877-277-2477
info@capstonecourseware.com
111-JB. Developing Java Web Applications
Version 7.0

Book cover

Gives the experienced Java programmer a firm understanding of web application development in the Java Enterprise environment. Students learn the Servlets, JSP, and JSTL standards and how to mesh them into an effective methodology for building maintainable model/view/controller web applications. Students also work with relational databases and are exposed to practicalities of using both JDBC- and JPA-based persistence tiers. The course also introduces security concepts and provides exercises in both declarative and programmatic approaches to authentication and authorization for Java web applications, and includes in-depth treatments of newer Java EE standards including Contexts and Dependency Injection (CDI) and the Java Web Socket API.

Prerequisites

  • Java programming experience is required; Course 103, "Java Programming," is excellent preparation.
  • Exposure to HTML and web page design are beneficial but not necessary.

Learning Objectives

  • Understand the value of web applications to an IT enterprise, and the importance of the Java EE platform in enabling web development.
  • Build servlets to respond to HTTP requests.
  • Build JavaServer Pages to define HTTP responses.
  • Combine servlets and JSPs in a model/view/controller architecture to maximize efficiency and maintainability of application code.
  • Define HTML forms and process form input.
  • Store and retrieve information at request, session, and application scope.
  • Make effective use of HTTP sessions as managed by the Java EE web container.
  • Use the JSP Standard Tag Library to implement appropriate presentation logic in a JSP.
  • Take full advantage of the relationship of servlets and JSPs to the Java EE web container using configuration, context, and lifecycle techniques.
  • Manage persistent data from web applications by working with persistence tiers, JDBC, and/or JPA.
  • Implement and configure servlet filters.
  • Declare security policies for web applications, and use programmatic authorization where appropriate.
  • Use Contexts and Dependency Injection (CDI) to assemble Java EE components.
  • Implement Ajax and Ajax-push applications using the Java API for WebSocket.

Timeline: 5 days.

Server Support: JBoss

  • This version of the course works with the JBoss server. Our Java EE courses are available in variants that support various server products, including Tomcat, GlassFish, JBoss, and WebLogic. For more details, and to find a desired server-specific version of a course, see our server-support matrix.

IDE Support: Eclipse Kepler

  • In addition to the primary lab files, an optional overlay is available that adds support for Eclipse Kepler. Students can code, build, deploy, and test all exercises from within the IDE, and take advantage of built-in editors, integrated debugging, and wizards for JSF applications, XML files, JSPs, and more. See also our orientation to Using Capstone's Eclipse Overlays.

Chapter 1. Overview of Java EE Web Applications

  • The World Wide Web
  • HTTP
  • HTML and XML
  • CSS
  • Dynamic Web Applications
  • The Java EE Platform
  • Java EE Servers and Portability
  • Servlets
  • JavaServer Pages
  • JSTL
  • Web Archives and Enterprise Archives
  • Model/View/Controller
  • Forms
  • Sessions
  • Context and Lifecycle
  • Databases
  • Security
  • Filters
  • JavaServer Faces

Chapter 2. Servlets

  • The HTTP Message Model
  • The Servlets API "Kernel"
  • HttpServlet
  • Request and Response Objects
  • Mapping URLs
  • Attributes and Scopes
  • Forwarding and Redirecting

Chapter 3. JavaServer Pages

  • Dynamic Web Pages
  • Relationship to Servlets
  • Directives
  • The Unified Expression Language
  • Page Scope
  • Implicit Objects
  • <jsp:useBean> and "Model 1"
  • MVC and "Model 2"
  • JSP Documents

Chapter 4. Working with Forms

  • HTML Forms
  • Submit Method: GET vs. POST
  • Reading Single-Value Components
  • Reading Multi-Value Components
  • Reading Button Input
  • Input Validation

Chapter 5. Sessions

  • Sessions over HTTP
  • HttpSession
  • Session Scope
  • Session Pitfalls

Chapter 6. The JSP Standard Tag Library

  • Custom Tags
  • The JSTL Libraries
  • The Core Library
  • Iterating Over Collections
  • The Formatting Library
  • Formatting Dates and Numbers
  • Working with Maps
  • Conditionals
  • Loops
  • Variables
  • Importing Documents

Chapter 7. Custom Tags

  • Custom Tag Libraries
  • Tag Library Architecture
  • Implementing in Java or JSP
  • Correct Use of Scopes
  • Invoking Presentation Logic
  • Reusing Presentation Fragments
  • Classic Tag Handlers
  • Simple Tag Handlers
  • Tag Files

Chapter 8. Context and Lifecycle

  • Containers and Components
  • Context and Lifecycle Interfaces
  • Initialization and Context Parameters
  • Loading Resources
  • Lifecycle Methods
  • Lifecycle Annotations
  • Context Listeners
  • JNDI and the Component Environment
  • Dependency Injection

Chapter 9. Working with Databases

  • Persistence Challenges
  • Persistence Strategies
  • JDBC
  • DriverManager
  • DataSource
  • Data Access Objects
  • JNDI Quirks and Portability Issues
  • JPA
  • Entity Annotations
  • Entity Managers
  • Persistence Units
  • Working with Persistent Data
  • Processing Tables
  • Limiting Query Scope

Chapter 10. Filters

  • Servlet Filters
  • Uses for Filters
  • Implementation
  • Deployment
  • Configuration and Context

Chapter 11. Security

  • Threats to Enterprise IT
  • Web Applications as Prime Targets
  • Container Services
  • Authentication for Web Applications
  • Authorization
  • HTTP BASIC Authentication
  • HTTP DIGEST Authentication
  • Declaring Security Constraints
  • Abstract Roles, Concrete Realms
  • Configuring User Realms
  • Custom Error Pages
  • Frustrations with BASIC and DIGEST
  • Doing It Yourself
  • FORM Authentication
  • Programmatic Security
  • Beyond Container-Based Security
  • OWASP and the Top 10

Chapter 12. Dependency Injection

  • Java EE 5 Dependency Injection
  • Contexts and Dependency Injection
  • CDI Configuration
  • What Can Be Injected
  • Producers and Disposers
  • Qualifiers
  • Named Beans
  • Scopes
  • Limitations and Pitfalls
  • Working with Persistent Data

Chapter 13. The Web Socket API

  • Ajax vs. Traditional Web Applications
  • Partial Requests and Page Updates
  • Pushing Messages
  • Web Sockets
  • The Java API for WebSocket
  • Programmatic and Annotated Endpoints
  • Client Endpoints
  • Callback Methods
  • Broadcasting
  • Communicating with Servlets
  • Path Parameters
  • Pitfalls
  • Using CDI

System Requirements

Hardware Requirements (Minimum) Dual-core 1.8 GHz, 4 gig RAM, 10 gig disk space.
Hardware Requirements (Recommended) Dual-core 2.8 GHz, 8 gig RAM, 10 gig disk space.
Operating System Tested on Windows 7/8, Mac OS 10.5.2. Course software should be viable on all systems which support a Java SE 7 Developer's Kit.
Network and Security Limited privileges required -- please see our standard security requirements.
Software Requirements All free downloadable tools.