210 likes | 287 Views
Web Services. Internet. Collection of physically interconnected computers. Messages decomposed into packets. Packets transmitted from source to destination using a store-and-forward technique. Routing algorithm directs packets to destination. Connection-Oriented Protocol.
E N D
Internet • Collection of physically interconnected computers. • Messages decomposed into packets. • Packets transmitted from source to destination using a store-and-forward technique. • Routing algorithm directs packets to destination
Connection-Oriented Protocol • Prior to the transmission a connection is established between source and destination. Each end maintains state information: • Sequence numbers, acknowledgements provide reliability • guarantee that packet loss or duplication will be detected • packets arrive in the order they were sent. Destination address • Buffers, flow control algorthm guarantee transmission rate appropriate to both sender and receiver • Destination address • Characteristics of connection (e.g., out-of-band messages) • Problem: Overhead of setting up and taking down connection. • Transmission Control Protocol (TCP) is connection-oriented.
Hypertext Transfer Protocol (HTTP) • A high level protocol built on top of a TCP connection for exchanging messages (with arbitrary content) • Each (request) message from client to server is followed by a (response) message from server to client. • Facilitates the remote invocation of methods on the server. • Web: A set of client and server processes on the Internet that communicate via HTTP.
Protocol Stack HTTP TCP Added features to support client interactions (reliability flow control, ..) Network Level Protocol End-to-end protocol Link Level Protocol Protocol for tranmitting packets between neighboring nodes
Clients and Servers • Client: browser capable of displaying HTML pages. • Web Server: stores pages for distribution to clients. • Pages identified by Uniform Resource Locator (URL). • <protocol>: protocol to be used to communicate with host. • Example - http, ftp • <host_name>: Directory server translates this into the host’s internet address • Example – www.cs.sunysb.edu becomes 155.233.123.532 • <file_name>: name of file on host. <protocol>://<host_name>/<file_name>
HTTP Request Format Start line: <method> <URL> <protocol_version> CrLf Followed by: <header>* Followed by: CrLf Followed by: <data> <method> = GET | HEAD | POST | PUT | …. <protocol_version> = HTTP/1.1 | …. there can be several header lines
HTTP Request Format <header> = <field_name> : <value> CrLf <field_name> = From | -- sender’s e-mail address Accept | -- acceptable response formats User-Agent | -- identifies requestor’s program Referer | -- URL of document containing link (for generating back links) If-Modified-Since | -- send document only if modified since <value> (used with GET) Content-Type | -- type of data (application/soap+xml for SOAP) Host | -- destination host … <data> = ASCII text (default)
Request Methods • GET – response body contains data identified by argument URL • HEAD – response header describes data identified by argument URL (no response body) • Use: has page changed since last fetched? • PUT – request body contains page to be stored at argument URL
Request Methods • DELETE – delete data at argument URL • POST – request body contains a new object to be placed subordinate to object at argument URL • Use: adding file to directory named by URL • Use: information entered by user on displayed form • Others ….
Simple Client/Server Interaction I • User supplies URL (clicks on link) http://yourbusiness.com/~items/printers.html 2. Browser translates <host_name> (yourbusiness.com) to host internet address (using name server) 3. Browser assumes a port number of 80 for http (if no port is explicitly provided as part of <host_name> ) • Program at port 80 interprets http headers
Simple Client/Server Interaction I 4. Browser sets up TCP connection to yourbusiness.com at(host address, port number) 5. Browser sends http message GET ~items/printers.html HTTP/1.0over connection
HTTP Response Status line: <HTTP_version> <status_code> <reason_line> CrLf Followed by: < header >* Followed by: <data>
HTTP Response <status_code> = 3 digits Ex: 2xx -- success 4xx -- bad request from client 5xx -- server failed to fulfill valid request <reason_line> = explanation for human reader <header> = <field_name> : <value> CrLf <field_name> = Allowed | -- methods supported by URL Date | -- creation date for response Expires | -- expiration date for data Last-Modified | -- creation date for object Content-Length | Content-Type | ….
Simple Client/Server Interaction I • Server sends response message with requested html page to browser 7. Server releases TCP connection (stateless) 8. Browser receives page and displays it HTTP/1.0 200 Document follows Date: <date> Content-Type: text/html Content-Length: integer Expires: date html document ~items/printers.html goes here
Simple Client/Server Interaction II • Page displayed by browser is a form with tag <FORM ACTION=“http://yourbusiness.com/servlets/placeorder” METHOD=…> • Client fills input boxes • If METHOD=GET, client sets up connection to yourbusiness.com and sends http request: Values in input boxes encoded as suffix. Since ACTION designates a servlet, server invokes placeorder GET /servlets/placeorder?name1=value1&name2=value2 HTTP/1.0
Simple Client/Server Interaction II 4. If METHOD=POST, client sends http request invoking POST to yourbusiness.com; data contains values in input boxes. POST /servlets/placeorder HTTP/1.0 Content-Type: text/………………. Content-Length: 54321 Printer=HP660&Name=Art+Bernstein
HyperText Transfer Protocol (HTTP 1.1) • Client sets up TCP connection to server named in URL • Client sends a request • Client receives a response • if (server has not disconnected) goto 2 else goto 1
Intermediaries • Frequently browser does not communicate directly with server; communication passes through intermediate node. • Intermediaries perform several functions. • Security - filter unwanted messages • Protocol conversion - browser and server don’t speak same protocol • Caching of web pages
Intermediary I – Filter Based Firewall • Provides security • Client establishes connection to serve, • but proxy is on the path • proxy operates at the network level (form of router) • proxy discards packets based on source or destination host address/port number
Intermediary II – Proxy-Based Firewall • Operates at the application level • Client establishes connection to proxy instead of server • Can analyze http header to create finer security policies • Ex: particular web pages can only be sent to particular clients • Can do caching of recently requested pages • Can do protocol conversion • Ex: convert http to ftp (if server doesn’t understand http)