Chapter 9
Web Applications
Yingcai Xiao
Enterprise Application
Architectures
Main Issues for Developing Enterprise Applications
• User Interface, Data Storage, Security, Business Logic,
Networking.
• To deal with those issues effectively, modern enterprise
applications are usually designed as multi-tier applications.
Multi-tier Applications
 Multi-tier Application: an application consists of multiple
programs each may reside on a different system.
Client
Interconnection Network
Server
A Two-tier Application
(Client-Server)
Multi-tier Applications
A Three-tier Application
Client
Application Server
Interconnection Network
Database Server
 In a three-tier application, a Database Server is an independent
program deployed as a part of the application to store data.
Multi-tier Applications
A Four-tier Application
Client
Web Server
Internet
Application Server
Database Server
 A Web Server is added.
 It uses the standard protocols (HTML/HTTP) to communicate
with the client.
 The client is thin: a standard web browser.
Multi-tier Applications
 Client: interface to the user. It should be as thin as possible.
Thin-client: no software to install on the client site except a
standard web browser. Thin-client makes applications easy to
deploy, easy to maintain and easy to upgrade.
 Web Server: communicates with the user interface.
 Application Server: business logic implemented here with tools
from ASP.NET, J2EE, WebLogic (BEAS), WebSphere (IBM).
Most application servers have separate modules to dynamically
generate user interfaces to be sent to the client by the web server.
 Database Server: persistent data stored for the application.
 All three server could reside in the same server hardware.
J2EE
Java 2 Enterprise Edition (http://java.sun.com/j2ee)
a platform for developing multi-tier enterprise
applications with standardized modular Java
components
provides a complete set of services to handle
many details automatically
takes advantage of many features of the Java 2
Platform, Standard Edition (J2SE)
J2EE Application Architecture
Application Server (UI)
Application Server (BL)
DB Server
Thin
Client
Client
J2EE-Enabled
Web Server
.NET Web Applications
.NET Web Applications are applications built for the Web using
the .NET framework. The applications use Web forms to provide
user interface, per-user data stores to hold shopping carts,
caching services to boost performance, and security services to
identify users and prevent unauthorized accesses.
.NET Web Applications are actually Application Servers in the
four-tier architecture. Other programs (client, web server, database
server) need to be there to make the applications work. The those
programs can be shared with other applications.
Architecture of a Four-Tier Application
Supporting Software
App User Interface
WEB
WEB
S
E
R
V
E
R
C
L
I
E
N
T
User Interface
Application Logic
Database Engine
Database
DBMS / Database Server
Database API
Application Server
Architecture of a Four-Tier Application
Architecture of a Three-Tier Application
Supporting Software
App User Interface
User Interface
Application Logic
Database Engine
Database
DBMS / Database Server
Database API
Application Server
Architecture of a Three-Tier Application
C
L
I
E
N
T
ASP.NET Web Application
Structures
Structure of an ASP.NET Web Application
An ASP.NET application.
 The Web.config File
To support XCOPY installs— to install applications by
copying them to a directory and uninstall them by
deleting the files and directories.
Structure of an ASP.NET Web Application
An ASP.NET (web) application (server) consists of all the files in a
virtual directory and its subdirectories on the HW server.
•
•
•
•
•
ASPX files containing Web forms (unlimited)
ASCX files containing user controls (unlimited)
Web.config files containing configuration settings (one per
directory)
A Global.asax file containing global application elements (only
one for the entire application)
DLLs containing custom types employed by the application
(unlimited, must be in the bin directory under the root of
the virtual directory)
Create a Web Application in IIS
 winserv1 -> Sites -> Default Web Site
 Right-click->Add Application (not Virtual Directory)
 Alias: xiaotestLander
 Application pool: defualtAppPool
 Physical path: C:\inetpub\wwwroot\xiaotest\Lander
http://winserv1.cs.uakron.edu/xiaotestLander/Lander.aspx
Existing directories can be converted to Web Applications
• winserv1 -> Sites -> Default Web Site->xiaotest
• Right-click on Lander
• Convert to Application
• Application pool: defualtAppPool
• http://winserv1.cs.uakron.edu/xiaotest/Lander/Lander
.aspx
* You need to be an administrator to use IIS
XML
•
•
•
•
•
•
•
Extensible Markup Language
A markup language for documents containing structured
information.
The XML specification defines a standard way to add
markups to documents to identify structures in a document.
Both the tag semantics and the tag set are user definable.
A meta-language for describing (defining) markup languages.
Commonly used to describe data transmitted over the
Internet.
http://www.xml.com/
Web.config
 Web.config is the XML file in which ASP.NET applications store
configuration data.
•
Not in the registry anymore.
•
Case sensitive.
•
Inherited, can be overridden by subdirectories.
•
Machine.config is at the root. Under
Windows\Microsoft.NET\Framework\vn.n.nnnn\Config
Web.config
•
Use system.web in .config to set system-wide configurations.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<!-- To allow debug info displayed at the client -->
<customErrors mode="Off"/>
<trace enabled="true" />
</system.web>
</configuration>
‘customErrors mode="Off”’ means “systemErrors mode” on.
Debugging
•
•
Each web application needs its own application directory.
For a web form application, the application directory
containing the web form is treated as the root of the web
“application”.
e.g.
Copy files from “Examples/c9/Debug” to a A.D.
Edit calc.aspx in it.
Change op1 in “OnAdd” to op11
Better view it with I.E.
http://winserv1.cs.uakron.edu/Examples/c9/Debug/calc.aspx
Show Detailed Compiler Output
Debugging
Web.config
<configuration>
<system.web>
<customErrors mode=“On”
defaultRedirect=“errorMessage.html” />
</system.web>
</configuration>
Three custom errors modes
1. On: displays custom errorMessage.html locally and remotely
2. Off (default): displays debugging information locally and
remotely. (Dangerous!)
3. RemoteOnly: displays debugging information locally and
errorMessage.html remotely
Debugging
http://winserv1.cs.uakron.edu/Examples/c9/Debug/calc.aspx
Custom error mode “On”, but no defaultRedirect
Web.config
<configuration>
</configuration>
Default custom error mode is Off: very Dangerous!
Displays (code) debugging information locally and remotely.
Web.config
Strings defined in the .config file can be retrieved in the program at
run time:
string conn = ConfigurationSettings.AppSettings ["MyConnectionString"];
<!-- Web.Config Configuration File -->
<configuration>
<appSettings>
<add key="MyConnectionString"
value="server=db1; database=pubs; uid=sa; pwd=" />
<add key="connectString"
value="Integrated Security=true;Initial Catalog=pubs;
Data Source=XIAO-T23-01" />
</appSettings>
</configuration>
The Global.asax File
•
•
•
•
•
•
text file
application-level
only one for each application
directives
event handlers
declarations
Global Directives:
<%@ Application Description="My First ASP.NET Application" %>
<%@ Import Namespace="System.Data" %>
<%@ Assembly Name="System.DirectoryServices" %>
 Global Event Handlers For events that aren’t specific to a
particular page but that apply to the application as a whole:
Application_Start, Application_End, Session_Start,
Session_End, Application_Error.
An application consists of multiple pages (static structure).
An application can support multiple sessions at runtime, one
for each client (dynamic structure).
 Global Object Tags
Session["MyShoppingCart"] = new ShoppingCart ();
To use in an application:
<object id="MyShoppingCart"
class="ShoppingCart"
scope="session" runat="server" />
Application State & Application Cache
•
•
•
•
•
•
to improve application performance
data stored in memory
as dictionaries of key/value pairs
string keys
available to all parts of an application (global)
Application Cache is replacing Application State.
The Application Cache
A per-application, in-memory data store.
•
System.Web.Caching.Cache
Pages: Page.Cache
Global.asax: HttpApplication.Context.Cache
•
Insert
Cache.Insert ("AMZN", 12.00);// or
Cache["AMZN"] = 10.00; // replace existing entry
•
Remove
Cache.Remove ("AMZN");
•
Usage
decimal amzn = (decimal) Cache["AMZN"];
The Application Cache
•
•
•
Locking
System.Threading.ReaderWriterLock
rwlock.AcquireWriterLock (Timeout.Infinite);
Expiration (new)
Absolute:
Context.Cache.Insert ("Stocks", stocks, null,
DateTime.Now.AddMinutes(5),
Cache.NoSlidingExpiration();
Sliding (expires only if not accessed):
Cache.NoAbsoluteExpiration ();
Cleaning Callbacks
Context.Cache.Insert (… ,
new CacheItemRemovedCallback (RefreshDataSet));
When Calc.aspx is accessed by a client
 Session State: per-user store to support shopping cart (equivalent
to global variables)
Challenge: the Web is stateless.
Client side store: cookies (users may disable cookies)
Server side store - in memory (down with IIS, no Web farms
(clusters of Web servers act as one))
• ASP.NET session store:
Cookies: client side store
Cookieless: server side store – in memory, in another
process, on another machine, in a database
Session State Process Models
Model
Description
In-proc
Stores session state in-process to
ASP.NET (that is, in Aspnet_wp.exe)
(default)
State Server
Stores session state in an external
“state server” process on the Web
server or on a remote machine (slower)
SQL Server
Stores session state in a Microsoft SQL
Server database on the Web server or
on a remote machine (slowest, scalable
and reliable, for e-commerce)
Change session state type in Web.config
<sessionState mode="InProc" />
<sessionState mode="StateServer"
stateConnectionString="tcpip=192.168.1.2:42424" />
<sessionState mode="SQLServer"
sqlConnectionString="server=localhost;uid=sa;pwd=" />
<sessionState mode="Off" />
Using Session State
•
•
•
•
•
Page access: System.Web.UI.Page.Session property
Global.asax access: System.Web.HttpApplication.Session
property
Both map to an instance of
System.Web.SessionState.HttpSessionState
Add an item:
Session.Add ("10012552", "Quantity=1");
Session["10012552"] = "Quantity=1";
Retrieving an item:
string value = Session["10012552"];
Using Session State
•
•
•
•
•
•
Retrieving all items:
NameObjectCollectionBase.KeysCollection keys
= Session.Keys;
foreach (string key in keys) {…}
Remove, RemoveAt, and RemoveAll.
Session timeout: <SessionState timeout="60" />
Close session: Session.Abandon ();
Session Identification:
using GUIDs (globally unique identifiers)
Automatic lock and unlock
Using Session State
http://winserv1.cs.uakron.edu/examples/c9/sessionSpy/sessionSpy.aspx
<%@ Page Language="C#" %>
<html> <body> <%
if (Session.IsNewSession || Session["Count"] == null)
{ Session["Count"] = 1;
Response.Write ("Welcome! Because this is your first visit to this
site, a new session has been created for you. Your session ID is " +
Session.SessionID + ".");
}
else { Session["Count"] = (int) Session["Count"] + 1;
Response.Write ("You have visited this site " +
Session["Count"] + " times. Your session ID is still " +
Session.SessionID + ".");
}
%> </body> </html>
Using Session State
A session is created for each client process and stored on the server.
NS and IE are on different processes.
Browser
Ctrl N
Start->Programs
IE
New Thread
Old Session
New Process
New Session (old IE)
Old Session (newer IE)
NS
New Thread
Old Session
New Thread
Old Session
To make your program work deterministically, your
application needs to identify the user through the login
authentication and respond accordingly (next chapter).
State Server or SQL Server session state models require types stored
in session state to be serializable.
[Serializable]
public class ShoppingCart
{ ... }
ShoppingCart cart = new ShoppingCart ();
Session["MyShoppingCart"] = cart;
A mini enterprise application
Congo (C9)
Congo: A virtual storefront for an online bookseller.
Related to: database => data grid => shopping cart
Forms: Database supported, web based security.
Deployment:
http://www.cs.uakron.edu/~xiao/windows/Web-App-Deployment.html
T:\Xiao\Windows Programming\Examples\C9\Congo-MySQL
http://winserv1.cs.uakron.edu//xiaotest/Congo-MySQL/Congo.aspx
Output format in C#
http://blog.stevex.net/string-formatting-in-csharp/