1 / 52

EMTM 553: E-commerce Systems Lecture 3: Software Building Blocks

EMTM 553: E-commerce Systems Lecture 3: Software Building Blocks. Insup Lee Department of Computer and Information Science University of Pennsylvania lee@cis.upenn.edu www.cis.upenn.edu/~lee. Background. Simple view of the original WWW

nairi
Download Presentation

EMTM 553: E-commerce Systems Lecture 3: Software Building Blocks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EMTM 553: E-commerce SystemsLecture 3: Software Building Blocks Insup Lee Department of Computer and Information Science University of Pennsylvania lee@cis.upenn.edu www.cis.upenn.edu/~lee EMTM 553

  2. Background • Simple view of the original WWW • Web servers stored pages coded in HTML in their file systems. • Pages retrieved by browsers using HTTP. • The URL of a page was the hostname of the server plus the filename of the document. • Later, it was realized that • HTML Web pages could be produced by programs as well as stored as files. • URL specifies the hostname of the server, the name of the program to run, and arguments for that program. EMTM 553

  3. Static content Web server fetch the page http request <html> <B> This is a web page. </B> </html> server response This is a web page. Browser interprets html page EMTM 553

  4. Dynamic content Web server fetch the page <html> <?php PHP code ?> </html> http request Interpret php code <html> <B> Hello World.</B> </html> server response Hello World. Browser interprets html page EMTM 553

  5. Stateless vs. state • Stateless server • The user request a document, and then another document, and so on. • Natural for large number of browsers and small number of servers. • Why? • If stateful, it can increase performance. However, • On server crash, it looses all its volatile state information • On client crash, the server needs to know to claim state space. EMTM 553

  6. Session • User Session • A delimited set of user clicks across one or more Web servers (for multiple Web page requests) • Server Session • A collection of user clicks to a Web server during a user session • Why sessions are important? • Complex pages require many connections • High overhead for establishing a connection due to privacy and authentication requirements • E-commerce applications require a series of actions by the user and the server. EMTM 553

  7. Where to keep state for client? • How to identify sets of user requests as belong to the same session and for passing state information back and forth between client and server • State is the application information itself • A session id is a reference to state stored somewhere else. • Server-side vs. client-side • Database on server • Applications on server • Cookie on client • What are tradeoffs? EMTM 553

  8. Session and Client state mechanism • Techniques • Cookies • Data sent by a Web server to a Web client, to be stored locally by the client and sent back to the server on subsequent requests • Cookies are stored as small file in a client machine • Date and time, user id, password, etc. • Authentication mechanisms such as client certificate • Used this to identify the user to the server on each request to use state stored in application database • Forms: state or session id can passed as hidden fields • Applets: client scripting can be used to store session id or state EMTM 553

  9. Active Web Sites • Allow the user to be sent customized pages • Support dynamic browsing experience • Built using with a combination of languages and technologies • Client-side technologies • Used for detecting browser features, responding to user actions, validating form data, displaying dialog boxes. • Adv: reduce network traffic, server load, almost instant response to user actions • Server-side technologies EMTM 553

  10. Client-side technologies • ActiveX controls • Self-contained program called components written in C++ or Visual Basic can be called • <object> tag: can used for bar charts, graphics, timers, client authentication, database access • Developed by microsoft • Java Applets • Advantage of Java: stand alone, cross plaform, safe. • Client-side JavaScript and Dynamic HTML • JavaScript supported by both IE and Netscape Navigator • Dynamic HTML is like script plus abilities to animate pages and position graphics. EMTM 553

  11. Java • An object-oriented language developed by Sun Microsystems • Java programs are compiled into Java bytecode, which are executed by JVM (Java virtual machine) • Write-once run-anyway • Security of Java applets is based on a sandbox model EMTM 553

  12. Java-Class Requests Java-Classes Server-Process Execute Applet... Java Virtual Machine (JVM) Java Applets Web-Server Web-Server HTTP-Request Load File File-System HTML-page File Load Applet... EMTM 553

  13. Java Applets • Advantages • Platform independent: works for every web-server and browser supporting Java • Secure • Disadvantages • Standalone Character: • Entire session runs inside applet • HTML forms are not used • Slow: loading can take a long time • Resource intensive: JVM • Restrictive: can only communicate with server from which applet was loaded • Server-Process can be written in any language EMTM 553

  14. Server-side technologies • CGI • Active Server Pages, Microsoft • Server-side JavaScript, Netscape • Java Servlets and JSP (Java Server Pages), Sun Micro • PHP, developed initially by Rasmus Lerdorf, 1994 to track visitors to his online resume. EMTM 553

  15. Benefits of server-side processing • Minimizes network traffic by limiting the need for the browser and server to talk back and forth to each other • Quickens loading time since, in the end, only the actual page is downloaded • Avoids browser-compatibility problems • Can provide the client with data that does not reside at the client • Provides improved security measures, since one can code things that cannot be viewed from the browser EMTM 553

  16. The Common Gateway Interface (CGI) • CGI defines an interface between a Web server and an independent application program. • CGI are used to create “gateways” between the Web and an existing application. • CGI also serve as the interface for new applications designed for the Web, not integrated directly into a Web server (as in plug-ins). EMTM 553

  17. CGI (Common Gateway Interface) Web Server CGI Program Program Environment Vars Environment Vars Runtime Environment Runtime Environment EMTM 553

  18. Server API for CGI • Starting and stopping application • Passing data from the client to the application • Passing data from the application to the client • Status and error reporting • Passing configuration information to the application • Passing client and environment information to the application EMTM 553

  19. CGI Example <HTML> <HEAD> <TITLE>Favorite Pet!</TITLE> </HEAD> <BODY BGCOLOR="white"> <H1>Favorite Pet</H1> <B>What is your favorite pet?</B> <FORM METHOD="GET" ACTION="cgi-bin/pet.pl"> <TABLE> <TR> <TD>Name:</TD> <TD><INPUT TYPE="TEXT" NAME="name"></TD> </TR> <TR> <TD>Email:</TD> <TD><INPUT TYPE="TEXT" NAME="email"></TD> </TR> <TR> <TD>Favorite Pet:</TD> <TD><INPUT TYPE="TEXT" NAME="pet"></TD> </TD> </TABLE> <P><INPUT TYPE="SUBMIT“ VALUE=“Submit Query”> <INPUT TYPE="RESET"></P> </FORM> </BODY> </HTML> EMTM 553

  20. CGI Example (GET) #!/usr/bin/perl -w use CGI qw(:standard); print "Content-type: text/html", "\n\n"; @pairs = split('&', $ENV{'QUERY_STRING'}); foreach $pair (@pairs) { ($name, $value) = split('=', $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/ pack("C". hex($1))/eg; $info{$name} = $value; } print "<HTML>","\n"; print "<BODY><H1>Thank you</H1>","\n"; print "<B>Name:</B>",$info{name},"<BR>","\n"; print "<B>Email:</B>", $info{email},"<BR>","\n"; print "<B>Favorite Pet:</B>",$info{pet},"<BR>","\n"; print "</BODY></HTML>"; EMTM 553

  21. CGI Example (POST) #!/usr/bin/perl -w use CGI qw(:standard); print "Content-type: text/html", "\n\n"; read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split('&', $buffer); foreach $pair (@pairs) { ($name, $value) = split('=', $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/ pack("C". hex($1))/eg; $info{$name} = $value; } print "<HTML>","\n"; print "<BODY><H1>Thank you</H1>","\n"; print "<B>Name:</B> ",$info{name},"<BR>","\n"; print "<B>Email:</B> ",$info{email},"<BR>","\n"; print "<B>Favorite Pet:</B> ",$info{pet},"<BR>","\n"; print "</BODY></HTML>"; EMTM 553

  22. CGI Environment Variables EMTM 553

  23. Evaluation of CGI • Advantages of CGI • General: the application is completely decoupled from the Web server • Standard: works with every sever and browser • Flexible: any language (C++, Perl, Java, …) can be used • Disadvantages of CGI • Inefficient: the application must be launched/forked independently for each request • Stateless: the application exits after a request, there is no place to remember state between Web requests • Security: CGI programmer is responsible for security. No automatic system or language support. EMTM 553

  24. Market Shares of Top Servers (Nov 1995 to Nov 2000) Source: http://www.netcraft.com/survey/ EMTM 553

  25. Apache HTTP Server • Developed by Rob McCool at the National Center for Supercomputing Applications (NCSA) in 1994 • Dominates the Web in numbers, largely because it’s free and reliable • Runs on many operating systems • AIX, BSD/OS, FreeBSD, HP-UX, Irix, Linux, Microsoft NT, QNS, SCO, Solaris • Security is well thought out • Password authentication • Digital certificate authentication • Access restrictions • Application development tools support CGI and several proprietary APIs • Supports Active Server Pages (ASP) and Java servlets EMTM 553

  26. Microsoft InternetInformation Server • Bundled (free) with Microsoft Windows NT operating system • Robust and capable, suitable for small sites up to enterprise-class sites • Runs only on Windows NT • Central server management from any server on the network • Tightly integrated security with NT EMTM 553

  27. Microsoft InternetInformation Server • Includes ASP support, along with its own Internet Services API (ISAPI) • Database support for ODBC (Open Database Connectivity) and SQL • Most popular server software for intranet web servers, as reported by PC Magazine EMTM 553

  28. Netscape Enterprise Server • High performance and scalibility • Optimized caching, multiprocessor support • HTTP 1.1 • Powerful development environment • Link management, Web publishing, Agent services • Information sharing and management • embedded revision control system and Verity’s embedded integrated search engine • Management tools to add, delete, or change user information • Password/challenge user and digital certificate authentication • Dynamic application development • CGI, Netscape Server API (NSAPI), Java Servlet API • LiveWire database service provides native database connectivity to Oracle, Informix, IBM DB2, Sybase EMTM 553

  29. Server-side Scripting • A middle ground between static content kept in the file system and pages of dynamic content created by a complete application • Server-side scripting • Embed a language interpreter in the Web server. • Web pages stored in the file system contains scripts that are interpreted on the fly. EMTM 553

  30. Script? Output I/O, Network, DB Server Extension Server Extensions: The Basic Idea Web-Server Web-Server HTTP-Request File-System Load File HTML HTML? File HTML-File EMTM 553

  31. Server Extensions • API depends on Server vendor: • Apache Foundation Apache Server: Apache API • Microsoft Internet Information Server: ISAPI • Netscape Enterprise Server: NSAPI • One can define it’s own server extension, e.g., • Authentication module • Counter module EMTM 553

  32. Web-Server File-System HTTP-Request Load File HTML HTML-File ASP-File Output ASP-Script Active Server Page Scripting Engine I/O, Network, DB Active Server Components Active Server Pages • Active Server Pages (ASPs) • Available in Microsoft web servers (IIS and Personal Web Server) • Based on VBScript, Jscript • Modular Object Model • Active Server Components • Active Data Objects (ADO) for Databaseaccess EMTM 553

  33. Cold Fusion Application Server ODBC-Driver Native Email Directories COM/CORBA DB DB ColdFusion Web-Server Web-Server HTTP-Request Load File File-System HTML HTML? HTML-File File HTML CF Script? Cold Fusion Server Extension EMTM 553

  34. PHP How does PHP differ from ASP and CF? • Free, open source • Many client libraries integrated • Runs on any web server supporting CGIs (MS Windows or Unix) • Module version for Apache Web-Server Web-Server File-System HTTP-Request Load File HTML HTML-File PHP-File Output PHP-Script PHP Module Database APIs, other APIs SNMP, IMAP, POP3, LDAP, ... EMTM 553

  35. Object Technology • Advantages • Encapsulation, polymorphism, heterogeneous languages • Rapid application development • Distributed applications • Flexibility of deployment • Technologies • CORBA • COM • Java Beans/RMI EMTM 553

  36. Enterprise JavaBeans (EJB) • Server-side component architecture • Enable and simplify the building of distributed object in Java • Allow rapid application development • Support portability and reusability across vendors, I.e., platform and implementation independent • EJB supports CTM (Component Transaction Monitoring) • hybrid of traditional transaction processing and distributed object request broker (ORB) services • TP Monitor is an OS for business systems and manages the entire environment that a business system runs, including transactions, resource management,and fault tolerance. • Distributed objects allow unique objects that have state and identity to be distributed accrossa network so that they can be accesses by other systems. EMTM 553

  37. Server-side component Architecture • EJB server is responsible for • Making a component a distributed object • Managing services such as transactions, persistence, concurrency, security • Component Advantage • Divides software into manageable, discrete chunk of logic • Implements well-defined interfaces • Enables reuse • Components can be pieced together to solve larger problems EMTM 553

  38. Example • Pricing Component • Functions: • Base price • Quantity Discount • Bundle Discount • Preferred customer Discount • Overhead costs • Etc. • Note: This pricing engine can be used by different businesses EMTM 553

  39. Example Cont.Post Office Pricing object Dumb Terminal Legacy System EMTM 553

  40. Example Cont.Car Quotes Web Site Network Pricing object Web Server Client Browser EMTM 553

  41. Example Cont.E-tailer Site Pricing Object Workflow logic Billing Object Fulfillment Object Web Server EMTM 553

  42. N-Tier ArchitectureUsing EJB Presentation Layer Presentation Logic Tier Boundary EJB object EJB object EJB object Business Logic Layer (Application Server) EJB object JDBC Tier Boundary Database Data Layer EMTM 553

  43. Classes and Interfaces • Remote interface • The business methods that a bean present to the outside world to do its work • Home interface • The bean’s life cycle methods for creating, removing and finding beans • Bean class • Actual implementation of the bean’s business methods • Primary key • A pointer into the database. EMTM 553

  44. Acquiring a Bean 3: Create New EJB object Home Interface Client Home Object 5: Return EJB Object Reference 4: Create EJB Object 6: Invoke Business method Remote Interface EJB Object Enterprise Beans 1: retrieve Home Object Reference 2: Return Home Reference 7: Delegate request to object JNDI EJB Server Naming Service EMTM 553

  45. Enterprise Bean Objects • Session Bean • Represents business logic • 1 to 1 relationship to client • Stateless / Stateful • Short-lived • Entity Bean • Represents permanent business data • 1 to many relationship to client • Stateful / Transactional • Long-lived EMTM 553

  46. The EJB Contract • Allows for the collaboration of SIX different parties • Bean provider • Component writer, provide reusable business logic • Container provider • Supplier of low-level runtime execution environment • Server provider • Supplier of Application server logic to manage the EJBs • WebSphere (IBM ), WebLogic (BEA), Oracle8i • Application assembler • Application architect for a specific deployment • Deployer • Installs Bean components and Application servers • System Administrator • Oversees the deployed system EMTM 553

  47. Other features • Search engines • Crawl, index, search • Push technologies • Web channels • Intelligent agents • Locate sites, identify the best vendor, negotiate terms of buying and selling, etc. EMTM 553

  48. Q&A EMTM 553

  49. EJB • Application servers • JRun server by Allaire • WebLogic by BEA Systems • WebSphere by IBM • SynerJ/Server by Sun • For more information • www.javasoft.com/products/ejb EMTM 553

  50. EJB InterfaceExamples • Home Interface • public interface PricingSessionHome extends EJBHome • { • public PricingSession create() throws CreateException, RemoteException; • } • Note: Calling this interface creates an EJB object, whose methods can be invoked through the methods published in the Remote Interface EMTM 553

More Related