1 / 36

COMP2121 Internet Technology

COMP2121 Internet Technology. Richard Henson University of Worcester March 2011. Week 8 – Introduction to Server-Scripting. Objectives of Session Explain the limitations of client-scripting

kizzy
Download Presentation

COMP2121 Internet Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMP2121 Internet Technology Richard Henson University of Worcester March 2011

  2. Week 8 – Introduction to Server-Scripting • Objectives of Session • Explain the limitations of client-scripting • Analyse a network infrastructure and server platform to assess possibilities for using server scripting • Implement server scripting across an Intranet and through the Internet

  3. Client-Server Systems • Server end: • access control to the network and its resources controlled by logon service • access to resources depends on user rights – assessed by logon data • Client-end: • user who wishes to access network resources server client

  4. Requests and responses Client requests information Server processes the request, sends a response back to the client

  5. Bandwidth and Client/Server processes • Messages transferred between client and server via network

  6. Bandwidth and Client/Server processes • Data transfer: the faster the better… • most effective on LANs - nowadays 1000 Mbits/sec or more • between connected Internet computers bandwidth needs to be as high as possible - 2 Mbits/sec upwards • Slow connections… • data takes longer to get through • so longer time to get a response back • server could even “time out”

  7. More about HTTP and Client-Server Computing • Client and server systems work right up to the application layer • To allow client-server interaction on the web, Tim Berners-Lee designed HTTP to integrate well with his basic web page formatting language - HTML • HTML language GET command instructs the client process to get data for the server • HTML POST command sends client data either using an email protocol or using HTTP

  8. Web Dynamic Client-Server Model In a typical web-based client-server application: • The HTML form displayed on a web browser at the client end collects data • Using HTTP the form data is sent to a web server

  9. Web Dynamic Client-Server Model • The web server processes the data according to instructions on a specified server script • Using HTTP, the results of processing generated as specified by the script are sent back to the client • The web browser on the client machine displays the results on a web page in a specified position

  10. Web Dynamic Client-Server model • All this gets even more complex when a database, and database programming, are also involved at the server end…

  11. Server-scripting and dynamic pages on The Web • The following apply to ALL types of scripting used on the web… • scripts need to use real programming code • note: HTML is a FORMATTING language, NOT a programming language • both client and server ends have programming code: • client end…embedded within a HTML page • server end… could be embedded or separate

  12. Languages used for Server Scripting • Much has been tried since w3c launched HTML as an interactive language in the early 1990s… • use of an existing language in a completely separate file, which is already compiled and ready to go: • the original approach: .cgi • any language could in theory be used • in practice “C” was usually favoured • use of an existing language embedded in a HTML file • The Microsoft .asp approach, using embedded VB source code • The Sun .jsp approach, using embedded Java (Script) source • Invention of new scripting languages that are “HTML-like” and easily embed with HTML • Cold Fusion .cf • Preprocessor Hypertext processing .php

  13. Microsoft’s first attempt at server scripting… • In 1996, Microsoft introduced active server pages (asp) • hugely successful (VB very popular…) • soon became more popular than .cgi • However, in spite of the great success of asp, big problems were emerging… • by 2000, hackers were attacking Microsoft servers and finding many security holes in IIS • Microsoft only coped by offering hotfixes • further problem: use of VB source code • if server not secure, code could be copied or compromised • Scripts could not be truly “object oriented”

  14. Alternative Scripting Lanuguages using the embedded approach • JSP • PHP • PERL • Cold Fusion

  15. JSPs (Java Script Pages) • Produced by Sun Microsystems • extension of the JavaTM Servlet technology • According to Sun, Servlets: • “fit seamlessly into a Web server framework and can be used to extend the capabilities of a Web server with minimal overhead, maintenance, and support.” • platform-independent • 100% pure Java • enhanced performance • separation of logic from display • ease of administration • extensibility into the enterprise

  16. PERL • Invented by Larry Wall in 1987 • Became popular as a web programming language in the late 1990s • Features of C but an interpreted language (like Java) • Not for programming novices…

  17. Evolution into PHP (Hypertext Pre-processor) • Started as just a collection of “free” PERL scripts in 1995 • became popular as a rival to the asp approach for programming code embedded in HTML • then became very popular as Microsoft wrestled with asp -> asp.net • Open source and integrates well with open source databases • e.g. MySQL

  18. PHP scripts • Originally designed for Linux-based systems • executed on a type of web server called Apache • Can now run happily on IIS • now getting very popular with non-Linux platforms • Big improvements in performance with PHP v4 • XML functionality with v5 (released 2005) • Can download the environment directly from the PHP website: • http://uk2.php.net/downloads.php • XAMPP provides MySQL and Apache webserver environment

  19. Cold Fusion • Originally produced by Altair with its own scripting language (CFML) for the Microsoft platform • arguably easier to use than asp • Purchased by Macromedia in 2003 (Dreamweaver, Flash, Director, etc.) • Dreamweaver has good support for Cold Fusion scripting • Now also available for the Java environment • Macromedia itself now part of Adobe

  20. ASP becomes ASP.NET • Microsoft’s new approach to server scripting for the new millennium… • building on asp principles • new system that used “intermediate language”, rather than source code on the server • much more difficult to hack • Problem was… they had to scrap the .asp environment, and adopt a new architecture… • known as the .net framework • as many developers were accustomed to .asp this took awhile to catch on! • many people still confuse asp and asp.net…

  21. Evolution of .net framework (2001) • Version 1.1 • intermediate language • run-time environment for scripts • compiled code can’t easily be hacked • Programming Code can be separated from HTML; • as with cgi… • but without degradation in performance • Web controls introduced by drag-and-drop for ease of development • XML can replace HTML code…

  22. Evolution of .net framework (2005) • Version 2.0 • more and better controls • some Integration with Active Directory • Visual Web Developer 2005 introduced • based on Visual Studio • user friendly development environment • easy use of master pages and CSS • simulated web server for ease of testing

  23. Evolution of .net framework (2008, 2010) • Version 3.5 • further enhancement to controls • greater integration with Active Directory • Visual Web Developer 2008 provided more controls, more wizards, and better formatting tools • Version 4.0 • as above. Generally regarded as easier to use than VWD 2008

  24. PHPs & asp.net today • PHPs attractive for serious programmers who dislike the Microsoft approach… • integration of cut-and-paste code still needs an environment like Dreamweaver • Industry view (post-millenium) • Unix-based Servers running PHPs considered to be more secure against hackers than Windows 2000/IIS running asp • asp.net running on Windows 2003/IIS v6/7 later accepted as being a very stable platform • Both widely in use today…

  25. Platforms for Development • Dreamweaver excellent for asp, .net. php & ColdFusion until Creative Studio • From CS1 onwards (2005ish): • no support for .net development • solid support for php & Cold Fusion • Visual Web Developer 2005, 2008, 2010 • gradually took away Dreamweaver customers using asp.net

  26. When to use Server Scripting (1) • Whenever programming logic is required that needs to be shared via Internet browsers! • Good for security • if web server properly configured… • And accountability • clients can be forced to log on

  27. When to use Server Scripting (2) • When client end lacks storage & processing power • fits well with the thin client model for web & network computing • very popular for massively multiplayer games • Client just sends the requests and asks the questions • server does the processing and provides the web pages with answers/responses to requests

  28. When to use Server Scripting (3) • Whenever centralised data storage & processing is needed to support activities of a website • essential for security of sensitive data • waste of space and resources to store & process databases locally

  29. (4) Securing of Sensitive Data between Client and Server • Extended Internet infrastructure designed around the webserver model • organisation can get an authentication certificate (SSL certificate), and make it available through their webserver • client can view server certificate • Client can access sensitive data at server end by authenticating themselves (log in) • data encrypted and sent using https protocol

  30. Platforms for developing a website running server-scripts • Computer capable of supporting Windows XP/2003/Vista/7 or an equivalent Unix-based operating system • TCP/IP protocol stack running on server • Web Server software such as: • Internet Information Server • Apache • Broadband connection to the Internet

  31. Typical Infrastructure for putting Server Scripting online • Make sure the internal “client-server” computer network is secure • EITHER use the firewall/proxy server as a router to separate the internal (local) network from the External (i.e. Internet) network • OR, if OSI level 3-4 protocol conversion needed, use a gateway • converts data into appropriate protocol and diverts it between the Internet and the local network • can be used to link networks running different protocols

  32. Putting the Secured network on-line • A digital connection with plenty of bandwidth is needed between the router/gateway and a computer connected to the Internet • Regular monitoring of the network is essential to ensure that unauthorised users are not trying to gain access

  33. Web Hosting and ISPs (Internet Service Providers) • Only the largest corporate enterprises are likely to be part of the Internet • Most businesses need to find a partner who will provide a link between the connection medium and the Internet that meets their needs • Many Internet service providers available • The problem is usually “which to choose”, rather than finding a partner…

  34. Web Hosting • Two possibilities: • ISP provides hosting and web space, organisation manages website • ISP provides hosting AND manages website • ISP will also provide: • the all important IP address that will allow a presence on the Internet • the domain name that will allow other Internet users to find the website

  35. Criteria for choosing a web host (apart from cost!) • Amount of web space? • Bandwidth availability? • Hardware & OS? • Uploading techniques? • Protocols supported? • URL available? • type of server scripts supported? • Site management tools? • Databases supported?

  36. Exercise for Next Week • Search Google for web hosts • How many available? • How could you choose? • Use the following URL to compare web hosts and their offerings: • http://www.hostindex.com/voteresults.shtm

More Related