Electronic Commerce

Electronic Commerce Lecture 7

Infrastructure for EC e-Consumers/e-Customers E-business Plan and Design Technology Infrastructure Internet

Client - Server Relationship Server Client Browser HTML DOC computer computer (connect) request HTTPd HTTPd Response (disconnect) Connectionless

Needs smartcard currencies e-Consumers Input (CGI) HTTP Internet TCP/IP Web Server Form ??

A Simple HTML Form ... <body> <form method=“post” action=“subdir/cgi.program”> ... <input type=“submit” value=“Button”> </form> </body> Button

Overloading the Server Server Browser computer HTTPd HTML DOC ....... Clients computer Browser computer HTTPd HTTPd Browser computer HTTPd

Limitations of CGI • Server does all the work • Quick response depends entirely on speed of the server (and indirectly by the network traffic) • Not changing on screen directly (on the client’s side), only a newly generated ‘frame’ to effect the changes expected • Cartoons/Animation Vs Video Games

Clients Servers • Client-Side • Programming • JavaScript • VBScript • Applets • Responds to CGI Request • simple mailto: • simple processing • simple capture, store and process • capture, update, extract and process • HTML Form Based: • Capture Client’s Input • Send to Server using CGI to request for Action • Wait for Response HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets

Clients • Client-Side • Programming • JavaScript • VBScript • Applets HTML + embedded functions e.g., <HTML><HEAD> <TITLE>e-Concierge</TITLE><head> <SCRIPT LANGUAGE="JavaScript" SRC="SelectCountryJavaScript2.js"> </SCRIPT> </head> <BODY BGCOLOR="#1A8CF1">… HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets

Clients • Client-Side • Programming • JavaScript • VBScript • Applets HTML + embedded functions e.g., SelectCountryJavaScript2.js contains function DisplayCountry(form) {… WhatDidYouSelect?=form.SelectCountry.selectedIndex switch(WhatDidYouSelect?) { case 0 : // no selection – bad client alert("Failed to Select a Country…”); return; break; case 1 : // whatever first option is alert ("Thank you for selecting Hong Kong"); // do something here… HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets

Clients • Client-Side • Programming • JavaScript • VBScript • Applets • Reduce response time, traffic on the net and of course, load on the Web server • Use for validation HTML Age 4O vs 40 • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets Server validates and responnds with a new form Re-focus Validate by JS and request for re-enter Try it

Clients • Client-Side • Programming • JavaScript • VBScript • Applets I have never done anything in VBScript, so… http://msdn.microsoft/workshop/languages/clinic/vbsvjs.asp HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets

The Way Java is/will be Java Compiler for any platform Windows 95 JVM Your Lovely Java Program Solaris JVM Byte Code javac MacOS JVM Ultrix JVM

Java Virtual Machine (JVM) • Java program (.java) is compiled (by javac) to byte-codes (.class) of the JVM • No memory layout (at compile time) • Class references are translated on the fly during execution or by table lookup if used before during runtime • Interpreted or compiled

CGI Scripts Vs Java • Java runs locally on the Client; servers are smiling and can party all night • Java handles input and output locally, not across the net • No more cartoons; instant update of images • Provide individuality on one ‘single web page’: e.g., an UNDO key

CGI Scripts Vs Java (cont’d) • Java provides ‘the power’ for one to bring the Web to any level the designer desires • Unless all existing and upcoming Web browsers are Java-enabled, CGI will remain as an interactivity tool • Java is not appropriate as a search engine since the applet runs locally but the database resides ... • Java is not appropriate for surveys...

Clients • Client-Side • Programming • JavaScript • VBScript • Applets • Provides interactivity on the client side • In Java Try it Try it HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets Try it

Clients <applet code="MoveText.class" width="400" height="20"> <PARAM NAME=WIDTH VALUE="300"> <PARAM NAME=HEIGHT VALUE="25"> <PARAM NAME=FontSize VALUE="14"> <PARAM NAME=Message VALUE=“What”> </applet> • Client-Side • Programming • JavaScript • VBScript • Applets

What is the <applet> tag? • Specifies the size of the viewable area for the applet’s activity • Where to get the .class files? Either from the given CODEBASE or from the default server that serves the HTML file. A socket is opened for that purpose • Get the class file(s). CODEBASE is prefixed to the ‘filename’ or the document base (where the HTML file is) is used. • The class file is ‘retrieved’ as a MIME type file (application/octet-stream)

Servers • Client-Side • Programming • JavaScript • VBScript • Applets • Remember this? request <html> ….. Hidden value: 192347800 ….. </html> HTML • Server-Side • Programming • SSI; PHP3 • ASP/JSP • CFML • Servlets SSI Program Response

Client-Side • Programming • JavaScript • VBScript • Applets Servers <HTML> …<BODY> <? $today = getdate(); arsort($today); for($value = reset($today); $value; $value = next($today)) { print(key($today)); print(" is "); print($value); print("<BR>\n"); } ?> </BODY> HTML • Server-Side • Programming • SSI/PHP3 • ASP/JSP • CFML • Servlets Try it

Client-Side • Programming • JavaScript • VBScript • Applets Servers <html>… if(isset($zip)){ if(ereg("^([0-9]{5})(-[0-9]{4})?$", $zip)) {print("$zip is a valid ZIP code.<BR>\n");} else {print("<font color=red size=+1>$zip</font> is <B>not</B> a valid ZIP code.<BR>Try Again Please<br>\n");} } print("<FORM ACTION=\"php03.php3\">\n"); print("<INPUT TYPE=\"text\" NAME=\"zip\">\n"); print("<INPUT TYPE=\"Submit\" VALUE=\"Submit Zip\">\n"); print("</FORM>\n"); HTML • Server-Side • Programming • SSI/PHP3 • ASP/JSP • CFML • Servlets Try it

Client-Side • Programming • JavaScript • VBScript • Applets Servers <dir> <applet code="MoveText.class" width="400" height="20"> <PARAM NAME=WIDTH VALUE="300"> <PARAM NAME=HEIGHT VALUE="25"> <PARAM NAME=FontSize VALUE="14">  </applet> </dir> HTML • Server-Side • Programming • SSI/PHP3 • ASP/JSP • CFML • Servlets Try it

Client-Side • Programming • JavaScript • VBScript • Applets Servers <HTML> <HEAD><TITLE>Hello</TITLE></HEAD> <BODY> <H1> <% if (request.getParameter("name") == null) { out.println("Hello World"); } else { out.println("Hello, " + request.getParameter("name")); } %> </H1> </BODY></HTML> HTML • Server-Side • Programming • SSI/PHP3 • ASP/JSP • CFML • Servlets

SSInclude Servlets (SSIS) <servlet name=SERVLET_NAME code=SERVLET.CLASS codebase=PATH_TO_YOUR_SERVLET_CLASS INIT_PARAM1=VALUE1 INIT_PARAM2=VALUE2 INIT_PARAM3=VALUE3… > <param name=PARAM1 value=PARAM_VALUE1 param name=PARAM2 value=PARAM_VALUE2… > </servlet>

SSI with Servlets • Include embedding of Servlets in HTML documents • Named Servlets will be invoked in the Server side (if they are not loaded) • Servlets process the SSInclude requests and format necessary information to send along the HTML at the point of invocation.

Servers • Client-Side • Programming • JavaScript • VBScript • Applets • Server-side programs • Written in Java • http://java.sun.com/products/servlet/ HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets A Servlet CGI Program CGI Program JVM Web Server

CGI life cycle

Java Servlet life cycle

JavaServer HTTP request flow

Why Use servlets Over CGI • Replacement of CGI • Servlets are written in Java • platform independent (write once run everywhere) • Hardware independent (WinNT to Unix) without compiling or changing anything. • Less resources intensive: CGI takes more memory and time

Servlets over CGI • Persistent: They are loaded once, multiple threads of the same servlet will handle multiple client requests. • Fast: Servlets run must faster than CGI scripts written in interpreted languages(Perl). • More powerful database connectivity: JDBC to connect to different Databases. • Extensible: since written in Java, brings all benefits of Java (robust, Object Oriented…)

Servlets & Applets • Servlets can be thought of as applets since they are loaded and run on a web server, like applets are loaded and run on a Web client. • Servlets don’t have a graphical interface but they extend the functionality of the server like applets extend the browser environment.

Web Technology Requests Web Server Web Client Http: Hyper Text Transport Protocol Internet Responses Stateless

Client-server computing ODBC- & JDBC- compliant DBMS Static vs Dynamic HTML pages Java COM CORBA Drumbeaat 2000 X/Open Informix, Sybase, Oracle CGI programs (Unix shell scripts, C and/or Perl programs) HTTP Applets vs Servlets API ASP vs JSP Lotus Domino, Netscape Enterprise, IIS, … SQL ColdFusion/CFML XML Web-based Enterprise Computing

Clients Servers • Client-Side • Programming • JavaScript • VBScript • Applets • … ??? ??? HTML • Server-Side • Programming • SSI • ASP/JSP • CFML • Servlets • …

Needs smartcard currencies e-Consumers Input (CGI) HTTP Internet TCP/IP Web Server Form Corporate DB’s

Web Security(based on article by Rubin & Geer, Jr., 9/1999 IEEE Computer) • Web server configuration (Apache) • Misconfigure • Configuration files in server root directory • Access to document tree • Username/Password information • Permissions • Web Server should be run as a genuine user (as ‘www’), but not as nobody.

HTTP • Not a protocol for transferring hypertext • But a protocol for transmitting information for making hypertext jumps easy • A stateless protocol • Transaction oriented : TCP connection is established for each transaction and terminated at the end of the transaction

HTTP Key Terms • Cache : stores cacheable responses to reduce same future references • Proxy : an intermediary program that acts on behalf of other clients • Tunnel : an intermediary program that acts as a blind relay between two connections • Connection : A transport layer virtual circuit between two programs

TCP Layers Application Application Presentation Session Transport host-to-host Transport Network Internet Network Access Data Link Physical Physical

Basic Concepts • A Network • A Node - could be a printer; a Host refers commonly to a functional computer • Address - assignment could be different; e.g., AppleTalk addresses are chosen randomly at startup by each host • Network Layers • For example, host-to-network, internet, transport and applicationlayers in a model; ISO OSI has seven layers, namely, physical, data link, network, transport, session, presentation, and application.

Basic Concepts • IP-based network : Internet • Each computer has a unique IP address • But each computer performs many functions • Need different sessions, each session is assigned a logical ‘address’ or port number • There are 65,535 ports • Port 80 is usually for the Web Server • Check out /etc/services file in UNIX

Internet Address Class 0 Network A 1 0 Network B 1 1 0 Network C 1 1 1 0 Multicast Group D Reserved for future use 1 1 1 1 0 E

Binding Virtual IP Addresses 137.45.192.8 Source IP Address Destination IP Address Address resolution Hardware Address 0A:07:4B:12:BE:3C

MIME • MultipurposeInternetMailExtensions • Open standard for sending information in various forms through Internet email • Supports almost a hundred predefined types of content • Content types are classified as a type and a subtype

MIME • RFC 1521/1522 • Five header fields • MIME-version • Content-type • Content-transfer-encoding • Content-id • Content-description

MIME Content Type • Type/Subtype • Text/Plain • Multipart/Mixed:Parallel:Alternative/Digest • Message/rfc822:Partial:External-body • Image/jpeg:gif • Video/mpeg • Audio/Basic • Application/Postscript:octet-stream

MIME Transfer Encodings • 7 bit • 8 bit • binary • quoted-printable : mostly ASCII text • base64 : mapping 6-bit blocks of input to 8-bit blocks of output, all of which are printable ASCII characters • x-token : A named non-standard encoding

Electronic Commerce