Go To Related Topics
Introduction
of Java Servlets
Benefits of using Java Servlets
How do Servlets connect with Database
Security
How do Servlets connect with CORBA
Replacing
CGI with Servlets(By Example)
How do servlets connect with databases?
Overall Benefits of
Using Java Servlets
Summary Based on http://java.sun.com/features/1998/03/inetbiz.html
http://jeeves.javasoft.com/products/java-server/documentation/webserver1.1/servlets/api.html#features
1. "Portability and "Write Once Run Anywhere" ----"Naturally, portability influenced our decision to use the Java platform. Server-side Java technology has lived up to the promise of a performance-tuned "Write Once Run Anywhere" technology, and our clients are thrilled to know that their applications not only have superior performance, but can be run on nearly any platform. Superior applications and platform choice are both important to our clients, and in this case they can have their cake and eat it, too.
2. Compared with CGI, Servlet is light weight application. ---"We've found that servlets created in the Java programming language provide several performance and development advantages over conventional CGI. Because CGI creates a separate process for each request, a site with heavy traffic can easily overload the server with too many simultaneous processes. Servlets, on the other hand, use a single process, multithreaded model with comparatively little overhead in handling requests. When tuning performance, it is often desirable to cache common data, such as database queries, in memory to avoid unnecessary and costly database lookups. There is no convenient mechanism for doing this with CGI. On the other hand, servlets make sharing data as simple as creating static methods.
3. Eliminates common programming frustrations ---"We've also experimented with proprietary web server APIs, but we found it a major disadvantage to be locked into using a web server from a particular vendor. In addition, using Java technology eliminates common programming frustrations, such as memory allocation bugs, that are prevalent when using C to program with other web server APIs.
4. Provide handy exception handling ---- "Perhaps the biggest advantage of servlet technology is the way it handles itself during runtime errors. With CGI, if a program crash occurs, the user gets stuck with a Server 500 error screen.The developer's only hope (in a UNIX environment) is the core dump created on the server. Thanks to Servlets' very handy exception handling, we are able to provide the user with detailed instructions on who to contact, along with a stack trace showing which line of code caused the problem."
5. Give ISP or other servers providers more flexibility --- There are immediate commercial applications for such improved security technologies. Today, most Internet Service Providers (ISPs) are not able to accept server extensions from their clients. This is because they have no way to defend themselves, or their other clients, against attacks building on extensions which use native C code or CGI facilities. However, extensions built with 100% Pure Java Servlets can be prevented from maliciously altering data. Combined with the use of digitally signed code, ISPs can have the assurance that they are not assuming undue risk when they extend their web servers with servlets provided by their customers.
6.Compared with CGI, Java servlets do
not need HTML conversion step --- Many servlets will
directly generate HTML formatted text, since it is easy to do with standard
internationalized Java formatted output classes such as java.io.PrintWriter.
There is no need to use scripting languages to dynamically modify or generate HTML pages.
Java Servlet
can also be implemented by CORBA by using Interface javax.servlet.Servlet
Referenced From http://java.sun.com/products/servlet/2.1/api/javax.servlet.Servlet.html
Servlets have access to information about their clients. When used with secure protocols such as SSL, peer identities can be determined quite reliably. Servlets relying on HTTP also have access to HTTP-specific authentication data.
Servlets have the Java advantage: memory access violations and strong typing violations are not possible, so that faulty servlets will not crash servers the way that is common in most C language server extension environments.
Unlike any other current server extension API, Java Servlets provide strong security policy support. This is because all Java environments provide a Security Manager which can be used to control whether actions such as network or file access are to be permitted. By default, all servlets loaded over the network are untrusted, and are not allowed to perform operations such as accessing network services or local files. Only those servlets built in to the Java Web Server, and those in a specific local .../servlets directory controlled by the server administrator, are fully trusted and granted all privileges.
However, servlets which have been digitally signed as they were put into Java Archive (JAR) files, can be trusted and granted more permissions by the security manager. A digital signature on executable code indicates that the organization which signed the code "vouches for it" in some sense. Such signatures can't support accountability by themselves, but they do indicate a degree of assurance that may be placed on use of that code. For example, a particular signature from a MIS organization might be required on all code which is granted general access to network services within a corporate intranet. That signature might only be used on code which is strongly believed not to violate particular security policies.
Extension APIs in other languages, such as C or scripting languages, can't support such fine-grained access controls even if they do allow digital signatures for their code. This means that 100% Pure JavaTM extensions are fundamentally more secure than current competitive solutions, including Active-X. (The security of code signing used with Active-X has been seriously overstated.)
There are immediate commercial applications for such improved security technologies. Today, most Internet Service Providers (ISPs) are not able to accept server extensions from their clients. This is because they have no way to defend themselves, or their other clients, against attacks building on extensions which use native C code or CGI facilities. However, extensions built with 100% Pure Java Servlets can be prevented from maliciously altering data. Combined with the use of digitally signed code, ISPs can have the assurance that they are not assuming undue risk when they extend their web servers with servlets provided by their customers.