Questionnaire
Content
questionnaire
covers java servlets, java server pages, enterprise java beans, jndi, jms, xml and, enterprise java architecture
1
part i: servlets
1.what is a servlet?
answer: servlets are modules residing on the web servers to provide dynamic content to the clients. servlets are modules that extend request/responseoriented servers, such as java-enabled web servers. servlets have no graphical user interface. servlets are a replacement to the cgi. servlets sits between the clients in the internet and the resources on the server. when a client interacts with the servlet, the servlet receives two objects servletrequest, which contains the communication from the client to the server. servletresponse, which contains the communication from the servlet back to the client. the servlet can read the client requests and data from the servletrequest, process the request by requesting services from the resources on the server and send a response to the client through the servletresponse
2.what are comparable technologies to servlets?
answer: cgi is the comparable technology to the servlets. vendor specific api like isapi (from microsoft for their iis web server) and nsapi (netscape for their netscape enterprise server) are also similar to servlets.
3.what are the advantages of servlets technologies mentioned in question 2?
answer:
over
the
java servlets are portable across web servers and platforms. this is because they are written in a standard api that is supported by all the servlet engines. developing servlets is more productive. the java servlet api is easy to learn and provides all the benefits of the java programming language. servlets provide good performance compared to cgi programming. they are multithreaded i.e multiple client requests can be handled by separate threads within a single process.
4.what is a servlet engine or a servlet container?
answer: servlet engines are “add-ons” to a web server that provides the servlet processing capability. this model provides better levels of scalability because multiple distributed engines can be integrated with one web server. servlet container is a new name that is given to servlet engines as part of the j2ee specification.
2
5.give an example of a servlet engine (a servlet container)?
answer: tomcat from the java apache project is an example of a servlet container. even websphere can act as an engine under iis and many other web servers.
6.how is scalability achieved?
answer: servlets are highly scalable. servlets can forward request for processing. servlets can balance load by forwarding requests to be handled by other servers. servlets can be made lightweight to act as receive requests and transmit response. the processing can be done in other business java objects. the processing is done multithreaded. the processing can be achieved through ejb in the same or another server.
7.what can servlets do?
answer: process user input passed by an html form and return a request. provide a user authentication and security. forward requests from one server to another.
8.what are get and post methods?
answer:
get:
it is the default http method used to request a resource from the server. it is normally used to request static data. the main two disadvantages of this method are that: a limited amount of data can be passed as part of the url & the information passed in the url is visible.
post
it is normally used to pass the user input to the server. it is usually used to request dynamic data. its parameter information is stored in the body of the request rather than the url. the advantage of this method is that :there is no limit to the amount of information passed. and as it is stored in the body of the request, the user info is not visible.
3
9.what is the life cycle of a servlet?
answer: the servlet life cycle is made up of three methods:- init(),service() & destroy() methods. the servlet is loaded only once. the init() is called a single time when the servlet is first loaded. the service() is automatically called by the server in response to the client request. depending upon the type of http request recevied the methods doget() and dopost() are used. the service() method processes the client request by evaluating the servletrequest or httpservletrequest object and responds using servletresponse or httpservletresponse object.
10.what is thread safety?
answer: the servlet writer must ensure that no thread can read a variable while another thread is in the process of changing it. this is done by synchronization :- this in java is a process of locking a variable so that it can be read and modified by only a single thread at a time. the singlethreadmodel interface can be used to ensure that no more than one thread can execute the service() at a time for a particular servlet instance
11.what is a session?
answer: a session is a persistent network connection between two hosts (usually a server and a client) that facilitates the exchange of information. the httpsession involves a virtual connection between a client and the server. a virtual connection associates each request received by the server with the client that issued it. this is accomplishzed by requiring the client to return a piece of state information with each request. the server uses this piece of information (usually a sessionid or
4
userid) to uniquely identify the client and associate the current request with the previous request. these virtual connections are commonly known as sessions. sessions are used to maintain state and client identity across multiple requests. these sessions automatically expire after a period of inactivity.
12.what is httpsession’s lifecycle?
answer: the client requests a resource from the server. the server returns an authentication validation. the client returns a valid password and name. the server returns a valid sessonid that uniquely identifies the client.(sent in a cookie or some other method). this cookie is returned by the client with each request to the server. this begins the httpsession. the client issues many requests to the server which is able to identify the client based on the sessionid passed in the cookie with each request. the client closes the browser without explicitly logging out. after the session time out period which is set ,the server expires the session by deleting the sessionid from the database table.
13.what are sessions?
answer: url rewriting
the
different
methods
of
tracking
the sessionid is embedded in the url path for managing the state of the clients request. each time the client follows a relative url hyperlink within the site, the browser will return the full path info (including the sessionid) to the server. the server can use this session information (from sessionid) to identify the client. advantages:o o for storing the sessionid in the url path no special browser feature is required. this will work even if cookies are disabled.
5
disadvantages:o o o you have to only use a relative path throughout the website. the sessionid is visible in the url path causing security concern. storing the sessionid in the url can frustrate the search engine.
hidden variables: hidden html form variables are commonly used to store state information. when a hidden variable is submitted , the client transmitts the fields name/value pair to the server. session management is implemented by storing sessionid within a hidden variable on every page. disadvantages:o o they only work when the client submits an html form. as hidden variables have to be passed on every page the code becomes cumbersum and the amount of processing is increased. the unique
cookies : it is a simple mechanism used to store and retrieve user-specific information on the web. in addition to the requested resource, the server may choose to return some state information that is stored by a cookie-enabled client. a cookie can be transmitted to the client by adding the set-cookie header to the http response using httpservletresponse objects setheader(). the addcookie() method of the httpservletresponse object allows one or more cookie objects to be added to the response. cookie information can be extracted from the client request using a servlet api method (getcookie() of httpservletrequest). advantages:o o disadvantages:o the user can disable the option of cookies, in which case the cookies won’t work. cookies provide a simple management and security. solution to state
either relative or absolute urls may be used without losing state.
6
o
not all browsers support cookies.
14.what is redirect?
answer: an http redirect is a set of instructions included in the header of an http response that instructs the browser to issue a new request to a new url. also the httpservletresponse method sendredirect(string location) can be used before any data is sent to the output stream.
15.what is requestdispatcher?
answer: included in the servlet api 2.1, the requestdispatcher object allows you to forward requests to or include output from other server resources. the requestdispatcher object essentially serves as a “wrapper” around the server resource in order to provide forwarding and including functionality. it has only two methods:- forward() and include(). the forward() method allows you to forward a request to another servlet(or other server resources). the include() allows you to include the content generated by another servlet( or other server resources).
16.i need to communicate from my servlet to another independent process. can i use the requestdispatcher instead of opening a socket connection?
answer: the requestdispatcher can only send a message to a servlet or jsp running inside the same servlet engine. you either have to open a socket, use native code, or use runtime.exec() to spawn a process on the web server host.
17.what is servlet chaining?
answer: it is the process of passing the output of one servlet to the input of another. the client request is sent to the first servlet in the chain.
7
once the request has been processed by the servlet, it passes its out put to the next servlet in the chain. this continues until the last servlets output is returned to the client. the servlet chain is triggered by: servlet aliasing, mime types, http request.
18.can a servlet be an rmi server?
answer: a servlet can act as a rmi server by implementing the remote interface.
8
part ii: java server pages
19.what is a jsp?
answer: a jsp page is a page created by the web developer that includes jsp specific tags, declarations and possibly scriplets, in combination with other static (html or xml) tags.
20.what is servlet?
the
difference
between
a
jsp
and
a
answer: a jsp is a servlet that thinks it's a web page. both use server-side java to dynamically generate web pages. the source code of a jsp looks like html, with java embedded inside funny tags; the source code of a servlet looks like java, with html embedded in out.print(...) statements. both use the servlet api to communicate with the web server and the client. in fact, a jsp gets compiled into a servlet, so they're almost identical in terms of expressive power. the choice is, whether you're more comfortable coding your pages in java or in jsp-style html; and since you can call a jsp from a servlet and vice versa, you don't have to make an either-or decision.
21.why is jsp presentation?
better
than
servlets
for
answer: jsp's provide a much cleaner way of seperation of presentation from logic. it speeds development with the reusable components and tags embedded in the page.and are simpler to write. jsps are interpreted only once, to java byte-code, and reinterpreted only when the file is modified. jsp specs is built on top of the java servlet api. servlets are supported by almost all major web servers, browsers and tools.
22.what is a jsp container or a jsp engine?
answer: the jsp container (or an engine) compiles the jsp into a servlet.
23.what are comparable technologies to jsps?
answer: there are many template languages like webmacro, freemarker. cold fusion with its many tags also competes with jsp. but the biggest competitor is asp (active server pages).
24.how do you set a cookie in a jsp?
answer: setting cookies from within a jsp page is similar to the way they are done within servlets. the following scriptlet sets a cookie "mycookie" at the client:
9
<% cookie mycookie = new cookie("aname","avalue"); response.addcookie(mycookie); %>
typically, cookies are set at the beginning of a jsp page, as they are sent out as part of the http headers.
25.how do we setup a cookie to expire at a certain time?
answer: we can set the maximum age of a cookie with the setmaxage(int seconds) method:
• • •
a positive value is the maximum number of seconds the cookie will live, before it expires a negative value means the cookie will not be stored beyond this browser session (deleted on browser close) zero means to delete the cookie
26.how is the performance of jsp compared to that of a servlet?
answer: the performance of jsp pages is very close to that of servlets. however,
users may experience a perceptible delay when a jsp page is accessed for the very first time. this is because the jsp page undergoes a "translation phase" wherein it is converted into a servlet by the jsp engine. once this servlet is dynamically compiled and loaded into memory, it follows the servlet life cycle for request processing. here, the jspinit() method is automatically invoked by the jsp engine upon loading the servlet, followed by the _jspservice() method, which is responsible for request processing and replying to the client. do note that the lifetime of this servlet is non-deterministic - it may be removed from memory at any time by the jsp engine for resource-related reasons. when this happens, the jsp engine automatically invokes the jspdestroy() method allowing the servlet to free any previously allocated resources. subsequent client requests to the jsp page do not result in a repeat of the translation phase as long as the servlet is cached in memory, and are directly handled by the servlet's service() method in a concurrent fashion (i.e. the service() method handles each client request within a seperate thread concurrently.)
27.how does jsp handle run-time exceptions?
answer:
you can use the errorpage attribute of the page directive to have
10
uncaught run-time exceptions automatically forwarded to an error processing page. for example: <%@ page errorpage="error.jsp" %> redirects the browser to the jsp page error.jsp if an uncaught exception is encountered during request processing. within error.jsp, if you indicate that it is an error-processing page, via the directive: <%@ page iserrorpage="true" %> the throwable object describing the exception may be accessed within the error page via the exception implicit object.
28.which jsp lifecycle methods can we override?
answer:
we cannot override the _jspservice() method within a jsp page. we can however, override the jspinit() and jspdestroy() methods within a jsp page. jspinit() can be useful for allocating resources like database connections, network connections, and so forth for the jsp page. it is good programming practice to free any allocated resources within jspdestroy().
29.how are jspinit() overriden?
and
jspdestroy()
methods
answer: the jspinit() and jspdestroy() methods are each executed just once during the lifecycle of a jsp page and are typically declared as jsp declarations:
<%! public void jspinit() { . . . } %> <%! public void jspdestroy() { . . . } %>
30.how are comments written in a jsp page?
answer: we can use "jsp-style" comments to selectively block out code while debugging or simply to comment your scriptlets. jsp comments are not
11
visible at the client. for example:
<%-- the scriptlet is now commented out <% out.println("hello world"); %> --%>
we can also use html-style comments anywhere within your jsp page. these comments are visible at the client. for example:
<!-- (c)2000 syntel india-->
we can also use comments supported by your jsp scripting language within your scriptlets. for example, assuming java is the scripting language, we can have:
<% //some comment /** yet another comment **/ %>
31.how do we perform browser redirection from a jsp page?
answer: we can use the response implicit object to redirect the browser to a different resource, as:
response.sendredirect("http://www.foo.com/path/error.html");
we can also physically alter the location http header attribute, as shown below:
<% response.setstatus(httpservletresponse.sc_moved_permanently); string newlocn = "/newpath/index.html"; response.setheader("location",newlocn);
12
%>
32.how do we prevent the output of a jsp from being cached by a browser?
answer: we will need to set the appropriate http header attributes to prevent the dynamic content output by the jsp page from being cached by the browser. the following scriptlet at the beginning of the jsp pages prevents the output from being cached at the browser. all the statements are needed to take care of some of the older browser versions.
<% response.setheader("cache-control","no-store"); //http 1.1 response.setheader("pragma","no-cache"); //http 1.0 response.setdateheader ("expires", 0); //prevents caching at the proxy server %>
33.what is the difference between <%@ include file="abc.jsp" %> and <jsp:include page="abc.jsp" %> ?
answer: the <%@include file="abc.jsp"%> directive acts like c "#include", pulling in the text of the included file and compiling it as if it were part of the including file. the included file can be any type (including html or text). the <jsp:include page="abc.jsp"> tag compiles the file as a separate jsp file, and embeds a call to it in the compiled jsp.
34.how can we customize the html generated by the jsp file based upon what browser the user is using?
answer:
<%@ page import="javax.servlet.*" %> <% string browsertype = request.getheader("user-agent"); string browser = ""; if ((browsertype.indexof("msie") != -1) || (browsertype.indexof("msie") != -1)) { browser = "explorer"; } else { browser = "navigator"; }
13
%> your browser is <%= browser%><br>
35.how can we access the same javabean instance from different jsp files?
answer: assuming the jsp files are on the same server and using the same servletcontext, just use application scope for the bean component.
<jsp:usebean id="localname" class="counter" scope="application" />
36.how can we determine the name and version number of the servlet or jsp engine that we are using?
answer: from within a servlet, you can invoke servletcontext.getserverinfo() method as follows:
string thisserver= getservletconfig().getservletcontext().getserverinfo();
the
if you are using jsp, you can use this expression:
<%= application.getserverinfo() %>
37.what are all the within a jsp page?
answer:
implicit
objects
available
the eight implicit variables available within jsp pages are: request: this represents the request triggering the service invocation and encapsulates the httprequest object; has request scope. response: represents the response to the request and encapsulates the httpresponse object. not used often by page authors; has page scope. pagecontext: encapsulates implementation-dependent features as a pagecontext; has page scope. application: represents the servletcontext obtained from servlet configuration object; has application scope. out: this is an instance of jspwriter that writes into the
14
output stream; has page scope. config: represents the servletconfig object for the jsp; has page scope. page: this acts as a synonym for the “this” operator. not used often by page authors and has page scope. exception: this represents the uncaught throwable object that resulted in the error page being invoked. by default, has page scope.
38.can jsp be multi-threaded?
answer: by default, the service() methods of all jsp pages execute in a multithreaded fashion. each client request is dispatched in a concurrent manner within a separate thread by the servlet engine. thus, it is important to synchronize access to any page shared state in the default scenario. you can make a page "thread-safe" and have it serve client requests in a single-threaded fashion by setting the page tag's isthreadsafe attribute to false:
<%@ page isthreadsafe="false" %>
this causes the generated servlet to implement the singlethreadmodel interface.
39.what is the difference between response.sendredirect and pagecontext.forward?
answer: the response.sendredirect() will direct the browser to go to a new page/url. the new url will appear in the 'location' at the top of the browser page. you must specifiy a full url like http://www.bob.com/start.html. using this requires a round trip to the server with all the attendant delays. a pagecontext.forward() will "jump" to the url specified which may be a relative url like "other.jsp" to indicate it is in the same base location as the current page. the browser location box will show the url of the original page, not the one you redirected to. there is no additional trip back to the browser and then back to the server so time is kept to a minimum.
40.what
is
the
difference
between
servletcontext
15
and pagecontext?
answer: the servletcontext gives information about the container in which the servlet (or jsp) is running in. parameters for this can be setup in the web application deployment descriptor and there is one servletcontext per web application. the pagecontext gives the servlet (or jsp) information about the request that it is currently handling and contains information about the request and any parameters, the session, the response object, a reference to the output stream and also a reference to the web application's servletcontext.
16
part iii: enterprise java beans
41.what is enterprise java beans?
answer: the official sun definition: the enterprise javabeans architecture is a component architecture for the development and deployment of component-based distributed business applications. applications written using the enterprise javabeans architecture are scalable, transactional, and multi-user secure. these applications may be written once, and then deployed on any server platform that supports the enterprise javabeans specification. sun microsystems, enterprise javabeans™specification, v1.1, published 1999 in plain english: enterprise javabeans (ejb) is sun microsystems' specification for a distributed object system similar to corba and microsoft transaction server, but based on the java platform. ejb specifies how developers should build components that can be accessed remotely and how ejb vendors should support those components. ejb components, called enterprise beans, automatically handle transactions, persistence, and authorization security, so that the developer can focus on the business logic.
42.what is an enterprise bean?
answer: an enterprise bean is a server-side component -- defined in the java technology -- which adheres to the enterprise javabeans server-side component model. a server-side component is business object that can be accessed remotely. many server-side component models exist: corba specifies corba objects; microsoft transaction server (mts) defines com/dcom; and ejb specifies enterprise beans. enterprise beans can be developed to represent business concepts like employee, order, travelagent, etc. enterprise beans can be assembled into applications that solve enterprise business problems. ejb has two basic types of enterprise beans: session and entity. depending on the type of enterprise bean used, features like persistence, transactions, security, and multiple concurrent access can be managed automatically.
17
43.what is a session bean?
answer: a session bean is a type of enterprise bean; a type of ejb server-side component. session bean components implement the javax.ejb.sessionbean interface and can be stateless or stateful. stateless session beans are components that perform transient services; stateful session beans are components that are dedicated to one client and act as a server-side extension of that client. session beans can act as agents modeling workflow or provide access to special transient business services. as an agent, a stateful session bean might represent a customer's session at an online shopping site. as a transitive service, a stateless session bean might provide access to validate and process credit card orders. session beans do not normally represent persistent business concepts like employee or order. this is the domain of a different component type called an entity bean.
44.what is a stateful session bean?
answer: a stateful session bean is an enterprise bean (ejb component) that acts as a server-side extension of the client that uses it. the stateful session bean is created by a client and will work for only that client until the client connection is dropped or the bean is explicitly removed. the stateful session bean is ejb component that implements the javax.ejb.sessionbean interface and is deployed with the declarative attribute "stateful". stateful session beans are called "stateful" because they maintain a conversational state with the client. in other words, they have state or instance fields that can be initialized and changed by the client with each method invocation. the bean can use the conversational state as it process business methods invoked by the client. stateful session beans are usually developed to act as agents for the client, managing the interaction of other beans and performing work on behalf of the client application. an example is a shopping cart stateful session bean that tracks a client's product choices and can execute a sale when requested.
45.what is a stateless session bean?
answer: a stateless session bean is an enterprise bean (ejb component) that provides a stateless service to the client. conceptually, the business methods on a stateless session bean are similar to procedural applications
18
or static methods; there is no instance state, so all the data needed to execute the method is provided by the method arguments. the stateless session bean is an ejb component that implements the javax.ejb.sessionbean interface and is deployed with the declarative attribute "stateless". stateless session beans are called "stateless" because they do not maintain conversational state specific to a client session. in other words, the instance fields in a stateless session bean do not maintain data relative to a client session. this makes stateless session beans very lightweight and fast, but also limits their behavior. stateless session beans are usually developed as a set of related and simple services. think of a session bean as a functional api where each business method represents an isolated independent service. an example is a creditservice bean that provides methods for making charges against different types of credit cards (mc, visa, discovery, etc).
46.what is an entity bean?
answer: an entity bean is a type of enterprise bean; a type of ejb server-side component. entity bean components implement the javax.ejb.entitybean interface and can be container-managed (cmp) or bean-managed (bmp). entity beans are designed to represent data in the database; they wrapper data with business object semantics and read and update data automatically. entity beans have identity, where each bean represents a unique set of data. an entity bean of type customer, for example, would have thousands of identities -- one for each customer in the database. entity beans can be safely shared by many clients, so that several applications can access the same bean identity at the concurrently.
47.what is a cmp bean?
answer: a cmp (container managed persistence) bean is an entity bean whose state is synchronized with the database automatically. in other words, the bean developer doesn't need to write any explicit database calls into the bean code; the container will automatically synchronize the persistent fields with the database as dictated by the deployer at deployment time. when a cmp bean is deployed, the deployer uses the ejb tools provided by the vendor to map the persistent fields in the bean to the database. the persistence fields will be a subset of the instance fields, called containermanaged fields, as identified by the bean developer in the deployment descriptor. in the case of a relational database, for example, each persistent field will
19
be associated with a column one table or, in the case of tables. cmp are not limited mapped to object databases, systems.
in a table. a bean may map all its fields to more sophisticated ejb servers, to several to relational database. cmp beans can be files, and other data stores including legacy
with cmp, the bean developer doesn't need to write any database access logic into the bean, but bean is notified by the container when its state is synchronized with the database. the container notifies the bean using the ejbload( ) and ejbstore( ) methods. the ejbload( ) method alerts the bean that its container-managed fields have just been populated with data from the database. this gives the bean an opportunity to do any post processing before the data can be used by the business methods. the ejbstore( ) method alerts the bean that its data is about to be written to the database. this give the bean an opportunity to do any pre-processing to the fields before they are written to the database.
48.what is a bmp bean?
answer: a bmp (bean managed persistence) bean is an entity bean that synchronizes its state with the database manually. in other words, the bean developer must code explicit database calls into the bean itself. bmp provides the bean developer with more flexibility in the how the bean reads and writes its data than a container-managed persistence (cmp) bean. cmp bean is limited to the mapping facilities provided by the ejb vendor, bmp beans are only limited by skill of the bean developer. the ability to code an entity bean's persistence logic explicitly is important when the ejb container's cmp features are insufficient to meet the needs of the entity bean. entity beans that need to synchronize their state with several data sources are excellent candidates for bmp. so are beans that need to access to data sources (possibly legacy systems) that are not supported by cmp. in addition, bmp bean are often employed when a vendors cmp facilities are not sophisticated enough to handle complex object-to-relational mapping. the bmp bean manages its own persistence, but relies on the container to coordinate its reads and writes so that persistence is accomplished in a transactional safe manner. coordination with the container is accomplished through two mechanisms: the persistence callback methods (ejbload( ) and ejbstore( )); and the environment naming context (ejb). the ejbload( ) and ejbstore( ) methods notify a bean that its time to read and write data to the database respectively. in a bmp entity bean the code for reading and writing data to the database is done within these methods. the ejbload( ) is called at the beginning of a transaction, just before any business methods are executed, and the ejbstore( ) is called at
20
the end of a transaction just before its committed. this keeps the bean state in perfect synchronization with transactions being executed, without the bean developer having to explicitly manage the transactional operations. when jdbc is used to for persistence, the environment naming context (enc) is a jndi namespace that provides the bean with access to database connections (among other things). the database connections obtained from the jndi enc are managed by the container, so that they are automatically enrolled in transactions and pooled. (the extent to which this is supported depends largely on the ejb vendor.) the container may also manage other data source apis, but jdbc is standard.
49.what is different in ejb specification 1.1?
answer: the most significant changes are listed below: entity bean support, persistence, is required. both containerand bean-managed
java rmi-iiop argument and reference types must be supported, but any protocol can still be used including iiop, jrmp, http, or a proprietary protocol. in other words, the client api must support the java rmi-iiop programming model for portability, but the underlying protocol can be anything. the javax.ejb.depoyment package has been dropped in favor of a xml based deployment descriptor declarative security authorization (access control) has changed to be more role driven. also the runas declarations have been eliminated. declarative isolation levels are no longer available. isolation levels are now managed explicitly through jdbc (bmp), the database or other vendor specific mechanisms. the bean-container contract as been enhanced to include a default jndi context for accessing properties, resources, (jdbc, jms, etc), and other beans. the basic ejb roles have been expanded and redefined to better separate responsibilities involved in the development, deployment, and hosting of enterprise beans.
50.are javabeans and enterprise java beans same?
answer: enterprise javabeans and javabeans are not the same thing; nor is one an extension of the other. they are both component models, based on java,
21
and created by sun microsystems, but their purpose and packages (base types and interfaces) are completely different. javabeans the original javabeans specification is based on the java.beans package which is a standard package in the jdk. components built on the javabeans specification are intraprocess components that live in one address space and are typically used for graphical user interface (gui) as visual widgets like buttons, tables, html viewers, etc. enterprise javabeans the ejb specification is based on the javax.ejb package, which is a standard extension package. components built on the ejb specification are interprocess components that live in multiple address spaces as distributed object. these components are used as transactional business objects that are accessed as remote objects.
51.what is passivation and activation?
answer: passivation and activation are two phases of a resource management technique that reduces the number of bean instances needed to service all clients. passivation is the process of disassociating a bean instance from its ejb object so that the instance can be reused or evicted to conserve memory. activation is the process of associating a bean instance with an ejb object so that it can service a request. beans are passivated when there is a lull in their use and activated when the ejb object receives a client request. the java.ejb.sessionbean and javax.ejb.entitybean interface include two callback methods that notify a bean instance when it is about to passivated or activated. the ejbpassivate( ) method notifies a bean that it is about to passivated; the ejbactivate( ) method notifies a bean that it is about to activated. the mechanisms employed in passivation and activation change depending on the bean type. stateful beans are usually evicted, while entity beans and stateless beans are pooled.
52.how does passivation work in stateful session bean?
answer: unlike entity beans and stateless session beans, stateful session bean are
22
usually evicted from memory when they are passivated. this is not true of all vendors but this view serves as good model for understanding the concepts of passivation in session beans. when a stateful bean experiences a lull in use -- between client invocations and transactions -- the container may choose to passivate the stateful bean instance. to conserve resources the bean instance is evicted from memory (dereferenced and garbage collected). when the ejb object receives a new client request, a new stateful instance is instantiated and associate with the ejb object to handle the request. stateful beans maintain a conversational state, which must be preserved before the bean instance is evicted from memory. to accomplish this, the container will write the conversational state of the bean instance to a secondary storage (usually disk). only the non-transient serializable instance fields are preserved. when the bean is activated the new instance is populated with the preserved state. references to live resources like the ejbcontext, datasource, jndi enc, and other beans must also be maintained somehow -- usually in memory -- by the container. the javax.ejb.sessionbean interface provides two callback methods that notify the bean instance it is about to passivated or was just activated. the ejbpassivate( ) method notifies the bean instance that it is about have its conversational state written to disk and be evicted from memory. within this method the bean developer can perform operations just prior to passivation like closing open resources. the ejbactivate( ) method is executed just after a new bean instance has been instantiated and populated with conversational state from disk. the bean developer can use the ejbactivate( ) method to perform operations just prior to servicing client request, like opening resources.
53.what makes a java class an enterprise bean?
answer: an enterprise bean is composed of many parts, not just a single class. essentially, an enterprise bean is constructed with a bean class, remote interface, home interface and deployment descriptor. these constituents are discussed below. a bean class is the implementation class of the bean that defines its business, persistence, and passivation logic. the bean class implements either the javax.ejb.entitybean or javax.ejb.sessionbean interface and runs inside the ejb container. instances of the bean class service client request indirectly; instances of the bean class are not visible to the client. the remote interface defines the business methods that will be visible to the client's that use the enterprise bean. the remote interface extends the javax.ejb.ejbobject interface and is implemented by a remote (distributed object) reference. client
23
applications interact with the enterprise bean through its remote interface. the home interface defines the create, delete (remove), and query methods for an enterprise bean type. the home interface extends the javax.ejb.ejbhome interface and is implemented by a remote (distributed object) reference. the client application will use the home interface to create beans, find existing beans, and remove specific beans. the deployment descriptor is used to describe the enterprise bean's runtime behavior to the container. among other things the deployment descriptor allows the transaction, persistence, and authorization security behavior of a bean to be defined using declarative attributes. this greatly simplifies the programming model when developing beans. an enterprise bean represents the sum of all these parts (remote, home, bean class, and deployment descriptor) as one component. an enterprise bean is not an enterprise bean if any one of these parts is missing. a change to anyone of these parts -- changing even one attribute in the deployment descriptor for example -- creates an entirely new enterprise bean.
54.how do we perform i/o from an enterprise bean?
answer:
using the java.io package from within a bean is prohibited. the ejb 1.1 specification, section 18.1.2 (programming restrictions) states the following:
an enterprise bean must not use the java.io package to attempt to access files and directories in the file system. the file system apis are not well-suited for business components to access data. business components should use a resource manager api, such as jdbc api, to store data.
55.can we use threads in an enterprise bean?
answer: no. the thread management is done by the container. as a bean developer we are not allowed to use threads. section 18.1.2 of the ejb 1.1 specification states: the enterprise bean must not attempt to manage threads. the enterprise bean must not attempt to start, stop, suspend, or resume a thread; or to change a thread’s priority or name. the enter-prise bean must not attempt to manage thread groups.
24
these functions are reserved for the ejb container. allowing the enterprise bean to manage threads would decrease the container’s ability to properly manage the runtime environment.
56.why are threads?
answer:
enterprise
beans
not
allowed
to
use
enterprise beans exist inside a container at run time. the container is responsible for managing every aspect of the enterprise bean's life including: transactions, access control, persistence, resource pooling, etc. in order for the container to manage the runtime environment of a bean, it must have complete control over the threads that access and run within a bean. this means that beans can not start or manage their own threads. containers deny enterprise beans the privilege to manage threads for three basic reasons: resource management, security, and thread-sensitive storage. resource management containers manage every aspect of the runtime environment used by enterprise beans including transactions, access control, life cycle, resource connections, vm security, class loading, and threads. this allows the container to conserve as many resources as possible, which is important when there are hundreds of enterprise beans servicing thousands of clients. without strict management of resources like memory and threads, ejb systems might consume to many resources (memory and cycles), which would result in a slow system, a prospect that is untenable in a high-transaction environment. threads started and managed by enterprise beans would not be managed by the container, which would make it difficult to conserve resources. security there is no way for a container system to know in advance that a bean's use of threads is benign. while intentions may be sincere it is possible -probably inevitable -- that developers would create malignant beans that spawn so many threads that the entire system slows down. one bean instance's misuse of threads or the commutative effect of many instances could cause a system slowdown. this is an insurgent denial of service, where the beans themselves sabotage a system's ability to respond to client requests. security is a very good reason for denying bean's the privilege of starting and managing their own threads.
25
thread-specific storage thread-specific storage (tss) is an established and common technique employed by vendors to propagate and track client requests through the container system. it involves associating data with a thread. the data may be information about the client's identity, the transaction context, and other information, which can be accessed by any part of the container without having to pass the data explicitly. this is especially useful when enterprise beans invoke other enterprise beans or access resources, because it provides a convenient and transparent mechanism for transferring information about the who is making the request and under what circumstances. each vendor will use the tss technique differently according to the mechanics of their server. threads started and managed by the enterprise bean explicitly would not have the proper tss -- that would require intimate knowledge and access to the vendors container system. without the right tss the enterprise bean's threads can not operate within the container system properly. this is another reason why bean are not allowed to start and manage their own threads, it would short-circuit the vendor's use of tss.
57.what is an ejb primary key? how implemented when the database doesn't primary key?
answer:
is it have a
a primary key is an object that uniquely identifies the entity bean. according to the specification, the primary key must be unique for each entity bean within a container. hence the bean's primary key usually maps to the pk in the database (provided its persisted to a database). we may need to create a primary key in the database for the sake of referential integrity or because the dbms mandates it. this does not, however, mean we need a primary key in the database. as long as the bean's primary key (which maps to a column or set of columns) can uniquely identify the bean it should work.
58.can enterprise beans use stored procedures in a database?
answer: stored procedures can be used by session beans that access the database using jdbc and bean-managed entity beans that use jdbc to manage their own persistence. jdbc provides a call interface for using stored procedures. an example is provided below:
26
initialcontext cntx = new initialcontext( ); datasource datasource = (datasource) cntx.lookup("java:comp/env/jdbc/mydatabase"); connection con = datasource.getconnection( ); callablestatement storedprocedure = con.preparecall("{? = call someprocedure [(?,?)]}");
59.how is the passivation of entity beans managed?
answer: the passivation of entity beans is managed by the container. to passivate an instance, the container first invokes the ejbstore() method for synchronizing the database with the bean instance, then the container invokes the ejbpassivate() method. it will then return the bean instance back to the pooled state. (every bean has an instance pool.) there are two ways for transitioning an entity bean from the ready to the pooled state, by using the ejbpassivate() or ejbremove() method. the container uses ejbpassivate() to disassociate the bean instance from the entity object identity, and uses ejbremove() to remove the entity object. when the instance is put back into the pool, it is no longer associated with an entity object identity. the container can now assign the instance to any entity object within the same entity bean home. a bean instance in unsetentitycontext(). the pool can be removed by using
60.explain the different transaction attributes and isolation levels with reference to a scenario?
answer: the enterprise javabeans model supports six different transaction rules: tx_bean_managed. the tx_bean_managed setting indicates that the enterprise bean manually manages its own transaction control. ejb supports manual transaction demarcation using the java transaction api. this is very tricky and should not be attempted without a really good reason.
27
tx_not_supported. the tx_not_supported setting indicates that the enterprise bean cannot execute within the context of a transaction. if a client (i.e., whatever called the method-either a remote client or another enterprise bean) has a transaction when it calls the enterprise bean, the container suspends the transaction for the duration of the method call. tx_supports. the tx_supports setting indicates that the enterprise bean can run with or without a transaction context. if a client has a transaction when it calls the enterprise bean, the method will join the client's transaction context. if the client does not have a transaction, the method will run without a transaction. tx_required. the tx_required setting indicates that the enterprise bean must execute within the context of a transaction. if a client has a transaction when it calls the enterprise bean, the method will join the client's transaction context. if the client does not have a transaction, the container automatically starts a new transaction for the method. attributes tx_requires_new. the tx_requires_new setting indicates that the enterprise bean must execute within the context of a new transaction. the container always starts a new transaction for the method. if the client has a transaction when it calls the enterprise bean, the container suspends the client's transaction for the duration of the method call. tx_mandatory. the tx_mandatory setting indicates that the enterprise bean must always execute within the context of the client's transaction. if the client does not have a transaction when it calls the enterprise bean, the container throws the transactionrequired exception and the request fails.
28
part iv: java naming and directory interface
61.?
answer:
29
part v: java message service
62.?
answer:
30
part vi: xml
63.what is xml?
answer: extensible markup language (xml) is the universal language for data on the web. it gives developers the power to deliver structured data from a wide variety of applications to the desktop for local computation and presentation. xml allows the creation of unique data formats for specific applications. it is also an ideal format for server-to-server transfer of structured data.
64.why is it extensible?
answer: xml is extensible, which means that you can define your own set of tags without breaking the existing document structure and make it possible for other parties (people or programs) to know and understand these tags. this makes xml much more flexible than html.
65.what are the key benefits of xml?
answer: xml promises to simplify and lower the cost for data exchange and publishing in a web environment. xml is a text-based syntax that is portable and reusable across different platforms and devices, and can even be understood by humans. an xml document is also flexible and extensible, allowing new tags to be added without breaking an existing document structure. through unicode support, xml also provides global language support.
66.what are the benefits of using java with xml?
answer: the java and xml technologies are complementary; the java technology provides the platform-independent, maintainable code that is needed to process platform-independent xml data. in addition, the java technology offers a substantial productivity boost for software developers compared to programming languages such as c or c++. using xml and java together, developers can build powerful, platform-independent web applications more quickly and at a lower cost.
67.what is a well-formed xml document?
answer: in order for a document to be well-formed, all markup and character data
31
in an xmldocument must adhere to the rules given below. the rules are summarized below: the xml declaration must begin the document. elements that contain data must have both start and end tags. elements that do not contain data and use only a single tag must end with />. the document must contain exactly one element that completely contains all other elements. elements may nest but may not overlap. attribute values must be quoted. the characters <and &may only be used to start tags and entity references respectively. the only entity references which appear are &, <, >, 'and ".
68.what is a valid xml document?
answer: an xml document that follows the dtd defined is a valid document.
69.what are benefits of using xml over html?
answer: there are many benefits to using xml on the web: it delivers data for local computation. data delivered to the desktop is available for local computation. the data can be read by the xml parser, then delivered to a local application such as a browser for further viewing or processing. or the data can be manipulated through script or other programming languages using the xml object model. it gives users an appropriate view of structured data. data delivered to the desktop can be presented in multiple ways. a local data set can be presented in the view that is right for the user, dynamically, based on factors such as user preference and configuration. it enables the integration of structured data from multiple sources. typically, agents will be used to integrate data from backend databases and other applications on a middle-tier server, making this data available for delivery to the desktop or to other servers for further aggregation, processing, and distribution. it describes data from a wide variety of applications. because xml is extensible, it can be used to describe data contained in a
32
wide variety of applications, from describing collections of web pages to data records. because the data is self-describing, data can be received and processed without the need for a built-in description of the data. it improves performance through granular updates. xml enables granular updating. developers do not have to send the entire structured data set each time there is a change. with granular updating, only the changed element must be sent from the server to the client. the changed data can be presented without the need to refresh the entire page or table.
70.where will xml be used on the web?
answer: because xml describes data in a consistent, self-describing, open format, xml could potentially be used anywhere there is a need for data interchange and delivery. microsoft expects that initially xml will be used to describe information about html pages, as is the case today with the channel definition format (cdf) for building active channel™ content, as well as future applications such as searching and distributed printing. more important, because xml can describe data itself, it will be useful for delivering any kind of data — such as financial transactions, news updates, weather information, patient records, and legal libraries — to the desktop. once on the desktop, applications can compute with the data and dynamically present the data.
71.does xml?
answer:
microsoft
internet
explorer
4.0
support
yes, internet explorer 4.0 supports xml. it supports the following features: a generalized xml parser, which reads xml files and hands them off for processing to applications such as viewers. microsoft has two parsers, the microsoft xml parser in c++ (www.microsoft.com/xml/cparser-f.htm), a high-performance, nonvalidating parser written in c++ that ships with internet explorer 4.0, and the microsoft xml parser in java (www.microsoft.com/xml/parser/xmlparse-f.htm), available for download from this site, for use by application developers. the xml object model (xml om) uses the world wide web consortium (w3c) standard document object model (dom) to allow programmatic access to the structured data, through the xml parsers, giving developers the power to interact and compute on the data. for more information on the dom, see
33
http://www.w3.org/dom. the xml data source object (xml dso) allows developers to connect to structured xml data and supply it to the html page using dynamic html’s data binding facility.
72.what is the difference between sgml and xml?
answer: the standard generalized markup language, or sgml (iso 8879), is the international standard for defining descriptions of structure and content in electronic documents. xml is a simplified version of sgml; xml was designed to maintain the most useful parts of sgml. while sgml requires that structured documents reference a document type definition (dtd) to be valid, xml allows for “well-formed” data and can be delivered without a dtd. xml was designed so that sgml can be delivered — as xml — over the web.
73.what is the difference xml, html and dynamic html?
answer: html is used in conjunction with css to format and present hyperlinked pages. dynamic html, through the document object model, makes all elements in html accessible through language-independent scripting and other programming languages, thus dramatically increasing client-side interactivity without additional requests to the server. the page's object model allows any aspect of its content (including additions, deletions, and movement) to be changed dynamically. by adding xml for structured data, developers have the technologies they need to build the next generation of rich, flexible web applications. with xml, they can deliver structured data to the desktop and compute on the data via the xml object model. today developers can display xml-based data in a browser, such as microsoft internet explorer 4.0 and microsoft internet explorer 5.0 beta, or in other applications through scripting. in addition, they can also apply formatting rules to the data without complex scripting using xsl stylesheets, which essentially transform the xml-based data into display. these two methods of displaying xml-based data make it possible to generate multiple views of complex data.
74.will it be necessary to compress xml documents when they are transmitted over web?
answer: in general, the need to compress xml data will be application-dependent
34
and largely a function of the amount of data being moved between the server and the client. xml compresses extremely well because of the repetitive nature of the tags used to describe the structure of the data. benchmarks will be provided in the future to assist with determining whether compression is necessary. it is worth noting that compression is standard to http 1.1 servers and clients, and xml will automatically benefit from this.
75.how secure is xml as a data format? plans to add security to xml?
answer:
are there
xml is as secure as html. just as secure http (https) can be used to add encryption to http, thereby protecting html, it can also be used to protect xml. xml is a text-based format for representing structured data. this maximizes simplicity and interoperability with the data. a number of steps can be taken to add security and authentication to the xml format. first, xml can be encrypted on the server before transmission to the client, then decrypted on the client. xml can also be authenticated by digital signatures applied to the data itself.
76.how will databases?
answer:
xml
be
generated
from
existing
in general, this will be handled using a three-tier architecture. agents will be built to run on the middle tier to access multiple existing dbmss and output xml. these agents will also support the ability to generate xml “updategrams” bidirectionally, to inform the client of changes made to the data on the middle tier or database server, and vice versa. consequently, the agents will be able to receive updategrams from the client and send updates to the dbms.
77.what is a dtd? what is it used for?
answer: the document type definition (dtd) defines the valid syntax of a class of xml documents. that is, it lists a number of element names, which elements can appear in combination with which other ones, what attributes are available for each element type, etc. a dtd uses a different syntax from that used by xml documents.
78.what is pcdata and cdata?
answer: pcdata stands for "parsed character data" and cdata stands for "character
35
data" that contains no mark-up. pcdata is used for entity element content and cdata is used for attributes.
79.what is an xml parser?
answer: an xml parser (also known as an xml processor) reads the document and verifies that the xml it contains is well formed. formed. it may also check that the document is valid, though this test is not required.
80.what are xml schemas? from dtds?
answer:
how are they different
[from the w3c xml activity page at http://www.w3.org/xml/activity.html ] while xml 1.0 supplies a mechanism, the document type definition (dtd), for declaring constraints on the use of markup, automated processing of xml documents requires more rigorous and comprehensive facilities in this area. requirements are for constraints on how the component parts of an application fit togther, the document structure, attributes, datatyping, and so on. the w3c xml schema working group is addressing means for defining the structure, content and semantics of xml documents. in internet explorer 5 beta, microsoft is providing a release of xml schema as a technology preview that may be useful for developers interested in building prototypes and gaining experience with schema. this technology preview is based on the xml-data note submitted to the w3c. xml schema, as implemented in this technology preview, can be thought of as the subset of the xml-data submission that corresponds to the feature set proposed for document content description (dcd) . microsoft is actively involved in defining the emerging w3c xml schema standard and will track this effort. developers should note that the version of xml schema released with internet explorer 5 beta is subject to change.
81.what are namespaces? why are they important?
answer: namespaces are another advanced feature of xml, outlined in a w3c note as part of the xml 1.0 specification. they allow developers to qualify uniquely the element names and relationships and make these names recognizable to avoid name collisions on elements that have the same name but are defined in different vocabularies. they allow tags from multiple name spaces to be mixed, which is essential if data is coming from multiple sources.
36
for example, a bookstore may define the <title> tag to mean the title of a book, contained only within the <book> element. a directory of people, however, might define <title> to indicate a person’s position, for instance: <title>president</title>. namespaces help define this distinction clearly.
82.what is xsl?
answer: the world wide web consortium (w3c) working draft for xsl divides the language into two main parts: transformation and formatting semantics. this release supports the transformation part of the w3c xsl specification . microsoft is tracking the w3c working draft and will be updating this implementation to match the final w3c recommendation. xsl is defined as an xml grammar that consists of a set of xsl elements. this grammar can be used to transform xml documents into html or xml documents. you can use xsl for direct browsing of xml files and from the xml dom. the xml dom transformnode method supports the use of xsl elements to perform transformations. the dom selectnodes and selectsinglenode methods support the xsl pattern-matching syntax that enables sophisticated queries for nodes within a particular context of the overall tree structure.
83.what is xlink and xpointer?
answer: xml linking language (xlink) defines a set of constructs which may be inserted into xml resources to describe links between objects. these constructs use xml syntax to create structures which can describe links starting from simple unidirectional hyperlinks to multi-ended and typed links. xlink can be used to provide a list of links related to a resource and can lead to multiple destinations. xpointer (extended markup language pointer) is a reference to a fragment of a document. xpointer defines the meaning of the identifier portion of the uris that locate the resources of mime media types “text/xml” and “application/xml”. xpointers make selection of parts of documents easy, but all the processing takes place on the client side, and the server sends the files to clients that are used by the client.
84.what are xml vocabularies?
answer: xml vocabularies are the elements used in particular applications or data formats — the definitions of the meanings of those formats. for example,
37
in cdf, element names such as <schedule>, <channel>, and <item> make up the vocabulary for describing collections of pages, when these pages should be downloaded, etc. vocabularies, along with the structural relationships between the elements, are defined in xml dtds today, and soon with xml-data schemas.
38
part vii: java enterprise architecture
i am enclosing the safeway architecture alternative documents. questions that can be asked from this document are: 85.what is mvc design pattern? 86.what is the command design pattern? 87.how would we organize a servlet, jsp based application? would we have one servlet for all the forms or one servlet per form. what are the advantages and disadvantages of each?
39
covers java servlets, java server pages, enterprise java beans, jndi, jms, xml and, enterprise java architecture
1
part i: servlets
1.what is a servlet?
answer: servlets are modules residing on the web servers to provide dynamic content to the clients. servlets are modules that extend request/responseoriented servers, such as java-enabled web servers. servlets have no graphical user interface. servlets are a replacement to the cgi. servlets sits between the clients in the internet and the resources on the server. when a client interacts with the servlet, the servlet receives two objects servletrequest, which contains the communication from the client to the server. servletresponse, which contains the communication from the servlet back to the client. the servlet can read the client requests and data from the servletrequest, process the request by requesting services from the resources on the server and send a response to the client through the servletresponse
2.what are comparable technologies to servlets?
answer: cgi is the comparable technology to the servlets. vendor specific api like isapi (from microsoft for their iis web server) and nsapi (netscape for their netscape enterprise server) are also similar to servlets.
3.what are the advantages of servlets technologies mentioned in question 2?
answer:
over
the
java servlets are portable across web servers and platforms. this is because they are written in a standard api that is supported by all the servlet engines. developing servlets is more productive. the java servlet api is easy to learn and provides all the benefits of the java programming language. servlets provide good performance compared to cgi programming. they are multithreaded i.e multiple client requests can be handled by separate threads within a single process.
4.what is a servlet engine or a servlet container?
answer: servlet engines are “add-ons” to a web server that provides the servlet processing capability. this model provides better levels of scalability because multiple distributed engines can be integrated with one web server. servlet container is a new name that is given to servlet engines as part of the j2ee specification.
2
5.give an example of a servlet engine (a servlet container)?
answer: tomcat from the java apache project is an example of a servlet container. even websphere can act as an engine under iis and many other web servers.
6.how is scalability achieved?
answer: servlets are highly scalable. servlets can forward request for processing. servlets can balance load by forwarding requests to be handled by other servers. servlets can be made lightweight to act as receive requests and transmit response. the processing can be done in other business java objects. the processing is done multithreaded. the processing can be achieved through ejb in the same or another server.
7.what can servlets do?
answer: process user input passed by an html form and return a request. provide a user authentication and security. forward requests from one server to another.
8.what are get and post methods?
answer:
get:
it is the default http method used to request a resource from the server. it is normally used to request static data. the main two disadvantages of this method are that: a limited amount of data can be passed as part of the url & the information passed in the url is visible.
post
it is normally used to pass the user input to the server. it is usually used to request dynamic data. its parameter information is stored in the body of the request rather than the url. the advantage of this method is that :there is no limit to the amount of information passed. and as it is stored in the body of the request, the user info is not visible.
3
9.what is the life cycle of a servlet?
answer: the servlet life cycle is made up of three methods:- init(),service() & destroy() methods. the servlet is loaded only once. the init() is called a single time when the servlet is first loaded. the service() is automatically called by the server in response to the client request. depending upon the type of http request recevied the methods doget() and dopost() are used. the service() method processes the client request by evaluating the servletrequest or httpservletrequest object and responds using servletresponse or httpservletresponse object.
10.what is thread safety?
answer: the servlet writer must ensure that no thread can read a variable while another thread is in the process of changing it. this is done by synchronization :- this in java is a process of locking a variable so that it can be read and modified by only a single thread at a time. the singlethreadmodel interface can be used to ensure that no more than one thread can execute the service() at a time for a particular servlet instance
11.what is a session?
answer: a session is a persistent network connection between two hosts (usually a server and a client) that facilitates the exchange of information. the httpsession involves a virtual connection between a client and the server. a virtual connection associates each request received by the server with the client that issued it. this is accomplishzed by requiring the client to return a piece of state information with each request. the server uses this piece of information (usually a sessionid or
4
userid) to uniquely identify the client and associate the current request with the previous request. these virtual connections are commonly known as sessions. sessions are used to maintain state and client identity across multiple requests. these sessions automatically expire after a period of inactivity.
12.what is httpsession’s lifecycle?
answer: the client requests a resource from the server. the server returns an authentication validation. the client returns a valid password and name. the server returns a valid sessonid that uniquely identifies the client.(sent in a cookie or some other method). this cookie is returned by the client with each request to the server. this begins the httpsession. the client issues many requests to the server which is able to identify the client based on the sessionid passed in the cookie with each request. the client closes the browser without explicitly logging out. after the session time out period which is set ,the server expires the session by deleting the sessionid from the database table.
13.what are sessions?
answer: url rewriting
the
different
methods
of
tracking
the sessionid is embedded in the url path for managing the state of the clients request. each time the client follows a relative url hyperlink within the site, the browser will return the full path info (including the sessionid) to the server. the server can use this session information (from sessionid) to identify the client. advantages:o o for storing the sessionid in the url path no special browser feature is required. this will work even if cookies are disabled.
5
disadvantages:o o o you have to only use a relative path throughout the website. the sessionid is visible in the url path causing security concern. storing the sessionid in the url can frustrate the search engine.
hidden variables: hidden html form variables are commonly used to store state information. when a hidden variable is submitted , the client transmitts the fields name/value pair to the server. session management is implemented by storing sessionid within a hidden variable on every page. disadvantages:o o they only work when the client submits an html form. as hidden variables have to be passed on every page the code becomes cumbersum and the amount of processing is increased. the unique
cookies : it is a simple mechanism used to store and retrieve user-specific information on the web. in addition to the requested resource, the server may choose to return some state information that is stored by a cookie-enabled client. a cookie can be transmitted to the client by adding the set-cookie header to the http response using httpservletresponse objects setheader(). the addcookie() method of the httpservletresponse object allows one or more cookie objects to be added to the response. cookie information can be extracted from the client request using a servlet api method (getcookie() of httpservletrequest). advantages:o o disadvantages:o the user can disable the option of cookies, in which case the cookies won’t work. cookies provide a simple management and security. solution to state
either relative or absolute urls may be used without losing state.
6
o
not all browsers support cookies.
14.what is redirect?
answer: an http redirect is a set of instructions included in the header of an http response that instructs the browser to issue a new request to a new url. also the httpservletresponse method sendredirect(string location) can be used before any data is sent to the output stream.
15.what is requestdispatcher?
answer: included in the servlet api 2.1, the requestdispatcher object allows you to forward requests to or include output from other server resources. the requestdispatcher object essentially serves as a “wrapper” around the server resource in order to provide forwarding and including functionality. it has only two methods:- forward() and include(). the forward() method allows you to forward a request to another servlet(or other server resources). the include() allows you to include the content generated by another servlet( or other server resources).
16.i need to communicate from my servlet to another independent process. can i use the requestdispatcher instead of opening a socket connection?
answer: the requestdispatcher can only send a message to a servlet or jsp running inside the same servlet engine. you either have to open a socket, use native code, or use runtime.exec() to spawn a process on the web server host.
17.what is servlet chaining?
answer: it is the process of passing the output of one servlet to the input of another. the client request is sent to the first servlet in the chain.
7
once the request has been processed by the servlet, it passes its out put to the next servlet in the chain. this continues until the last servlets output is returned to the client. the servlet chain is triggered by: servlet aliasing, mime types, http request.
18.can a servlet be an rmi server?
answer: a servlet can act as a rmi server by implementing the remote interface.
8
part ii: java server pages
19.what is a jsp?
answer: a jsp page is a page created by the web developer that includes jsp specific tags, declarations and possibly scriplets, in combination with other static (html or xml) tags.
20.what is servlet?
the
difference
between
a
jsp
and
a
answer: a jsp is a servlet that thinks it's a web page. both use server-side java to dynamically generate web pages. the source code of a jsp looks like html, with java embedded inside funny tags; the source code of a servlet looks like java, with html embedded in out.print(...) statements. both use the servlet api to communicate with the web server and the client. in fact, a jsp gets compiled into a servlet, so they're almost identical in terms of expressive power. the choice is, whether you're more comfortable coding your pages in java or in jsp-style html; and since you can call a jsp from a servlet and vice versa, you don't have to make an either-or decision.
21.why is jsp presentation?
better
than
servlets
for
answer: jsp's provide a much cleaner way of seperation of presentation from logic. it speeds development with the reusable components and tags embedded in the page.and are simpler to write. jsps are interpreted only once, to java byte-code, and reinterpreted only when the file is modified. jsp specs is built on top of the java servlet api. servlets are supported by almost all major web servers, browsers and tools.
22.what is a jsp container or a jsp engine?
answer: the jsp container (or an engine) compiles the jsp into a servlet.
23.what are comparable technologies to jsps?
answer: there are many template languages like webmacro, freemarker. cold fusion with its many tags also competes with jsp. but the biggest competitor is asp (active server pages).
24.how do you set a cookie in a jsp?
answer: setting cookies from within a jsp page is similar to the way they are done within servlets. the following scriptlet sets a cookie "mycookie" at the client:
9
<% cookie mycookie = new cookie("aname","avalue"); response.addcookie(mycookie); %>
typically, cookies are set at the beginning of a jsp page, as they are sent out as part of the http headers.
25.how do we setup a cookie to expire at a certain time?
answer: we can set the maximum age of a cookie with the setmaxage(int seconds) method:
• • •
a positive value is the maximum number of seconds the cookie will live, before it expires a negative value means the cookie will not be stored beyond this browser session (deleted on browser close) zero means to delete the cookie
26.how is the performance of jsp compared to that of a servlet?
answer: the performance of jsp pages is very close to that of servlets. however,
users may experience a perceptible delay when a jsp page is accessed for the very first time. this is because the jsp page undergoes a "translation phase" wherein it is converted into a servlet by the jsp engine. once this servlet is dynamically compiled and loaded into memory, it follows the servlet life cycle for request processing. here, the jspinit() method is automatically invoked by the jsp engine upon loading the servlet, followed by the _jspservice() method, which is responsible for request processing and replying to the client. do note that the lifetime of this servlet is non-deterministic - it may be removed from memory at any time by the jsp engine for resource-related reasons. when this happens, the jsp engine automatically invokes the jspdestroy() method allowing the servlet to free any previously allocated resources. subsequent client requests to the jsp page do not result in a repeat of the translation phase as long as the servlet is cached in memory, and are directly handled by the servlet's service() method in a concurrent fashion (i.e. the service() method handles each client request within a seperate thread concurrently.)
27.how does jsp handle run-time exceptions?
answer:
you can use the errorpage attribute of the page directive to have
10
uncaught run-time exceptions automatically forwarded to an error processing page. for example: <%@ page errorpage="error.jsp" %> redirects the browser to the jsp page error.jsp if an uncaught exception is encountered during request processing. within error.jsp, if you indicate that it is an error-processing page, via the directive: <%@ page iserrorpage="true" %> the throwable object describing the exception may be accessed within the error page via the exception implicit object.
28.which jsp lifecycle methods can we override?
answer:
we cannot override the _jspservice() method within a jsp page. we can however, override the jspinit() and jspdestroy() methods within a jsp page. jspinit() can be useful for allocating resources like database connections, network connections, and so forth for the jsp page. it is good programming practice to free any allocated resources within jspdestroy().
29.how are jspinit() overriden?
and
jspdestroy()
methods
answer: the jspinit() and jspdestroy() methods are each executed just once during the lifecycle of a jsp page and are typically declared as jsp declarations:
<%! public void jspinit() { . . . } %> <%! public void jspdestroy() { . . . } %>
30.how are comments written in a jsp page?
answer: we can use "jsp-style" comments to selectively block out code while debugging or simply to comment your scriptlets. jsp comments are not
11
visible at the client. for example:
<%-- the scriptlet is now commented out <% out.println("hello world"); %> --%>
we can also use html-style comments anywhere within your jsp page. these comments are visible at the client. for example:
<!-- (c)2000 syntel india-->
we can also use comments supported by your jsp scripting language within your scriptlets. for example, assuming java is the scripting language, we can have:
<% //some comment /** yet another comment **/ %>
31.how do we perform browser redirection from a jsp page?
answer: we can use the response implicit object to redirect the browser to a different resource, as:
response.sendredirect("http://www.foo.com/path/error.html");
we can also physically alter the location http header attribute, as shown below:
<% response.setstatus(httpservletresponse.sc_moved_permanently); string newlocn = "/newpath/index.html"; response.setheader("location",newlocn);
12
%>
32.how do we prevent the output of a jsp from being cached by a browser?
answer: we will need to set the appropriate http header attributes to prevent the dynamic content output by the jsp page from being cached by the browser. the following scriptlet at the beginning of the jsp pages prevents the output from being cached at the browser. all the statements are needed to take care of some of the older browser versions.
<% response.setheader("cache-control","no-store"); //http 1.1 response.setheader("pragma","no-cache"); //http 1.0 response.setdateheader ("expires", 0); //prevents caching at the proxy server %>
33.what is the difference between <%@ include file="abc.jsp" %> and <jsp:include page="abc.jsp" %> ?
answer: the <%@include file="abc.jsp"%> directive acts like c "#include", pulling in the text of the included file and compiling it as if it were part of the including file. the included file can be any type (including html or text). the <jsp:include page="abc.jsp"> tag compiles the file as a separate jsp file, and embeds a call to it in the compiled jsp.
34.how can we customize the html generated by the jsp file based upon what browser the user is using?
answer:
<%@ page import="javax.servlet.*" %> <% string browsertype = request.getheader("user-agent"); string browser = ""; if ((browsertype.indexof("msie") != -1) || (browsertype.indexof("msie") != -1)) { browser = "explorer"; } else { browser = "navigator"; }
13
%> your browser is <%= browser%><br>
35.how can we access the same javabean instance from different jsp files?
answer: assuming the jsp files are on the same server and using the same servletcontext, just use application scope for the bean component.
<jsp:usebean id="localname" class="counter" scope="application" />
36.how can we determine the name and version number of the servlet or jsp engine that we are using?
answer: from within a servlet, you can invoke servletcontext.getserverinfo() method as follows:
string thisserver= getservletconfig().getservletcontext().getserverinfo();
the
if you are using jsp, you can use this expression:
<%= application.getserverinfo() %>
37.what are all the within a jsp page?
answer:
implicit
objects
available
the eight implicit variables available within jsp pages are: request: this represents the request triggering the service invocation and encapsulates the httprequest object; has request scope. response: represents the response to the request and encapsulates the httpresponse object. not used often by page authors; has page scope. pagecontext: encapsulates implementation-dependent features as a pagecontext; has page scope. application: represents the servletcontext obtained from servlet configuration object; has application scope. out: this is an instance of jspwriter that writes into the
14
output stream; has page scope. config: represents the servletconfig object for the jsp; has page scope. page: this acts as a synonym for the “this” operator. not used often by page authors and has page scope. exception: this represents the uncaught throwable object that resulted in the error page being invoked. by default, has page scope.
38.can jsp be multi-threaded?
answer: by default, the service() methods of all jsp pages execute in a multithreaded fashion. each client request is dispatched in a concurrent manner within a separate thread by the servlet engine. thus, it is important to synchronize access to any page shared state in the default scenario. you can make a page "thread-safe" and have it serve client requests in a single-threaded fashion by setting the page tag's isthreadsafe attribute to false:
<%@ page isthreadsafe="false" %>
this causes the generated servlet to implement the singlethreadmodel interface.
39.what is the difference between response.sendredirect and pagecontext.forward?
answer: the response.sendredirect() will direct the browser to go to a new page/url. the new url will appear in the 'location' at the top of the browser page. you must specifiy a full url like http://www.bob.com/start.html. using this requires a round trip to the server with all the attendant delays. a pagecontext.forward() will "jump" to the url specified which may be a relative url like "other.jsp" to indicate it is in the same base location as the current page. the browser location box will show the url of the original page, not the one you redirected to. there is no additional trip back to the browser and then back to the server so time is kept to a minimum.
40.what
is
the
difference
between
servletcontext
15
and pagecontext?
answer: the servletcontext gives information about the container in which the servlet (or jsp) is running in. parameters for this can be setup in the web application deployment descriptor and there is one servletcontext per web application. the pagecontext gives the servlet (or jsp) information about the request that it is currently handling and contains information about the request and any parameters, the session, the response object, a reference to the output stream and also a reference to the web application's servletcontext.
16
part iii: enterprise java beans
41.what is enterprise java beans?
answer: the official sun definition: the enterprise javabeans architecture is a component architecture for the development and deployment of component-based distributed business applications. applications written using the enterprise javabeans architecture are scalable, transactional, and multi-user secure. these applications may be written once, and then deployed on any server platform that supports the enterprise javabeans specification. sun microsystems, enterprise javabeans™specification, v1.1, published 1999 in plain english: enterprise javabeans (ejb) is sun microsystems' specification for a distributed object system similar to corba and microsoft transaction server, but based on the java platform. ejb specifies how developers should build components that can be accessed remotely and how ejb vendors should support those components. ejb components, called enterprise beans, automatically handle transactions, persistence, and authorization security, so that the developer can focus on the business logic.
42.what is an enterprise bean?
answer: an enterprise bean is a server-side component -- defined in the java technology -- which adheres to the enterprise javabeans server-side component model. a server-side component is business object that can be accessed remotely. many server-side component models exist: corba specifies corba objects; microsoft transaction server (mts) defines com/dcom; and ejb specifies enterprise beans. enterprise beans can be developed to represent business concepts like employee, order, travelagent, etc. enterprise beans can be assembled into applications that solve enterprise business problems. ejb has two basic types of enterprise beans: session and entity. depending on the type of enterprise bean used, features like persistence, transactions, security, and multiple concurrent access can be managed automatically.
17
43.what is a session bean?
answer: a session bean is a type of enterprise bean; a type of ejb server-side component. session bean components implement the javax.ejb.sessionbean interface and can be stateless or stateful. stateless session beans are components that perform transient services; stateful session beans are components that are dedicated to one client and act as a server-side extension of that client. session beans can act as agents modeling workflow or provide access to special transient business services. as an agent, a stateful session bean might represent a customer's session at an online shopping site. as a transitive service, a stateless session bean might provide access to validate and process credit card orders. session beans do not normally represent persistent business concepts like employee or order. this is the domain of a different component type called an entity bean.
44.what is a stateful session bean?
answer: a stateful session bean is an enterprise bean (ejb component) that acts as a server-side extension of the client that uses it. the stateful session bean is created by a client and will work for only that client until the client connection is dropped or the bean is explicitly removed. the stateful session bean is ejb component that implements the javax.ejb.sessionbean interface and is deployed with the declarative attribute "stateful". stateful session beans are called "stateful" because they maintain a conversational state with the client. in other words, they have state or instance fields that can be initialized and changed by the client with each method invocation. the bean can use the conversational state as it process business methods invoked by the client. stateful session beans are usually developed to act as agents for the client, managing the interaction of other beans and performing work on behalf of the client application. an example is a shopping cart stateful session bean that tracks a client's product choices and can execute a sale when requested.
45.what is a stateless session bean?
answer: a stateless session bean is an enterprise bean (ejb component) that provides a stateless service to the client. conceptually, the business methods on a stateless session bean are similar to procedural applications
18
or static methods; there is no instance state, so all the data needed to execute the method is provided by the method arguments. the stateless session bean is an ejb component that implements the javax.ejb.sessionbean interface and is deployed with the declarative attribute "stateless". stateless session beans are called "stateless" because they do not maintain conversational state specific to a client session. in other words, the instance fields in a stateless session bean do not maintain data relative to a client session. this makes stateless session beans very lightweight and fast, but also limits their behavior. stateless session beans are usually developed as a set of related and simple services. think of a session bean as a functional api where each business method represents an isolated independent service. an example is a creditservice bean that provides methods for making charges against different types of credit cards (mc, visa, discovery, etc).
46.what is an entity bean?
answer: an entity bean is a type of enterprise bean; a type of ejb server-side component. entity bean components implement the javax.ejb.entitybean interface and can be container-managed (cmp) or bean-managed (bmp). entity beans are designed to represent data in the database; they wrapper data with business object semantics and read and update data automatically. entity beans have identity, where each bean represents a unique set of data. an entity bean of type customer, for example, would have thousands of identities -- one for each customer in the database. entity beans can be safely shared by many clients, so that several applications can access the same bean identity at the concurrently.
47.what is a cmp bean?
answer: a cmp (container managed persistence) bean is an entity bean whose state is synchronized with the database automatically. in other words, the bean developer doesn't need to write any explicit database calls into the bean code; the container will automatically synchronize the persistent fields with the database as dictated by the deployer at deployment time. when a cmp bean is deployed, the deployer uses the ejb tools provided by the vendor to map the persistent fields in the bean to the database. the persistence fields will be a subset of the instance fields, called containermanaged fields, as identified by the bean developer in the deployment descriptor. in the case of a relational database, for example, each persistent field will
19
be associated with a column one table or, in the case of tables. cmp are not limited mapped to object databases, systems.
in a table. a bean may map all its fields to more sophisticated ejb servers, to several to relational database. cmp beans can be files, and other data stores including legacy
with cmp, the bean developer doesn't need to write any database access logic into the bean, but bean is notified by the container when its state is synchronized with the database. the container notifies the bean using the ejbload( ) and ejbstore( ) methods. the ejbload( ) method alerts the bean that its container-managed fields have just been populated with data from the database. this gives the bean an opportunity to do any post processing before the data can be used by the business methods. the ejbstore( ) method alerts the bean that its data is about to be written to the database. this give the bean an opportunity to do any pre-processing to the fields before they are written to the database.
48.what is a bmp bean?
answer: a bmp (bean managed persistence) bean is an entity bean that synchronizes its state with the database manually. in other words, the bean developer must code explicit database calls into the bean itself. bmp provides the bean developer with more flexibility in the how the bean reads and writes its data than a container-managed persistence (cmp) bean. cmp bean is limited to the mapping facilities provided by the ejb vendor, bmp beans are only limited by skill of the bean developer. the ability to code an entity bean's persistence logic explicitly is important when the ejb container's cmp features are insufficient to meet the needs of the entity bean. entity beans that need to synchronize their state with several data sources are excellent candidates for bmp. so are beans that need to access to data sources (possibly legacy systems) that are not supported by cmp. in addition, bmp bean are often employed when a vendors cmp facilities are not sophisticated enough to handle complex object-to-relational mapping. the bmp bean manages its own persistence, but relies on the container to coordinate its reads and writes so that persistence is accomplished in a transactional safe manner. coordination with the container is accomplished through two mechanisms: the persistence callback methods (ejbload( ) and ejbstore( )); and the environment naming context (ejb). the ejbload( ) and ejbstore( ) methods notify a bean that its time to read and write data to the database respectively. in a bmp entity bean the code for reading and writing data to the database is done within these methods. the ejbload( ) is called at the beginning of a transaction, just before any business methods are executed, and the ejbstore( ) is called at
20
the end of a transaction just before its committed. this keeps the bean state in perfect synchronization with transactions being executed, without the bean developer having to explicitly manage the transactional operations. when jdbc is used to for persistence, the environment naming context (enc) is a jndi namespace that provides the bean with access to database connections (among other things). the database connections obtained from the jndi enc are managed by the container, so that they are automatically enrolled in transactions and pooled. (the extent to which this is supported depends largely on the ejb vendor.) the container may also manage other data source apis, but jdbc is standard.
49.what is different in ejb specification 1.1?
answer: the most significant changes are listed below: entity bean support, persistence, is required. both containerand bean-managed
java rmi-iiop argument and reference types must be supported, but any protocol can still be used including iiop, jrmp, http, or a proprietary protocol. in other words, the client api must support the java rmi-iiop programming model for portability, but the underlying protocol can be anything. the javax.ejb.depoyment package has been dropped in favor of a xml based deployment descriptor declarative security authorization (access control) has changed to be more role driven. also the runas declarations have been eliminated. declarative isolation levels are no longer available. isolation levels are now managed explicitly through jdbc (bmp), the database or other vendor specific mechanisms. the bean-container contract as been enhanced to include a default jndi context for accessing properties, resources, (jdbc, jms, etc), and other beans. the basic ejb roles have been expanded and redefined to better separate responsibilities involved in the development, deployment, and hosting of enterprise beans.
50.are javabeans and enterprise java beans same?
answer: enterprise javabeans and javabeans are not the same thing; nor is one an extension of the other. they are both component models, based on java,
21
and created by sun microsystems, but their purpose and packages (base types and interfaces) are completely different. javabeans the original javabeans specification is based on the java.beans package which is a standard package in the jdk. components built on the javabeans specification are intraprocess components that live in one address space and are typically used for graphical user interface (gui) as visual widgets like buttons, tables, html viewers, etc. enterprise javabeans the ejb specification is based on the javax.ejb package, which is a standard extension package. components built on the ejb specification are interprocess components that live in multiple address spaces as distributed object. these components are used as transactional business objects that are accessed as remote objects.
51.what is passivation and activation?
answer: passivation and activation are two phases of a resource management technique that reduces the number of bean instances needed to service all clients. passivation is the process of disassociating a bean instance from its ejb object so that the instance can be reused or evicted to conserve memory. activation is the process of associating a bean instance with an ejb object so that it can service a request. beans are passivated when there is a lull in their use and activated when the ejb object receives a client request. the java.ejb.sessionbean and javax.ejb.entitybean interface include two callback methods that notify a bean instance when it is about to passivated or activated. the ejbpassivate( ) method notifies a bean that it is about to passivated; the ejbactivate( ) method notifies a bean that it is about to activated. the mechanisms employed in passivation and activation change depending on the bean type. stateful beans are usually evicted, while entity beans and stateless beans are pooled.
52.how does passivation work in stateful session bean?
answer: unlike entity beans and stateless session beans, stateful session bean are
22
usually evicted from memory when they are passivated. this is not true of all vendors but this view serves as good model for understanding the concepts of passivation in session beans. when a stateful bean experiences a lull in use -- between client invocations and transactions -- the container may choose to passivate the stateful bean instance. to conserve resources the bean instance is evicted from memory (dereferenced and garbage collected). when the ejb object receives a new client request, a new stateful instance is instantiated and associate with the ejb object to handle the request. stateful beans maintain a conversational state, which must be preserved before the bean instance is evicted from memory. to accomplish this, the container will write the conversational state of the bean instance to a secondary storage (usually disk). only the non-transient serializable instance fields are preserved. when the bean is activated the new instance is populated with the preserved state. references to live resources like the ejbcontext, datasource, jndi enc, and other beans must also be maintained somehow -- usually in memory -- by the container. the javax.ejb.sessionbean interface provides two callback methods that notify the bean instance it is about to passivated or was just activated. the ejbpassivate( ) method notifies the bean instance that it is about have its conversational state written to disk and be evicted from memory. within this method the bean developer can perform operations just prior to passivation like closing open resources. the ejbactivate( ) method is executed just after a new bean instance has been instantiated and populated with conversational state from disk. the bean developer can use the ejbactivate( ) method to perform operations just prior to servicing client request, like opening resources.
53.what makes a java class an enterprise bean?
answer: an enterprise bean is composed of many parts, not just a single class. essentially, an enterprise bean is constructed with a bean class, remote interface, home interface and deployment descriptor. these constituents are discussed below. a bean class is the implementation class of the bean that defines its business, persistence, and passivation logic. the bean class implements either the javax.ejb.entitybean or javax.ejb.sessionbean interface and runs inside the ejb container. instances of the bean class service client request indirectly; instances of the bean class are not visible to the client. the remote interface defines the business methods that will be visible to the client's that use the enterprise bean. the remote interface extends the javax.ejb.ejbobject interface and is implemented by a remote (distributed object) reference. client
23
applications interact with the enterprise bean through its remote interface. the home interface defines the create, delete (remove), and query methods for an enterprise bean type. the home interface extends the javax.ejb.ejbhome interface and is implemented by a remote (distributed object) reference. the client application will use the home interface to create beans, find existing beans, and remove specific beans. the deployment descriptor is used to describe the enterprise bean's runtime behavior to the container. among other things the deployment descriptor allows the transaction, persistence, and authorization security behavior of a bean to be defined using declarative attributes. this greatly simplifies the programming model when developing beans. an enterprise bean represents the sum of all these parts (remote, home, bean class, and deployment descriptor) as one component. an enterprise bean is not an enterprise bean if any one of these parts is missing. a change to anyone of these parts -- changing even one attribute in the deployment descriptor for example -- creates an entirely new enterprise bean.
54.how do we perform i/o from an enterprise bean?
answer:
using the java.io package from within a bean is prohibited. the ejb 1.1 specification, section 18.1.2 (programming restrictions) states the following:
an enterprise bean must not use the java.io package to attempt to access files and directories in the file system. the file system apis are not well-suited for business components to access data. business components should use a resource manager api, such as jdbc api, to store data.
55.can we use threads in an enterprise bean?
answer: no. the thread management is done by the container. as a bean developer we are not allowed to use threads. section 18.1.2 of the ejb 1.1 specification states: the enterprise bean must not attempt to manage threads. the enterprise bean must not attempt to start, stop, suspend, or resume a thread; or to change a thread’s priority or name. the enter-prise bean must not attempt to manage thread groups.
24
these functions are reserved for the ejb container. allowing the enterprise bean to manage threads would decrease the container’s ability to properly manage the runtime environment.
56.why are threads?
answer:
enterprise
beans
not
allowed
to
use
enterprise beans exist inside a container at run time. the container is responsible for managing every aspect of the enterprise bean's life including: transactions, access control, persistence, resource pooling, etc. in order for the container to manage the runtime environment of a bean, it must have complete control over the threads that access and run within a bean. this means that beans can not start or manage their own threads. containers deny enterprise beans the privilege to manage threads for three basic reasons: resource management, security, and thread-sensitive storage. resource management containers manage every aspect of the runtime environment used by enterprise beans including transactions, access control, life cycle, resource connections, vm security, class loading, and threads. this allows the container to conserve as many resources as possible, which is important when there are hundreds of enterprise beans servicing thousands of clients. without strict management of resources like memory and threads, ejb systems might consume to many resources (memory and cycles), which would result in a slow system, a prospect that is untenable in a high-transaction environment. threads started and managed by enterprise beans would not be managed by the container, which would make it difficult to conserve resources. security there is no way for a container system to know in advance that a bean's use of threads is benign. while intentions may be sincere it is possible -probably inevitable -- that developers would create malignant beans that spawn so many threads that the entire system slows down. one bean instance's misuse of threads or the commutative effect of many instances could cause a system slowdown. this is an insurgent denial of service, where the beans themselves sabotage a system's ability to respond to client requests. security is a very good reason for denying bean's the privilege of starting and managing their own threads.
25
thread-specific storage thread-specific storage (tss) is an established and common technique employed by vendors to propagate and track client requests through the container system. it involves associating data with a thread. the data may be information about the client's identity, the transaction context, and other information, which can be accessed by any part of the container without having to pass the data explicitly. this is especially useful when enterprise beans invoke other enterprise beans or access resources, because it provides a convenient and transparent mechanism for transferring information about the who is making the request and under what circumstances. each vendor will use the tss technique differently according to the mechanics of their server. threads started and managed by the enterprise bean explicitly would not have the proper tss -- that would require intimate knowledge and access to the vendors container system. without the right tss the enterprise bean's threads can not operate within the container system properly. this is another reason why bean are not allowed to start and manage their own threads, it would short-circuit the vendor's use of tss.
57.what is an ejb primary key? how implemented when the database doesn't primary key?
answer:
is it have a
a primary key is an object that uniquely identifies the entity bean. according to the specification, the primary key must be unique for each entity bean within a container. hence the bean's primary key usually maps to the pk in the database (provided its persisted to a database). we may need to create a primary key in the database for the sake of referential integrity or because the dbms mandates it. this does not, however, mean we need a primary key in the database. as long as the bean's primary key (which maps to a column or set of columns) can uniquely identify the bean it should work.
58.can enterprise beans use stored procedures in a database?
answer: stored procedures can be used by session beans that access the database using jdbc and bean-managed entity beans that use jdbc to manage their own persistence. jdbc provides a call interface for using stored procedures. an example is provided below:
26
initialcontext cntx = new initialcontext( ); datasource datasource = (datasource) cntx.lookup("java:comp/env/jdbc/mydatabase"); connection con = datasource.getconnection( ); callablestatement storedprocedure = con.preparecall("{? = call someprocedure [(?,?)]}");
59.how is the passivation of entity beans managed?
answer: the passivation of entity beans is managed by the container. to passivate an instance, the container first invokes the ejbstore() method for synchronizing the database with the bean instance, then the container invokes the ejbpassivate() method. it will then return the bean instance back to the pooled state. (every bean has an instance pool.) there are two ways for transitioning an entity bean from the ready to the pooled state, by using the ejbpassivate() or ejbremove() method. the container uses ejbpassivate() to disassociate the bean instance from the entity object identity, and uses ejbremove() to remove the entity object. when the instance is put back into the pool, it is no longer associated with an entity object identity. the container can now assign the instance to any entity object within the same entity bean home. a bean instance in unsetentitycontext(). the pool can be removed by using
60.explain the different transaction attributes and isolation levels with reference to a scenario?
answer: the enterprise javabeans model supports six different transaction rules: tx_bean_managed. the tx_bean_managed setting indicates that the enterprise bean manually manages its own transaction control. ejb supports manual transaction demarcation using the java transaction api. this is very tricky and should not be attempted without a really good reason.
27
tx_not_supported. the tx_not_supported setting indicates that the enterprise bean cannot execute within the context of a transaction. if a client (i.e., whatever called the method-either a remote client or another enterprise bean) has a transaction when it calls the enterprise bean, the container suspends the transaction for the duration of the method call. tx_supports. the tx_supports setting indicates that the enterprise bean can run with or without a transaction context. if a client has a transaction when it calls the enterprise bean, the method will join the client's transaction context. if the client does not have a transaction, the method will run without a transaction. tx_required. the tx_required setting indicates that the enterprise bean must execute within the context of a transaction. if a client has a transaction when it calls the enterprise bean, the method will join the client's transaction context. if the client does not have a transaction, the container automatically starts a new transaction for the method. attributes tx_requires_new. the tx_requires_new setting indicates that the enterprise bean must execute within the context of a new transaction. the container always starts a new transaction for the method. if the client has a transaction when it calls the enterprise bean, the container suspends the client's transaction for the duration of the method call. tx_mandatory. the tx_mandatory setting indicates that the enterprise bean must always execute within the context of the client's transaction. if the client does not have a transaction when it calls the enterprise bean, the container throws the transactionrequired exception and the request fails.
28
part iv: java naming and directory interface
61.?
answer:
29
part v: java message service
62.?
answer:
30
part vi: xml
63.what is xml?
answer: extensible markup language (xml) is the universal language for data on the web. it gives developers the power to deliver structured data from a wide variety of applications to the desktop for local computation and presentation. xml allows the creation of unique data formats for specific applications. it is also an ideal format for server-to-server transfer of structured data.
64.why is it extensible?
answer: xml is extensible, which means that you can define your own set of tags without breaking the existing document structure and make it possible for other parties (people or programs) to know and understand these tags. this makes xml much more flexible than html.
65.what are the key benefits of xml?
answer: xml promises to simplify and lower the cost for data exchange and publishing in a web environment. xml is a text-based syntax that is portable and reusable across different platforms and devices, and can even be understood by humans. an xml document is also flexible and extensible, allowing new tags to be added without breaking an existing document structure. through unicode support, xml also provides global language support.
66.what are the benefits of using java with xml?
answer: the java and xml technologies are complementary; the java technology provides the platform-independent, maintainable code that is needed to process platform-independent xml data. in addition, the java technology offers a substantial productivity boost for software developers compared to programming languages such as c or c++. using xml and java together, developers can build powerful, platform-independent web applications more quickly and at a lower cost.
67.what is a well-formed xml document?
answer: in order for a document to be well-formed, all markup and character data
31
in an xmldocument must adhere to the rules given below. the rules are summarized below: the xml declaration must begin the document. elements that contain data must have both start and end tags. elements that do not contain data and use only a single tag must end with />. the document must contain exactly one element that completely contains all other elements. elements may nest but may not overlap. attribute values must be quoted. the characters <and &may only be used to start tags and entity references respectively. the only entity references which appear are &, <, >, 'and ".
68.what is a valid xml document?
answer: an xml document that follows the dtd defined is a valid document.
69.what are benefits of using xml over html?
answer: there are many benefits to using xml on the web: it delivers data for local computation. data delivered to the desktop is available for local computation. the data can be read by the xml parser, then delivered to a local application such as a browser for further viewing or processing. or the data can be manipulated through script or other programming languages using the xml object model. it gives users an appropriate view of structured data. data delivered to the desktop can be presented in multiple ways. a local data set can be presented in the view that is right for the user, dynamically, based on factors such as user preference and configuration. it enables the integration of structured data from multiple sources. typically, agents will be used to integrate data from backend databases and other applications on a middle-tier server, making this data available for delivery to the desktop or to other servers for further aggregation, processing, and distribution. it describes data from a wide variety of applications. because xml is extensible, it can be used to describe data contained in a
32
wide variety of applications, from describing collections of web pages to data records. because the data is self-describing, data can be received and processed without the need for a built-in description of the data. it improves performance through granular updates. xml enables granular updating. developers do not have to send the entire structured data set each time there is a change. with granular updating, only the changed element must be sent from the server to the client. the changed data can be presented without the need to refresh the entire page or table.
70.where will xml be used on the web?
answer: because xml describes data in a consistent, self-describing, open format, xml could potentially be used anywhere there is a need for data interchange and delivery. microsoft expects that initially xml will be used to describe information about html pages, as is the case today with the channel definition format (cdf) for building active channel™ content, as well as future applications such as searching and distributed printing. more important, because xml can describe data itself, it will be useful for delivering any kind of data — such as financial transactions, news updates, weather information, patient records, and legal libraries — to the desktop. once on the desktop, applications can compute with the data and dynamically present the data.
71.does xml?
answer:
microsoft
internet
explorer
4.0
support
yes, internet explorer 4.0 supports xml. it supports the following features: a generalized xml parser, which reads xml files and hands them off for processing to applications such as viewers. microsoft has two parsers, the microsoft xml parser in c++ (www.microsoft.com/xml/cparser-f.htm), a high-performance, nonvalidating parser written in c++ that ships with internet explorer 4.0, and the microsoft xml parser in java (www.microsoft.com/xml/parser/xmlparse-f.htm), available for download from this site, for use by application developers. the xml object model (xml om) uses the world wide web consortium (w3c) standard document object model (dom) to allow programmatic access to the structured data, through the xml parsers, giving developers the power to interact and compute on the data. for more information on the dom, see
33
http://www.w3.org/dom. the xml data source object (xml dso) allows developers to connect to structured xml data and supply it to the html page using dynamic html’s data binding facility.
72.what is the difference between sgml and xml?
answer: the standard generalized markup language, or sgml (iso 8879), is the international standard for defining descriptions of structure and content in electronic documents. xml is a simplified version of sgml; xml was designed to maintain the most useful parts of sgml. while sgml requires that structured documents reference a document type definition (dtd) to be valid, xml allows for “well-formed” data and can be delivered without a dtd. xml was designed so that sgml can be delivered — as xml — over the web.
73.what is the difference xml, html and dynamic html?
answer: html is used in conjunction with css to format and present hyperlinked pages. dynamic html, through the document object model, makes all elements in html accessible through language-independent scripting and other programming languages, thus dramatically increasing client-side interactivity without additional requests to the server. the page's object model allows any aspect of its content (including additions, deletions, and movement) to be changed dynamically. by adding xml for structured data, developers have the technologies they need to build the next generation of rich, flexible web applications. with xml, they can deliver structured data to the desktop and compute on the data via the xml object model. today developers can display xml-based data in a browser, such as microsoft internet explorer 4.0 and microsoft internet explorer 5.0 beta, or in other applications through scripting. in addition, they can also apply formatting rules to the data without complex scripting using xsl stylesheets, which essentially transform the xml-based data into display. these two methods of displaying xml-based data make it possible to generate multiple views of complex data.
74.will it be necessary to compress xml documents when they are transmitted over web?
answer: in general, the need to compress xml data will be application-dependent
34
and largely a function of the amount of data being moved between the server and the client. xml compresses extremely well because of the repetitive nature of the tags used to describe the structure of the data. benchmarks will be provided in the future to assist with determining whether compression is necessary. it is worth noting that compression is standard to http 1.1 servers and clients, and xml will automatically benefit from this.
75.how secure is xml as a data format? plans to add security to xml?
answer:
are there
xml is as secure as html. just as secure http (https) can be used to add encryption to http, thereby protecting html, it can also be used to protect xml. xml is a text-based format for representing structured data. this maximizes simplicity and interoperability with the data. a number of steps can be taken to add security and authentication to the xml format. first, xml can be encrypted on the server before transmission to the client, then decrypted on the client. xml can also be authenticated by digital signatures applied to the data itself.
76.how will databases?
answer:
xml
be
generated
from
existing
in general, this will be handled using a three-tier architecture. agents will be built to run on the middle tier to access multiple existing dbmss and output xml. these agents will also support the ability to generate xml “updategrams” bidirectionally, to inform the client of changes made to the data on the middle tier or database server, and vice versa. consequently, the agents will be able to receive updategrams from the client and send updates to the dbms.
77.what is a dtd? what is it used for?
answer: the document type definition (dtd) defines the valid syntax of a class of xml documents. that is, it lists a number of element names, which elements can appear in combination with which other ones, what attributes are available for each element type, etc. a dtd uses a different syntax from that used by xml documents.
78.what is pcdata and cdata?
answer: pcdata stands for "parsed character data" and cdata stands for "character
35
data" that contains no mark-up. pcdata is used for entity element content and cdata is used for attributes.
79.what is an xml parser?
answer: an xml parser (also known as an xml processor) reads the document and verifies that the xml it contains is well formed. formed. it may also check that the document is valid, though this test is not required.
80.what are xml schemas? from dtds?
answer:
how are they different
[from the w3c xml activity page at http://www.w3.org/xml/activity.html ] while xml 1.0 supplies a mechanism, the document type definition (dtd), for declaring constraints on the use of markup, automated processing of xml documents requires more rigorous and comprehensive facilities in this area. requirements are for constraints on how the component parts of an application fit togther, the document structure, attributes, datatyping, and so on. the w3c xml schema working group is addressing means for defining the structure, content and semantics of xml documents. in internet explorer 5 beta, microsoft is providing a release of xml schema as a technology preview that may be useful for developers interested in building prototypes and gaining experience with schema. this technology preview is based on the xml-data note submitted to the w3c. xml schema, as implemented in this technology preview, can be thought of as the subset of the xml-data submission that corresponds to the feature set proposed for document content description (dcd) . microsoft is actively involved in defining the emerging w3c xml schema standard and will track this effort. developers should note that the version of xml schema released with internet explorer 5 beta is subject to change.
81.what are namespaces? why are they important?
answer: namespaces are another advanced feature of xml, outlined in a w3c note as part of the xml 1.0 specification. they allow developers to qualify uniquely the element names and relationships and make these names recognizable to avoid name collisions on elements that have the same name but are defined in different vocabularies. they allow tags from multiple name spaces to be mixed, which is essential if data is coming from multiple sources.
36
for example, a bookstore may define the <title> tag to mean the title of a book, contained only within the <book> element. a directory of people, however, might define <title> to indicate a person’s position, for instance: <title>president</title>. namespaces help define this distinction clearly.
82.what is xsl?
answer: the world wide web consortium (w3c) working draft for xsl divides the language into two main parts: transformation and formatting semantics. this release supports the transformation part of the w3c xsl specification . microsoft is tracking the w3c working draft and will be updating this implementation to match the final w3c recommendation. xsl is defined as an xml grammar that consists of a set of xsl elements. this grammar can be used to transform xml documents into html or xml documents. you can use xsl for direct browsing of xml files and from the xml dom. the xml dom transformnode method supports the use of xsl elements to perform transformations. the dom selectnodes and selectsinglenode methods support the xsl pattern-matching syntax that enables sophisticated queries for nodes within a particular context of the overall tree structure.
83.what is xlink and xpointer?
answer: xml linking language (xlink) defines a set of constructs which may be inserted into xml resources to describe links between objects. these constructs use xml syntax to create structures which can describe links starting from simple unidirectional hyperlinks to multi-ended and typed links. xlink can be used to provide a list of links related to a resource and can lead to multiple destinations. xpointer (extended markup language pointer) is a reference to a fragment of a document. xpointer defines the meaning of the identifier portion of the uris that locate the resources of mime media types “text/xml” and “application/xml”. xpointers make selection of parts of documents easy, but all the processing takes place on the client side, and the server sends the files to clients that are used by the client.
84.what are xml vocabularies?
answer: xml vocabularies are the elements used in particular applications or data formats — the definitions of the meanings of those formats. for example,
37
in cdf, element names such as <schedule>, <channel>, and <item> make up the vocabulary for describing collections of pages, when these pages should be downloaded, etc. vocabularies, along with the structural relationships between the elements, are defined in xml dtds today, and soon with xml-data schemas.
38
part vii: java enterprise architecture
i am enclosing the safeway architecture alternative documents. questions that can be asked from this document are: 85.what is mvc design pattern? 86.what is the command design pattern? 87.how would we organize a servlet, jsp based application? would we have one servlet for all the forms or one servlet per form. what are the advantages and disadvantages of each?
39
