Sun Java System Web Server 7.0 Update 5 Developer's Guide to Java Web Applications

This book explains how Web Applications are created, deployed, and supported in Sun Java™ System Web Server 7.0. The book also includes basic information about Web Services.

Web Server Technologies Overview

This chapter provides a basic overview on various technologies that are supported in the Web Server.

This chapter contains the following section:

• Technologies and Enhancements in Web Server 7.0

Web Applications Overview

Web Server supports the Java™ Servlet 2.5 API specification and the JavaServer Pages™ (JSP™) 2.1 specification, which allows servlets and JSPs to be included in web applications.

A web application is a collection of servlets, JavaServer Pages, HTML documents, and other web resources that include image files, compressed archives, and other data. A web application can be packaged into a web archive (WAR) file or exist in an open directory structure.

Web Server 7.0 also supports, SHTML and CGI, which are not Java Platform, Enterprise Edition (Java EE) application components. For more information about APIs and programming technologies, see Sun Java System Web Server Developer's Guide.

This chapter provides a basic overview of how web applications are supported in Web Server.

This chapter contains the following sections:

• Developing and Deploying Web Applications

• Sample Applications in Web Server 7.0

                                                                                                                                                                                                                                      [Back to top]

Web Services Overview

Web Services uses a Web Services Description Language (WSDL) file to describe the service and registry service to register and look up the services. The Simple Object Access Protocol (SOAP) binding is the standard interoperable binding for accessing Web Services. Several registry protocols available, butUDDI (Universal Description, Discovery and Integration) is probably the most recognizable based on Java Web ServicesDeveloper Pack, Web Server because it supports integrated Java Web Services runtime and tools, and therefore supports portable Web Services implementations, making it interoperable with .NET clients and services using the WS-I Basic Profile. For more information on Web Services, see http://java.sun.com/webservices/docs/2.0/tutorial/doc/index.html.

WS-Security is an OASIS proposal for adding message-layer security to SOAP messages. It defines standardized locations and syntax by which security tokens such as X.509 certificates and Kerberos tickets can be carried within SOAP Headers in order to secure the contents of the SOAP message exchanges. WS-Security leverages the existing XML Digital Signature and XML
Encryption specifications for capturing the results of signing and encryption operations in XML syntax. In essence, WS-Security standardizes the XML Signature and XML Encryption data blocks that are carried with a SOAP message. Web Server supports the integrated WS-Security standard. In addition, this release supports JSR-196 as applicable to Web Services.
Web Server provides the ability to bind SOAP-layer message-security providers and message-protection policies to the container. This binding allows the container to enforce the security on behalf of the applications.

This chapter focuses on web services tasks that are performed by developers. For administrator tasks, including configuration and management information, see Appendix C, Web Services, in Sun Java System Web Server Administrator's Guide.

This chapter contains the following sections:

• Technologies Supported in Web Server 7.0

• Creating Web Services

• Securing Web Services

• Deploying and Testing Web Services

Developing Servlets

This chapter describes how to create servlets to control web application interactions running on a Web Server. In addition, this chapter describes the Web Server features used to augment the Java Servlet 2.5 standards.

This chapter has the following sections:

• About Servlets

• Caching Servlet Results

• Maximizing Servlet Performance

• Servlet Internationalization Issues

• Migrating Legacy Servlets

                                                                                                                                                                                                                                      [Back to top]

Developing JavaServer Pages

This chapter describes how to use JavaServer Pages (JSP™) page templates in a Web Server application.

This chapter has the following sections:

• Introducing JSPs

• Compiling and Debugging JSPs

• JSP Tag Libraries and Standard Portable Tags

Session Managers

Session objects maintain state and user identity across multiple page requests over the normally stateless HTTP protocol. A session persists for a specified period of time, across more than one connection or page request from the user. A session usually corresponds to one user, who might visit a site many times. The server can maintain a session either by using cookies or by rewriting URLs. Servlets can access the session objects to retrieve state information about the session.

This chapter describes sessions and session managers, and has the following sections:

• Introducing Sessions

• Using Sessions

• Session Managers

Developing Lifecycle Listeners

This chapter provides a basic overview, and a description of various features of lifecycle listeners in Web Server. It includes the following section:

• Web Server Lifecycle Listeners

Securing Web Applications

This chapter describes the basic goals and features of Web Server security features related to the Java Servlet Container. It also describes how to write secure Java web applications containing components that perform user authentication and access authorization tasks.

This chapter has the following sections:

• Supported Features and Terminology

• Security Features

• User Authentication and Authorization

• Using Web Services Message Security

• Programmatic Login

• Enabling the Java Security Manager

• The server.policy File

• Related Information

                                                                                                                                                                                                                                      [Back to top]

Deploying Web Applications

This chapter describes how web applications are assembled and deployed in Web Server. The chapter has the following sections:

• Web Application Structure

• Deployment Tools

• Deploying Web Applications

• Auto-Deploying Web Applications

• Managing Web Applications

• Dynamic Reloading of Web Applications

• Classloaders

Debugging Web Applications

This chapter provides guidelines for debugging web applications in Web Server. The chapter includes the following sections:

• Debugging Web Applications

Debugging applications requires you to edit the server.xml file. For more general information, see Sun Java System Web Server Administrator's Configuration File Reference.

Appendix A: Deployment Descriptor Files

The deployment descriptor conveys the elements and configuration information of a web application between application developers, application assemblers, and deployers. For Java Servlets v.2.5, the deployment descriptor is defined in terms of an XML schema document.

This chapter includes the following sections:

• Extension to Standard Descriptors

• Sun Java System Web Server Descriptors

• Elements in the default-web.xml File

• Elements in the sun-web.xml File

  • General Elements
  • Security Elements
  • Session Elements
  • Reference Elements
  • Caching Elements
  • Classloader Element
  • JSP Element
  • Internationalization Elements
  • Alphabetical List of sun-web.xml Elements

• Sample Web Application XML Files

                                                                                                                                                                                                                                      [Back to top]