Please enable JavaScript.
Coggle requires JavaScript to display documents.
Java Web Application (SECURITY (Stratergies (Declarative Security,…
Java Web Application
JSP
Standard Tag
Scriptting tag
-
-
JSP Declarations
- Use to define variables and methods
How it work
- JSP + HTML when compile, jdk will auto compile and translation it to Servlet class.
Servlet API
Servlet.http
Web.xml
- Use to guide Web Engine map request to servlet
HttpServletRequest
Request Parameter
- Data from client
- Name-value pair
HTML Forms
- Collects user data
- Send to server via an URL.
-
-
Action
- The destination of data
- Which one it should be
-
Session Tracking
- Allows app save client's information.
- Each client access to webserver, webserver will provide a session for each user.
Techniques
-
-
Cookie
- Uses for storing client's information.
- Store on client's machine, send back to server on every request user make.
- Limited life span on clients's machine, automatically deleted after a specified time period.
- Value of cookie can uniquely identify a client.
Securing Cookies
Flag
-
HttpSession
- On servlet of server.
- Each client have a unique session.
invalidate Session
- To destroy user session
- Java default: 30 mins.
- Can be set in web.xml or setMaxInactiveInterval() function.
HttpSession (Java)
- Only for java.
- Only java can access this object.
SECURITY
-
-
-
HTTPS Client Authentication Method
-
JSTL
SQL Tag Library
- Interract with databases (Oracle, MySQL, MSQLServer)
-
-
-
Filter
- A Java class.
- Indepentdence with web container.
- Stand between client and server.
-
Usage
Authentication
- Access resources after provided username + password.
Logging and auditing
- Tracks the activities of users on a web app and log them.
Image conversion
- Scales the image size or change the image type as per requirements.
Data compression
- Helps in compressing uploaded or downloaded file size, thereby reducing the bandwidth requirement and time for downloading.
Encryption
- Helps in encrypting the request and response header.
-
-
-