JWIG Yet Another Framework for Maintainable and Secure Web Applications
|
|
- Emmeline Lynch
- 8 years ago
- Views:
Transcription
1 JWIG Yet Another Framework for Maintainable and Secure Web Applications Anders Møller Mathias Schwarz Aarhus University
2 Brief history - Precursers 1999: <bigwig> Powerful template system Form field validation, concurrency, simple database : JWIG Java-based General XML 2003-: Xact XML transformations Type system Flow based template analysis 2008-: JWIG2! 2
3 Software Engineering Principles High cohesion and low coupling Code that belongs together should be together Secure by design e.g. resistance against XSS Convention over configuration (sensible defaults) 3
4 Many frameworks JSF 4
5 Struts and JSF 5
6 Yet Another Framework? Problems in current frameworks Not secure by design Lots of complicated configuration Low coherence (unclear flow between pages) Server push is too cumbersome to use No uniform support for XHTML web applications and XML based web services 6
7 Server vs Client-oriented? Recent trends: Move as much as possible to client side Rich UI in JavaScript Drawbacks of using client side Conflicts with the use of ORM systems Security considerations 7
8 JWIG Overview 8
9 Generating XML Output We want a solution: Unifies template and DOM-like approaches Permists static validation analysis Avoids XSS problems The solution: XACT An existing, powerful XML transformation framework 9
10 Hello World in JWIG import dk.brics.xact.xml; public class Main extends WebApp { public XML hello(string what) { return [[ <html> <head><title>example</title></head> <body> <p>hello <{ what ></p> </body> </html> ]]; 10
11 Web methods The base unit in JWIG is the web method (Different from Struts, JSF, Servlets) All public methods of a WebApp that: Return XML, URL, String or Carry annotation Web methods are matched by priority (Set annotation) Methods are invoked by reflection on request. There is no configuration. 11
12 Web method parameters The simplest way to take parameters? Formal parameters! Web methods may take parameters Of type Strings Of types that declare a tostring()/valueof() Session (Persistable) Collections/arrays of the above 12
13 MicroChat 13
14 MicroChat (1/2) public class MicroChat extends WebApp { List<String> messages = new ArrayList<String>(); public XML chat() { return [[ <html> <head><title>microchat</title></head> <body> <{ new XMLProducer(messages) { XML run() { if (!messages.isempty()) return [[ <ul> <{ [[<li><[msg]></li>]].plugwrap("msg", messages) > </ul> ]]; else return [[ ]]; > 14
15 MicroChat (2/2) <form method="post" action=[send]> <p> <input type="text" name="msg"/> <input type="submit" value="send"/> </p> </form> </body> </html> ]].plug("send", new SubmitHandler() { void run(string msg) { messages.add(msg); update(messages); ); 15
16 Observations about MicroChat Concise code Guaranteed well-formed and valid XHTML XSS impossible (secure by design) Clear flow between generating and handling form (high cohesion) Easy server push 16
17 Session State Session data is typically stored in a per-user string-to-object map Low cohesion between data and code using it Hard to clean up Potential conflicts in naming The solution is to divide session data into small typed units 17
18 Session Example URL hello(string what) { return makeurl("sayhi", new HelloSession(what)); class HelloSession extends Session { String name; public HelloSession(String s) { name = s; public XML sayhi(hellosession s) { return [[ <html> <head><title>example</title></head> <body><p>hello <{ s.name ></p></body> </html> ]]; 18
19 Filters in JWIG Filters are just web methods, that Have higher priority than other methods Call next() import dk.brics.xact.xml; public class Main extends WebApp { public XML hello(string what) { return [[ <html><head><title>example</title></head> <body> <p>hello <{ what ></p> hello ) public void log(string what) { System.out.println( Greeted + what); next(); next() invokes web methods of lower priority and returns the response 19
20 Aggressive cache Caching The cache filter caches any GET response WebApp.addResponseInvalidator(Object) makes a response dependant on some object WebApp.update(Object) clears all dependant responses from the cache 20
21 Status codes and Authorization Status codes (excluding 200 OK) are signaled using exceptions AuthorizationRequiredException Use for HTTP Basic Authentication AccessDeniedException NotFoundException All others 21
22 HTTP Basic Authentication Thus HTTP Basic Authentication is simple We can create a filter that thows an exception of no user is set import dk.brics.xact.xml; public class Main extends WebApp { public XML hello(string what) { return [[ <html><head><title>example</title></head> <body> <p>hello <{ what ></p> </body></html> + ** ) public void auth() { User u = getuser(); The User object can be used for checking username and password if (u == null) throw new AuthorizationRequiredException( Hello Service ); next(); 22
23 Deployment JWIG follows the same structure as Struts/ JSF: A fixed web.xml file in WEB-INF Classes in WEB-INF/classes JWIG implementation libraries in WEB-INF/lib There is a zip-file for you on the web page 23
24 Status and Future Work Case study: 30,000 lines course administration system (CourseAdmin) Done as PREP project: Static analysis of JWIG programs Matching parameter names, types, web app graph Future/current work: User input validation Tag mechanism for UI abstractions Automated (concolic) testing of applications Maybe your next PREP project? 24
25 Conclusion Simple framework from sound design principles High cohesion, low coupling Secure by design Convention over configuration Unified XML processing (via XACT) XMLProducer for server push Event handlers for user input 25
26 Questions? 26
27 QuickPoll (1/5) package quickpoll; import dk.brics.jwig.*; import public class QuickPoll extends WebApp { XML wrapper = [[ <html> <head><title>quickpoll</title></head> <body> <h1>quickpoll</h1> <[BODY]> </body> </html> ]]; class State { String question; int yes; int no; State state = new State(); 27
28 QuickPoll public XML index() { return wrapper.plug("body", [[ <ul> <li><a href={makeurl("init")>initialize</a> (access control)</li> <li><a href={makeurl("vote")>vote</a></li> <li><a href={makeurl("results")>view results</a></li> </ul> public void authenticate() { User u = getuser(); if (u!= null && u.getusername().equals("jdoe") && u.getpassword().equals("42")) next(); else throw new AuthorizationRequiredException("QuickPoll"); 28
29 QuickPoll (3/5) public XML init() { return wrapper.plug("body", [[ <form method="post" action=[init]> What is your question?<br/> <input name="question" type="text" size="40"/>?<br/> <input type="submit" value="register my question"/> </form> ]]).plug("init", new SubmitHandler() { XML run(string question) { synchronized (state) { state.question = question; state.yes = state.no = 0; update(state); return wrapper.plug("body", [[ Your question has been registered. Let the vote begin! ]]); ); 29
30 QuickPoll (4/5) public XML vote() { if (state.question == null) throw new AccessDeniedException("QuickPoll not yet initialized"); addresponseinvalidator(state); return wrapper.plug("body", [[ <{state.question>?<p/> <form method="post" action=[vote]> <input name="vote" type="radio" value="yes"/> yes<br/> <input name="vote" type="radio" value="no"/> no<p/> <input type="submit" value="vote"/> </form> ]]).plug("vote", new SubmitHandler() { XML run(string vote) { synchronized (state) { if ("yes".equals(vote)) state.yes++; else if ("no".equals(vote)) state.no++; update(state); return wrapper.plug("body", [[ Thank you for your vote! ]]); ); 30
31 QuickPoll (5/5) public XML results() { return wrapper.plug("body", new XMLProducer(state) { XML run() { synchronized (state) { int total = state.yes + state.no; if (total == 0) return [[No votes yet...]]; else return [[ <{state.question>?<p/> <table border="0"> <tr><td>yes:</td><td><{drawbar(300*state.yes/total)></td><td><{state.yes></td></tr> <tr><td>no:</td><td><{drawbar(300*state.no/total)></td><td><{state.no></td></tr> </table> ]]; ); private XML drawbar(int length) { return [[<table><tr><td bgcolor="black" height="20" width={length></td></tr></table>]]; 31
JWIG: Yet Another Framework for Maintainable and Secure Web Applications
JWIG: Yet Another Framework for Maintainable and Secure Web Applications Anders Møller and Mathias Schwarz Department of Computer Science, Aarhus University, Denmark amoeller@cs.au.dk, schwarz@cs.au.dk
More informationSample HP OO Web Application
HP OO 10 OnBoarding Kit Community Assitstance Team Sample HP OO Web Application HP OO 10.x Central s rich API enables easy integration of the different parts of HP OO Central into custom web applications.
More informationApplication Security
2009 Marty Hall Declarative Web Application Security Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/msajsp.html Customized Java EE Training: http://courses.coreservlets.com/
More informationNovell Identity Manager
AUTHORIZED DOCUMENTATION Manual Task Service Driver Implementation Guide Novell Identity Manager 4.0.1 April 15, 2011 www.novell.com Legal Notices Novell, Inc. makes no representations or warranties with
More informationHello World RESTful web service tutorial
Hello World RESTful web service tutorial Balázs Simon (sbalazs@iit.bme.hu), BME IIT, 2015 1 Introduction This document describes how to create a Hello World RESTful web service in Eclipse using JAX-RS
More informationWeb Applications. Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/msajsp.html
2009 Marty Hall Using and Deploying Web Applications Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/msajsp.html Customized Java EE Training: http://courses.coreservlets.com/
More informationServlet 3.0. Alexis Moussine-Pouchkine. mercredi 13 avril 2011
Servlet 3.0 Alexis Moussine-Pouchkine 1 Overview Java Servlet 3.0 API JSR 315 20 members Good mix of representation from major Java EE vendors, web container developers and web framework authors 2 Overview
More informationControlling Web Application Behavior
2006 Marty Hall Controlling Web Application Behavior The Deployment Descriptor: web.xml JSP, Servlet, Struts, JSF, AJAX, & Java 5 Training: http://courses.coreservlets.com J2EE Books from Sun Press: http://www.coreservlets.com
More informationJava Servlet 3.0. Rajiv Mordani Spec Lead
Java Servlet 3.0 Rajiv Mordani Spec Lead 1 Overview JCP Java Servlet 3.0 API JSR 315 20 members > Good mix of representation from major Java EE vendors, web container developers and web framework authors
More informationIn this chapter, we lay the foundation for all our further discussions. We start
01 Struts.qxd 7/30/02 10:23 PM Page 1 CHAPTER 1 Introducing the Jakarta Struts Project and Its Supporting Components In this chapter, we lay the foundation for all our further discussions. We start by
More informationc. Write a JavaScript statement to print out as an alert box the value of the third Radio button (whether or not selected) in the second form.
Practice Problems: These problems are intended to clarify some of the basic concepts related to access to some of the form controls. In the process you should enter the problems in the computer and run
More informationComplete Java Web Development
Complete Java Web Development JAVA-WD Rev 11.14 4 days Description Complete Java Web Development is a crash course in developing cutting edge Web applications using the latest Java EE 6 technologies from
More information<Insert Picture Here>
פורום BI 21.5.2013 מה בתוכנית? בוריס דהב Embedded BI Column Level,ROW LEVEL SECURITY,VPD Application Role,security טובית לייבה הפסקה OBIEE באקסליבריס נפתלי ליברמן - לימור פלדל Actionable
More informationAnnouncements. Comments on project proposals will go out by email in next couple of days...
Announcements Comments on project proposals will go out by email in next couple of days... 3-Tier Using TP Monitor client application TP monitor interface (API, presentation, authentication) transaction
More informationBAPI. Business Application Programming Interface. Compiled by Y R Nagesh 1
BAPI Business Application Programming Interface Compiled by Y R Nagesh 1 What is BAPI A Business Application Programming Interface is a precisely defined interface providing access process and data in
More information2- Forms and JavaScript Course: Developing web- based applica<ons
2- Forms and JavaScript Course: Cris*na Puente, Rafael Palacios 2010- 1 Crea*ng forms Forms An HTML form is a special section of a document which gathers the usual content plus codes, special elements
More informationNGASI AppServer Manager SaaS/ASP Hosting Automation for Cloud Computing Administrator and User Guide
NGASI AppServer Manager SaaS/ASP Hosting Automation for Cloud Computing Administrator and User Guide NGASI SaaS Hosting Automation is a JAVA SaaS Enablement infrastructure that enables web hosting services
More informationAn Overview of Servlet & JSP Technology
2007 Marty Hall An Overview of Servlet & JSP Technology 2 Customized J2EE Training: http://courses.coreservlets.com/ Servlets, JSP, Struts, JSF, EJB3, Ajax, Java 5, Java 6, etc. Ruby/Rails coming soon.
More information2. Follow the installation directions and install the server on ccc
Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light weight web server is Apache Tomcat server. You can get the server from http://tomcat.apache.org/ 2. Follow
More informationIntell-a-Keeper Reporting System Technical Programming Guide. Tracking your Bookings without going Nuts! http://www.acorn-is.
Intell-a-Keeper Reporting System Technical Programming Guide Tracking your Bookings without going Nuts! http://www.acorn-is.com 877-ACORN-99 Step 1: Contact Marian Talbert at Acorn Internet Services at
More informationForms, CGI Objectives. HTML forms. Form example. Form example...
The basics of HTML forms How form content is submitted GET, POST Elements that you can have in forms Responding to forms Common Gateway Interface (CGI) Later: Servlets Generation of dynamic Web content
More informationChapter 22 How to send email and access other web sites
Chapter 22 How to send email and access other web sites Murach's PHP and MySQL, C22 2010, Mike Murach & Associates, Inc. Slide 1 Objectives Applied 1. Install and use the PEAR Mail package to send email
More informationInternet Technologies
QAFQAZ UNIVERSITY Computer Engineering Department Internet Technologies HTML Forms Dr. Abzetdin ADAMOV Chair of Computer Engineering Department aadamov@qu.edu.az http://ce.qu.edu.az/~aadamov What are forms?
More informationUsability. Usability
Objectives Review Usability Web Application Characteristics Review Servlets Deployment Sessions, Cookies Usability Trunk Test Harder than you probably thought Your answers didn t always agree Important
More informationRecommended readings. Lecture 11 - Securing Web. Applications. Security. Declarative Security
Recommended readings Lecture 11 Securing Web http://www.theserverside.com/tt/articles/content/tomcats ecurity/tomcatsecurity.pdf http://localhost:8080/tomcat-docs/security-managerhowto.html http://courses.coreservlets.com/course-
More informationVolume 1: Core Technologies Marty Hall Larry Brown. An Overview of Servlet & JSP Technology
Core Servlets and JavaServer Pages / 2e Volume 1: Core Technologies Marty Hall Larry Brown An Overview of Servlet & JSP Technology 1 Agenda Understanding the role of servlets Building Web pages dynamically
More informationContents. 2 Alfresco API Version 1.0
The Alfresco API Contents The Alfresco API... 3 How does an application do work on behalf of a user?... 4 Registering your application... 4 Authorization... 4 Refreshing an access token...7 Alfresco CMIS
More informationLiferay Enterprise ecommerce. Adding ecommerce functionality to Liferay Reading Time: 10 minutes
Liferay Enterprise ecommerce Adding ecommerce functionality to Liferay Reading Time: 10 minutes Broadleaf + Liferay ecommerce + Portal Options Integration Details REST APIs Integrated IFrame Separate Conclusion
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection 2
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationMultimedia im Netz Online Multimedia Winter semester 2015/16. Tutorial 03 Major Subject
Multimedia im Netz Online Multimedia Winter semester 2015/16 Tutorial 03 Major Subject Ludwig- Maximilians- Universität München Online Multimedia WS 2015/16 - Tutorial 03-1 Today s Agenda Quick test Server
More informationCreating Custom Web Pages for cagrid Services
Creating Custom Web Pages for cagrid Services Creating Custom Web Pages for cagrid Services Contents Overview Changing the Default Behavior Subclassing the AXIS Servlet Installing and Configuring the Custom
More informationDefeating XSS and XSRF with JSF Frameworks
Defeating XSS and XSRF with JSF Frameworks About Me Steve Wolf Vice President, Application Security AsTech Consulting, Inc. steve.wolf@astechconsulting.com www.astechconsulting.com OWASP Chapter Lead Sacramento,
More informationBizFlow 9.0 BizCoves BluePrint
BizFlow 9.0 BizCoves BluePrint HandySoft Global Corporation 1952 Gallows Road Suite 100 Vienna, VA USA 703.442.5600 www.handysoft.com 1999-2004 HANDYSOFT GLOBAL CORPORATION. ALL RIGHTS RESERVED. THIS DOCUMENTATION
More informationConfiguring iplanet 6.0 Web Server For SSL and non-ssl Redirect
Introduction Configuring iplanet 6.0 Web Server For SSL and non-ssl Redirect This document describes the process for configuring an iplanet web server for the following situation: Require that clients
More informationReal SQL Programming 1
Real 1 We have seen only how SQL is used at the generic query interface an environment where we sit at a terminal and ask queries of a database. Reality is almost always different: conventional programs
More informationUnderstanding Cross Site Scripting
Understanding Cross Site Scripting Hardik Shah Understanding cross site scripting attacks Introduction: there are many techniques which a intruder can use to compromise the webapplications. one such techniques
More informationWhite Paper March 1, 2005. Integrating AR System with Single Sign-On (SSO) authentication systems
White Paper March 1, 2005 Integrating AR System with Single Sign-On (SSO) authentication systems Copyright 2005 BMC Software, Inc. All rights reserved. BMC, the BMC logo, all other BMC product or service
More informationMobile development with Apache OFBiz. Ean Schuessler, co-founder @ Brainfood
Mobile development with Apache OFBiz Ean Schuessler, co-founder @ Brainfood Mobile development For the purposes of this talk mobile development means mobile web development The languages and APIs for native
More informationWeb Applications and Struts 2
Web Applications and Struts 2 Problem area Problem area Separation of application logic and markup Easier to change and maintain Easier to re use Less error prone Access to functionality to solve routine
More informationWIRIS quizzes web services Getting started with PHP and Java
WIRIS quizzes web services Getting started with PHP and Java Document Release: 1.3 2011 march, Maths for More www.wiris.com Summary This document provides client examples for PHP and Java. Contents WIRIS
More informationSimplify Your Web App Development Using the Spring MVC Framework
1 of 10 24/8/2008 23:07 http://www.devx.com Printed from http://www.devx.com/java/article/22134/1954 Simplify Your Web App Development Using the Spring MVC Framework Struts is in fairly widespread use
More informationwww.virtualians.pk CS506 Web Design and Development Solved Online Quiz No. 01 www.virtualians.pk
CS506 Web Design and Development Solved Online Quiz No. 01 Which of the following is a general purpose container? JFrame Dialog JPanel JApplet Which of the following package needs to be import while handling
More informationWorkshop for WebLogic introduces new tools in support of Java EE 5.0 standards. The support for Java EE5 includes the following technologies:
Oracle Workshop for WebLogic 10g R3 Hands on Labs Workshop for WebLogic extends Eclipse and Web Tools Platform for development of Web Services, Java, JavaEE, Object Relational Mapping, Spring, Beehive,
More informationJAX-WS Developer's Guide
JAX-WS Developer's Guide JOnAS Team ( ) - March 2009 - Copyright OW2 Consortium 2009 This work is licensed under the Creative Commons Attribution-ShareAlike License. To view a copy of this license,visit
More informationConnecting Custom Services to the YAWL Engine. Beta 7 Release
Connecting Custom Services to the YAWL Engine Beta 7 Release Document Control Date Author Version Change 25 Feb 2005 Marlon Dumas, 0.1 Initial Draft Tore Fjellheim, Lachlan Aldred 3 March 2006 Lachlan
More informationWeb Applications. For live Java training, please see training courses at
2009 Marty Hall Using and Deploying Web Applications Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/msajsp.html Customized Java EE Training: http://courses.coreservlets.com/
More informationOverview. In the beginning. Issues with Client Side Scripting What is JavaScript? Syntax and the Document Object Model Moving forward with JavaScript
Overview In the beginning Static vs. Dynamic Content Issues with Client Side Scripting What is JavaScript? Syntax and the Document Object Model Moving forward with JavaScript AJAX Libraries and Frameworks
More informationFortigate SSL VPN 4 With PINsafe Installation Notes
Fortigate SSL VPN 4 With PINsafe Installation Notes Table of Contents Fortigate SSL VPN 4 With PINsafe Installation Notes... 1 1. Introduction... 2 2. Overview... 2 2.1. Prerequisites... 2 2.2. Baseline...
More informationMASTERTAG DEVELOPER GUIDE
MASTERTAG DEVELOPER GUIDE TABLE OF CONTENTS 1 Introduction... 4 1.1 What is the zanox MasterTag?... 4 1.2 What is the zanox page type?... 4 2 Create a MasterTag application in the zanox Application Store...
More informationSecure Application Development with the Zend Framework
Secure Application Development with the Zend Framework By Stefan Esser Who? Stefan Esser from Cologne / Germany in IT security since 1998 PHP core developer since 2001 Month of PHP Bugs/Security and Suhosin
More informationTCP/IP Networking, Part 2: Web-Based Control
TCP/IP Networking, Part 2: Web-Based Control Microchip TCP/IP Stack HTTP2 Module 2007 Microchip Technology Incorporated. All Rights Reserved. Building Embedded Web Applications Slide 1 Welcome to the next
More informationJSP Java Server Pages
JSP - Java Server Pages JSP Java Server Pages JSP - Java Server Pages Characteristics: A way to create dynamic web pages, Server side processing, Based on Java Technology, Large library base Platform independence
More informationPentesting Web Frameworks (preview of next year's SEC642 update)
Pentesting Web Frameworks (preview of next year's SEC642 update) Justin Searle Managing Partner UtiliSec Certified Instructor SANS Institute justin@utilisec.com // @meeas What Are Web Frameworks Frameworks
More informationHow to use SSO with SharePoint 2010 (FBA) using subdomains. Moataz Esmat EXT.1386
How to use SSO with SharePoint 2010 (FBA) using subdomains Moataz Esmat EXT.1386 I. Browse the web applications using subdomains: After creating the FBA web applications you need to simulate browsing the
More informationNome database: reddito
Nome database: reddito CAMPO TIPO codice int PRIMARY KEY cognome varchar(20) reddito float Elenco programmi - menu.html menu' gestione database - menuhref.html esempio di menu' con HREF - conn_db.jsp connessione
More informationWeb Programming II JSP (Java Server Pages) ASP request processing. The Problem. The Problem. Enterprise Application Development using J2EE
Enterprise Application Development using J2EE Shmulik London Lecture #6 Web Programming II JSP (Java Server Pages) How we approached it in the old days (ASP) Multiplication Table Multiplication
More informationExam Name: WebSpherePortal V5.1 Application Development Exam Type IBM Exam Code: 000-399 Total Questions: 102
Question: 1 A Company.com developer is using Rational Application Developer Portal Tools to troubleshoot a portlet application on a remote server. Which log file directory would be the BEST place to begin
More informationJAHIA CMS AND PORTAL SERVER
Computer Practie JAHIA CMS AND PORTAL SERVER Web Application Developer Guide DRAFT VERSION Serge Huber Jahia Ltd 1.0 english Jahia Ltd 45, rue de la Gare 1260 Nyon Switzerland i Disclaimers, Terms and
More informationFurther web design: HTML forms
Further web design: HTML forms Practical workbook Aims and Learning Objectives The aim of this document is to introduce HTML forms. By the end of this course you will be able to: use existing forms on
More informationConfiguring IBM WebSphere Application Server 7.0 for Web Authentication with SAS 9.3 Web Applications
Configuration Guide Configuring IBM WebSphere Application Server 7.0 for Web Authentication with SAS 9.3 Web Applications Configuring the System for Web Authentication This document explains how to configure
More informationDesign and Analysis of Web Application Frameworks
Aarhus University PhD Dissertation Design and Analysis of Web Application Frameworks Mathias Schwarz Supervisor: Anders Møller Submitted: January 29, 2013 Abstract Numerous web application frameworks
More informationSSO Plugin. Integration for Jasper Server. J System Solutions. http://www.javasystemsolutions.com Version 3.6
SSO Plugin Integration for Jasper Server J System Solutions Version 3.6 JSS SSO Plugin Integration with Jasper Server Introduction... 3 Jasper Server user administration... 4 Configuring SSO Plugin...
More informationOutline. CS 112 Introduction to Programming. Recap: HTML/CSS/Javascript. Admin. Outline
Outline CS 112 Introduction to Programming Web Programming: Backend (server side) Programming with Servlet, JSP q Admin and recap q Server-side web programming overview q Servlet programming q Java servlet
More informationWeb services can convert your existing applications into web applications.
i About the Tutorial Web services are open standard (XML, SOAP, HTTP, etc.) based web applications that interact with other web applications for the purpose of exchanging data Web services can convert
More informationWeb Hosting Prep Lab Homework #2 This week: Setup free web hosting for your project Pick domain name and check whether it is available Lots of free
Web Hosting Prep, Lab Homework #2 Project Requirements Gathering, Design Prototyping Web Application Frameworks JavaScript Introduction / Overview Lab Homework #3 CS 183 10/13/2013 Web Hosting Prep Lab
More information<?php if (Login::isLogged(Login::$_login_front)) { Helper::redirect(Login::$_dashboard_front); }
More information
HTML Tables. IT 3203 Introduction to Web Development
IT 3203 Introduction to Web Development Tables and Forms September 3 HTML Tables Tables are your friend: Data in rows and columns Positioning of information (But you should use style sheets for this) Slicing
More informationWeb Development 1 A4 Project Description Web Architecture
Web Development 1 Introduction to A4, Architecture, Core Technologies A4 Project Description 2 Web Architecture 3 Web Service Web Service Web Service Browser Javascript Database Javascript Other Stuff:
More informationThe Google Web Toolkit (GWT): Declarative Layout with UiBinder Basics
2013 Marty Hall & Yaakov Chaikin The Google Web Toolkit (GWT): Declarative Layout with UiBinder Basics (GWT 2.5 Version) Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/gwt.html
More informationCh-03 Web Applications
Ch-03 Web Applications 1. What is ServletContext? a. ServletContext is an interface that defines a set of methods that helps us to communicate with the servlet container. There is one context per "web
More informationwww.cotiinformatica.com.br
de WebService... Estrutura do projeto... LIBS: asm-3.1.jar commons-codec-1.6.jar commons-logging-1.1.1.jar fluent-hc-4.2.5.jar gson-2.2.4.jar httpclient-4.2.5.jar httpclient-cache-4.2.5.jar httpcore-4.2.4.jar
More informationSTREAMEZZO RICH MEDIA SERVER
STREAMEZZO RICH MEDIA SERVER Clustering This document is the property of Streamezzo. It cannot be distributed without the authorization of Streamezzo. Table of contents 1. INTRODUCTION... 3 1.1 Rich Media
More informationHello World Portlet Rendered with JSP for WebSphere Portal Version 4.1
1 of 11 16.10.2002 11:41 Hello World Portlet Rendered with JSP for WebSphere Portal Version 4.1 Table of Contents Creating the directory structure Creating the Java code Compiling the code Creating the
More informationWeb. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture #3 2008 3 Apache.
JSP, and JSP, and JSP, and 1 2 Lecture #3 2008 3 JSP, and JSP, and Markup & presentation (HTML, XHTML, CSS etc) Data storage & access (JDBC, XML etc) Network & application protocols (, etc) Programming
More informationWeb Service Development Using CXF. - Praveen Kumar Jayaram
Web Service Development Using CXF - Praveen Kumar Jayaram Introduction to WS Web Service define a standard way of integrating systems using XML, SOAP, WSDL and UDDI open standards over an internet protocol
More informationThis course provides students with the knowledge and skills to develop ASP.NET MVC 4 web applications.
20486B: Developing ASP.NET MVC 4 Web Applications Course Overview This course provides students with the knowledge and skills to develop ASP.NET MVC 4 web applications. Course Introduction Course Introduction
More informationManage Workflows. Workflows and Workflow Actions
On the Workflows tab of the Cisco Finesse administration console, you can create and manage workflows and workflow actions. Workflows and Workflow Actions, page 1 Add Browser Pop Workflow Action, page
More informationImplementing Specialized Data Capture Applications with InVision Development Tools (Part 2)
Implementing Specialized Data Capture Applications with InVision Development Tools (Part 2) [This is the second of a series of white papers on implementing applications with special requirements for data
More informationSSC - Web applications and development Introduction and Java Servlet (II)
SSC - Web applications and development Introduction and Java Servlet (II) Shan He School for Computational Science University of Birmingham Module 06-19321: SSC Outline Outline of Topics Servlet Configuration
More informationFortigate SSL VPN 3.x With PINsafe Installation Notes
Fortigate SSL VPN 3.x With PINsafe Installation Notes Table of Contents Fortigate SSL VPN 3.x With PINsafe Installation Notes... 1 1. Introduction... 2 2. Overview... 2 2.1. Prerequisites... 2 2.2. Baseline...
More informationBuilding and Using Web Services With JDeveloper 11g
Building and Using Web Services With JDeveloper 11g Purpose In this tutorial, you create a series of simple web service scenarios in JDeveloper. This is intended as a light introduction to some of the
More informationIt is highly recommended that you are familiar with HTML and JavaScript before attempting this tutorial.
About the Tutorial AJAX is a web development technique for creating interactive web applications. If you know JavaScript, HTML, CSS, and XML, then you need to spend just one hour to start with AJAX. Audience
More informationBuilding Web Services with Apache Axis2
2009 Marty Hall Building Web Services with Apache Axis2 Part I: Java-First (Bottom-Up) Services Customized Java EE Training: http://courses.coreservlets.com/ Servlets, JSP, Struts, JSF/MyFaces/Facelets,
More informationModel-View-Controller. and. Struts 2
Model-View-Controller and Struts 2 Problem area Mixing application logic and markup is bad practise Harder to change and maintain Error prone Harder to re-use public void doget( HttpServletRequest request,
More informationJavaScript and Dreamweaver Examples
JavaScript and Dreamweaver Examples CSC 103 October 15, 2007 Overview The World is Flat discussion JavaScript Examples Using Dreamweaver HTML in Dreamweaver JavaScript Homework 3 (due Friday) 1 JavaScript
More informationWESTERNACHER OUTLOOK E-MAIL-MANAGER OPERATING MANUAL
TABLE OF CONTENTS 1 Summary 3 2 Software requirements 3 3 Installing the Outlook E-Mail Manager Client 3 3.1 Requirements 3 3.1.1 Installation for trial customers for cloud-based testing 3 3.1.2 Installing
More informationDeveloping ASP.NET MVC 4 Web Applications MOC 20486
Developing ASP.NET MVC 4 Web Applications MOC 20486 Course Outline Module 1: Exploring ASP.NET MVC 4 The goal of this module is to outline to the students the components of the Microsoft Web Technologies
More informationLICENSE4J AUTO LICENSE GENERATION AND ACTIVATION SERVER USER GUIDE
LICENSE4J AUTO LICENSE GENERATION AND ACTIVATION SERVER USER GUIDE VERSION 1.6.0 LICENSE4J www.license4j.com Table of Contents Getting Started... 2 Server Roles... 4 Installation... 9 Server WAR Deployment...
More informationDynamic Web-Enabled Data Collection
Dynamic Web-Enabled Data Collection S. David Riba, Introduction Web-based Data Collection Forms Error Trapping Server Side Validation Client Side Validation Dynamic generation of web pages with Scripting
More informationCTF Web Security Training. Engin Kirda ek@ccs.neu.edu
CTF Web Security Training Engin Kirda ek@ccs.neu.edu Web Security Why It is Important Easiest way to compromise hosts, networks and users Widely deployed ( payload No Logs! (POST Request Difficult to defend
More information2.8. Session management
2.8. Session management Juan M. Gimeno, Josep M. Ribó January, 2008 Session management. Contents Motivation Hidden fields URL rewriting Cookies Session management with the Servlet/JSP API Examples Scopes
More informationA detailed walk through a CAS authentication
Welcome! First of all, what is CAS? Web single sign on Uses federated authentication, where all authentication is done by the CAS server, instead of individual application servers The implementation is
More informationYandex.Widgets Quick start
17.09.2013 .. Version 2 Document build date: 17.09.2013. This volume is a part of Yandex technical documentation. Yandex helpdesk site: http://help.yandex.ru 2008 2013 Yandex LLC. All rights reserved.
More informatione ag u g an L g ter lvin v E ram Neal G g ro va P Ja
Evolving the Java Programming Language Neal Gafter Overview The Challenge of Evolving a Language Design Principles Design Goals JDK7 and JDK8 Challenge: Evolving a Language What is it like trying to extend
More informationRESTful web applications with Apache Sling
RESTful web applications with Apache Sling Bertrand Delacrétaz Senior Developer, R&D, Day Software, now part of Adobe Apache Software Foundation Member and Director http://grep.codeconsult.ch - twitter:
More informationWeb [Application] Frameworks
Web [Application] Frameworks conventional approach to building a web service write ad hoc client code in HTML, CSS, Javascript,... by hand write ad hoc server code in [whatever] by hand write ad hoc access
More informationFax via HTTP (POST) Traitel Telecommunications Pty Ltd 2012 Telephone: (61) (2) 9032 2700. Page 1
Fax via HTTP (POST) Page 1 Index: Introduction:...3 Usage:...3 Page 2 Introduction: TraiTel Telecommunications offers several delivery methods for its faxing service. This document will describe the HTTP/POST
More informationPHP Form Handling. Prof. Jim Whitehead CMPS 183 Spring 2006 May 3, 2006
PHP Form Handling Prof. Jim Whitehead CMPS 183 Spring 2006 May 3, 2006 Importance A web application receives input from the user via form input Handling form input is the cornerstone of a successful web
More informationHow To Write A Web Framework In Java
Seam Framework Experience the Evolution of Java ЕЕ Second Edition Michael Juntao Yuan Jacob Orshalick Thomas Heute PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto
More informationQuick Start Guide. Installation and Setup
Quick Start Guide Installation and Setup Introduction Velaro s live help and survey management system provides an exciting new way to engage your customers and website visitors. While adding any new technology
More information