Books & Videos

Table of Contents

  1. Chapter 1 Intro and Overview: Why use Servlets & JSPs?

    1. Everybody wants a web site

    2. What does your web server do?

    3. What does a web client do?

    4. Clients and servers know HTML and HTTP

    5. Two-minute HTML guide

    6. What you write... (the HTML)

    7. What the browser creates...

    8. What is the HTTP protocol?

    9. HTML is part of the HTTP response

    10. If that’s the response, what’s in the request?

    11. GET is a simple request, POST can send user data

    12. It’s true... you can send a little data with HTTP GET

    13. Anatomy of an HTTP GET request

    14. Anatomy of an HTTP POST request

    15. Anatomy of an HTTP response, and what the heck is a “MIME type”?

    16. All the pieces. On one page.

    17. URL. Whatever you do, don’t pronounce it “Earl”.

    18. Directory structure for a simple Apache web site

    19. Web servers love serving static web pages

    20. But sometimes you need more than just the web server

    21. Two things the web server alone won’t do

    22. The non-Java term for a web server helper app is “CGI” program

    23. Servlets Demystified (write, deploy, run)

    24. JSP is what happened when somebody introduced Java to HTML

  2. Chapter 2 High-Level Overview: Web App Architecture

    1. What is a Container?

    2. What if you had Java, but no servlets or Containers?

    3. What does the Container give you?

    4. How the Container handles a request

    5. How it looks in code (what makes a servlet a servlet)

    6. You’re wondering how the Container found the Servlet...

    7. A servlet can have THREE names

    8. Using the Deployment Descriptor to map URLs to servlets

    9. But wait! There’s more you can do with the DD

    10. Story: Bob Builds a Matchmaking Site

    11. He starts to build a bunch of servlets... one for each page

    12. But then it gets ugly, so he adds JSPs

    13. But then his friend says, “You ARE using MVC, right?”

    14. The Model-View-Controller (MVC) Design Pattern fixes this

    15. Applying the MVC pattern to the matchmaking web app

    16. But then his friend Kim takes a look

    17. Is there an answer?

    18. A “working” Deployment Descriptor (DD)

    19. How J2EE fits into all this

  3. Chapter 3 Hands-on MVC: Mini MVC Tutorial

    1. Let’s build a real (small) web application

    2. The User’s View of the web application—a Beer Advisor

    3. Here’s the architecture...

    4. Creating your development environment

    5. Creating the deployment environment

    6. Our roadmap for building the app

    7. The HTML for the initial form page

    8. Deploying and testing the opening page

    9. Mapping the logical name to a servlet class file

    10. The first version of the controller servlet

    11. Compiling, deploying, and testing the controller servlet

    12. Building and testing the model class

    13. Enhancing the servlet to call the model, so that we can get REAL advice...

    14. Servlet version two code

    15. Key steps for servlet version two

    16. Review the partially completed, MVC beer advice web application

    17. Create the JSP “view” that gives the advice

    18. Enhancing the servlet to “call” the JSP (version three)

    19. Code for servlet version three

    20. Compile, deploy, and test the final app!

    21. There is still so much to learn.

  4. Chapter 4 Request and Response: Being a Servlet

    1. Servlets are controlled by the Container

    2. But there’s more to a servlet’s life

    3. The Three Big Lifecycle Moments

    4. Each request runs in a separate thread!

    5. In the beginning: loading and initializing

    6. The HTTP request Method determines whether doGet() or doPost() runs

    7. Actually, one or more of the other HTTP Methods might make a (brief) appearance on the exam...

    8. The difference between GET and POST

    9. No, it’s not just about the size

    10. The story of the non-idempotent request

    11. POST is not idempotent

    12. What determines whether the browser sends a GET or POST request?

    13. POST is NOT the default!

    14. Sending and using a single parameter

    15. Sending and using TWO parameters

    16. Besides parameters, what else can I get from a Request object?

    17. Review: servlet lifecycle and API

    18. Review: HTTP and HttpServletRequest

    19. So that’s the Request... now let’s see the Response

    20. Using the response for I/O

    21. Imagine you want to send a JAR to the client...

    22. Servlet code to download the JAR

    23. Whoa. What’s the deal with content type?

    24. You’ve got two choices for output: characters or bytes

    25. You can set response headers, you can add response headers

    26. But sometimes you just don’t want to deal with the response yourself...

    27. Servlet redirect makes the browser do the work

    28. A request dispatch does the work on the server side

    29. Redirect vs. Request Dispatch

    30. Review: HttpServletResponse

    31. Coffee Cram: Mock Exam Chapter 4

    32. Coffee Cram: Chapter 4 Answers

  5. Chapter 5 Attributes and Listeners: Being a Web App

    1. Kim wants to configure his email address in the DD, not hard-code it inside the servlet class

    2. Init Parameters to the rescue

    3. You can’t use servlet init parameters until the servlet is initialized

    4. The servlet init parameters are read only ONCE—when the Container initializes the servlet

    5. Testing your ServletConfig

    6. How can a JSP get servlet init parameters?

    7. Setting a request attribute works... but only for the JSP to which you forwarded the request

    8. Context init parameters to the rescue

    9. Remember the difference between servlet init parameters and context init parameters

    10. ServletConfig is one per servlet ServletContext is one per web app

    11. So what else can you do with your ServletContext?

    12. What if you want an app init parameter that’s a database DataSource?

    13. What, exactly, is an attribute?

    14. Coffee Cram: Mock Exam Chapter 5

    15. Coffee Cram: Chapter 5 Answers

  6. Chapter 6 Session Management: Conversational state

    1. Kim wants to keep client-specific state across multiple requests

    2. It’s supposed to work like a REAL conversation...

    3. How can he track the client’s answers?

    4. How sessions work

    5. One problem... how does the Container know who the client is?

    6. The client needs a unique session ID

    7. How do the Client and Container exchange Session ID info?

    8. The best part: the Container does virtually all the cookie work!

    9. What if I want to know whether the session already existed or was just created?

    10. What if I want ONLY a pre-existing session?

    11. You can do sessions even if the client doesn’t accept cookies, but you have to do a little more work...

    12. Don’t forget about HttpSessionBindingListener

    13. HttpSessionActivationListener lets attributes prepare for the big move...

    14. Session-related Listeners

    15. Coffee Cram: Mock Exam Chapter 6

    16. Coffee Cram: Chapter 6 Answers

  7. Chapter 7 Using JSP: Being a JSP

    1. In the end, a JSP is just a servlet

    2. Making a JSP that displays how many times it’s been accessed

    3. She deploys and tests it

    4. The JSP doesn’t recognize the Counter class

    5. Use the page directive to import packages

    6. But then Kim mentions “expressions”

    7. Expressions become the argument to an out.print()

    8. Kim drops the final bombshell...

    9. Declaring a variable in a scriptlet

    10. What REALLY happens to your JSP code?

    11. We need another JSP element...

    12. JSP Declarations

    13. Time to see the REAL generated servlet

    14. The out variable isn’t the only implicit object...

    15. A comment...

    16. API for the generated servlet

    17. Lifecycle of a JSP

    18. Translation and compilation happens only ONCE

    19. Initializing your JSP

    20. Attributes in a JSP

    21. Using PageContext for attributes

    22. Examples using pageContext to get and set attributes

    23. While we’re on the subject... let’s talk more about the three directives

    24. Scriptlets considered harmful?

    25. There didn’t used to BE an alternative.

    26. EL: the answer to, well, everything.

    27. Sneak peek at EL

    28. Using <scripting-invalid>

    29. You can choose to ignore EL

    30. But wait... there’s still another JSP element we haven’t seen: actions

    31. Coffee Cram: Mock Exam Chapter 7

    32. Coffee Cram: Chapter 7 Answers

  8. Chapter 8 Scriptless JSP: Script-free pages

    1. Our MVC app depends on attributes

    2. But what if the attribute is not a String, but an instance of Person?

    3. We need more code to get the Person’s name

    4. Person is a JavaBean, so we’ll use the bean-related standard actions

    5. Deconstructing <jsp:useBean> and <jsp:getProperty>

    6. <jsp:useBean> can also CREATE a bean!

    7. You can use <jsp:setProperty>

    8. <jsp:useBean> can have a body!

    9. Generated servlet when <jsp:useBean> has a body

    10. Can you make polymorphic bean references?

    11. Adding a type attribute to <jsp:useBean>

    12. Using type without class

    13. The scope attribute defaults to “page”

    14. Going straight from the request to the JSP without going through a servlet...

    15. The param attribute to the rescue

    16. But wait ! It gets even better...

    17. If you can stand it, it gets even BETTER...

    18. Bean tags convert primitive properties automatically

    19. But what if the property is something OTHER than a String or primitive?

    20. Trying to display the property of the property

    21. Expression Language (EL) saves the day!

    22. Deconstructing the JSP Expression Language (EL)

    23. Using the dot (.) operator to access properties and map values

    24. The [] operator is like the dot only way better

    25. The [] gives you more options...

    26. Using the [] operator with an array

    27. A String index is coerced to an int for arrays and Lists

    28. For beans and Maps you can use either operator

    29. If it’s NOT a String literal, it’s evaluated

    30. You can use nested expressions inside the brackets

    31. You can’t do ${foo.1}

    32. EL renders raw text, including HTML

    33. The EL implicit objects

    34. Request parameters in EL

    35. What if you want more information from the request?

    36. The requestScope is NOT the request object

    37. Scope implicit objects can save you

    38. Getting Cookies and init params

    39. Imagine you want your JSP to roll dice

    40. Deploying an app with static functions

    41. And a few other EL operators...

    42. EL handles null values gracefully

    43. JSP Expression Language (EL) review

    44. Reusable template pieces

    45. The include directive

    46. The <jsp:include> standard action

    47. They’re NOT the same underneath...

    48. The include directive happens at translation time <jsp:include> happens at runtime

    49. The include directive at first request

    50. The <jsp:include> standard action at first request

    51. Uh-oh. She’s right...

    52. The way we SHOULD have done it

    53. Customizing the included content with <jsp:param>

    54. The <jsp:forward> standard action

    55. A conditional forward...

    56. How it runs...

    57. With <jsp:forward>, the buffer is cleared BEFORE the forward

    58. Bean-related standard action review

    59. The include review

    60. Coffee Cram: Mock Exam Chapter 8

    61. Coffee Cram: Chapter 8 Answers

  9. Chapter 9 Using JSTL: Custom tags are powerful

    1. EL and standard actions are limited

    2. The case of the disappearing HTML (reprised)

    3. There’s a better way: use the <c:out> tag

    4. Null values are rendered as blank text

    5. Set a default value with the default attribute

    6. Looping without scripting

    7. <c:forEach>

    8. Deconstructing <c:forEach>

    9. You can even nest <c:forEach> tags

    10. Doing a conditional include with <c:if>

    11. But what if you need an else?

    12. The <c:if> tag won’t work for this

    13. The <c:choose> tag and its partners <c:when> and <c:otherwise>

    14. The <c:set> tag... so much cooler than <jsp:setProperty>

    15. Using <c:set> with beans and Maps

    16. Key points and gotchas with <c:set>

    17. <c:remove> just makes sense

    18. With <c:import>, there are now THREE ways to include content

    19. <c:import> can reach OUTSIDE the web app

    20. Customizing the thing you include

    21. Doing the same thing with <c:param>

    22. <c:url> for all your hyperlink needs

    23. What if the URL needs encoding?

    24. You do NOT want your clients to see this:

    25. Make your own error pages

    26. Configuring error pages in the DD

    27. Error pages get an extra object: exception

    28. The <c:catch> tag. Like try/catch...sort of

    29. You can make the exception an attribute

    30. What if you need a tag that’s NOT in JSTL?

    31. Using a tag library that’s NOT from the JSTL

    32. Making sense of the TLD

    33. Using the custom “advice” tag

    34. The custom tag handler

    35. Pay attention to <rtexprvalue>

    36. <rtexprvalue> is NOT just for EL expressions

    37. What can be in a tag body

    38. The tag handler, the TLD, and the JSP

    39. The taglib <uri> is just a name, not a location

    40. The Container builds a map

    41. Four places the Container looks for TLDs

    42. When a JSP uses more than one tag library

    43. Coffee Cram: Mock Exam Chapter 9

    44. Coffee Cram: Chapter 9 Answers

  10. Chapter 10 Custom Tag Development: When even JSTL is not enough...

    1. Includes and imports can be messy

    2. Tag Files: like include, only better

    3. But how do you send it parameters?

    4. To a Tag File, you don’t send request parameters, you send tag attributes!

    5. Aren’t tag attributes declared in the TLD?

    6. Tag Files use the attribute directive

    7. When an attribute value is really big

    8. Declaring body-content for a Tag File

    9. Where the Container looks for Tag Files

    10. When you need more than Tag Files... Sometimes you need Java

    11. Making a Simple tag handler

    12. A Simple tag with a body

    13. The Simple tag API

    14. The life of a Simple tag handler

    15. What if the tag body uses an expression?

    16. A tag with dynamic row data: iterating the body

    17. A Simple tag with an attribute

    18. What exactly IS a JspFragment?

    19. SkipPageException: stops processing the page...

    20. SkipPageException shows everything up to the point of the exception

    21. But what happens when the tag is invoked from an included page?

    22. SkipPageException stops only the page that directly invoked the tag

    23. You still have to know about Classic tag handlers

    24. Tag handler API

    25. A very small Classic tag handler

    26. A Classic tag handler with TWO methods

    27. When a tag has a body: comparing Simple vs. Classic

    28. Classic tags have a different lifecycle

    29. The Classic lifecycle depends on return values

    30. IterationTag lets you repeat the body

    31. Default return values from TagSupport

    32. OK, let’s get real...

    33. Our dynamic <select> tag isn’t complete...

    34. We could just add more custom tag attributes...

    35. Son of more tag attributes

    36. The return of the son of more tag attributes

    37. I’m getting sick of these tag attributes!

    38. Our tag handler code using the DynamicAttributes interface

    39. The rest of the tag handler code

    40. OK, there is a little bit of configuration in the TLD

    41. What about Tag Files?

    42. But what if you DO need access to the body contents?

    43. With BodyTag, you get two new methods

    44. With BodyTag, you can buffer the body

    45. What if you have tags that work together?

    46. A Tag can call its Parent Tag

    47. Find out just how deep the nesting goes...

    48. Simple tags can have Classic parents

    49. You can walk up, but you can’t walk down...

    50. Getting info from child to parent

    51. Menu and MenuItem tag handlers

    52. Getting an arbitrary ancestor

    53. Using the PageContext API for tag handlers

    54. Coffee Cram: Mock Exam Chapter 10

    55. Coffee Cram: Chapter 10 Answers

  11. Chapter 11 Web App Deployment: Deploying your web app

    1. The Joy of Deployment

    2. What goes where in a web app

    3. WAR files

    4. What a deployed WAR file looks like

    5. Making static content and JSPs directly accessible

    6. How servlet mapping REALLY works

    7. Servlet mappings can be “fake”

    8. Subtle issues...

    9. Configuring welcome files in the DD

    10. How the Container chooses a welcome file

    11. Configuring error pages in the DD

    12. Configuring servlet initialization in the DD

    13. Making an XML-compliant JSP: a JSP Document

    14. Memorizing the EJB-related DD tags

    15. Memorizing the JNDI <env-entry> DD tag

    16. Memorizing the <mime-mapping> DD tag

    17. Coffee Crem: Mock Exam Chapter 11

    18. Coffee Crem: Chapter 11 Answers

  12. Chapter 12 Web App Security: Keep it secret, keep it safe

    1. The Bad Guys are everywhere

    2. And it’s not just the SERVER that gets hurt...

    3. The Big 4 in servlet security

    4. A little security story

    5. How to Authenticate in HTTP World: the beginning of a secure transaction

    6. A slightly closer look at how the Container does Authentication and Authorization

    7. How did the Container do that ?

    8. Keep security out of the code!

    9. Who implements security in a web app?

    10. The Big Jobs in servlet security

    11. Just enough Authentication to discuss Authorization

    12. Authorization Step 1: defining roles

    13. Authorization Step 2: defining resource/method constraints

    14. The <security-constraint> rules for <web-resource-collection> elements

    15. Picky <security-constraint> rules for <auth-constraint> sub-elements

    16. The way <auth-constraint> works

    17. How multiple <security-constraint> elements interact

    18. Dueling <auth-constraint> elements

    19. Alice’s recipe servlet, a story about programmatic security...

    20. Customizing methods: isUserInRole()

    21. The declarative side of programmatic security

    22. Authentication revisited

    23. Implementing Authentication

    24. Form-Based Authentication

    25. Summary of Authentication types

    26. She doesn’t know about J2EE’s “protected transport layer connection”

    27. Securing data in transit: HTTPS to the rescue

    28. How to implement data confidentiality and integrity sparingly and declaratively

    29. Protecting the request data

    30. Coffee Cram: Mock Exam Chapter 12

    31. Coffee Cram: Chapter 12 Answers

  13. Chapter 13 Filters and Wrappers: The Power of Filters

    1. Enhancing the entire web application

    2. How about some kind of “filter”?

    3. Filters are modular, and configurable in the DD

    4. Three ways filters are like servlets

    5. Building the request tracking filter

    6. A filter’s life cycle

    7. Think of filters as being “stackable”

    8. Declaring and ordering filters

    9. News Flash: As of version 2.4, filters can be applied to request dispatchers

    10. Compressing output with a response-side filter

    11. Architecture of a response filter

    12. But is it really that simple?

    13. The output has left the building

    14. We can implement our OWN response

    15. Wrappers rock

    16. Adding a simple Wrapper to the design

    17. Add an output stream Wrapper

    18. The real compression filter code

    19. Compression wrapper code

    20. Compression wrapper, helper class code

    21. Coffee Cram: Mock Exam Chapter 13

    22. Coffee Cram: Chapter 13 Answers

  14. Chapter 14 Patterns and Struts: Enterprise Design Patterns

    1. Web site hardware can get complicated

    2. Web application software can get complicated

    3. Lucky for us, we have J2EE patterns

    4. Performance (and the “ilities”)

    5. Aligning our vernaculars...

    6. More design principles...

    7. Patterns to support remote model components

    8. How the Business Team supports the web designers when the MVC components are running on one JVM

    9. How will they handle remote objects?

    10. RMI makes life easy

    11. Just a little more RMI review

    12. Adding RMI and JNDI to the controller

    13. How about a “go-between” object?

    14. The “go-between” is a Business Delegate

    15. Simplify your Business Delegates with the Service Locator

    16. Protecting the web designer’s JSPs from remote model complexity

    17. Compare the local model diagram to this remote model diagram

    18. There’s good news and bad news...

    19. Time for a Transfer Object?

    20. Business tier patterns: quick review

    21. Our very first pattern revisited... MVC

    22. MVC in a real web app

    23. Looking at the MVC controller

    24. Improving the MVC controllers

    25. Designing our fantasy controller

    26. Yes! It’s Struts in a nutshell

    27. Is Struts a container?

    28. How does Front Controller fit in?

    29. Refactoring the Beer app for Struts

    30. The Struts Beer app architecture

    31. A form bean exposed

    32. How an Action object ticks

    33. struts-config.xml: tying it all together

    34. Specifying Struts in the web.xml DD

    35. Install Struts, and Just Run It!

    36. Creating the deployment environment

    37. Patterns review for the SCWCD

    38. Business Delegate

    39. Service Locator

    40. Transfer Object

    41. Intercepting Filter

    42. Model, View, Controller (MVC)

    43. Front Controller

    44. Coffee Cram: Mock Exam Chapter 14

    45. Coffee Cram: Chapter 14 Answers

  1. Appendix Final Mock Exam: Coffee Cram

    1. Coffee Cram: Final Mock Exam

    2. Coffee Cram: Final Exam Answers

  2. Appendix

  3. Appendix