## Web Programming ## ## $Id: programming.atm,v 1.1 2004/09/28 00:32:50 rho Exp $ (is-subclass-of) superclass: application subclass: web-application web-application bn: Web Application in: any application which is using HTTP as carrier -- mostly using a web browser (with or without client-side programs) (is-created-via) activity: web-application-programming object: web-application #-- special applications (is-subclass-of) superclass: web-application subclass: proxy proxy bn: Proxy in: gateway between 'inside' and 'outside' -- HTTP on both ends in: can be used for annotation, filtering -- special form: caches (is-subclass-of) superclass: proxy subclass: proxy-cache proxy-cache bn: Proxy Caches in (purpose): security enforcement point: filtering and control on the HTTP level in (purpose): bandwidth need reduction: cache stores documents according to the document metadata (expiry, ...) -- delivers it locally as long as it is not stale squid (proxy-cache) bn: Squid (is-subclass-of) superclass: web-application subclass: web-gateway web-gateway bn: Web Gateway in: gateway between HTTP on one side and some other protocol on the other -- has to mediate between conceptual differences in: usually formats content into HTML on the HTTP side in (example): LDAP gateway in (example): CVS browser (is-subclass-of) superclass: web-gateway subclass: stateless-web-gateway stateless-web-gateway bn: Stateless Web Gateway in: maintains no state itself (e.g. logging into a server, making a query, logging out again) in (problem): expensive and wasteful for some databases (is-subclass-of) superclass: web-gateway subclass: stateful-web-gateway stateful-web-gateway bn: Stateful Web Gateway in: maintains the state on behalf of the client (e.g. logging into LDAP server) in (problems): back button on browsers -> what does that mean? --\ client caches -> users sees wrong information, next request may confuse the gateway --\ interuption of requests -> how does the gateway recover? --\ user abandons service -> when does session time out? # client and server-side programming (is-subclass-of) superclass: activity subclass: application-programming (is-subclass-of) superclass: application-programming subclass: web-application-programming web-application-programming bn: Web Application Programming in (definition): implementing a particular application in a client/server scenario in: common denominator is the HTTP protocol and mostly HTML FORMs in (history): started with CGI programming -- many application infrastructures have been developed over the years (is-based-on) basis: web-application-protocol structure: web-application-programming (is-subclass-of) superclass: protocol subclass: application-protocol application-protocol bn: Application protocol in: defined by the application developer -- uses some low-level protocol for communication -- THIS IS NOT HTTP!!! in: message format -- openess, adhoc vs standards -- serialisation (marshalling, encoding), error handling in: has to operate above of HTTP -- HTTP is stateless -> applications need to maintain state shared between client and server -> cookies in (example): shopping basket -- login/logout (is-subclass-of) superclass: protocol-engine subclass: application-protocol-engine application-protocol-engine bn: Application Protocol Engine in: part of application software to deal with network messages -- usually provided as an API to the application in: connect, disconnect, wait_for_message, send_message, ... (system-implements-concept) system: application-protocol-engine concept: application-protocol (is-hosted-at) host: web-client guest: application-protocol-engine (is-hosted-at) host: web-server guest: application-protocol-engine #-- C/S architecture (is-architected-via) architecture: client-server-architecture application: web-application-programming (is-subclass-of) superclass: software-architecture subclass: client-server-architecture client-server-architecture bn: Client-Server, C/S Architecture in: client side deals with one part of an application, server with the other -- connected via a network in: separation depends on the consistency requirements of the particular application in: examples: X, Citrix (visualisation), HTTP, RPC, ... oc (definition): http://www.webopedia.com/TERM/C/client_server_architecture.html (is-part-of) whole: client-server-architecture part: web-client web-client bn: WWW browser/client in: interacts with (human) user, requests documents from a HTTP server, presentation aspects oc (zoom): http://topicmaps.bond.edu.au/mda/internet/web/web-server (has-feature) feature: document-presentation object: web-client document-presentation (web-client-feature) bn: document presentation in: HTML, CSS, WML, Applets, ... (has-feature) feature: document-presentation-logic object: web-client document-presentation-logic (web-client-feature) bn: document presentation logic in: DHTML (DOM + JavaScript) (is-subclass-of) superclass: web-client subclass: thick-client thick-client bn: Thick client in: web browser on a PC with much technology on board (JVM, Flash, JavaScript, ...) -- good bandwidth (is-subclass-of) superclass: web-client subclass: thin-client thin-client bn: Thin client in: web browser behind limited bandwidth and with limited hardware resources in: Handhelds, mobiles #-- server (is-part-of) whole: client-server-architecture part: web-server web-server (web-application-architecture-part) bn: WWW server in: serves documents via HTTP in: communication tier oc (zoom): http://topicmaps.bond.edu.au/mda/internet/web/web-server #-- 1-tier (is-architected-via) architecture: one-tier-model application: web-application-programming (is-subclass-of) superclass: software-architecture subclass: one-tier-model one-tier-model bn: 1-tier model in: tightly integrated solution -- everything in one #-- N-tier (is-architected-via) architecture: N-tier-model application: web-application-programming (is-subclass-of) superclass: software-architecture subclass: N-tier-model N-tier-model (application-architecture) bn: N-tier model in: separation of concerns in: data stored in 'pure' form at backend -- application servers provides business logic --\ presentation tier either at server or client #-- browser (is-subclass-of) superclass: web-application-programming subclass: browser-side-web-programming browser-side-web-programming bn: Client-side Web Programming in: application (or part thereof) is executed on the client side -- mostly for presentation, sometimes also business logic in (advantage): very fast execution -- no server request necessary in (disadvantage): only for trivial cases -- mostly server has to full knowledge (according to the business model) --\ client software is not under the control of developers -- new browser may behave differently -- security problem with \ a language may force users to turn technology off -- have to use often different technology on the server (heterogenous \ development) in (usage-scenario): form validation -- problem: full data consistency can only determined on the server in (usage-scenario): games -- problem: no decent graphical output, slow, source code can be read in (usage-scenario): pull-down menues -- problem: everyone does it differently -- new GUI paradigms everywhere -- how does user know what to do? in (usage-scenario): animations -- problem: very few applications involve animations natively -- mostly 'gadgets' from web developers who should know better in (usage-scenario): DOM manipulation -- hide/show parts of the document, move things around, create new options in FORMs, ... -- useful if used very carefully -- problem: not all browsers support all DOM levels, developer's nightmare in (usage-scenario): XML transformation -- problem: who - seriously - ships original XML data to the client? (can-be-used) tool: visual-basic purpose: browser-side-web-programming (is-supported-natively) language: visual-basic system: internet-explorer visual-basic (programming-language) bn: Visual Basic, VBScript in: Microsoft supported programming language -- only runs on Windows platform #-- JavaScript # is-reified-by javascript-as-client-language (can-be-used) tool: javascript purpose: browser-side-web-programming javascript (programming-language) bn: JavaScript oc (mda-zoom): http://topicmaps.bond.edu.au/mda/programming/javascript/javascript in: procedural programming language -- similar to Java (yeah) javascript-as-client-language bn: JavaScript as Client Language in: most browsers support it now -- smaller, but annoying differences to JScript in (disadvantage): does not come with a security model -- early implementations had a lot of vulnerabilities in: can be used together with DOM (Document Object Model) to access the page content (is-supported-natively) language: javascript system: mozilla (is-supported-natively) language: javascript system: opera (is-supported-natively) language: javascript system: firebird (is-supported-natively) language: javascript system: safari (is-clone-of) clone: jscript original: javascript (can-be-used) tool: jscript purpose: browser-side-web-programming (is-supported-natively) language: jscript system: internet-explorer jscript (programming-language) bn: JScript oc (homepage): http://msdn.microsoft.com/scripting/jscript/ in: Microsoft's version of JavaScript #-- DHTML (can-be-used) tool: dhtml purpose: browser-side-web-programming dhtml (client-side-presentation-technology) bn: Dynamic HTML in: actually JavaScript + DOM in: embedding code into HTML pages which can access the structure and the content of the page -- reading and modifying --\ mainly for rendering effects (fading, moving, resizing) oc (tutorial) : http://hotwired.lycos.com/webmonkey/authoring/dynamic_html/tutorials/tutorial1.html #-- Java --- # is-reified-by java-as-client-language (can-be-used) tool: java purpose: browser-side-web-programming java (programming-language) bn: Java Programming Language in (history): invented by Sun Microsystem -- meant for 'consumer devices' -- James Gosling: 'Oak' --\ very slow in the early years -- write once, test everywhere -- now very efficient compilation oc (history): http://java.sun.com/features/1998/05/birthday.html oc (history): http://www.ils.unc.edu/blaze/java/javahist.html oc (homepage): http://java.sun.com/ oc (tutorial): http://java.sun.com/docs/books/tutorial/ java-as-client-language bn: Java as Client Language in: most browsers support it now -- language now stable -- most machines powerful enough in: still not too many applications for it -- only in particular niches in: comes with a security model -- only particular commands can be executed -- protects file system and restricts network access #-- Active-X -- # is-reified-by active-x-as-client-language (can-be-used) tool: activex purpose: browser-side-web-programming activex (client-side-programming-technology) bn: Active-X in: highly proprietary, single platform technology, highly insecure active-x-as-client-language bn: Active X as Client Language in: only works on Windows platform -- major security concerns -- signed (certified) Active-X controls in (observation): maybe make more sense in controlled environments #-- server side (is-subclass-of) superclass: web-application-programming subclass: server-side-web-programming server-side-web-programming bn: Server-side Web Programming in: using an application server infrastructure and a programming language -- server executes scripts/programs in: can be in a variety of solutions and languages: Perl/CGI, Java/J2EE, VB/ASP, Python/Zope, Java/WebObjects, .... #-- PHP (can-be-used) tool: php purpose: server-side-web-programming php (web-application-infrastructure) bn: PHP in: infrastructure and web programming language to deliver server-generated documents in: embed PHP commands into an HTML page: -- syntax similar to C/Java/Perl in (advantage): very broad user base -- runs on many platforms (UNIX, Windows, ...) -- very fast processing -- very rich libraries (various databases, HTTP, IMAP, SNMP, ...) in (disadvantage): despite recent efforts PHP is no 'real' programming language -- mainly for web pages -> makes it difficult to do background processing -- XML support still lagging behind oc (homepage): http://www.php.net/ #-- Java Servlet (can-be-used) tool: java-servlet purpose: server-side-web-programming java-servlet (web-application-infrastructure) bn: Java Servlets in: writing code to handle GET or POST requests -- application only deals with request, response and context object -- rest is done by the servlet engine in: servlet is put into a 'container' in: has support for cookies, session handling in: only works for Java (and Perl/Wombat) -- javax.servlet in (advantage): portable code (Java) -- specification open -- rather performant (modulo Java) -- runs directly in the server (no separate process) -- stays in memory between requests -- sandboxing is possible (security) oc: http://java.sun.com/products/servlet/ oc (tutorial): http://java.sun.com/docs/books/tutorial/servlets/ oc (tutorial): http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ oc (introduction): http://developer.java.sun.com/developer/onlineTraining/Servlets/Fundamentals/ oc (introduction): http://www.webdevelopersjournal.com/articles/intro_to_servlets.html in (implementation): Tomcat Apache, iPlanet Web Server, Microsoft IIS, BEA WebLogic Application Server, IBM WebSphere, et.al. #-- JSP (can-be-used) tool: jsp purpose: server-side-web-programming jsp (web-application-infrastructure) bn: Java Server Pages in: embedding Java Code into HTML pages -- or just invoking Java Beans (components) from the page in: technically based on servlets which parse the page, compile it and run it at every request oc: http://java.sun.com/products/jsp/ oc (documentation): http://java.sun.com/products/jsp/docs.html oc (tutorial): http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/ #-- CGI (can-be-used) tool: cgi purpose: server-side-web-programming cgi (web-application-infrastructure) bn: CGI, Common Gateway Interface in: dinosaur of all server-side methods -- still in heavy use -- language independent -- many servers have it implemented in (observation): mostly used with Perl in (disadvantage): rather slow compared to other methods -- server has to exec process for every request in: interface describes how FORM content is passed into the script/program and how content is passed back to the server in: all functionality handled in the script, no server-side functionality in (advantage): easy to deploy for simple applications -- isolated processes -- architecture independent -- open standard -- language independent in (disadvantage): code difficult to maintainability #-- NSAPI (can-be-used) tool: nsapi purpose: server-side-web-programming nsapi (web-server-api) bn: NSAPI, Netscape Server API oc (faq): oc (introduction): http://developer.netscape.com/docs/manuals/enterprise/nsapi/svrop.htm in: mechanism for extending the functionality of the Netscape servers in: low-level: good for high-security and high-performance in: currently in version 3.x -- C++ library -- in: supported by Netscape servers (Communication, Commerce, Proxy) -- on several platforms #-- SSI (can-be-used) tool: SSI purpose: server-side-web-programming SSI (server-side-technology) bn: SSI, server side include in: started as simple mechanism to include files (HTML snippets) -- executed before content is shipped to the client in: features added: simple database access -- simple program execution -- simple program logic (if-then) in (problem): performance at earlier implementations -- hiding commands in HTML comments? -- security: how to protect files on the server -- not a full programming language -- difficult to maintain in: not standardized, security concerns, dead-end technology oc (tutorial): http://hoohoo.ncsa.uiuc.edu/docs/tutorials/includes.html oc (tutorial): http://httpd.apache.org/docs/howto/ssi.html oc (implementation): http://httpd.apache.org/docs/mod/mod_include.html oc (tutorial): http://www.apacheweek.com/features/ssi #-- J2EE (can-be-used) tool: j2ee purpose: server-side-web-programming j2ee (web-application-infrastructure) bn: J2EE oc (homepage): http://java.sun.com/j2ee/ in: rich infrastructure for Java applications -- more for high-profile web-apps -- platform neutral, but only for Java in: has support for session handling -- authentication -- security in (history): developed by Sun Microsystems oc (tutorial): http://java.sun.com/j2ee/tutorial/ in: has many implementations: Tomcat/Apache, Masslight, JBoss, WebLogic, Sun, .... oc (download): http://java.sun.com/j2ee/download.html #-- ASP (can-be-used) tool: asp purpose: server-side-web-programming asp (web-application-infrastructure) bn: ASP, Active Server Pages in: Microsoft technology -- now obsoleted by ASP.NET oc: http://www.asp101.com/ oc: http://www.microsoft.com/windows2000/en/server/iis/htm/asp/iiwawelc.htm oc (introduction): http://www.microsoft.com/windows2000/en/server/iis/htm/asp/iiwaabt.htm (is-obsoleted-by) obsolete: asp new: asp-net #-- ASP.NET (can-be-used) tool: asp-net purpose: server-side-web-programming asp-net (web-application-infrastructure) bn: ASP.NET oc (homepage): http://www.asp.net/ #-- Mason (can-be-used) tool: mason purpose: server-side-web-programming mason (web-application-infrastructure) bn: Mason oc (homepage): http://www.masonhq.com/ in: Perl-based templating system -- applying templates automatically -- supports session handling --\ persistent database connections -- server-side caching -- component based #-- XML apps servers (is-subclass-of) superclass: application-server subclass: xml-application-server xml-application-server bn: XML Application Server in: XML pipelines -- very flexible way to publish content in various ways #-- AxKit (can-be-used) tool: axkit purpose: server-side-web-programming axkit (xml-application-server) bn: AxKit in: application development environment for Perl, using XML, XSLT and XPathScript to convert content in pipelines in: use of taglibs for application specific functionality oc (homepage): http://axkit.org/ #-- Cocoon (can-be-used) tool: cocoon purpose: server-side-web-programming cocoon (xml-application-server) bn: Cocoon in: application development environment for Java, using XML, XSLT and XPathScript to convert content in pipelines oc (homepage): http://xml.apache.org/cocoon/ oc (homepage): http://cocoon.apache.org/ oc (introduction): http://www.xml.com/pub/a/2002/02/13/cocoon2.html oc (book): http://www.amazon.com/exec/obidos/tg/detail/-/0735712352?v=glance oc (article): http://www.webreference.com/xml/column52/ #-- Zope (can-be-used) tool: zope purpose: server-side-web-programming zope (web-application-infrastructure) bn: Zope in: Python-based infrastructure and web programming language to deliver server-generated documents in: object-oriented by design -- oo programming -- oo database in: can import 'packages' which implement specific object classes or whole applications in: is the basis of other infrastructures: CMF (Content Management Framework), Plone (collaboration) oc: http://www.zope.net/ #-- ColdFusion (can-be-used) tool: coldfusion purpose: server-side-web-programming coldfusion (web-application-infrastructure) bn: ColdFusion oc (download): http://www.coldfusion.com/ in: very mature programming environment -- advanced templating system -- rich libraries oc (tutorial): http://hotwired.lycos.com/webmonkey/programming/coldfusion/tutorials/tutorial2.html allaire (company) bn: Allaire oc: http://www.allaire.com/ in: merged with Macromedia (March, 2001) (is-produced-by) product: coldfusion producer: allaire #-- (can-developed-according-to-pattern) pattern: mvc system: web-application mvc (computation-paradigm) bn: Model-View-Controller, MVC oc (original): http://st-www.cs.uiuc.edu/users/smarch/st-docs/mvc.html oc: http://ootips.org/mvc-pattern.html in: used in GUI programming: events are analyzed and sent to parts of a model -- model responds and changes state -- view(port) displays the changes in: helps to reduce the complexity