This question is kind of related to our web application and it is bugging me from last few months. So we use linux server for database, application and we have our custom built java web server. If we do any change in source code of application, we build a new jar file and replace the existing jar file with new jar file. Now update to take place in live application, we just execute a HTML file which contains this kind of code :
<frameset rows="100%"?
<frame src="http://mydomain.com:8001/RESTART">
</frameset>
How does this opening of port make the application to use new jar file?
The webserver is instructed to give the /RESTART URL special treatment. This can either be through a mapping to a deployed servlet, or through a hardcoded binding to a web container action.
It is very common to have URLs with special meaning (usually protected by a password) allowing for remote maintainance, but there is no common rule set. You can see snapshots of the Tomcat Administration console at http://linux-sxs.org/internet_serving/c516.html
EDIT: I noticed you mentioned a "custom built web server". If this web server does not provide servlets or JSP's - in other words conforms to the Servlet API - you may consider raising the flag about switching to a web server which do.
The Servlet API is a de-facto industry standard which allows you to cherry-pick from a wide array of web servers from the smallest for embedded devices to the largest enterprise servers spreading over multiple physical machines, without changing your code. This means that the hard work of making your application scale has been done by others. In addition they probably even made the web server as fast as possible, and if not, you can pick another where they did.
You're sending an HTTP GET to whatever's listening on that port (presumably your web server). The servlet spec supports pre- and post-request filters, so the server may have one set up to capture this particular request and handle it in a special fashion.
Related
We're using Websphere to host a series of applications for us:
We have an API that's hosted at the root, written in Java
We have an Angular application hosted at /admin
We have another Angular application hosted at /marketing
My concern is about deep-linking. If a user is at /marketing/products/1, and they refresh their browser or share the link, I need the server to send that route to the correct Angular application so it can be generated correctly.
In a simpler setup, where the Angular application is living at the root, I would use the Java application's web.xml file to redirect traffic to "/". But in my current scenario, I need traffic for the marketing site to go to "/marketing", not just to "/". Just like a deep-link from the admin site would need to go to "/admin".
Furthermore, the base URLs for these Angular applications are subject to change, and we also plan to add additional Angular sites to this same server. So I'm really looking for a solution that can work dynamically and have the server redirect to the first "slug" in the URL rather than matching specific directories.
Any ideas? (And please excuse and correct any misconceptions I've demonstrated above -- I currently know very little about WebSphere)
I can see a couple possible ways forward.
You could still use the error-page directive in web.xml, but specify the URL of a servlet in your application that could do the inspection manually and issue a redirect as appropriate. How the list of context roots is provided to your app will differ based on how it's packaged, but it could be done using files, environment variables, or JNDI entries in server.xml.
If the URLs could be changed, the Angular apps could be changed to use HashLocationStrategy in their routers which would sidestep the error page. It doesn't seem likely that that's the case but I'll put it here to get it out of the way.
You could consider splitting each Angular app into its own .war file and configuring the context root in the webApplication element in server.xml. Then redirecting to / in web.xml would work since that / is relative to the context-root.
We ended up combining those separate Angular applications into 1 so that WebSphere could direct everything to "/" and Angular routing could handle everything from there.
Have been working on a java-ee restful application, and the front end is based on react.js. So i was looking for a good way to load static content and some file uploads to be handle by an nginx server. Have heard nginx is good for static file content loading, though am new to the nginx server environment so is are there use case or what is the best practices of using the nginx server along a glassfish sever.
You are heading in the right direction - you could use a webserver, e.g. nginx for serving static content, like files or static parts of your web content. And you should use it in a productive environment anyway, for several reaons.
First, if you have reasonable traffic, this shifts part of the load to another machine (as long as you have several machines at hand). This is not only good for big static content, e.g. serving files, but also for the many small parts. Consider for example having an image in a CSS class pointing to a resource within your deployed application to style a button, then your GlassFish will have to serve it along with your other dynamic web content. If on the other hand, it will come from an URL, it can be handled by your webserver and due to the static URL it can also be cached and directly used from there without serving it over and over again.
And then, apart from performance, your webserver will allow for handling security issues before the request reaches your application server. So you can for example decide based on the URL of your REST services which node should handle it and which security guidelines to follow, for example if an SSL certificate must be provided.
But all in all, it depends very much on your application and environment. It might not be necessary at all to build all this if it's OK for your purposes to let the GlassFish handle everything.
My Java web application needs to serve up many static HTML reports.
The reports are generated on-demand using a 3rd party application based on user's inputs. The reports will always be different from run to run, so they can't be cached. The reports include multiple HTML pages (including JS and CSS pages), and relative links between files.
What's the easiest way to serve up these reports to the front-end user?
The reports don't need to stick around -- they can be deleted after a set time or after the user logs out.
I'm using:
Tomcat 7
Spring framework
Here is a similar example:
Suppose the web app is an online IDE, and you'd like to occasionally generate and display Javadoc pages for the project.
I would personally use a web server, such as Apache, to do this, since my Java applications are always behind Apache. Here is an Apache example:
# Serve /path/to/html/files/ with static files stored at /var/path/to/files/
ProxyPass /path/to/html/files/ !
Alias /path/to/html/files/ /var/path/to/files/
# Proxy / to Java application at localhost:8080
ProxyPass / http://localhost:8080/
If you must use a pure Java solution, you could try to set up a file download servlet, such as this one by BalusC. Just be careful about handling file paths supplied in request urls, as the servlet can be vulnerable to directory traversal attack.
I am a little confused about the roles of a java application server and its differences from a web server.
I found many sites explaining the same difference between the two but not to my satisfaction.
So please explain me about the two following cases:-
1)App. Server and its difference with web server:
From these two links:
Difference between an application server and a servlet container?
What is the difference between application server and web server?
web server: It handles everything through http protocol by accepting requests from clients and sending
responses to them with the help of its servlet container(e.g Apache Tomcat)
App. Server: An application server supports the whole of JavaEE like JMS,JPA,RPC etc.
Now what I am confused with is that how can I use a lot of JavaEE APIs like JMS,JPA etc. with my Tomcat
by adding their jar files in my web application ?
Does that mean that if I use an appliation server I don't have to add those jar files?(I don't think so)
2)The roles of an appl. server (This is very important to me)
From Wikipedia
http://en.wikipedia.org/wiki/Application_Server
An application server provides services such as security,transaction support etc.
"The term is often used for web servers which support the JavaEE" -- It sounds like if we add the required jar files of JavaEE APIs a web server becomes an appl. server.What about it.
Now my question is how an application server performs the tasks of security control or transaction management by itself ?
E.g. in my web application using Spring framework I am providing security by using spring-security and transaction management by using #Transactional annotation and all those things you know.
So does the appl. server have anything to do with my security or transaction management or it has its own ways ?
Forgive my ignorance.
Using Spring, you're in fact embedding some kind of Java EE container inside your application. But even when using Spring, if you need JTA support (because you need distributed XA transactions), you'll need to use an additional transaction manager. If you need JMS, you'll need to install an additional JMS broker. If you need connection pooling, you'll need to use an additional connection pool. Sometimes it's as simple as adding additional jars to the classpath and properties or XML files. Sometimes it's harder.
A Java EE app server comes with everything bundled. You have less flexibility, but you don't need to install, configure and make everything work by yourself.
When you use the Java EE framework, that is a specification. So the application server, if it is Java EE compliant, needs to implement this. So once it is implemented the specification, then it will address Security,transaction etc because it is mentioned in the spec. So it is a contract. Whereas, in a web server, it will just pull out your static resource. There is no need for handling other stuff.
In case of the Spring framework, the framework knows how to handle transaction, security etc. So particularly the developer need not look into these aspects which are implemented by the Application Server in the other scenario.
how an application server performs the tasks of security control or transaction management by itself
It is rather the specification that address these issues, not the application server. So, the duty of the app server is to implement these.
So, if your application is Java EE compliant, then these areas will be addressed and the implementation would have been done by the app server.
May be this is oversimplification,
A web server is basically a HTTP server serving contents over http protocol. So a web server is simply about serving the contents over http protocol. A typical example would be Apache web server. This is simply a file server.
Now the question is where does the web server gets the contents from ? Possible sources are
Static contents (the contents like images/css etc) which are not generated on request but statically served.
Dynamic contents: Simply put, the contents to be served are generated upon the user request.
For the static contents, the web server does not need anything as it simply reads the file and serves it.
For dynamic contents, the web server might need help of additional components which will generate the contents to be served.
Here the Application Server comes into picture.
Now these additional components referred earlier, might interact with database or some other system etc.
In a web environment where your website is exposed to huge number of users (intended/unintended), you need typical services like transaction/security/concurrency etc. so that the user get expected responses and do not see inconsistencies in the behavior of the application.
An application server has inbuilt abilities to manage transaction/security/concurrency/resource management. generally these are referred as Managed services and environment offered by them is called Managed Environment where these basic services are managed by the application server and programmer does not have be bother for them.
Application Server needs web servers or we can say Web servers use Application server's services to generate dynamic contents.
For example, JBoss uses Tomcat as inbuilt web server. Whereas web logic has its own web server. Tomcat again can be called as application server (in principle) as it also offers managed environment for servlets (it manages concurrency and instance pool of servlets/JSPs ).
Coming your your example of Spring:
An Application server will come inbuilt with transaction/security etc whether you need it or not. The Spring offers a very nice way handling this. Spring has all these things BUT you use what you need. Not just these, but just a Java Web Sever like Tomcat is sufficient to build a full fledged services that needs an application server.
If we are to separate our web server and app server, would we need java on both machines? I've had one coworker say to install jboss on both machines (seems to defeat the purpose if both machines have app server installed) and another says just install jboss on one and apache on the other (app server/web server).
I have the web project setup already and it uses servlets and JSPs. The JSPs display the content while the servlets do the action. The servlets receive requests and forward responses to the JSP. My question is how do I do this if the web server only has apache and therefore displays static content? I understand how to forward the requests from the web server to the app server but what about maintaining session state, is that done on the web server and if so how would it be done?
If the login page is html and the content after the login is html then how could I stop people from accessing the content if they haven't logged in?
The latter setup you describe, with Apache serving static content and forwarding requests for JSP/servlets onto the app server is the standard setup.
Session state is maintained as normal, your Java webapp on the app server sends the user back a cookie containing a JSESSIONID and when the user makes subsequent requests, Apache includes all request info (including cookies) in what it forwards to the app server.
The setup becomes a bit more complicated if you want to have Apache sit in front of and load balance requests to multiple JBoss instances, but it's still pretty easy to set up with mod_proxy_balancer.
Some links that might help you:
http://help.shadocms.com/blog/2009/how-to-setup-apache-with-jboss-on-a-shado-site.cfm
http://redlumxn.blogspot.com/2008/01/configure-apache2-and-jboss-422ga.html
There are many possibilities.
On web machine install just apache with mod_jk to redirect the requests to tomcat/jboss.
In this case you don't need java on this machine.
You can also separate your jsp container (e.g. tomcat/jboss) and your app server in this case you you will need to install java where you have your web container.
Generally where there is a need of higher security people combine the above mentioned possibilities. Thin web layer (apache + no java) + Web container (e.g. tomcat) + app layer (jboss/glassfish)
The first solution is normally the standard one.
Your scenario reminds me of SiteMinder. It was used to access control into our application. It has built in HTTP forwarding so from the user's perspective the browser talks to siteminder and siteminder talks to the real application. They both use session cookies and siteminder's called SMSESSION while the app's called JSESSIONID so there is no conflict.
A common deployment is to use Apache fronting servers to serve static content and forwarding requests for dynamic content to the JSP server. This is mainly for performance reasons, Apache being both faster at serving content and reducing the load on the JSP server.
I don't see any reason why you couldn't, for example, use IIS as the fronting server (removing Java from the equation), although with the wealth Apache modules and accompanying information about the configuration I think you might be making life difficult for yourself if you did.
Short answer - No.
Long answer -
It depends on the needs of your application. There are a few reasons why you would want to have the web server on a different physical machine:
You want to have the web server serve
the static content, and leave the app
server free to only process
servlet/jsp content
You wish to implement software based
load balancing. You would have the
apache server proxy requests to
multiple backing app servers
In your login example, the html page is served by apache, and the action of the html form points to your servlet for processing - so JBoss/java will still manage the session. Keep in mind that any static content you want apache to server will need to be present on the web server.