The servlet container, in conjunction with a web server or application server, provides the network services over which requests and responses are set, decodes MIME based requests , and formats MIME based responses. A servlet container also contains and manages servlets through their life cycle. A servlet container can either be built into a host web server or installed as an add-on component to a web server via that server's native extension API. Servlet containers can also be built into or possibly installed into web-enabled application servers. All servlet containers must support HTTP as a protocol for requests and responses, but may also support additional request/response based protocols such as HTTPS (HTTP over SSL). The minimum required version of the HTTP specification that a container must implement is HTTP/1.0. It is strongly suggested that containers implement the HTTP/1.1 specification as well. A servlet container may place security restrictions on the environment that a servlet executes in. In a Java 2 Standard Edition 1.2 (J2SE) or Java 2 Enterprise Edition 1.2 (J2EE) environment, these restrictions should be placed using the permission architecture defined by the Java 2 platform. For example, high end application servers may limit certain actions, such as the creation of a Thread object, to ensure that other components of the container are not negatively impacted. |