

9.5.2 Struts 264

9.6 Frameworks: XML-Based Approaches 266

9.7 Summary 267

9.8 Questions and Exercises 269

Bibliography 270

xContents

10. Application Primer: Virtual Realty Listing Services 271

10.1 Application Requirements 273

10.2 Application Development Environment 274

10.3 Anatomy of a Struts Application 276

10.4 The Structure of the VRLS Application 278

10.4.1 Controller: ActionServlet and custom actions 282

10.4.2 View: JSP Pages and ActionForms 288

10.4.3 Model: JavaBeans and auxiliary service classes 295

10.5 Design Decisions 297

10.5.1 Abstracting functionality into service classes 297

10.5.2 Using embedded page inclusion to support

co-branding 298

10.5.3 A single task for creation and modification of

customer profiles 300

10.6 Enhancements 301

10.6.1 Administrative interface 301

10.6.2 Enhancing the signup process through e-mail

authentication 304

10.6.3 Improving partner recognition through a persistent

cookie 305

10.6.4 Adding caching functionality to the DomainService

Class 306

10.6.5 Paging through cached search results using the value

list handler pattern 307

10.6.6 Using XML and XSLT for view presentation 308

10.6.7 Tracking user behavior 310

10.7 Summary 311

10.8 Questions and Exercises 311

Bibliography 312

11. Emerging Technologies 313

11.1 Web Services 314

11.1.1 SOAP 314

11.1.2 WSDL 317

11.1.3 UDDI 319

11.2 Resource Description Framework 322

11.2.1 RDF and Dublin Core 322

11.2.2 RDF Schema 326

11.3 Composite Capability/Preference Profiles 328

11.4 Semantic Web 331

11.5 XML Query Language 332

Contentsxi

11.6 The Future of Web Application Frameworks 335

11.6.1 One more time: separation of content from

presentation 335

11.6.2 The right tools for the job 337

11.6.3 Simplicity 338

11.7 Summary 343

11.8 Questions and Exercises 344

Bibliography 344

Index 347

Acknowledgements

I would like to thank my wife Rita and daughter Victoria for their insightful ideas about this project. I also wish to thank my mother and the rest of my family for their support and understanding.

Leon Shklar

Thanks to my wife, Celia, for tolerating and enduring all the insanity associated with the writing process, and to my parents and the rest of my family for all they have done, not only in helping me finish this book, but in enabling Celia and me to have the most fantastic wedding ever in the midst of all this.

Rich Rosen

We would both like to acknowledge the following people for their guidance and assistance: €Karen Mosman and Jill Jeffries at John Wiley & Sons, Ltd for getting this book off the ground,

€Our editor, Gaynor Redvers-Mutton, and her assistant, Jonathan Shipley, for light-ing the fire underneath us that finally got us to finish it.

€Nigel Chapman and Bruce Campbell for taking the time to review our work and provide us with valuable insights and advice.

€And finally, our friends and colleagues from the glory days of Pencom WebWorks"especially Howard Fishman, Brad Lohnes, Dave Makower, and Evan

Coyne Maloney"whose critiques, comments, and contributions were as thor- ough, methodical, and nitpicky (and we mean that in agoodway!) as an author could ever hope for. 1

Introduction

1.1 THE WEB IN PERSPECTIVE

A little more than a decade ago at CERN (the scientific research laboratory near Geneva, Switzerland), Tim Berners-Lee presented a proposal for an information management system that would enable the sharing of knowledge and resources over a computer network. The system he proposed has propagated itself into what can truly be called a World Wide Web, as people all over the world use it for a wide variety of purposes:

€Educational institutions and research laboratories were among the very first usersof the Web, employing it for sharing documents and other resources across

the Internet. €Individuals today use the Web (and the underlying Internet technologies that sup- port it) as an instantaneous international postal service, as a worldwide community bulletin board for posting virtual photo albums, and as a venue for holding global yard sales. €Businesses engage ine-commerce, offering individuals a medium for buying and selling goods and services over the net. They also communicate with other busi- nesses throughB2B(business-to-business) data exchanges, where companies can provide product catalogues, inventories, and sales records to other companies.

The Web vs. the Internet

There is an often-overlooked distinction between the Web and the Internet. The line between the two is often blurred, partially because the Web is rooted in the fundamental protocols associated with the Internet. Today, the lines are even more blurred, as

2Introduction

into the realms of wireless devices, personal digital assistants, and the next generation of Internet appliances.

1.2 THE ORIGINS OF THE WEB

Tim Berners-Lee originally promoted the World Wide Web as a virtual library, a doc- ument control system for sharing information resources among researchers. Online documents could be accessed via a unique document address, aUniversal Resource Locator(URL). These documents could be cross-referenced viahypertext links.

Hypertext

choice to the reader." Unlike the static text of print media, it is intended for use with an interactive computer screen. It is open, "uid and mutable, and can be connected to The term was extended under the name hypermedia to refer not only to text, but to other media as well, including graphics, audio, and video. However, the original term hypertext persists as the label for technology that connects documents and information resources through links. From the very beginnings of Internet technology, there has been a dream of using the Internet as a universal medium for exchanging information over computer networks. Many people shared this dream. Ted Nelson"sXanaduproject aspired to make that dream a reality, but the goals were lofty and were never fully real- ized. Internet file sharing services (such asFTPandGopher) and message forum services (such asNetnews) provided increasingly powerful mechanisms for this sort of information exchange, and certainly brought us closer to fulfilling those goals. However, it took Tim Berners-Lee to (in his own words) "marry together" the notion of hypertext with the power of the Internet, bringing those initial dreams to fruition in a way that the earliest developers of both hypertext and Internet technology might never have imagined. His vision was to connect literallyeverything together, in a uniform and universal way.

From Web Pages to Web Sites 3

Internet Protocols are the Foundation of Web Technology It should be noted that the Web did not come into existence in a vacuum. The Web is built on top of core Internet protocols that had been in existence for many years prior to underlying Internet protocols is fundamental to the design and implementation of true

1.3 FROM WEB PAGES TO WEB SITES

The explosively exponential growth of the Web can at least partially be attributed to its grass roots proliferation as a tool forpersonal publishing. The fundamental tech- nology behind the Web is relatively simple. A computer connected to the Internet, running aWeb server, was all that was necessary to serve documents. Both CERN and the National Center for Supercomputer Applications (NCSA) at the University of Illinois had developed freely available Web server software. A small amount of HTMLknowledge (and the proper computing resources) got you something that couldbecalledaWeb site.

Primitive Web Sites from the Pre-Cambrian Era

Early Web sites were, in fact, just loosely connected sets of pages, branched off hierarchically from a home page. HTML lets you link one page to another, and a in this day and age is more than just a conglomeration of Web pages. Granted, when the Web was in its infancy, the only computers connected to the Internet and capable of running server software were run by academic institutions and well-connected technology companies. Smaller computers, in any case, were desktop was still a rarity. If you wanted access to any sort of computing power, you connection or dialup phone line. Still, among those associated with such organizations, it quickly became a very simple process to create your own Web pages. Moreover, all that was needed was a simple text editor. The original HTML language was simple enough that, even

4Introduction

without the more sophisticated tools we have at our disposal today, it was an easy task for someone to create a Web page. (Some would saytooeasy.) "Welcome to My Home Page, Here Are Photos of My Cat and A Poem I Wrote" In those pioneer days of the Web, academic and professional organizations used the Web to share information, knowledge, and resources. But once you got beyond those hallowed halls and cubicle walls, most people"s Web pages were personal showcases for publishing bad poetry and pictures of their pets. The thought of a company offer- ing information to the outside world through the Web, or developing an intranet to provide information to its own employees, was no more than a gleam in even the most prophetic eyes. There is a big difference between a Web page and a Website. A Web site is morequotesdbs_dbs22.pdfusesText_28