版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報或認(rèn)領(lǐng)
文檔簡介
1、<p><b> 畢業(yè)設(shè)計(jì)(論文)</b></p><p><b> 文獻(xiàn)綜述和外文翻譯</b></p><p> 設(shè)計(jì) (論文)題目 網(wǎng)上購物系統(tǒng)設(shè)計(jì)與實(shí)現(xiàn) </p><p> 學(xué) 院: 計(jì)算機(jī)科學(xué)與工程學(xué)院 </p><p>
2、專 業(yè): 軟件工程 </p><p> 年 級: 2008級 </p><p><b> 文獻(xiàn)綜述</b></p><p> 摘要:Servlet程序在服務(wù)器端運(yùn)行,動態(tài)地生成Web頁面與傳統(tǒng)的CGI和許多其他類似CGI的技術(shù)相
3、比,Java Servlet具有更高的效率,更容易使用,功能更強(qiáng)大,具有更好的可移植性,更節(jié)省投資。</p><p> 關(guān)鍵字:JSP技術(shù),Servlet,HTTP服務(wù)</p><p> 1.1Servlet的功能</p><p> Servlets是運(yùn)行在Web或應(yīng)用服務(wù)器上的Java程序,它是一個中間層,負(fù)責(zé)連接來自Web瀏覽器或其他HTTP客戶程序的請求
4、和HTTP服務(wù)器上的數(shù)據(jù)庫或應(yīng)用程序。Servlet的工作是執(zhí)行西門的任務(wù),如圖1.1所示 。</p><p> 圖1.1Web中間件的作用</p><p> 讀取客戶發(fā)送的顯式數(shù)據(jù)。</p><p> 最終用戶一般在頁面的HTML表單中輸入這些數(shù)據(jù)。然而,數(shù)據(jù)還有可能來自applet或定制的HTTP客戶程序。</p><p> 讀取
5、由瀏覽器發(fā)送的隱式請求數(shù)據(jù)。</p><p> 圖1.1中顯示了一條從客戶端到Web服務(wù)器的單箭頭,但實(shí)際上從客戶端傳送到Web服務(wù)器的數(shù)據(jù)有兩種,它們分別為用戶在表單中輸入的顯式數(shù)據(jù),以及后臺的HTTP信息。兩種數(shù)據(jù)都很重要。HTTP信息包括cookie、瀏覽器所能識別的媒體類型和壓縮模式等。</p><p><b> 生成結(jié)果。</b></p>
6、<p> 這個過程可能需要訪問數(shù)據(jù)庫、執(zhí)行RMI或EJB調(diào)用、調(diào)用Web服務(wù),或者直接計(jì)算得出對應(yīng)的響應(yīng)。實(shí)際的數(shù)據(jù)可能存儲在關(guān)系型數(shù)據(jù)庫中。該數(shù)據(jù)庫可能不理解HTTP,或者不能返回HTML形式的結(jié)果,所有Web瀏覽器不能直接與數(shù)據(jù)庫進(jìn)行會話。即使它能夠做到這一點(diǎn),為了安全上的考慮,我們也不希望讓它這么做。對應(yīng)大多數(shù)其他應(yīng)用程序,也存在類似的問題。因此,我們需要Web中間層從HTTP流中提取輸入數(shù)據(jù),與應(yīng)用程序會話,并將結(jié)果
7、嵌入到文檔中。</p><p> 向客戶發(fā)送顯式數(shù)據(jù)(即文檔)。</p><p> 這個文檔可以用各種格式發(fā)送,包括文本(HTML或XML),二進(jìn)制(GIF圖),甚至可以式建立在其他底層格式之上的壓縮格式,如gzip。但是,到目前為止,HTML式最常用的格式,故而servelt和JSP的重要任務(wù)之一就式將結(jié)果包裝到HTML中。</p><p> 發(fā)送隱式的HT
8、TP響應(yīng)數(shù)據(jù)。</p><p> 圖1.1中顯示了一條從Web中間層到客戶端的單箭頭。但是,實(shí)際發(fā)送的數(shù)據(jù)有兩種:文檔本身,以及后臺的HTTP信息。同樣,兩種數(shù)據(jù)對開發(fā)來說都式至關(guān)重要的。HTTP響應(yīng)數(shù)據(jù)的發(fā)送過程涉及告知瀏覽器或其他客戶程序所返回文檔的類型(如HTML),設(shè)置cookie和緩存參數(shù),以及其他類似的任務(wù)。</p><p> 1.2動態(tài)構(gòu)建網(wǎng)頁的原因</p>
9、<p> 預(yù)先建立的文檔可以滿足客戶的許多請求,服務(wù)器無需調(diào)用servlet就可以處理這些請求。然而,許多情況下靜態(tài)的結(jié)果不能滿足要求,我們需要針對每個請求生成一個頁面。實(shí)時構(gòu)建頁面的理由有很多種:</p><p> 1、網(wǎng)頁基于客戶發(fā)送的數(shù)據(jù)。</p><p> 例如,搜索引擎生成的頁面,以及在線商店的訂單確認(rèn)頁面,都要針對特定的用戶請求而產(chǎn)生。在沒有讀取到用戶提交的數(shù)
10、據(jù)之前,我們不知道應(yīng)該顯示什么。要記住,用戶提交兩種類型的數(shù)據(jù):顯示(即HTML表單的數(shù)據(jù))和隱式(即HTTP請求的報頭)。兩種輸入都可用來構(gòu)建輸出頁面。基于cookie值針對具體用戶構(gòu)建頁面的情況尤其普遍。</p><p> 2、頁面由頻繁改變的數(shù)據(jù)導(dǎo)出。</p><p> 如果頁面需要根據(jù)每個具體的請求做出相應(yīng)的改變,當(dāng)然需要在請求發(fā)生時構(gòu)建響應(yīng)。但是,如果頁面周期性地改變,我們可
11、以用兩種方式來處理它:周期性地在服務(wù)器上構(gòu)建新的頁面(和客戶請求無關(guān)),或者僅僅在用戶請求該頁面時再構(gòu)建。具體應(yīng)該采用哪種方式要根據(jù)具體情況而定,但后一種方式常常更為方便,因?yàn)樗恍韬唵蔚氐却脩舻恼埱?。例如,天氣預(yù)報或新聞網(wǎng)站可能會動態(tài)地構(gòu)建頁面,也有可能會返回之前構(gòu)建的頁面(如果它還是最新的話)。</p><p> 3、頁面中使用了來自公司數(shù)據(jù)庫或其他數(shù)據(jù)庫斷數(shù)據(jù)源的信息。</p><p
12、> 如果數(shù)據(jù)存儲在數(shù)據(jù)庫中,那么,即使客戶端使用動態(tài)Web內(nèi)容,比如applet,我們依舊需要執(zhí)行服務(wù)器端處理。想象以下,如果一個搜索引擎網(wǎng)站完全使用applet,那么用戶將會看到:“正在下載50TB的applet,請等待!”。顯然,這樣很愚蠢;這種情況下,我們需要與數(shù)據(jù)庫進(jìn)行會話。從客戶端到Web層再到數(shù)據(jù)庫(三層結(jié)構(gòu)),要比從applet直接到數(shù)據(jù)庫(二層結(jié)構(gòu))更靈活,也更安全,而性能上的損失很少甚至沒有。畢竟數(shù)據(jù)庫調(diào)用通常
13、是對速度影響最大的步驟,因而,經(jīng)過中間層可以執(zhí)行高速緩存和連接共享。</p><p> 理論上講,servelt并非只用于處理HTTP請求的Web服務(wù)器或應(yīng)用服務(wù)器,它同樣可以用于其他類型的服務(wù)器。例如,servlet能夠嵌入到FTP或郵件服務(wù)器中,擴(kuò)展他們的功能。而且,用于會話啟動協(xié)議服務(wù)器的servlet API最近已經(jīng)被標(biāo)準(zhǔn)化(參見http://jcp.org/en/jsr/detail?id=116)。
14、但在實(shí)踐中,servelt的這種用法尚不流行,在此,我們只論述HTTP Servlet。</p><p> 1.3 Servlet相對于“傳統(tǒng)”CGI的優(yōu)點(diǎn)</p><p> 和傳統(tǒng)CGI及許多類CGI技術(shù)相比,Java servelt效率更高、更易用、更強(qiáng)大、更容易移植、更安全、也更廉價。</p><p><b> 1、效率</b>&l
15、t;/p><p> 應(yīng)用傳統(tǒng)的CGI,針對每個HTTP請求都用啟動一個新的進(jìn)程。如果CGI程序自身相對比較簡短,那么啟動進(jìn)程的開銷會占用大部分執(zhí)行時間。而使用servelt,Java虛擬機(jī)會一直運(yùn)行,并用輕量級的Java線程處理每個請求,而非重量級的操作系統(tǒng)進(jìn)程。類似地,應(yīng)用傳統(tǒng)的CGI技術(shù),如果存在對同一CGI程序的N個請求,那么CGI程序的代碼會載入內(nèi)存N次。同樣的情況,如果使用servlet則啟動N個線程,單
16、僅僅載入servlet類的單一副本。這種方式減少了服務(wù)器的內(nèi)存需求,通過實(shí)例化更少的對象從而節(jié)省了時間。最后,當(dāng)CGI程序結(jié)束對請求的處理之后,程序結(jié)束。這種方式難以緩存計(jì)算結(jié)果,保持?jǐn)?shù)據(jù)庫連接打開,或是執(zhí)行依靠持續(xù)性數(shù)據(jù)的其他優(yōu)化。然而,servelt會一直停留在內(nèi)存中(即使請求處理完畢),因而可以直接存儲客戶請求之間的任意復(fù)雜數(shù)據(jù)。</p><p><b> 2、便利</b></
17、p><p> Servelt提供大量的基礎(chǔ)構(gòu)造,可以自動分析和解碼HTML的表單數(shù)據(jù),讀取和設(shè)置HTTP報頭,處理cookie,跟蹤會話,以及其他次類高級功能。而在CGI中,大部分工作都需要我們資金完成。另外,如果您已經(jīng)了解了Java編程語言,為什么還有學(xué)校Perl呢?您已經(jīng)承認(rèn)應(yīng)用Java技術(shù)編寫的代碼要比Visual Basic,VBScript或C++編寫的代碼更可靠,且更易重用,為什么還有倒退回去選擇那些語
18、言來開發(fā)服務(wù)器端的程序呢?</p><p><b> 3、強(qiáng)大</b></p><p> Servlet支持常規(guī)CGI難以實(shí)現(xiàn)或根本不能實(shí)現(xiàn)的幾項(xiàng)功能。Servlet能夠直接于Web服務(wù)器對話,而常規(guī)的CGI程序做不到這一點(diǎn),至少在不使用服務(wù)器專有API的情況下是這樣。例如,與Web服務(wù)器的通信使得講相對URL轉(zhuǎn)換成具體的路徑名變得更為容易。多個servelt還可
19、以共享數(shù)據(jù),從而易于實(shí)現(xiàn)數(shù)據(jù)庫連接共享和類似的資源共享優(yōu)化。Servelt還能維護(hù)請求之間的信息,使得諸如會話跟蹤和計(jì)算結(jié)果緩存等技術(shù)變得更為簡單。</p><p><b> 4、可移植性</b></p><p> Servelt使用Java編程語言,并且遵循標(biāo)準(zhǔn)的API。所有主要的Web服務(wù)器。實(shí)際上都直接或通過插件支持servlet。因此。為Macromedi
20、a JRun編寫的servlet,可以不經(jīng)過任何修改地在Apache Tomcat,Microsoft Internet Information Server,IBM WebSphere 。iPlanet Enterprise Server。Oracle9i AS 或者StrNine WebStar上運(yùn)行。他們是java2平臺企業(yè)版的一部分,所以對servlet的支持越來越普遍。</p><p><b>
21、; 5、廉價</b></p><p> 對于開發(fā)用的網(wǎng)站、低容量或中等容量網(wǎng)站的部署,有大量免費(fèi)或極為廉價的Web服務(wù)器可供選擇。因此,通過使用servelt和jsp,我們可以從免費(fèi)或廉價的服務(wù)器開始,在項(xiàng)目獲得初步成功后,在移植到更高性能或高級管理工具的昂貴的服務(wù)器上。這與其他CGI方案形成鮮明的對比,這些CGI方案在初期都需要為購買專利軟件包投入大量的資金。</p><p&
22、gt; 價格和可移植性在某種程度上是相互關(guān)聯(lián)的。例如,Marty記錄了所有通過電子郵件向他發(fā)送問題的讀者的所在國。印度接近列表的頂端,可能僅次于美國。Marty曾在馬尼拉講授過jsp和servlet培訓(xùn)課程,那兒對servelt和jsp技術(shù)抱很大的興趣。</p><p> 那么,為什么印度和菲律賓都對這項(xiàng)技術(shù)著呢感興趣呢?我們推測答案可能分兩部分。首先,這兩個國家都擁有大量訓(xùn)練有素的軟件開發(fā)人員。其次,這兩個
23、國家的貨幣對美元的匯率都極為不利。因此,從美國公司那里購買專用Web服務(wù)器會消耗掉項(xiàng)目的大部分前期資金。</p><p> 但是,使用servlet 和JSP,他們能夠從免費(fèi)的服務(wù)器開始:Apache Tomcat。項(xiàng)目取得成功之后,他們可以轉(zhuǎn)移到性能更高、管理更容易,但需要付費(fèi)的服務(wù)器。他們的servelt和jsp不需要重寫編寫。如果他們的項(xiàng)目變得更龐大,他們或許希望轉(zhuǎn)移到分布式環(huán)境。沒有問題:他們可以轉(zhuǎn)而使
24、用Macromedia JRun Professional,該服務(wù)器支持分布式應(yīng)用。同樣,他們的servelt和jsp沒有任何部分需要重寫。如果項(xiàng)目變得極為龐大,錯綜復(fù)雜,他們或許希望使用Enterprise JavaBeans來封裝他們的商業(yè)邏輯。因此,他們可以切換到BEA WebLogic或Oracle9i AS。同樣,不需要對servlet和jsp做出更改。最后,如果他們的項(xiàng)目變得更龐大,他們或許將他從Linux轉(zhuǎn)移到運(yùn)行IBM
25、WebSphere的IBM大型機(jī)上。他們還是不需要做出任何更改。</p><p><b> 6、安全</b></p><p> 傳統(tǒng)CGI程序中主要的漏洞來源之一就是,CGI程序常常由通過的操作系統(tǒng)外殼來執(zhí)行。因此,CGI程序必須仔細(xì)地過濾掉那些可能被外殼特殊處理的字符,如反引導(dǎo)和分號。實(shí)現(xiàn)這項(xiàng)預(yù)防措施的難度可能超出我們的想象,在廣泛應(yīng)用的CGI庫中,不斷發(fā)現(xiàn)由這
26、類問題引發(fā)的弱點(diǎn)。</p><p> 問題的第二個來源是,一些CGI程序用不自動檢查數(shù)組和字符串邊界的語言編寫而成。例如,在C和C++中,可以分配一個100個元素的數(shù)組,然后向第999個“元素“寫入數(shù)據(jù)——實(shí)際上是程序內(nèi)存的隨機(jī)部分,這完全合法。因而,如果程序員忘記執(zhí)行這項(xiàng)檢查,就會將系統(tǒng)暴露在蓄意或偶然的緩沖區(qū)溢出攻擊之下。</p><p> Servelt不存在這些問題。即使ser
27、velt執(zhí)行系統(tǒng)調(diào)用激活本地操作系統(tǒng)上的程序,它也不會用到外殼來完成這項(xiàng)任務(wù)。當(dāng)然,數(shù)組邊界的檢查以及其他內(nèi)存包含特性是java編程語言的核心部分。</p><p><b> 7、主流</b></p><p> 雖然存在許多很好的技術(shù),但是,如果提供商助支持他們,或開發(fā)人員不知道如何使用這些技術(shù),那么它們的優(yōu)點(diǎn)又如何體現(xiàn)呢?servelt和jsp技術(shù)得到服務(wù)器提供
28、商的廣泛支持,包括Apache,Oracle,IBM,Sybase,BEA,Maromedia,Causho,Sun/iPlanet,New Atlanta,ATG,F(xiàn)ujitsu,Lutris,Silverstream,World Wide Web Consortinrm ,以及其他服務(wù)器。存在幾種低廉的插件,通過應(yīng)用這些插件,Microsoft IIS和Zeus也同樣支持servlet和jsp技術(shù),它們運(yùn)行在Windows,Unix
29、/Linus,MacOS,VMS,和IBM大型機(jī)操作系統(tǒng)之上。它們用在航空業(yè)、電子商務(wù)、在線銀行、web搜索引擎、門戶、大型金融網(wǎng)站、以及成百上千您日常光顧的其他網(wǎng)站。</p><p> 當(dāng)然,僅僅是流行并不能證明技術(shù)的優(yōu)越性。很多泛美的例子。但我們的立場是:服務(wù)器端Java本非一項(xiàng)新的、為經(jīng)證實(shí)的技術(shù)。</p><p> An Overview of Servlet and JSP
30、Technology</p><p> Abstract: Servlet program running in the server-side, dynamically generated Web page with the traditional CGI and many other similar compared to CGI technology, Java Servlet with a more e
31、fficient, easier to use, more powerful and has better portability, more savings to invest .</p><p> Key words: JSP Technology, Servlet, HTTP server</p><p> 1.1 A Servlet's Job</p>
32、<p> Servlets are Java programs that run on Web or application servers, acting as a middle layer between requests coming from Web browsers or other HTTP clients and databases or applications on the HTTP server. The
33、ir job is to perform the following tasks, as illustrated in Figure 1-1.</p><p> Figure 1-1</p><p> 1.Read the explicit data sent by the client.</p><p> The end user normally ente
34、rs this data in an HTML form on a Web page. However, the data could also come from an applet or a custom HTTP client program.</p><p> 2.Read the implicit HTTP request data sent by the browser.</p>&l
35、t;p> Figure 1-1 shows a single arrow going from the client to the Web server (the layer where servlets and JSP execute), but there are really two varieties of data: the explicit data that the end user enters in a for
36、m and the behind-the-scenes HTTP information. Both varieties are critical. The HTTP information includes cookies, information about media types and compression schemes the browser understands, and so on.</p><p
37、> 3.Generate the results.</p><p> This process may require talking to a database, executing an RMI or EJB call, invoking a Web service, or computing the response directly. Your real data may be in a rel
38、ational database. Fine. But your database probably doesn't speak HTTP or return results in HTML, so the Web browser can't talk directly to the database. Even if it could, for security reasons, you probably would
39、not want it to. The same argument applies to most other applications.You need the Web middle layer to extract the result</p><p> inside a document.</p><p> 4.Send the explicit data (i.e., the
40、document) to the client.</p><p> This document can be sent in a variety of formats, including text (HTML or XML), binary (GIF images), or even a compressed format like gzip that is layered on top of some ot
41、her underlying format. But, HTML is by far the most common format, so an important servlet/JSP task is to wrap the results inside of HTML.</p><p> 5.Send the implicit HTTP response data.</p><p>
42、; Figure 1-1 shows a single arrow going from the Web middle layer (the servlet or JSP page) to the client. But, there are really two varieties of data sent: the document itself and the behind-the-scenes HTTP information
43、. Again, both varieties are critical to effective development. Sending HTTP response data involves telling the browser or other client what type of document is being returned (e.g., HTML), setting cookies and caching par
44、ameters, and other such tasks. </p><p> 1.2 Why Build Web Pages Dynamically?</p><p> many client requests can be satisfied by prebuilt documents, and the server would handle these requests wi
45、thout invoking servlets. In many cases, however, a static result is not sufficient, and a page needs to be generated for each request. There are a number of reasons why Web pages need to be built on-the-fly:</p>&
46、lt;p> 1. The Web page is based on data sent by the client.</p><p> For instance, the results page from search engines and order-confirmation pages at online stores are specific to particular user reques
47、ts. You don't know what to display until you read the data that the user submits. Just remember that the user submits two kinds of data: explicit (i.e., HTML form data) and implicit (i.e., HTTP request headers). Eith
48、er kind of input can be used to build the output page. In particular, it is quite common to build a user-specific page based on a cookie value.</p><p> 2.The Web page is derived from data that changes frequ
49、ently.</p><p> If the page changes for every request, then you certainly need to build the response at request time. If it changes only periodically, however, you could do it two ways: you could periodicall
50、y build a new Web page on the server (independently of client requests), or you could wait and only build the page when the user requests it. The right approach depends on the situation, but sometimes it is more convenie
51、nt to do the latter: wait for the user request. For example, a weather report or news hea</p><p> 3.The Web page uses information from corporate databases or other server-side sources.</p><p>
52、 If the information is in a database, you need server-side processing even if the client is using dynamic Web content such as an applet. Imagine using an applet by itself for a search engine site:</p><p> &
53、quot;Downloading 50 terabyte applet, please wait!" Obviously, that is silly; you need to talk to the database. Going from the client to the Web tier to the database (a three-tier approach) instead of from an applet
54、directly to a database (a two-tier approach) provides increased flexibility and security with little or no performance penalty. After all, the database call is usually the rate-limiting step, so going through the Web ser
55、ver does not slow things down. In fact, a three-tier approach is ofte</p><p> In principle, servlets are not restricted to Web or application servers that handle HTTP requests but can be used for other type
56、s of servers as well. For example, servlets could be embedded in FTP or mail servers to extend their functionality. And, a servlet API for SIP (Session Initiation Protocol) servers was recently standardized (see http://j
57、cp.org/en/jsr/detail?id=116). In practice, however, this use of servlets has not caught on, and we'll only be discussing HTTP servlets.</p><p> 1.3 The Advantages of Servlets Over "Traditional&quo
58、t; CGI</p><p> Java servlets are more efficient, easier to use, more powerful, more portable, safer, and cheaper than traditional CGI and many alternative CGI-like technologies.</p><p> 1.Effi
59、cient</p><p> With traditional CGI, a new process is started for each HTTP request. If the CGI program itself is relatively short, the overhead of starting the process can dominate the execution time. With
60、servlets, the Java virtual machine stays running and handles each request with a lightweight Java thread, not a heavyweight operating system process. Similarly, in traditional CGI, if there are N requests to the same CGI
61、 program, the code for the CGI program is loaded into memory N times. With servlets, how</p><p> 2.Convenient</p><p> Servlets have an extensive infrastructure for automatically parsing and de
62、coding HTML form data, reading and setting HTTP headers, handling cookies, tracking sessions, and many other such high-level utilities. In CGI, you have to do much of this yourself. Besides, if you already know the Java
63、programming language, why learn Perl too? You're already convinced that Java technology makes for more reliable and reusable code than does Visual Basic, VBScript, or C++. Why go back to those languages for</p>
64、<p> 3.Powerful</p><p> Servlets support several capabilities that are difficult or impossible to accomplish with regular CGI. Servlets can talk directly to the Web server, whereas regular CGI progr
65、ams cannot, at least not without using a server-specific API. Communicating with the Web server makes it easier to translate relative URLs into concrete path names, for instance. Multiple servlets can also share data, ma
66、king it easy to implement database connection pooling and similar resource-sharing optimizations. Servlets</p><p> 4.Portable</p><p> Servlets are written in the Java programming language and
67、follow a standard API. Servlets are supported directly or by a plugin on virtually every major Web server. Consequently, servlets written for, say, Macromedia JRun can run virtually unchanged on Apache Tomcat, Microsoft
68、Internet Information Server (with a separate plugin), IBM WebSphere, iPlanet Enterprise Server, Oracle9i AS, or StarNine WebStar. They are part of the Java 2 Platform, Enterprise Edition (J2EE; see http://java.sun.com/j2
69、ee</p><p> 5.Inexpensive</p><p> A number of free or very inexpensive Web servers are good for development use or deployment of low- or medium-volume Web sites. Thus, with servlets and JSP you
70、 can start with a free or inexpensive server and migrate to more expensive servers with high-performance capabilities or advanced administration utilities only after your project meets initial success. This is in contras
71、t to many of the other CGI alternatives, which require a significant initial investment for the purchase of a proprietary</p><p> Price and portability are somewhat connected. For example, Marty tries to ke
72、ep track of the countries of readers that send him questions by email. India was near the top of the list, probably #2 behind the U.S. Marty also taught one of his JSP and servlet training courses (see http://courses.cor
73、eservlets.com/) in Manila, and there was great interest in servlet and JSP technology there.</p><p> Now, why are India and the Philippines both so interested? We surmise that the answer is twofold. First,
74、both countries have large pools of well-educated software developers. Second, both countries have (or had, at that time) highly unfavorable currency exchange rates against the U.S. dollar. So, buying a special-purpose We
75、b server from a U.S. company consumed a large part of early project funds.</p><p> But, with servlets and JSP, they could start with a free server: Apache Tomcat (either standalone, embedded in the regular
76、Apache Web server, or embedded in Microsoft IIS). Once the project starts to become successful, they could move to a server like Caucho Resin that had higher performance and easier administration but that is not free. Bu
77、t none of their servlets or JSP pages have to be rewritten. If their project becomes even larger, they might want to move to a distributed (clustered) enviro</p><p><b> 6.Secure</b></p>&
78、lt;p> One of the main sources of vulnerabilities in traditional CGI stems from the fact that the programs are often executed by general-purpose operating system shells. So, the CGI programmer must be careful to filte
79、r out characters such as backquotes and semicolons that are treated specially by the shell. Implementing this precaution is harder than one might think, and weaknesses stemming from this problem are constantly being unco
80、vered in widely used CGI libraries.</p><p> A second source of problems is the fact that some CGI programs are processed by languages that do not automatically check array or string bounds. For example, in
81、C and C++ it is perfectly legal to allocate a 100-element array and then write into the 999th "element," which is really some random part of program memory. So, programmers who forget to perform this check open
82、 up their system to deliberate or accidental buffer overflow attacks.</p><p> Servlets suffer from neither of these problems. Even if a servlet executes a system call (e.g., with Runtime.exec or JNI) to inv
83、oke a program on the local operating system, it does not use a shell to do so. And, of course, array bounds checking and other memory protection features are a central part of the Java programming language.</p>&l
84、t;p> 7.Mainstream</p><p> There are a lot of good technologies out there. But if vendors don't support them and developers don't know how to use them, what good are they? Servlet and JSP technol
85、ogy is supported by servers from Apache, Oracle, IBM, Sybase, BEA, Macromedia, Caucho, Sun/iPlanet, New Atlanta, ATG, Fujitsu, Lutris, Silverstream, the World Wide Web Consortium (W3C), and many others. Several low-cost
86、plugins add support to Microsoft IIS and Zeus as well. They run on Windows, Unix/Linux, MacOS, VMS, and IBM main</p><p> Of course, popularity alone is no proof of good technology. Numerous counter-examples
溫馨提示
- 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
- 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
- 5. 眾賞文庫僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
- 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。
最新文檔
- 網(wǎng)上購物畢業(yè)論文外文翻譯
- 網(wǎng)上購物消費(fèi)者動機(jī)【外文翻譯】
- 2015年--網(wǎng)上購物外文翻譯--消費(fèi)者對網(wǎng)上購物的態(tài)度(節(jié)選)
- 外文翻譯---淺談網(wǎng)上購物的發(fā)展前景
- 網(wǎng)上購物的自由,控制和樂趣【外文翻譯】
- 網(wǎng)上購物的自由、控制和樂趣【外文翻譯】
- 網(wǎng)上購物系統(tǒng)
- 網(wǎng)上購物系統(tǒng)
- uml網(wǎng)上購物系統(tǒng)課程設(shè)計(jì)--網(wǎng)上購物系統(tǒng)
- 消費(fèi)者網(wǎng)上購物的信任模型【外文翻譯】
- 消費(fèi)者網(wǎng)上購物的信任模型【外文翻譯】
- 網(wǎng)購?fù)馕姆g--網(wǎng)上購物的自由、控制和樂趣
- 網(wǎng)上購物系統(tǒng).doc
- 網(wǎng)上購物系統(tǒng).doc
- 超市網(wǎng)上購物系統(tǒng)
- 網(wǎng)上購物系統(tǒng).doc
- 網(wǎng)上購物系統(tǒng).doc
- 網(wǎng)上購物系統(tǒng)調(diào)研報告
- 網(wǎng)上購物系統(tǒng)uml建模
- 網(wǎng)上購物系統(tǒng)開題報告
評論
0/150
提交評論