View
2
Download
0
Category
Preview:
Citation preview
COMP9321 Web Application EngineeringSemester 2, 2017
Dr. Amin BeheshtiService Oriented Computing Group, CSE, UNSW Australia
Week 11(Wrap-up)
1COMP9321, 17s2, Week11
http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2465
Assignments
2COMP9321, 17s2, Week11
Assignments
3COMP9321, 17s2, Week11
Assignment 1 – GradeBook
Assignment 2 – GradeBook
Assignment 3 – Due end of Week 12
Final Exam
4COMP9321, 17s2, Week11
Final Exam
5COMP9321, 17s2, Week11
Final Exam
6COMP9321, 17s2, Week11
Final Exam
7COMP9321, 17s2, Week11
Sample Final Exam
8COMP9321, 17s2, Week11
9COMP9321, 17s2, Week11
10COMP9321, 17s2, Week11
Sample Question:
Why is the stateless nature of HTTP a problem in Web application development? You Must illustrate your answer with an example.
11COMP9321, 17s2, Week11
Sample Question:
Why is the stateless nature of HTTP a problem in Web application development? You Must illustrate your answer with an example.
12COMP9321, 17s2, Week11
Sample Question:
Describe the Model-View-Controller (MVC) architecture pattern in detail. What are the advantages of using MVC over an architecture based solely on JSP pages?
13COMP9321, 17s2, Week11
Sample Question:
Describe the Model-View-Controller (MVC) architecture pattern in detail. What are the advantages of using MVC over an architecture based solely on JSP pages?
Week 1 – 11
Review
14COMP9321, 17s2, Week11
Different Layers in an Application
15COMP9321, 17s2, review>Week 2
Presentation Layer
16COMP9321, 17s2, review>Week 2
HTML <form> method attribute
how to send form-data
URL variables (with method="get") , or HTTP post transaction (with method="post").
specifies
as
Method? Get/Post
Static vs. Dynamic Web Page
17COMP9321, 17s2, review>Week 2
A static web page is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application, and on demand!
web page whose construction is controlled by an application server processing server-side scripts.
software framework that provides both facilities to create web applications and a server environment to run them.
is-a
is-a
Java application servers
e.g.
It's core set of API and features are defined by Java EE.
The Web modules include Java Servlets and Java Server Pages.
http://docs.oracle.com/javaee/6/tutorial/doc/
Java Servlets
18COMP9321, 17s2, review>Week 2
http://java.sun.com/products/servlet/index.jsphttp://docs.oracle.com/javaee/6/tutorial/doc/bnafd.html
A Lifecycle of a Servlet
19COMP9321, 17s2, review>Week 2
The Web container controls the lifecycle of a servlet class:
• initialisation • ServletConfig• ServletContext• …
Attributes and Sharing Attributes
20COMP9321, 17s2, review>Week 2
Managing the User State
21COMP9321, 17s2, review>Week2
A problem in HTTP request/response:• HTTP is a stateless protocol.
• A single request/response;• Nothing is remembered 'between requests' from the same user;
• Web applications need to maintain users + their data.
It is a programmer's responsibility:• The term "session" is used to represent the data associated with one user while
she navigates around a Web application.• Session is a conversional state between client and server.• Session can consists of multiple request and response between client and server.• Since HTTP is stateless, the only way to maintain a session is when some unique
information about the session (session id) is passed between server and client in every request and response.
Cookies
22COMP9321, 17s2, review>Week2
• Cookies are text files stored on the client computer and they are kept for various information tracking purpose.
• Java Servlets transparently supports HTTP cookies.
• There are three steps involved in identifying returning users:• Server script sends a set of cookies to the browser. e.g. session id• Browser stores this information on local machine for future use.• Next time, browser sends request + those cookies to the server
and server uses that information to identify the user.
JavaServer Pages (JSP) Technology
23COMP9321, 17s2, review>Week3
• JavaServer Pages (JSP) technology allows you to easily create web content that has both static and dynamic components.
• JSP technology makes available all the dynamic capabilities ofJava Servlet technology; but provides a more natural approachto creating static content.
• JSP is similar to PHP, but it uses the Java programminglanguage.
• To deploy and run JavaServer Pages, a compatible web serverwith a servlet container, such as Apache Tomcat, is required.
JSP
24COMP9321, 17s2, review>Week3
JSP Basics
25COMP9321, 17s2, review>Week3
JSP Page
JSP Elements
Template Text (HTML bits…)
ScriptingElements
DirectiveElements
ActionElements
Traditional
Modern EL Scripting${…}
ScriptletExpressionDeclarationComments
PageIncludeTaglib
custom
Standard
<abc:mytag>
<jsp:useBean><jsp:getProperty><jsp:setProperty><jsp:include><jsp:forward><jsp:param>
Extensible Markup Language (XML)
26COMP9321, 17s2, review>Week4
• XML originally designed to meet the challenges of large-scaleelectronic publishing.
• XML separates presentation issues from the actual data.
• XML plays an increasingly important role in the exchange of awide variety of data on the Web and elsewhere.• Needs a communication protocol?• e.g. SOAP stands for Simple Object Access Protocol
• SOAP is based on XML• SOAP is a W3C recommendation• SOAP uses XML Information Set for its message format.
The XML Family
27COMP9321, 17s2, review>Week4
XML: a markup language used to describe information.DOM: a programming interface for accessing and updating documents.DTD and XML Schema: describes the structure and content of XML documents.XSLT: a language for transforming XML documentsXPath: a query language for navigating XML documents.
XPointer: for identifying fragments of a document.XLink: generalises the concept of a hypertext link.XInclude: for merging documents.XQuery: a language for making queries across documents.RDF: a language for describing resources.
Semantic Web
28COMP9321, 17s2, review>Week5
• It is a collection of standard technologies to realize a Web of Data!
RDF, OWL, SPARQL, etc.
Web of Data beyond the Web of Documents!
Machine Readable Human Readable
The amount of information is growing exponentially.
W3C's "Semantic Web Vision“
29COMP9321, 17s2, review>Week5
1. Web information has exact meaning2. Web information can be understood and processed by computers3. Computers can integrate information from the web
Resource Description Framework (RDF)
30COMP9321, 17s2, review>Week5
• RDF is a framework for describing resources on the web.
• Publishing such descriptions on the Web creates the Semantic Web.
• RDF uses Web identifiers (URIs) to identify resources.
• Web documents• concepts from the real world (e.g. people, organisations, topics, things)
e.g.
• URIs (Uniform Resource Identifiers) are very important, providing both the core of the framework itself and the link between RDF and the Web.
Web Ontology Language (OWL)
31COMP9321, 17s2, review>Week5
• Ontology is about the exact description of things (web information) and their relationships.
• OWL was designed to provide a common way to process the content of web information
• OWL and RDF are much of the same thing, but OWL is a stronger language with greater machine interpretability than RDF.• OWL provides additional vocabulary along with a formal semantics• OWL making it easier for machines to automatically process and integrate
information available on the Web.
• OWL has three sublanguages• OWL Lite• OWL DL• OWL Full
• OWL is complex:• OWL is a large set of additional terms
http://www.w3.org/TR/owl-features/
Rules
32COMP9321, 17s2, review>Week5
• There is a long history of rule languages and rule-based systems• eg: logic programming (Prolog), production rules
• Lots of small and large rule systems • E.g. from mail filters to expert systems
• Why rules on the Semantic Web?• There are conditions that ontologies (ie, OWL) cannot express• a well known example is Horn rules: (P1 ∧ P2 ∧ …) → C
http://www.w3.org/TR/rif-overview/
A new requirement: exchange of rules
33COMP9321, 17s2, review>Week5
• Applications may want to exchange their rules:• e.g. negotiate eBusiness contracts across platforms• e.g. describe privacy requirements and policies
• Rule Interchange Format (RIF):• Goals:
• expresses the rules a bit like a rule language• can be used to exchange rules among engines
• Challenges:• Rule based systems can be very different
• different rule semantics• A universal exchange format is not feasible
http://www.w3.org/TR/rif-overview/
Linking Open Data (LOD)
34COMP9321, 17s2, review>Week5
- Goal: “expose” open datasets in RDF
- Set RDF links among the data items from different datasets
- Set up query endpoints
- Result: billions of triples and millions of links…
- The important point here is that :• the data becomes available to the World via a unified format
(ie, RDF).• the various datasets are interlinked together• e.g. DBpedia project
Query RDF Data (SPARQL)
35COMP9321, 17s2, review>Week5
• SPARQL Protocol And RDF Query Language, is an RDF query language.
• This specification defines the syntax and semantics of the SPARQL query language for RDF.
• SPARQL can be used to express queries across diverse data sources.
• SPARQL contains capabilities for querying required and optional graph patterns
• The results of SPARQL queries can be results sets or RDF graphs.
http://www.justanswer.com/
Data Persistence
36COMP9321, 17s2, review>Week6
• When you work with a relational database in a Java application, the Java code issues SQL statements to the database via the JDBC API.
• The Java Database Connectivity (JDBC) API provides universal data access from the Java programming language.
• Using the JDBC API, you can access virtually any data source, from relational databases to spreadsheets and flat files.
• The JDBC API is comprised of two packages:• java.sql• javax.sql (Hibernate, pp.5-29)
Accessing DB from an Application
37COMP9321, 17s2, review>Week6
PreparedStatement object
38COMP9321, 17s2, review>Week6
• A more realistic case is that the same kind of SQL statement is processed over and over (rather than a static SQL statement).
• In PreparedStatement, a place holder (?) will be bound to an incoming value before execution (no recompilation).
Data Access Objects (DAO)
39COMP9321, 17s2, review>Week6
Object-Relational Impedance Mismatch Problems
40COMP9321, 17s2, review>Week6
Object-Relational Impedance Mismatch Problems
41COMP9321, 17s2, review>Week6
https://docs.oracle.com/cd/E16162_01/user.1112/e17455/img/mismatch.gif
What is NoSQL?
42COMP9321, 17s2, review>Week6
• Stands for No-SQL or Not Only SQL??
• Class of non-relational data storage systems• E.g. BigTable, Dynamo, PNUTS/Sherpa, ..
• Usually do not require a fixed table schema nor do they use the concept of joins• Distributed data storage systems
• All NoSQL offerings relax one or more of the ACID properties (will talk about the CAP theorem)
Chapter 19: Distributed Databases
CAP Theorem
43COMP9321, 17s2, review>Week6
Three properties of a system• Consistency (all copies have same value)• Availability (system can run even if parts have
failed) Via replication.• Partitions (network can break into two or more
parts, each with active systems that can’t talk to other parts)
• Brewer’s CAP “Theorem”: You can have at most two of these three properties for any system.
• Very large systems will partition at some point.
Design Patterns
44COMP9321, 17s2, review>Week7
A pattern is a proven solution to a problem in a context.
Each pattern expresses a relation between a certain context, a problem, and a solution.
A design pattern represents a solutions to problems that arise when developing a software.
Design pattern are granular and applied at different levels such as:FrameworksSubsystemsSub-subsystems
Categories include:
Design Architectural Analysis Creational Structural Behavioral
J2EE Design Patterns
45COMP9321, 17s2, review>Week7
General Guideline for Servlet/JSP/JavaBeans
46COMP9321, 17s2, review>Week7
Securing your Web Application: Threats!
47COMP9321, 17s2, review>Week9
Securing your Web Application: Threats!
48COMP9321, 17s2, review>Week9
Session Management…
49COMP9321, 17s2, review>Week9
Transport Layer Security (e.g. HTTPS)
50COMP9321, 17s2, review>Week9
Performance
51COMP9321, 17s2, review>Week10
Performance Metrics
52COMP9321, 17s2, review>Week10
• Response Time• Throughput• Availability• Reliability• Resource Utilization
Scalability
53COMP9321, 17s2, review>Week10
Operational Laws
54COMP9321, 17s2, review>Week10
• Utilization Law• Little’s Law• Forced Flow Law
Architectural Considerations - Network
55COMP9321, 17s2, review>Week11
General Techniques for Improving Performance and Scalability
56COMP9321, 17s2, review>Week11
1. Caching/Replication2. Parallelism3. Redundancy4. Asynchrony5. Resource Pooling
Improving Performance using HTTP features
57COMP9321, 17s2, review>Week11
Improving Database Access
58COMP9321, 17s2, review>Week11
Some Updates from s1-2018
59COMP9321, 17s2
COMP9321: Data Services ProgrammingThis course aims to introduce the student to core concepts and practical skills for engineering the data in service-oriented data-driven applications.
COMP9322: Software Service Design EngineeringThis course arms students with the knowledge and expertise to “design” and “engineer” services using modern Web technology.
COMP9323: SaaS ProjectThis course aims to practice what you have learned in COMP9321 and COMP9322 courses by getting involved in implementing real-world projects.
COMP6324: Internet of Things Service Design and EngineeringThis course focuses on the engineering and management aspects of IoT Services, providing complementary skills and knowledge to what is offered by existing courses.
60COMP9321, 17s2, Week11
Next WeekQ&A: Assignment
Implementation/Report
61COMP9321, 17s2, Week11
Next: Open Lecture
Big Data: Challenges and Opportunities
62COMP9321, 17s2, Week11
Good Luck!
63COMP9321, 17s2, Week11
Recommended