2020ok  Directory of FREE Online Books and FREE eBooks

Free eBooks > Computers & Internet > Web Development > Internet Commerce > Web Site Design > More Servlets and JavaServer Pages

More Servlets and JavaServer Pages

by Marty Hall

Download Book
(Respecting the intellectual property of others is utmost important to us, we make every effort to make sure we only link to legitimate sites, such as those sites owned by authors and publishers. If you have any questions about these links, please contact us.)

link 1

About Book

Ideal for any programmer working with server-side Java, Marty Hall's More Servlets and JavaServer Pages provides an up-to-the-minute guide to the latest in essential APIs for creating state-of-the-art Web applications. This smart, patient, and thorough tutorial gives you exactly what you need to use Java effectively in the field.

While many books on Java try to cover just about everything, this title's focus on what's hot in server-side Java makes it a standout. The book begins with a very solid tutorial to servlets and JSPs, including important HTTP fundamentals (like request headers and processing forms). The author does a good job at summarizing APIs and common options, which helps make this book useful as a working reference, too. The level of discussion here is suited to those with a little Java experience, but even beginners could do a lot worse than this title as an introduction to Web programming.

A great feature of this text is that the author walks you through the actual details of deploying your Web applications (notoriously tricky, even for experts). Screenshots on installing and using tools (like the free Apache and Tomcat software packages), plus detailed advice on deployment, will make sure your code actually runs. (A standout here is the summary of all configuration options available in today's containers.)

If you are coming to servlets and JSPs from an earlier version, you'll find this text excels at covering the latest in custom and standard tag libraries. Besides explaining new JSP 1.2 tag conventions, later sections also look at an important new development in Sun's evolution of the Java platform, the JSP Standard Tag Library (JSTL). Coverage of tag programming (including several sections on looping) closes out the book. There's also material on important new advances in servlets, like filters (which allow you to log or change requests) and servlet events (which afford a greater measure of control for your Web applications).

Whether you are a JSP beginner or expert, More Servlets and JavaServer Pages gives you an excellent mix of topics in server-side Java in a well-presented programming tutorial. It's sure to be a worthwhile addition to any working Java Web developer's bookshelf. --Richard Dragan

Topics covered: Introduction to JavaServer Pages (JSPs) and servlets, software installation for Java server developers (JDK, Tomcat, Apache, JRun, and other Web containers), summary of Web application deployment directories, advantages of servlets, the servlet lifecycle, processing HTTP form data (including request headers and CGI variables), cookies and sessions, advantages of JSPs, basic JSP scripting tutorial (including expressions and scriptlets), using JavaBeans with JSPs (tags and properties), custom tag libraries, introduction to the Model-View-Controller (MVC) architecture, registering and deploying Web applications (.WAR files and data sharing), in-depth guide to Web application configuration (comprehensive guide to web.xml settings), configuring servlets (including filters and error pages, timeouts and installing tag libraries), case study for an online boat shop, declarative security tutorial (including SSL and form-based authentication), programmatic security (including using certificates and SSL), guide to servlet filters (including logging, replacement, and compression examples), processing servlet events, JSP 1.2 tag library improvements (including XML and SAX 2.0 tag validation), and the JSP Standard Tag Library (JSTL) (including basic statements and looping).

Book Description

Marty Hall's Core Servlets and JavaServer Pages was last year's #1 servlet/JSP book -- helping over 100,000 Java developers master the power of Java server-side programming to Web-enable an extraordinary range of applications. Now, Hall takes the next step, bringing together even more powerful servlet/JSP techniques. After a quick review of the basics, Hall presents in-depth coverage of the latest servlet and JSP capabilities incorporated in JDK Version 1.4, including filters, application events, and enhancements to JSP's XML support. Next, Hall moves on to Web application development, introducing the latest Servlet 2.3/JSP 1.1 features, and offering in-depth coverage of the Web Application Deployment Descriptor. More Servlets and JavaServer Pages includes a comprehensive section introducing the new tag library features incorporated in JSP 1.2, including a full chapter on Apache tag libraries. Hall concludes with an exceptionally comprehensive library of techniques for performance optimization, from caching to content compression, metering and connection pooling to changing JVM parameters. The book also includes a full chapter on Web application security, as well as a start-to-finish case study application.

Book Info
Practical guide to the use of the Java 2 Platform for Web-enabled applications and dynamic Web sites. Focuses on new capabilities: the standard JSP tag library, filters, life-cycle event listeners, declarative and programmatic security, Web applications, and much more. Softcover.

From the Back Cover

  • Companion to the worldwide bestseller Core Servlets and JavaServer Pages
  • Practical guide to the use of the Java Platform for Web-enabled applications and dynamic Web sites
  • Focus on new capabilities: the servlet 2.3 and JSP 1.2 specifications, the standard JSP tag library (JSPTL), filters, life-cycle event listeners, security, Web applications, and much more
  • Configuration and usage details for Apache Tomcat, Macromedia JRun, and New Atlanta ServletExec

The Java 2 Platform has become the technology of choice for developing professional e-commerce applications, dynamic Web pages, and Web-enabled applications and services. Servlet and JSP technology is the foundation of this platform: it provides the link between Web clients and server-side applications. But, the field has been evolving rapidly, and few developers have been able to keep up. In this companion to Core Servlets and JavaServer Pages, Marty Hall shows you how to apply recent advances in servlet and JSP technology. The book provides everything you need to know to leverage the latest servlet 2.3 and JSP 1.2 standards: real-world insight, advanced techniques, industrial-strength code, and hands on coverage of three top servers: Apache Tomcat, Macromedia JRun, and New Atlanta ServletExec.

  • Part I gives a thorough introduction to programming with servlet and JSP technology. It shows you how to configure your server, read form data and HTTP headers, handle cookies, track sessions, apply JSP scripting elements, use JavaBeans components, develop JSP tag libraries, and apply the MVC architecture.
  • Part II provides exhaustive details on Web application development and deployment. It explains how to register Web applications, how to organize them, how to deploy them in WAR files, how to deal with relative URLs, and how to share data among Web applications. It also gives details on every element in version 2.3 of the deployment descriptor (web.xml).
  • Part III describes Web application security in detail. It explains two general strategies for securing your applications: declarative security and programmatic security. Within each of these strategies, it shows you how to use form-based or BASIC authentication and how to protect your network traffic with SSL.
  • Part IV covers two features introduced with servlets 2.3: filters and life-cycle events. It explains how to use filters to debug, modify, and optimize the output of previously existing servlets and JSP pages. It also shows you how to use event listeners to respond to major events in the server life cycle.
  • Part V looks at new tag library developments. It shows you how to improve your own tag libraries by making use of new capabilities of the JSP 1.2 specification and explains how to streamline your code by using the new standard JSP tag library (JSPTL).

More Servlets and JavaServer Pages delivers:

  • The same clear, step-by-step explanations that make Marty's books so popular
  • In-depth, hands-on coverage of the latest standards: servlets 2.3 and JSP 1.2
  • Hundreds of completely portable, fully documented, industrial-strength examples
  • On-line access to all source code, available free for unrestricted use

About the Author

MARTY HALL is president of coreservlets.com, a training and consulting company focusing on server-side Java technology. He has taught training courses and seminars on servlet and JSP technology in the United States, Canada, Australia, Japan, and the Philippines. He is the author of the best-selling books Core Servlets and JavaServer Pages and Core Web Programming.

Excerpt. © Reprinted by permission. All rights reserved.


Suppose your company wants to sell products online. You have a database that gives the price and inventory status of each item. But, your database doesn't speak HTTP, the protocol that Web browsers use. Nor does it output HTML, the format Web browsers need. What can you do? Once users know what they want to buy, how do you gather that information? You want to customize your site based on visitors' preferences and interests-how? You want to let users see their previous purchases, but you don't want to reveal that information to other visitors. How do you enforce these security restrictions? When your Web site becomes popular, you might want to compress pages to reduce bandwidth. How can you do this without causing your site to fail for the 30% of visitors whose browsers don't support compression? In all these cases, you need a program to act as the intermediary between the browser and some server-side resource. This book is about using the Java platform for this type of program.

"Wait a second," you say. "Didn't you already write a book about that?" Well, yes. In May of 2000, Sun Microsystems Press and Prentice Hall released my second book, Core Servlets and JavaServer Pages. It was successful beyond everyone's wildest expectations, selling approximately 100,000 copies in the first year, getting translated into Bulgarian, Chinese, Czech, French, German, Hebrew, Japanese, Korean, Polish, Russian, and Spanish, and being chosen by Amazon.com as one of the top five computer programming books of 2001. Even better, I was swamped with requests for what I really like doing: teaching short courses for developers in industry. Despite having to decline most of the requests, I was still able to teach servlet and JSP short courses in Australia, Canada, Japan, the Philippines, and at a variety of U.S. venues. What fun!

Since then, use of servlets and JSP has continued to grow at a phenomenal rate. The Java 2 Platform has become the technology of choice for developing e-commerce applications, dynamic Web sites, and Web-enabled applications and service. Servlets and JSP continue to be the foundation of this platform—they provide the link between Web clients and server-side applications. Virtually all major Web servers for Windows, Unix (including Linux), MacOS, VMS, and mainframe operating systems now support servlet and JSP technology either natively or by means of a plugin. With only a small amount of configuration, you can run servlets and JSP in Microsoft IIS, iPlanet/Netscape Enterprise Server, the Apache Web Server, IBM WebSphere, BEA WebLogic, and dozens of other servers. Performance of both commercial and open-source servlet and JSP engines has improved significantly.

However, the field continues to evolve rapidly. For example:

  • The official servlet and JSP reference implementation is no longer developed by Sun. Instead, it is Apache Tomcat, an open-source product developed by a team from many different organizations.
  • Use of Web applications to bundle groups of servlets and JSP pages has grown significantly.
  • Portable mechanisms for enforcing Web application security have started to displace the server-specific mechanisms that were formerly used.
  • Version 2.3 of the servlet specification was released (August 2001). New features in this specification include servlet and JSP filters, application life-cycle event handlers, and a number of smaller additions and changes to existing APIs and to the deployment descriptor (web.xml).
  • Version 1.2 of the JSP specification was released (also August 2001). This version lets you bundle event listeners with tag libraries, lets you designate XML-based programs to check the syntax of pages that use custom tags, and supplies interfaces that let your custom tags loop more efficiently and handle errors more easily. JSP 1.2 also makes a number of smaller changes and additions to existing APIs and to the TLD file format.
  • XML has become firmly entrenched as a data-interchange language. Servlet and JSP pages use it for configuration files. Tag library validators can use it to verify custom tag syntax. JSP pages can be represented entirely in XML.
  • Throughout 2000 and 2001, the JSR-052 expert group put together a standard tag library for JSP. In November of 2001 they released early access version 1.2 of this library, called JSTL (JSP Standard Tag Library). This library provides standard tags for simple looping, iterating over a variety of data structures, evaluating content conditionally, and accessing objects without using explicit scripting code.

Whew. Lots of changes. The new features are very useful, but is there a single place where you can learn about all of them? Here! That's why I wrote this book: to show developers how to make use of all of these new features. If you aren't familiar with basic servlet and JSP development, don't worry. I provide a thorough review at the beginning of the book.

Who Should Read This Book

This book is aimed at two main groups.

The first group is composed of people who are familiar with basic servlet and JSP development and want to learn how to make use of all the new capabilities I just described.

However, if you are new to this technology, there is no need to go away and learn older servlet and JSP versions and then come back to this book. Assuming you are familiar with the basics of the Java programming language itself, you fit into the second main group for whom this book is designed. For you, I start the book with a detailed review of the foundations of servlet and JSP programming, set in the context of the servlet 2.3 and JSP 1.2 specifications. Furthermore, when space prevents coverage of some of the finer points of basic development, I cite the specific sections of Core Servlets and JavaServer Pages that provide details and put those sections online at http://www.moreservlets.com.

Although this book is well suited for both experienced servlet and JSP programmers and newcomers to the technology, it assumes that you are familiar with basic Java programming. You don't have to be an expert Java developer, but if you know nothing about the Java programming language, this is not the place to start. After all, servlet and JSP technology is an application of the Java programming language. If you don't know the language, you can't apply it. So, if you know nothing about basic Java development, start with a good introductory book like Thinking in Java, Core Java, or Core Web Programming. Come back here after you are comfortable with at least the basics.

Book Distinctives

This book has four important characteristics that set it apart from many other similar-sounding books:

  • Integrated coverage of servlets and JSP. The two technologies are closely related; you should learn and use them together.
  • Real code. Complete, working, documented programs are essential to learning; I provide lots of them.
  • Step-by-step instructions. Complex tasks are broken down into simple steps that are illustrated with real examples.
  • Server configuration and usage details. I supply lots of concrete examples to get you going quickly.

Integrated Coverage of Servlets and JSP

One of the key philosophies behind Core Servlets and JavaServer Pages was that servlets and JSP should be learned (and used!) together, not separately. After all, they aren't two entirely distinct technologies: JSP is just a different way of writing servlets. If you don't know servlet programming, you can't use servlets when they are a better choice than JSP, you can't use the MVC architecture to integrate servlets and JSP, you can't understand complex JSP constructs, and you can't understand how JSP scripting elements work (since they are really just servlet code). If you don't understand JSP development, you can't use JSP when it is a better option than servlet technology, you can't use the MVC architecture, and you are stuck using print statements even for pages that consist almost entirely of static HTML.

In this book, an integrated approach is more important than ever. Web applications let you bundle both servlets and JSP pages into a single file or directory. The custom URLs, initialization parameters, preload settings, and session timeouts of the deployment descriptor apply equally to servlets and JSP pages. Declarative security applies equally to both technologies. The new filtering capability applies to both. Event listeners apply to both. The jx portion of the JSP standard tag library (JSTL) is mostly predicated on the assumption that the JSP page is presenting data that was established by a servlet. Servlets and JSP go together!

Real Code

Sure, small code snippets are useful for introducing concepts. The book has lots of them. But, for you to really understand how to use various techniques, you also need to see the techniques in the context of complete working programs. Not huge programs: just ones that have no missing pieces and thus really run. I provide plenty of such programs, all of them documented and available for unrestricted use at www.moreservlets.com.

Step-by-Step Instructions

When I was a graduate student (long before Java existed), I had an Algorithms professor who explained in class that he was a believer in step-by-step instructions. I was puzzled: wasn't everyone? Not at all. Sure, most instructors explained simple tasks that way, but this professor took even highly theoretical concepts and said "first you do this, then you do that," and so on. The other instructors didn't explain things this way; neither did my textbooks. But, it helped me enormously.

If such an approach works even for theoretical subjects, how much more should it work with applied tasks like those described in this book?

Server Configuration and Usage Details

When I first tried to learn server-side programming, I grabbed a couple of books, the official specifications, and some online papers. Almost without fail, they said something like "since this technology is portable, we won't cover specifics of any one server." Aargh. I couldn't even get started. After hunting around, I downloaded a server. I wrote some code. How did I compile it? Where did I put it? How did I invoke it?

Servlet and JSP code is portable. The APIs are standardized. But, server structure and organization are not standardized. The directory in which you place your code is different on ServletExec than it is on JRun. You set up SSL differently with Tomcat than you do with other servers. These details are important.

Now, I'm not saying that this is a book that is specific to any particular server. I'm just saying that when a topic requires server-specific knowledge, it is important to say so. Furthermore, specific examples are helpful. So, when I describe a topic that requires server-specific information like the directory in which to place a Web application, I first explain the general pattern that servers tend to follow. Then, I give very specific details for three of the most popular servers that are available without cost for desktop development: Apache Tomcat, Macromedia/Allaire JRun, and New Atlanta ServletExec.

How This Book Is Organized

This book consists of five parts:

  • Part I: The Basics. Server setup and configuration. Basic servlet programming. Basic JSP programming.
  • Part II: Web Applications. Using and deploying Web applications. Controlling behavior with web.xml. A larger example.
  • Part III: Web Application Security. Declarative security. Programmatic security. SSL.
  • Part IV: Major New Servlet and JSP Capabilities. Servlet and JSP filters. Application life-cycle event listeners.
  • Part V: New Tag Library Capabilities. New tag library features in JSP 1.2. The JSP Standard Tag Library (JSTL).

Part I: The Basics

  • Server setup and configuration.
  • Downloading the JDK.
  • Obtaining a development server.
  • Configuring and testing the server.
  • Deploying and accessing HTML and JSP pages.
  • Setting up your development environment.
  • Deploying and accessing servlets.
  • Simplifying servlet and JSP deployment.
  • Basic servlet programming.
  • The advantages of servlets over competing technologies.
  • The basic servlet structure and life cycle.
  • Servlet initialization parameters.
  • Access to form data.
  • HTTP 1.1 request headers, response headers, and status codes.
  • The servlet equivalent of the standard CGI variables.
  • Cookies in servlets.
  • Session tracking.
  • Basic JSP programming.
  • Understanding the benefits of JSP.
  • Invoking Java code with JSP expressions, scriptlets, and declarations.
  • Structuring the servlet that results from a JSP page.
  • Including files and applets in JSP documents.
  • Using JavaBeans with JSP.
  • Creating custom JSP tag libraries.
  • Combining servlets and JSP: the Model View Controller (Model 2) architecture.

Part II: Web Applications

  • Using and deploying Web applications.
  • Registering Web applications with the server.
  • Organizing Web applications.
  • Deploying applications in WAR files.
  • Recording Web application dependencies on shared libraries.
  • Dealing with relative URLs.
  • Sharing data among Web applications.
  • Controlling Web application behavior with web.xml.
  • Customizing URLs.
  • Turning off default URLs.
  • Initializing servlets and JSP pages.
  • Preloading servlets and JSP pages.
  • Declaring filters for servlets and JSP pages.
  • Designating welcome pages and error pages.
  • Restricting access to Web resources.
  • Controlling session timeouts.
  • Documenting Web applications.
  • Specifying MIME types.
  • Locating tag library descriptors.
  • Declaring event listeners.
  • Accessing J2EE Resources.
  • Defining and using a larger Web application.
  • The interaction among components in a Web application.
  • Using sessions for per-user data.
  • Using the servlet context for multiuser data.
  • Managing information that is accessed by multiple servlets and JSP pages.
  • Eliminating dependencies on the Web application name.

Part III: Web Application Security

  • Declarative security.
  • Understanding the major aspects of Web application security.
  • Authenticating users with HTML forms.
  • Using BASIC HTTP authentication.
  • Defining passwords in Tomcat, JRun, and ServletExec.
  • Designating protected resources with the security-constraint element.
  • Using login-config to specify the authentication method.
  • Mandating the use of SSL.
  • Configuring Tomcat to use SSL.
  • Programmatic security.
  • Combining container-managed and programmatic security.
  • Using the isUserInRole method.
  • Using the getRemoteUser method.
  • Using the getUserPrincipal method.
  • Programmatically controlling all aspects of security.
  • Using SSL with programmatic security.

Part IV: Major New Servlet JSP Capabilities

  • Servlet and JSP filters.
  • Designing basic filters.
  • Reading request data.
  • Accessing the servlet context.
  • Initializing filters.
  • Blocking the servlet or JSP response.
  • Modifying the servlet or JSP response.
  • Using filters for debugging and logging.
  • Using filters to monitor site access.
  • Using filters to replace strings.
  • Using filters to compress the response.
  • Application life-cycle event listeners.
  • Understanding the general event-handling strategy.
  • Monitoring servlet context initialization and shutdown.
  • Setting application-wide values.
  • Detecting changes in attributes of the servlet context.
  • Recognizing creation and destruction of HTTP sessions.
  • Analyzing overall session usage.
  • Watching for changes in session attributes.
  • Tracking purchases at an e-commerce site.
  • Using multiple cooperating listeners.
  • Packaging listeners in JSP tag libraries.

Part V: New Tag Library Capabilities

  • New tag library features in JSP 1.2.
  • Converting TLD files to the new format.
  • Bundling life-cycle event listeners with tag libraries.
  • Checking custom tag syntax with TagLibraryValidator.
  • Using the Simple API for XML (SAX) in validators.
  • Handling errors with the TryCatchFinally interface.
  • Changing names of method return values.
  • Looping without creating BodyContent.
  • Declaring scripting variables in the TLD file.
  • The JSP Standard Tag Library (JSTL).
  • Downloading and installing the standard JSP tag library.
  • Reading attributes without using Java syntax.
  • Accessing bean properties without using Java syntax.
  • Looping an explicit number of times.
  • Iterating over various data structures.
  • Checking iteration status.
  • Iterating with string-based tokens.
  • Evaluating expressions conditionally.
  • Using the JSTL expression language to set attributes, return values, and declare scripting variables.

About the Web Site

The book has a companion Web site at http://www.moreservlets.com/. This free site includes:

  • Documented source code for all examples shown in the book; this code can be downloaded for unrestricted use.
  • Up-to-date download sites for servlet and JSP software.
  • Links to all URLs mentioned in the text of the book.
  • Information on book discounts.
  • Reports on servlet and JSP short courses.
  • Book additions, updates, and news.



PLEASE READ: All comments must be approved before appearing in the thread; time and space constraints prevent all comments from appearing. We will only approve comments that are directly related to the article, use appropriate language and are not attacking the comments of others.

Message (please, no HTML tags. Web addresses will be hyperlinked):

Related Free eBooks

Related Tags

DIGG This story   Save To Google   Save To Windows Live   Save To Del.icio.us   diigo it   Save To blinklist
Save To Furl   Save To Yahoo! My Web 2.0   Save To Blogmarks   Save To Shadows   Save To stumbleupon   Save To Reddit