Friday, April 29, 2011

Quick Recap: Chapters 47 to 50

Let us quickly review what we learnt about the Web Application Deployment and the Deployment Descriptor web.xml in the previous few chapters.

Web Application Folder Structure:

1. The WEB-INF is the root directory of any Web Application
2. This directory contains two folders /classes – to hold all the class files and /lib to hold all the JAR files
3. The web.xml file also resides in WEB-INF Folder

Elements of a Deployment Descriptor:

The deployment descriptor has 77 elements but the most important ones are:

1. C = < context-param >
2. L = < listener >
3. S = < servlet >
4. S = < servlet-mapping >
5. S = < session-config >
6. W = < welcome-file-list >
7. E = < error-page >
8. T = < taglib >
9. S = < security-constraint >
10. L = < login-config >
11. S = < security-role >

Exception Handling:

You can specify the exception handling declaratively in the deployment descriptor. You do this with the error-page element and the exception-type subelement like so:

< web-app >
< error-page >
< exception-type > javax.servlet.ServletException < / exception-type >
< location > /servlet/ErrorDisplay < / location >
< / error-page >
< / web-app >

Application Security:

• Application Security is an important aspect of any web application. Our application should be prepared to handle atleast a minimum level of attack.
• Authentication is the process by which the system verifies if a user is who he really says he is
• Authorization is the process by which we place access control restrictions on the various resources of the system
• Authentication can be of 4 types:
     o HTTP Basic Authentication
     o HTTP Digest Authentication
     o HTTPS Client Authentication &
     o Form Based Authentication

Key Terms we learnt in these chapters are:

• Web application
• Web archive file
• WebApp deployment descriptor
• Authentication, authorization
• Security constraint

Previous Chapter: Chapter 50 - Web Application Security

Next Chapter: Self Test - Chapters 47 to 50

No comments:

Post a Comment

© 2013 by www.inheritingjava.blogspot.com. All rights reserved. No part of this blog or its contents may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the Author.

ShareThis

Google+ Followers

Followers