dynamic content generation

Dynamic content generation Eleonora Ciceri

[email protected]

Dynamic content generation

¤  Motivations ¤  User needs cannot be satisfied by using just static content.

The following is needed too:

¤  Data coming from databases

¤  Response to specific requests (e.g., queries)

¤  Client-side scripting does not achieve the required results in dynamic data gathering

¤  Solution ¤  Server-side architectures that generate content dynamically

HTTP basics

HTTP basics

¤  HTTP is a stateless protocol: ¤  The client performs the request

¤  The web server responds and the transaction is done

¤  Each request is associated with a method, that specifies the type of action the client wants performed

¤  Available methods: ¤  GET

¤  POST

¤  Others: HEAD, PUT, DELETE, TRACE, OPTIONS

GET method

¤  The GET method is designed for getting information (e.g., a document, a chart, the result of a database query)

¤  The request contains some information that describes what the user wants (e.g., coordinates x,y for a chart)

¤  This information is collected in the query string, passed as a sequence of characters appended to the request URL

http://my.server/page?par1=val1&par2=val2

Query string

POST method

¤  The POST method is designed for posting information (a credit card number, information that has to be stored in a database)

¤  A POST request passes all its data, of unlimited length, as part of its HTTP request body

¤  The exchange is invisible to the client ¤  POST requests cannot be bookmarked or reloaded

POST method: form

<form method=POST action="my.page">!!Tell me your name:!!<input type="text" name="username"/>!!<input type="submit" value="Submit"/>!

</form>!

This information will be sent to the server

Specify the method

Other request methods

¤  HEAD: sent by a client when it wants to see only the headers of the response ¤  Why? To determine document size, modification time, general

availability

¤  PUT: used to place documents directly on the server

¤  DELETE: used to remove documents from the server

¤  TRACE: returns to the client the exact content of its request (used for debugging purposes)

¤  OPTIONS: used to ask the server which methods it supports

Java Servlets Basic concepts

Why do we use Java?

¤  Cross-platform: useful in case of a heterogeneous collection of servers (Unix/Windows operating systems)

¤  Object-oriented

¤  Support for networking and enterprise APIs

Servlets

¤  A servlet is a small, pluggable extension to a server that enhances the server’s functionality ¤  Applications: web server, mail server, application server…

¤  A servlet runs inside a JVM (Java Virtual Machine) on the server

¤  Advantages ¤  Support for Java is required on servers (not in web browsers)

¤  Servlets are portable (across operating systems and web servers)

Servlet container

¤  A servlet container is a component of the server that interacts with Java servlets

¤  It is responsible for: ¤  managing the lifecycle of the servlets

¤  mapping a URL to a particular servlet

HTTP request parameters

response HTTP response

Persistence

¤  Servlets are all handled by separate threads within the web server process ¤  A single object instance is stored in the server’s memory

¤  Advantages of reusing processes: ¤  Servlets create stateful applications by storing information

about the user session

¤  Resources are shared, e.g., database connections

Request for Servlet1



thread

thread

thread

The Servlet API

¤  Servlets use classes and interfaces from two packages ¤  javax.servlet: contains classes to support generic servlets

(protocol-independent)

¤  javax.servlet.http: adds HTTP-specific functionality

¤  Every servlet implements the javax.servlet.Servlet interface ¤  javax.servlet.GenericServlet is a protocol-

independent servlet

¤  javax.servlet.http.HttpServlet is an HTTP servlet

GenericServlet

¤  This servlet overrides the service() method to handle requests, taking as inputs: ¤  The request object ¤  The response object

request

response

HttpServlet

¤  This servlet overrides the doGet() and doPost() methods to handle GET and POST requests, respectively

¤  The service() method handles the setup and dispatching to all the doXXX() methods ¤  Do NOT override this method!

GET request

GET response

POST request

POST response

Servlet life cycle

¤  Servlet’s initialization: when the server starts, the servlet’s init() method is called

¤  Handle requests: when a request is captured by the server, the servlet’s service(), doGet() and doPost() methods are called according to the request type

¤  Servlet’s destruction: when the server process is stopped, the servlet’s destroy() method is called and the garbage collection is performed

Java Servlets Basic coding using Java Servlet API

Hello World! servlet

import java.io.*;!import javax.servlet.*;!import javax.servlet.http.*;!!public class HelloWorldServlet extends HttpServlet {!

!public void doGet(HttpServletRequest request, HttpServletResponse response)!! ! ! !throws ServletException, IOException {!! !response.setContentType("text/html");!! !PrintWriter out = response.getWriter();!! !!! !out.println("<HTML>");!! !out.println("<HEAD><TITLE>Hello World Servlet</TITLE></HEAD>");!! !out.println("<BODY>");!! !out.println("Hello, World!");!! !out.println("</BODY>");!! !out.println("</HTML>");!! !out.close();!!}!

}



}


HTTP servlet interface

Packages



}


Request object Response object



}


Set the standard MIME type for HTML pages

A MIME type identifies the file formats on the internet

A MIME type is used to understand how to interpret a file/an attachment



}


Requires the writer on which the output will be printed



}


Print the web page HTML code

Hello World! servlet results

Servlet’s path: project path + servlet’s name

Printed content

Configure a web application

¤  A web application is made of a set of servlets that are stored in a project

¤  The description of the web application content is contained in the web.xml file

¤  This file contains: ¤  The description of each servlet (name, class)

¤  The mapping of the servlet (used to reference the servlet when accessing to the server)

Configuration file for HelloWorldServlet

<web-app> !!<servlet>!! !<servlet-name>!! ! !HelloWorldServlet!! !</servlet-name>!! !<servlet-class>!! ! !it.polimi.tiw.examples.HelloWorldServlet!! !</servlet-class>!!</servlet>!!<servlet-mapping>!! !<servlet-name>!! ! !HelloWorldServlet!! !</servlet-name>!! !<url-pattern>!! ! !/HelloWorld!! !</url-pattern>!!</servlet-mapping>!

</web-app>

Container for the servlets’ descriptions

Mapping to a specific path on the server

Java Servlets Input and output

Read information from the client

¤  Information is received from the client by reading the data included in HttpServletRequest

¤  Input stream methods ¤  getReader(): retrieves the body of the request ¤  getContentType(): retrieves the request content type ¤  getContentLength(): retrieves the request content length

¤  Header reading methods ¤  getHeader(name): retrieves the name HTTP header ¤  getHeaders(name): retrieves the name HTTP header as a

collection of String objects

Read information from the client

¤  Parameters reading methods ¤  getParameter(name): reads the parameter name from the

request ¤  getParameterValues(name): reads an array of String objects

containing all the values the name parameter has ¤  getParameterNames(): returns the names of all the parameters

contained in this request ¤  getQueryString(): reads the query string

¤  Client information retrieval methods ¤  getRemoteAddr(): reads the IP address ¤  getRemoteHost(): reads the fully qualified name of the client

Send information to the client

¤  Information is sent to the client by modifying the data included in HttpServletResponse

¤  Output stream methods ¤  getWriter(): gets the writer on which the output is printed

¤  setContentLength(cl): sets the content length equal to cl

¤  setContentType(ct): sets the content type equal to ct

¤  Header editing methods ¤  setHeader(String name, String value): sets the value of

the HTTP header name equal to value

Send information to the client

¤  Error handling methods ¤  setStatus(int s): set the status of the transaction equal to s

¤  sendError(int s): sends the error to the server, who is in charge of handling it

¤  Redirect methods ¤  sendRedirect(String location): sends a temporary redirect

response to the client using the specified location URL

Handling forms data

¤  We will send the user’s name via an HTML form, so that it will be displayed by the servlet

¤  The request can be sent using either the GET or the POST methods

HelloWorldForm.html

userName

Sending via the GET method: form

<html>!!<head>!! <title>Meet the user</title>!!</head>!!<body>!! <form method=GET action="/SlidesExamples/HelloWorldFormServlet">!! !Tell me your name:!! !<input type="text" name="userName"/>!! !<input type="submit" value="Submit"/>!! </form>!!</body>!

</html>

Servlet’s path

Parameter’s name

FINAL URL: http://my.server:8080/SlidesExamples/HelloWorlFormServlet?userName=name

Query string

Sending via the GET method: servlet

public class HelloWorldFormServlet extends HttpServlet {!public void doGet(HttpServletRequest request, HttpServletResponse response)!

! ! ! !throws ServletException, IOException {!response.setContentType("text/html");!PrintWriter out = response.getWriter();!

! !!String userName = request.getParameter("userName");!if (userName.equals(""))!

!userName = "World";!! !!

out.println("<HTML>");!out.println("<HEAD><TITLE>Hello World Servlet</TITLE></HEAD>");!out.println("<BODY>");!out.println("Hello, " + userName + "!");!out.println("</BODY>");!out.println("</HTML>");!out.close();!

}!}

Retrieve parameter from the request

When the user leaves the input field empty, the parameter is empty too

Print the request parameter

Sending via the POST method

¤  We want the same behavior with POST as we had for the GET; thus, we dispatch all POST requests to the doGet() method

¤  In general, it is better if a servlet implements either doGet() or doPost()

public void doPost(HttpServletRequest request, ! ! ! !HttpServletResponse response)!! !throws ServletException, IOException {!!doGet(request, response);!

}!

Java Servlets Instance persistence

Instance persistence

¤  Servlets persist between requests as object instances

¤  Advantage: a servlet has already loaded anything it’s likely to need during the handling of a request ¤  Database connections

¤  Shopping cart

¤  Cached pages

¤  …

A simple counter

public class SimpleCounter extends HttpServlet {!!!

int count;!!!

public void init() throws ServletException {!!count = 0;!

}!!!

public void doGet(HttpServletRequest request, HttpServletResponse response)!

! ! !throws ServletException, IOException {!!response.setContentType("text/plain");!!PrintWriter out = response.getWriter();!! !!!count++;!!out.println("Since loading this servlet has been accessed " + !count + " times");!

}!}

When the server loads the servlet as a single instance, the counter is initialized

Every request is handled by this single instance

Each request increments the counter

A simple counter: results

¤  The same instance variable exists between invocations and for all invocations

¤  Every time the page is loaded, the counter is incremented

Synchronization

¤  Each of the client threads has the ability to manipulate a servlet’s non local variable ¤  Result: inconsistencies, data corruption

Request1

Request2

count = 0

count = 1

count = 2

The answer is 2 for both the responses!

This happens because the servlets are concurrently modifying the same variable, thus the second request modifies the count before the first thread prints the count Thread1.print()

Thread2.print()

Synchronization

¤  To prevent this problem one can add one or more synchronized blocks to the code ¤  Anything inside a synchronized block is guaranteed not to

be executed concurrently by another thread

¤  When a thread wants to modify what is inside a synchronized block, it has to obtain a monitor

¤  If another thread has the monitor, the first thread must wait

Synchronization – First solution

public class SyncCounter extends HttpServlet{ !int count = 0;!!public void doGet(HttpServletRequest request, HttpServletResponse response) !

! !throws ServletException, IOException {!response.setContentType("text/plain"); !PrintWriter out = res.getWriter(); !synchronized(this) {!

count++; !out.println("Since loading, this servlet has been accessed " + count + " times.");!

}!}!

}

This block requires a monitor in order to be executed

Synchronization – Other solutions

¤  Add synchronized to the doGet() signature public synchronized void doGet(HttpServletRequest request, HttpServletResponse response)!

¤  Make the synchronized block as small as possible using a local variable int local_count;!synchronized(this) {!

local_count = ++count;!}!out.println(“Number of accesses: ” + local_count);!

Class count

A holistic counter public class HolisticCounter extends HttpServlet {!

static int classCount = 0;!int count;!static Hashtable<HolisticCounter, HolisticCounter> instances= new Hashtable<HolisticCounter, HolisticCounter>();!

!!public void init() throws ServletException {!

count = 0;!} !!public void doGet(HttpServletRequest request, HttpServletResponse response)!

! ! !throws ServletException, IOException {!response.setContentType("text/plain");!PrintWriter out = response.getWriter();!

! !!count++;!out.println("This servlet instance has been accessed " + count + " times.");!

! !!instances.put(this, this);!out.println("There are currently " + instances.size() + " instances.");!

! !!classCount++;!out.println("Across all instances, this servlet has been accessed " + classCount + " times.");!

}!!}

Instance count

Store instances

Java servlets Init and context parameters

Init parameters

¤  Init parameters are available in the context of a servlet

¤  Init parameters’ purpose is twofold ¤  Specify initial values or default values for servlet variables

¤  Tell a servlet how to customize its behavior

¤  The initial values are stored in the web.xml file

ServletConfig object

web.xml

getInitParameter(“p1”)


Init parameters

Init parameters

<servlet>!!<servlet-name>!! !InitCounter!!</servlet-name>!!<servlet-class>!! !it.polimi.tiw.examples.InitCounter!!</servlet-class>!!<init-param>!! !<param-name>!! ! !InitialCounterValue!! !</param-name>!! !<param-value>!! ! !100!! !</param-value>!! !<description>!! ! !Initial counter value!! !</description>!!</init-param>!

</servlet>

This is visible only to the InitCounter servlet

Name of the parameter that will be read from the configuration

Value for InitialCounterValue

Init parameters

public class InitCounter extends HttpServlet { !!int count = 0; !!public void init(ServletConfig config) throws ServletException {!

!super.init(config);!!String initialCounterValue = config.getInitParameter("InitialCounterValue");!!try {!

count = Integer.parseInt(initialCounterValue);!!}!!catch (NumberFormatException e) {!

count = 0;!!}!

} !!public void doGet(HttpServletRequest request, HttpServletResponse response)!

! !throws ServletException, IOException {!!response.setContentType("text/plain");!!PrintWriter out = response.getWriter();!! !!!count++;!!out.println("Since loading, with initialization, this servlet has been !accessed " + count + " times");!

}!}

Load the initial parameter

For allowing the access to config outside the init() method

Context parameters

¤  Context parameters are available in the entire scope of the web application

¤  Context parameters are stored in the web.xml file

ServletContext object

web.xml



Context parameters

Context parameters

<web-app> !!<context-param>!! !<param-name>!! ! !userName!! !</param-name>!! !<param-value>!! ! !Eleonora!! !</param-value>!! !<description>!! ! !Name of the user that is using the web application!! !</description>!!</context-param>

Context parameter declaration

Context parameters

public class HelloDefaultUserServlet extends HttpServlet {!!

private String userName;!!!

public void init(ServletConfig config) throws ServletException {!!ServletContext context = config.getServletContext();!!userName = context.getInitParameter("userName");!!if (userName == null)!

userName = "World";!}!

!!public void doGet(HttpServletRequest request, HttpServletResponse response)!

! !throws ServletException, IOException {!!response.setContentType("text/plain");!!PrintWriter out = response.getWriter();!

!!out.println("Hello, " + userName + "!");!!out.close();!

}!!}

Extract the context (ServletContext object)

Extract the context parameter “userName”

Java Servlets Session tracking

Motivations

¤  HTTP is a stateless protocol ¤  No way for a server to recognize that a sequence of

requests are from the same client

¤  Problem: shopping cart? Several interactions!

¤  Solution: the client introduces himself as it makes each request ¤  Unique identifier

¤  Additional information about its identity

User authorization

¤  One way to perform session tracking is to leverage the information that comes with user authorization ¤  When the client logs in, the username is available to a servlet

through getRemoteUser() ¤  The user is identified through her username and thereby

track her session

¤  Advantage: easy to implement, works also if the user uses different machines to log in

¤  Disadvantage: it requires each user to register for an account and then log in each time she visits the site

Hidden form fields

¤  Another way to perform session tracking is to add information to the form by inserting hidden fields, i.e., fields that contain information but that are not visible ¤  <INPUT TYPE=hidden NAME=“zip” VALUE=“834629”/>

¤  Advantage: ubiquity, support for anonymity, no special server requirements

¤  Disadvantage: it works only for a sequence of dynamically generated forms, it breaks down with static/emailed/bookmarked documents or browser shutdowns

Persistent cookies

¤  A cookie is a bit of information sent by a web server to a browser that can later be read back from that browser

¤  When the browser receives the cookie ¤  It saves the cookie ¤  It sends the cookie back to the server each time it accesses

a page on that server

¤  A cookie’s value can be set so as to uniquely identify the user ¤  Thus: cookies are used in order to track the session

Working with cookies

¤  A cookie is creating by specifying: ¤  The name of the cookie

¤  The value of the cookie

¤  Cookie(name, value)

¤  The cookie is attached to the response by using the method addCookie(cookie)

¤  Cookies are read from the request by using the method getCookies()

Saving the sessionId in a cookie

public class SessionIdCookie extends HttpServlet {!!

public void doGet(HttpServletRequest request, HttpServletResponse response) !throws ServletException, IOException {!

!response.setContentType("text/plain");!!PrintWriter out = response.getWriter();!! !!!String sessionId = null;!!Cookie[] cookies = request.getCookies();!!if (cookies != null)!

for (int i = 0; i < cookies.length; i++)!if (cookies[i].getName().equals("sessionId"))!

! !sessionId = cookies[i].getValue();!! !!!if (sessionId == null) {!

sessionId = new java.rmi.server.UID().toString();!Cookie cookie = new Cookie("sessionId", sessionId);!response.addCookie(cookie);!

!}!! !!!out.println("SessionId: " + sessionId);!!out.close();!

}!}

Retrieve cookies from the request

Look for the cookie containing the sessionId

If the needed cookie does not exist, we create the sessionId with a standard method and then store it in a new cookie

Other functions for handling cookies

¤  setMaxAge(int expiry) specifies the maximum age of the cookie (in seconds) before it expires

¤  setSecure(boolean flag) indicates whether the cookie should be sent only over a secure channel, such as SSL

¤  setComment(String comment) sets the comment field of the cookie, describing the intended purpose of it

URL rewriting (1)

¤  Every local URL the user might click is dynamically modified to include extra information

¤  You have to ask your servlet container to enable it

¤  Several ways of doing it

¤  Extra path information ¤  http://my.server:port/servlet/Rewritten/extraPath ¤  extraPath contains extra information ¤  Works fine for all the servers, but some servlet might use it as

a true path

URL rewriting (2)

¤  Added parameter ¤  http://my.server:port/servlet/Rewritten?sessionid=123 ¤  Works on all servers

¤  It fails as a target for forms that use the POST method

¤  Custom change ¤  http://my.server:port/servlet/Rewritten;sessionid=123 ¤  It does not work for those servers that don’t support the change

¤  The session ID is uniquely created for the user, and passed to it by attaching it to the response

Session Tracking API

¤  Every user of a site is associated with a java.servlet.http.HttpSession object ¤  This object is used to store and retrieve information about

the user

¤  You can save any set of arbitrary Java objects in a session object

info1

info2

info3

Cookies vs. URL rewriting public class SessionDiscover extends HttpServlet {!

!!public void doGet(HttpServletRequest request, HttpServletResponse response)!

!throws IOException, ServletException{ ! !!response.setContentType("text/html");!PrintWriter out = response.getWriter();!

! !!HttpSession session = request.getSession(true);!

! !!out.println("<HTML><HEAD><TITLE> Session Discover </TITLE></HEAD>");!out.println("<BODY>");!out.println("<H2> Session Discover</H2>");!out.println(“<A HREF=" + response.encodeURL(request.getRequestURI()) + "> Refresh </A><BR />"); !

!!out.println("<BR/> SessionID: " + session.getId() + "<BR/>");!out.println("Creation Time: " + new Date(session.getCreationTime()) + "<BR />");!out.println("Last Accessed Time: " + new Date(session.getLastAccessedTime()) + "<BR />");!out.println("Timeout: " + session.getMaxInactiveInterval() + "<BR /><BR />");!

! !!out.println("Using cookies ? " + request.isRequestedSessionIdFromCookie() + "<BR />");!out.println("Using URL Rewriting ? " + request.isRequestedSessionIdFromURL() + "<BR />");!out.println("</BODY></HTML>");!!

! !!}!

}

Encodes the required URL, in case adding the session ID when URL rewriting is enabled

Returns the request URI (we are refreshing the current page!)

Retrieve the session from the request (if it doesn’t exist, it is

created)

Print data about the created session

Specifies whether cookies and URL

rewriting are enabled

Using cookies

No session ID in the URL = no URL rewriting

Cookies are enabled = the session ID is stored in the cookies

Stored cookie

The cookie reports the URL of the server that required its storage

The value of the cookie reports the session ID

Disable cookies

Cookies are disabled = the URL rewriting is active

URL rewriting is active and the session ID is attached to the URL

Handling the session

¤  Retrieving the session: getSession(boolean create) on the request

¤  Save an object in the session: setAttribute(name, object) on the session

¤  Retrieve an object from the session: getAttribute(name) on the session

¤  Retrieve the names of all the objects stored in the session: getAttributeNames() on the session

¤  Remove an object from the session: removeAttribute(name) on the session

SessionCounter servlet

public class SessionCounter extends HttpServlet {!public void doGet(HttpServletRequest request, HttpServletResponse response) !

! ! !throws ServletException, IOException {!response.setContentType("text/plain");!PrintWriter out = response.getWriter();!

! !!HttpSession session = request.getSession(true);!

! !!Integer count = (Integer)session.getAttribute("session.count");!if (count == null) !

count = new Integer(1);!else!

count = new Integer(1+count.intValue());!session.setAttribute("session.count", count);!

! !!out.println("You have visited this page " + (count.intValue()) + " times.");!out.println("Your session data: ");!Enumeration<String> names = session.getAttributeNames();!while (names.hasMoreElements()) {!

String name = names.nextElement();!!out.println(name + ": " + session.getAttribute(name));!

}!}!

}

Retrieve the current session from the request (create one if necessary)

Read the session attribute named session.count

Store the new counter value in the session

Shopping cart application

HTML form •  Select products •  Go to cart

Store cart servlet •  Extract selected products

from the request •  Store the cart in the session

Checkout cart servlet •  Extract selected products

from the session •  Create a report

Shopping cart application – Form

<html>!<head><title>Fill shopping cart</title></head>!<body>!

Choose your products:!<form method=POST action="/SlidesExamples/StoreCart">!

<input type="checkbox" name="item" value="chair"/> Chair<br />!<input type="checkbox" name="item" value="table"/> Table<br />!<input type="checkbox" name="item" value="sofa"/> Sofa <br />!<input type="checkbox" name="item" value="desk"/> Desk <br />!<input type="checkbox" name="item" value="painting"/> Painting <br />!<input type="submit" value="See your cart"/>!

</form>!</body>!

</html> All the values that will be selected will be grouped under the parameter name item

Shopping cart application – Store cart (1)

public class StoreShoppingCart extends HttpServlet {!!

public void doGet(HttpServletRequest request, HttpServletResponse response)!! !throws ServletException, IOException {!

response.setContentType("text/html");!PrintWriter out = response.getWriter();!! !!

out.println("<html>");!out.println("<head><title>Your shopping cart</title></head>");!out.println("<body>Your items:");!! !!

String[] cartItems = request.getParameterValues("item");!if (cartItems == null)!

out.println("No items were selected.");!else {!

out.println("<ul>");!for (int i = 0; i < cartItems.length; i++)!

out.println("<li>" + cartItems[i]);!out.println("</ul>");!

}!! !!! !

Retrieve the selected products from the request

Shopping cart application – Store cart (1)

HttpSession session = request.getSession(true);!session.setAttribute("cartItems", cartItems);!! !!out.println("<form method=POST action=\"/SlidesExamples/checkout\">");!out.println("<input type=\"submit\" value=\"Checkout\">");!out.println("</form></body></html>");!

}!!!

public void doPost(HttpServletRequest request, HttpServletResponse response)!

! ! !throws ServletException, IOException {!doGet(request, response);!

}!!!

}

Store the cart in the session

Go to the next page by using a form

Shopping cart application - Checkout

public void doGet(HttpServletRequest request, HttpServletResponse response)!!throws ServletException, IOException {!

response.setContentType("text/html");!PrintWriter out = response.getWriter();!

! !!out.println("<html>");!out.println("<head><title>Checkout</title></head>");!out.println("<body>Your items:");!

! !!HttpSession session = request.getSession();!String[] cartItems = (String[])session.getAttribute("cartItems");!if (cartItems == null)!

!out.println("No items were selected.");!else {!

!out.println("<ul>");!!for (int i = 0; i < cartItems.length; i++)!

out.println("<li>" + cartItems[i]);!!out.println("</ul>");!

}!out.println("</body></html>");!

}!

Retrieve the selected products from the session

The session life cycle

¤  A session does not last forever. It expires: ¤  Either automatically ¤  Or after a set time of inactivity (default: 30 min)

¤  You can change the expire time from web.xml; this value will be valid for the entire web application <session-config>!

!<session-timeout>20</session-timeout>!</session-config>!

¤  You can also set this time for a specific instance: session.setMaxInactiveInterval(int secs)!

Java Servlets Redirect and Forward

Sending requests to other pages

¤  Forward ¤  Performed internally by the application ¤  The browser is completely unaware that it has taken place (i.e.,

the original URL remains intact) ¤  The resulting page repeats the original request with the original

URL

¤  Redirect ¤  The web application instructs the browser to fetch a second URL

(different from the original one) ¤  A browser reload of the second URL does not repeat the original

request ¤  Objects placed in the original request scope are not available

to the second request

Redirect or forward?

Redirect Forward

Request1

Request2 = alter(Request1)

Request2

Request1

Request1

Redirecting

A new request is sent to the second servlet, thus the request parameters are not visible, i.e., the query string is empty Moreover, although a new attribute was added to the request, it is not visualized in the resulting page (the new request has not attributes)

Forwarding

The request parameters are passed to the second servlet, since the same request is used Moreover, the added attribute is visible in the second servlet: the attributes are still visible

References

References

¤  Java Servlet Programming, Jason Hunter and William Crawford, O’Reilly

dynamic content generation

Technology