Lecture8 - University of Worcester

jellytrickInternet και Εφαρμογές Web

10 Νοε 2013 (πριν από 4 χρόνια και 8 μήνες)

140 εμφανίσεις


Internet Technology

Richard Henson

University of Worcester

March 2011

Week 8

Introduction to

Objectives of Session

Explain the limitations of client

Analyse a network infrastructure and
server platform to assess possibilities
for using server scripting

Implement server scripting across an
Intranet and through the Internet

Server Systems

Server end:

access control to the network and
its resources controlled by logon

access to resources depends on
user rights

assessed by logon


user who wishes to access
network resources



Requests and responses

Client requests information

Server processes the request, sends a response back
to the client

Send Request
Read Results
Process Request
Send Back Results
Bandwidth and Client/Server

Messages transferred between client
and server via network

Bandwidth and Client/Server

Data transfer: the faster the better…

most effective on LANs

nowadays 1000
Mbits/sec or more

between connected Internet computers bandwidth
needs to be as high as possible

2 Mbits/sec

Slow connections…

data takes longer to get through

so longer time to get a response back

server could even “time out”

More about HTTP and Client
Server Computing

Client and server systems work right up to
the application layer

To allow client
server interaction on the web,
Tim Berners
Lee designed HTTP to integrate
well with his basic web page formatting


HTML language GET command instructs the
client process to get data for the server

HTML POST command sends client data either
using an email protocol or using HTTP

Web Dynamic

Server Model

n a typical web
based client

The HTML form
displayed on a web
browser at the client
end collects data

Using HTTP the form
data is sent to a web

Web Dynamic

Server Model

The web server
processes the data
according to instructions
on a specified server

Using HTTP, the results
of processing generated
as specified by the script
are sent back to the client

The web browser on the
client machine displays
the results on a web page
in a specified position

Web Dynamic

Server model

All this gets even
more complex
when a database,
and database
programming, are
also involved at
the server end…

scripting and dynamic
pages on The Web

The following apply to ALL types of
scripting used on the web…

scripts need to use real programming code

note: HTML is a FORMATTING language, NOT
a programming language

both client and server ends have
programming code:

client end…embedded within a HTML page

server end… could be embedded or separate

Languages used for

Server Scripting

Much has been tried since w3c launched HTML as
an interactive language in the early 1990s…

use of an existing language in a completely separate file,
which is already compiled and ready to go:

the original approach: .cgi

any language could in theory be used

in practice “C” was usually favoured

use of an existing language embedded in a HTML file

The Microsoft .asp approach, using embedded VB source code

The Sun .jsp approach, using embedded Java (Script) source

Invention of new scripting languages that are “HTML
and easily embed with HTML

Cold Fusion .cf

Preprocessor Hypertext processing .php

Microsoft’s first attempt

at server scripting…

In 1996, Microsoft introduced active server pages

hugely successful (VB very popular…)

soon became more popular than .cgi

However, in spite of the great success of asp, big
problems were emerging…

by 2000, hackers were attacking Microsoft servers and
finding many security holes in IIS

Microsoft only coped by offering hotfixes

further problem: use of VB source code

if server not secure, code could be copied or compromised

Scripts could not be truly “object oriented”

Alternative Scripting Lanuguages
using the embedded approach




Cold Fusion

JSPs (Java Script Pages)

Produced by Sun Microsystems

extension of the

Servlet technology

According to Sun,


fit seamlessly into a Web server framework
and can be used to extend the capabilities
of a Web server with minimal overhead,
maintenance, and support.


100% pure Java

enhanced performance

separation of logic from display

ease of administration

extensibility into the enterprise


Invented by Larry Wall in 1987

Became popular as a web
programming language in the late

Features of C but an interpreted
language (like Java)

Not for programming novices…

Evolution into PHP

Started as just a collection of

scripts in 1995

became popular as a rival to the asp approach for
programming code embedded in HTML

then became very popular as Microsoft wrestled
with asp
> asp.net

Open source and integrates well with open
source databases

e.g. MySQL

PHP scripts

Originally designed for Linux
based systems

executed on a type of web server called Apache

Can now run happily on IIS

now getting very popular with non
Linux platforms

Big improvements in performance with PHP v4

XML functionality with v5 (released 2005)

Can download the environment directly from the PHP


XAMPP provides MySQL and Apache webserver

Cold Fusion

Originally produced by Altair with its own
scripting language (CFML) for the Microsoft

arguably easier to use than asp

Purchased by Macromedia in 2003
(Dreamweaver, Flash, Director, etc.)

Dreamweaver has good support for Cold Fusion

Now also available for the Java environment

Macromedia itself now part of Adobe

ASP becomes ASP.NET

Microsoft’s new approach to server scripting for the
new millennium…

building on asp principles

new system that used “intermediate language”, rather than
source code on the server

much more difficult to hack

Problem was… they had to scrap the .asp
environment, and adopt a new architecture…

known as the .net framework

as many developers were accustomed to .asp this took
awhile to catch on!

many people still confuse asp and asp.net…

Evolution of .net framework

Version 1.1

intermediate language

time environment for scripts

compiled code can’t easily be hacked

Programming Code can be separated from HTML;

as with cgi…

but without degradation in performance

Web controls introduced by drag
drop for
ease of development

XML can replace HTML code…

Evolution of .net framework

Version 2.0

more and better controls

some Integration with Active Directory

Visual Web Developer 2005 introduced

based on Visual Studio

user friendly development environment

easy use of master pages and CSS

simulated web server for ease of testing

Evolution of .net framework
(2008, 2010)

Version 3.5

further enhancement to controls

greater integration with Active Directory

Visual Web Developer 2008 provided more
controls, more wizards, and better
formatting tools

Version 4.0

as above. Generally regarded as easier to
use than VWD 2008

PHPs & asp.net today

PHPs attractive for serious programmers who
dislike the Microsoft approach…

integration of cut
paste code still needs an
environment like Dreamweaver

Industry view (post

based Servers running PHPs considered to
be more secure against hackers than Windows
2000/IIS running asp

asp.net running on Windows 2003/IIS v6/7 later
accepted as being a very stable platform

Both widely in use today…

Platforms for Development

Dreamweaver excellent for asp, .net.
php & ColdFusion until Creative Studio

From CS1 onwards (2005ish):

no support for .net development

solid support for php & Cold Fusion

Visual Web Developer 2005, 2008,

gradually took away Dreamweaver
customers using asp.net

When to use Server Scripting (1)

Whenever programming logic is
required that needs to be shared via
Internet browsers!

Good for security

if web server properly configured…

And accountability

clients can be forced to log on

When to use Server Scripting (2)

When client end lacks storage & processing

fits well with the thin client model for web &
network computing

very popular for massively multiplayer games

Client just sends the requests and asks the

server does the processing and provides the web
pages with answers/responses to requests

When to use Server Scripting (3)

Whenever centralised data storage &
processing is needed to support
activities of a website

essential for security of sensitive data

waste of space and resources to store &
process databases locally

(4) Securing of Sensitive Data
between Client and Server

Extended Internet infrastructure designed
around the webserver model

organisation can get an authentication certificate
(SSL certificate), and make it available through
their webserver

client can view server certificate

Client can access sensitive data at server end by
authenticating themselves (log in)

data encrypted and sent using https protocol

Platforms for developing a website
running server

Computer capable of supporting Windows
XP/2003/Vista/7 or an equivalent Unix
operating system

TCP/IP protocol stack running on server

Web Server software such as:

Internet Information Server


Broadband connection to the Internet

Typical Infrastructure for putting
Server Scripting online

Make sure the internal “client
computer network is secure

EITHER use the firewall/proxy server as a
router to separate the internal (local) network
from the External (i.e. Internet) network

OR, if OSI level 3
4 protocol conversion
needed, use a gateway

converts data into appropriate protocol and diverts
it between the Internet and the local network

can be used to link networks running different

Putting the

Secured network on

A digital connection with plenty of
bandwidth is needed between the
router/gateway and a computer
connected to the Internet

Regular monitoring of the network is
essential to ensure that unauthorised
users are not trying to gain access

Web Hosting and ISPs
(Internet Service Providers)

Only the largest corporate enterprises
are likely to be part of the Internet

Most businesses need to find a partner
who will provide a link between the
connection medium and the Internet
that meets their needs

Many Internet service providers available

The problem is usually “which to choose”,
rather than finding a partner…

Web Hosting

Two possibilities:

ISP provides hosting and web space,
organisation manages website

ISP provides hosting AND manages website

ISP will also provide:

the all important IP address that will allow a
presence on the Internet

the domain name that will allow other
Internet users to find the website

Criteria for choosing a

web host (apart from cost!)

Amount of web space?

Bandwidth availability?

Hardware & OS?

Uploading techniques?

Protocols supported?

URL available?

type of server scripts supported?

Site management tools?

Databases supported?

Exercise for Next Week

Search Google for web hosts

How many available?

How could you choose?

Use the following URL to compare web
hosts and their offerings: