Professional Documents
Culture Documents
WBP UNIT 1 Part A
WBP UNIT 1 Part A
WBP UNIT 1 Part A
Recommended Books
Topic -1
formats.
Lack of Standardization.
3-Tiered Systems
3-Tiered System
Database Tier (Database Server)
Data storage and low level data manipulation
Server Tier (Application Server)
Manage client connections and data processing
Client Tier (Client Software installed locally)
User interface and some data processing
Advantage of 3-Tier Systems
Central Database Server accessed by multiple
Application Servers
In turn, each Application Server could independently
manage thousands of users
Database Server is specially designed to do its job
Database Operations: Update, Insert, Remove, etc.
Lots of disk storage and memory needed
Application Servers can be added to support more
users or DIFFERENT APPLICATIONS
Server Operations: Complex application-dependent
computations
Lots of processor power needed
First Web Applications
1993 – Rob McCool proposed a framework called
CGI (Common Gateway Interface)
Data passed from a web browser to the server
GET - passed via URL variables
POST - passed via HTML forms
Web server daemon (httpd) could then make remote
system calls
Example
Web server could run a C++ program and write the output
to public HTML folder
Web server would send response back with location of the
output.
Intro to HTML
Topic -2
Software applications(Php,Asp,Jsp,Python,Perl,etc)
Web pages (Javascript,VB script,php etc)
FEATURES
Ease of use: scripting languages are intended to
be very
fast to pick up
SCRIPTING
CLIENT- SEVER-SIDE
SIDE
SERVER SIDE SCRIPTING
Server side scripting is used to create dynamic
pages based a number of conditions when the
users browser makes a request to the server
2. Your scripts are hidden from view. Users only see the HTML
output, even when they view the source.
Disadvantages
The scripts can be used by attackers to gain access
to the server. Because the scripts respond to URL
input, changing the URL to something that exploits a
security hole can give the user server access,
sometimes even as root.
CLIENT-SIDE SCRIPTING
Client side scripting is used when the users
browser already has all the code and the page is
altered on the basis of the users input.
2. Different browsers and browser versions support scripts differently, thus more
quality assurance testing is required.
3.More development time and effort might be required (if the scripts are not already
available through other resources).
4. Developers have more control over the look and behavior of their Web widgets;
however, usability problems can arise if a Web widget looks like a standard control
but behaves differently or vice-versa
Web Server
WEB SERVERS
49
WEB SERVERS
Access Control
A Web server may limit which users can access
certain resources. Access control requires a
combination of authentication and
authorization.
Authentication identifies the user who originated
the request.
Authorization determines which users have
access to a particular resource.
WEB SERVERS
AUTHENTICATION
Most client-server systems authenticate a user by asking for
a name and password.
AUTHORIZATION
To control access to Web resources, the server must
employ an authorization policy.
A policy typically expressed in terms of an access control
list that enumerates the users who are granted or denied
access to the resources.
In addition to checking the user name, the server may
allow or deny access to the resource based on other
information associated with the HTTP request, such as
the host name or IP address of the requesting client.
Authenticating HTTP requests can impose a heavy load
on the Web server.
Type of web servers:-
2. A PWS is intended for Windows 95 or 98 or NT. The IIS is intended for latest
versions of Windows.
4. PWS lacks the logging in SQL/ODBC database,while IIS has the capability to
work with SQL.