Using Servlets

  

A Servlet is a module that runs within a request-response server. A request is a call from a client that contains data that the client wants to send to the server. The response is the answer from the server to the client. A Servlet is a Java object that functions the same way as a CGI script but does not need to be restarted for every request.

Tip  

If a secure Servlet is requested by a forward or an include, the security model does not intervene.

The Servlet API provides classes and interfaces to process HTTP requests and keeps the code Web-server independent. When a Servlet is requested, the server checks if the Servlet has been loaded . If it has not, the server loads the Servlet. The init() method is called so the Servlet can initialize its state (such as reading configuration information). The server gives the request to the Servlet to be processed ; at this point the service() method is called. When the server needs to shut down the Servlet, the server invokes the destroy() method so that the Servlet may prepare for shut down (such as closing database connections).

The Servlet life cycle is managed by a Servlet container that is the connection between the Web server and the Servlets. It is the container that maps incoming requests to the Servlet object registered to process it. In addition, it is the Servlet container's responsibility to convert the response object (created by the Servlet after processing the request) into a response message and send it back to the client.

When a Servlet request is sent to a Web server using a secure protocol, you can use the ServletRequest.isSecure() method, which returns a boolean stating whether the connection is secure.

If you use HTTPS, a call to ServletRequest.getAttribute() returns an array of javax.security.cert.X509Certificate objects. In addition, if you use cookies, you can specify whether the cookie needs to be transmitted over a secure protocol. You use the Cookie.setSecure() method and pass in a boolean value; you can determine the security setting via the Cookie.getSecure() method.

  


Java Security Solutions
Java Security Solutions
ISBN: 0764549286
EAN: 2147483647
Year: 2001
Pages: 222

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net