- Java SE (JDK + JRE) - Tomcat - Eclipse - Tell Eclipse about Tomcat - Run Tomcat
So servlet is used to generate HTML and send it in response if you will look into the doGet() implementation, we are actually creating an HTML document as writing it in response PrintWriter object and we are adding dynamic information where we need it. JSP is also server side technology and it’s like HTML with additional features to add dynamic content where we need it. JSPs are good for presentation because it’s easy to write because it’s like HTML. Here is our first JSP program that does the same thing like above servlet.
Servlet's Job - Read explicit data sent by client (form data) - Read implicit data sent by client (request headers) - Generate the results - Send the explicit data back to client (HTML) - Send the implicit data to client (status codes and response headers) With servlets, it is easy too – Read from data – Read HTTP request headers – Set HTTP status codes and response headers – Use cookies and session tracking – Share data among servlets – Remember data between requests – Get fun, high-paying jobs !!! But, it sure is a pain too – Use those println statements to generate HTML – Maintain that HTML.
- Java Servlet and JSPs are the server, ebay.com, walmart.com, and thousands of other popular sites. side technologies to extend the capability of web servers by providing support for dynamic response and data persistence. Used by google.com A servlet is a Java class. It's written in normal Java. ->Servlet is HTML in java A Java Server Page (JSP) is a file that is often used in place of a servlet because it makes it easier to output data. JSP is similar to PHP since you can mix output (like HTML) with Java without using out.println stuff like is necessary with a servlet. A JSP file is actually a servlet; when you add it to your server, it gets transformed into a .java file without you knowing about it. And after the transformation, it gets compiled into .class file along with other .java files when it is necessary. >JSP is java in HTML It is very common to combine servlets and JSP so that the initial request gets sent to a servlet which does some java work and then forwards it to a JSP which actually makes the HTML output. JavaServer Faces (JSF) is a model-view-presenter framework typically used to create HTML form-based web applications.
A Servlet is mainly used to extend the functionality of server while JSP serves as the view.
- Web Servere.g. Apache - Web cliente.g. Firefox - HTTP (HyperText Transfer Protocol) - URL (Universal Resource Locator) ex. http://localhost:8080/FirstServletProject/jsps/hello.jsp A web Server is a software that can process the client request and send the response back to the client. For example, Apache is one of the most widely used web servers. A web client is a software that helps in communicating with the server. Some of the most widely used web clients are Firefox, Google Chrome, Safari etc.
HTTP (HyperText Transfer Protocol) is the communication protocol between server and client. URL is an acronym of Universal Resource Locator and it’s used to locate the server and resource. Every resource on the web has its own unique address. http://localhost:8080/FirstServletProject/jsps/hello.jsp HTTP:// – This is the first part of URL and provides the communication protocol to be used in server-client communication. localhost – The unique address of the server, most of the times it’s the hostname of the server that maps to the unique IP address. 8080 – This is the port on which server is listening, it’s optional and if we don’t provide it in URL then request goes to the default port of the protocol. Port numbers 0 to 1023 are reserved ports for well-known services, for example, 80 for HTTP, 443 for HTTPS, 21 for FTP etc. FirstServletProject/jsps/hello.jsp – Resource requested from server. It can be static html, pdf, JSP, servlets, PHP etc.
Java Servlet and JSPs are server side technologies to extend the capability of web servers by providing support for dynamic response and data persistence.
Network Security Model 1- Design an algorithm to performing the security related transformation 2- Generate the secret information to be used with the algorithm 3- Develop methods for the distribution and sharing of the secret information 4- Secret information to achieve a particular security task - Plain TextP: The original Message - Cipher Text: The coded message ( with key ) - Cipher: Algorithm for transforming plain text to cipher text - Key: Info used in cipher known only to sender and receiver - Encrypt: Converting plain text to cipher text - Decrypt: Recover plain text from cipher text Stream Cipher - Operates on small Units of Plain Text - Faster operation - Stream cipher processes the input element continuously producing output one element at a time. - Need less code - Only one time of key used Block Cipher - Operates on larger block of data - Slower operation - Block cipher processes the input one block at a time producing an output block for each input block. - Need more code - Key reuse is possible Who is he ?
What are the types security attack? Active Attack Involves an alteration or modification of the data The captured data should be modified and altered before it’s Transmission Types 1. Replay Capture of a data unit and retransmitted to produce an unauthorized effect 2. Masquerade - Involves some kind of impersonation in the sense, he must capture the message from the sender - Study the pattern of sequence of the message - Get extra privileges as the authorized entity
3. Modification of message Some part of captured message is altered or delayed to produce an unauthorized effect 4. Denial of services -Degrades the performance of a network -Target may be specific task
What are the types of security attack? There are two types of attack in Network Security : 1- Passive Attack It's got information from the systems but doesn’t affect the resources 2- Active Attack It should affect the systems and its operation Passive Attack - Listening to private conversation - Monitoring transmission of data - Authorized sender and receiver don’t have any clue about Unauthorized User should get some info during your conversation. Types 1. Release of message Conversation over Telephone, Mail communication should protect from some unauthorized person. 2. Traffic Analysis
Transmitted data captured from an unauthorized agent but not able to extract information from the captured data because the sending data to be encrypted.
The types of Threats in Network Security_Continued Software Threat : CIA Triad Confidentiality 1. Data Confidentiality Private information is not available to Unauthorized Individuals. 2. Privacy Individuals to control (Email ID & Password). Integrity 1. Data Integrity Programs and Information are changed only in specified & Authorized Manner. 2. System Integrity Functions without being degraded , changed in its Internal and External Environment. Availability Systems work promptly and service is not denied to Authorized User.
The type of Threats in Network Security There are two types of threats in network secuirty - Hardware Threat - Software Threat Compare to software threat, hardware threat is easy to detect but it will make more damage in network Types : 1. Physical Threat 2. Electrical Threat 3. Environmental Threat 4. Maintenance Threat Physical Threat : 1. Improper Installation 2. Selecting Wrong Components 3. Incomplete Devices 4. Lack of Knowledge Electrical Threat : Irregular Power supply 1. Voltage Fluctuation 2. High Voltage Environmental Threat : 1. Extreme Weather Conditions 2. Keep away from the sun Light and Heavy Wind Maintenance Threat : 1. Improper Disaster Planning 2. Lack of spare Parts 3. Poor Cabling Continued....
What is the Network Security? Protection of access to files and directories in a computer network against Hacking, Misuse, and Unauthorized changes to the systems. Or Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world. Some history of networking is included, as well as an introduction to TCP/IP and internetworking . We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices.
