Sun Certified Web Component Developer

	Formsoft Ltd

Welcome
HTML
XML
Applications
Clients
Resources
Contact Us

JavaServer Pages (JSP) & Servlets

For simple web applications we recommend using JavaServer Pages(JSP) and Servlets. Servlets are used to add dynamic functionality to your server. They allow you to control the flow of processing through your web application and allow access to all other Java APIs. Typically Servlets use JavaBeans to perform business processing and then direct the web server to a JSP page to display the results. JSP pages are based on Servlets but are used to produce the HTML pages. JSPs can use the data from a bean to display results of processing. We also recommend the use of JSP tag libraries for larger sites. Customised tags allow HTML pages to be created with tags that don't directly reference the underlying beans. This allows the Java to be created separately.

Enterprise JavaBeans (EJB)

A more sophisticated solution for a web application is to use Enterprise JavaBeans (EJB). EJBs will require greater development effort and result in greater demands on the server. EJB should be considered when:

The application must be scaleable. To accommodate a growing number of users, you may need to distribute an application's components across multiple machines. Not only can the enterprise beans of an application run on different machines, but their location will remain transparent to the clients
Transactions are required to ensure data integrity. Enterprise beans support transactions, the mechanisms that manage the concurrent access of shared objects
The application will have a variety of clients. With just a few lines of code, remote clients can easily locate enterprise beans. These clients can be thin, various, and numerous

Remote Method Invocation (RMI)

Using Remote Method Invocation (RMI) we can enable your Java clients to call the mehods of Java objects on remote servers and to pass reference to these objects. We recommend using the Activation Objects extension to RMI. This saves resources by only activating remote objects on demand. References to Activation Objects also remain valid even when servers have to be restarted.

Java Database Conectivity (JDBC)

JSP & EJB based web applications can make use of the JDBC specification to update data to relational databases. JDBC is independent of the type of database used. We recommend that you use the new DataSource class introduced in the JDBC 2.0 Optional Package This enables support for connection pooling and distributed transactions using a logical JNDI name.

Java Security

Our understanding of the Java security policy files will enable us to configure your environment to give special privileges to code depending on where it is sourced and whether it is signed. We can also protect your resources by giving one set of classes special access, and then requiring all other code to use those classes.

Java Cryptography Extension (JCE)

With the Java Cryptography Extension (JCE) we can provide security features tailored to your needs with:

integrity using message digests
integrity and authenticity using message authentication codes and digital signatures
confidentiality using encryption with symmetric and asymmetric ciphers
management of certificates for public key exchanges

Java Secure Sockets Extension (JSSE)

With the Java Secure Sockets Extension (JSSE) we can protect your data as it is being transferred between clients and servers. The protocols used are SSL (Secure Socket Layer) and TLS (Transport Layer Security). Both provide secure key exchange and encryption. We can also ensure that your web servers are configured to use HTTPS. HTTPS is an implementation of SSL/TLS for secure browsing over the internet.

Java Authentication and Authorisation Service (JAAS)

We can use the Java Authentication and Authorisation Service (JAAS) to authenticate users and enforce access controls upon those users in their Java applications. We can separate the development of code from the complex task of authenticating and authorising users by using customised and predefined plug-in modules.