Telecom SudParis ������� � Introduction � sessions management and transactions ����������������� � PHP and active pages � Logical models for DB-web apps. � Evolutions Bruno DEFUDE � Framework Computer Science Dept � Web services � � ��� �������� ����������� WWW – Web advantages � Universal client � Web is a kind of DB but � Easy to use � Without schema � Open standards � Without query language � Good integration with other Internet services and � Without transactions, recovery, … protocols � Without powerfull authorisation mechanism � Extensible � DBs store huge amount of data which are � Low software and network costs interesting to publish on the web � Corporate network (Intranet), inter-companies network (extranet), WAN � � 1
Telecom SudParis ��������������� �� �����������!�"#$��� ���� HTTP CGI � Transform DBs into sets of static web pages server url � Simple query � Redundency, problem of consistency string Html result � Disadvantages of web HTML Browser (client) � Need to generate dynamic web pages SQL constructed with DB content DBMS � & �������"�����'�"#$ ����) "#$�� ����� � Simple and portable Client 1 Process 1 � Lots of code to write (one CGI per query!): can be improved with generic solutions C � Not very efficient Server Client 2 G Process 1 Process I HTTP Server Client 3 Process 1 CGI Scripts % ( 2
Telecom SudParis 2 nd solution : dedicated gateways (ex. ����) ����+&$��������� IDC) SQL (via API ODBC) . htx Client 1 HTTP Server HTTP driver W3 ODBC Thread 1 IIS IDC API SQL Server client Server Client 2 Thread 2 Set of SQL Process functions Thread 3 .idc (via API SQL ISAPI BD SQL Server) Server CGI scripts are functions of a DLL, Client 3 Processed As threads within the multi-threaded HTTP server * �, � � ���������!��� -� .���� �� ������������� "���� ���� �'������������ Solution Pros Cons � Strong coupling of a PL and web (direct calls from a web page, direct support by a HTTP CGI Scripts web Standard inefficient server) Difficult to program � The language run-time supports sessions Dedicated Little Limited � PHP, servlet – JSP (Java), ASP (Microsoft) gateways programming functionalities Server-side efficient no standard Scripts Var. sessions spaghetti style programs A real PL �� �� 3
Telecom SudParis WWW – Web limitations WWW – Web Limitations (2) � Transaction management � performances � not possible with HTTP 1.0 � Internet network => increase bandwith no session mode � � CGI scripts => FastCGI, server-side scripts One can use "cookies" � � Possible with HTTP 1.1 � security Allows persistent connexion (TCP level) � � HTTP => S-HTTP secure � User interface � TCP/IP level => SSL protocol � HTML is not very powerfull to construct sophisticated UI � Java or Flash is more powerfull �� �� ������� �������� � Introduction � Need to share information betaween different pages/scripts � sessions management and transactions � Authentification: only one authentification for � PHP and active pages n actions � Logical models for DB-web apps. � History of actions � Evolutions � Incremental state construction � Framework � DB Transactions � Web services �� �/ 4
Telecom SudParis 0 ���������� 12������ �'�� ����������� �� -���� � transaction = DB program (read and write � on-line ordering (music, books, planes, …) sequence) � bank � ACID properties � insurance � A : Atomicity � e-business!!!! � C : Consistency � I : Isolation � D : Durability 0 ������������������ 0 ������������������3��� � Transaction = sequence of URL invocations cgi Browser (client) http server (management context by the web?) 1 1 1’ c1 � Transaction = ACID properties (ensured by the 1’ c1 2 c1 2 c1 2’ c1, c2 2’ c1, c2 DBMS) 3 fin c1, c2 3 fin c1, c2 � HTTP = no session support 5’ del(c1, c2) 5’ del(c1, c2) 4’ ok 1 : first access Client-side management context (cookies) 4 sql(c1, c2) � 1’ : c1 cookie is generated Simulation of HTTP sessions (transactional web) � 2 : other access with c1 cookie transport Use server-side scripting languages (PHP, ASP, JSP, ...) � 2’ : c1, c2 cookies are generated 3 : end of transaction with c1, c2 transport 4 : transaction is constructed and processed on the DBMS 5’ : cookies deletion DBMS 5
Telecom SudParis 0 �����������������3����4�5 0 �����������������3����4�5 � Context is managed on client-side (cookies) � Cons � Not really transactional � advantages: � Limited functionality � Easy to code � Lots of cgi scripts to code � DB access is done one time at the end of the session � Cookies problems (DB resources are not blocked) � If no explicit user termination, nothing to do (at DB level) � global to a user (no distinction between two windows) � global to a url (does not allow two different transactions on the same site at the same site) � ����������� ������� � ����������� ������� � �������� � Context is managed by a daemon on server- side browser (Client) http Server cgi daemon gateway DBMS � Need of a transaction id stored on client-side (cookie or rewritten URL) and on server-side (in an array of the daemon) � A gateway does not process a single query but a complete transaction (a sequence of queries) 6
Telecom SudParis � ����������� ������� ��� ������ 4�5 � ����������� ������� ��� ������4�5 � 1 : transaction beginning request (implicite or � 3 : transaction ending request explicite) � implicit : error, timeout � An id is allocated by the daemon, transactions array is � explicit : idem 2 + update of transactions array, id is updated, a gateway is launched, an id is send back to deleted on client-side and the gateway is stopped the client (cookie or rewritten URL) � 2 : DB operation request � The request is routed by the daemon on the right gateway using the transaction id and the transactions array ������������������ � ����������� ������� 6����� � Pros � URL rewriting: variables passing using GET mode of forms � really transactional � generic solution � sessions variables: server-side scripts � Cons � Cookies: client-side storage of variables � complex architecture � DB storage: context is stored in a DB � DB resources are blocked until the end of the identified by a session identifier transaction � Need to detect a user « abort » (timeout) �( 7
Telecom SudParis "���� ���� �'�������������������� ������� ����� Mode Cons Pros � Introduction URL rewriting No protection simple � sessions management and transactions Intrusive � PHP and active pages Restricted to values � Logical models for DB-web apps. Cookies Restriceted to simple values � Evolutions Global to a browser � Framework session Variables limited volume values + references � Web services DB storage More complex to Large volume program �* �, �� ��������������� 4�� -� .����5 &7&�-��� �'��������� ������ � Offer a programming language integrated to the web � opensource solution for active server pages (ability to have calls from a web page, associated to � An active page is a server-side script a HTTP server) (generalises CGI and ISAPI) � run-time of the language offers session support (and � Supported by an interpretor linked to the consequently of transactions) HTTP server � PHP, servlet - JSP, ASP, XSP (Cocoon) � DB interface using a specific API or an � see Java and PHP for more details abstract layer �� 8
Recommend
More recommend
