ContentsStatus ................................................................................................. 12Changes in this document since v2.2........................................... 12Preface ............................................................................................... 14Who should read this document .................................................. 14API Reference ............................................................................. 14Other Java™ Platform Specifications.......................................... 14Other Important References ........................................................ 15Providing Feedback..................................................................... 16Acknowledgements ..................................................................... 16Chapter 1:Overview.......................................................................... 18What is a Servlet?........................................................................ 18What is a Servlet Container? ....................................................... 18An Example................................................................................. 19Comparing Servlets with Other Technologies ............................. 19Relationship to Java 2 Platform Enterprise Edition ..................... 20Chapter 2: The Servlet Interface ...................................................... 22Request Handling Methods ......................................................... 22HTTP Specific Request Handling Methods........................ 22PROPOSED FINAL DRAFT5 Java Servlet 2.3 Specification - PROPOSED FINAL DRAFT• October 20, 2000Conditional GET Support ...................................................23Number of Instances ....................................................................23Note about SingleThreadModel ..........................................24Servlet Life Cycle ........................................................................24Loading and Instantiation ...................................................24Initialization........................................................................24Request Handling ...............................................................25End of Service ....................................................................27Chapter 3: Servlet Context ................................................................28Scope of a ServletContext............................................................28Initialization Parameters ..............................................................28Context Attributes........................................................................29Context Attributes in a Distributed Container.....................29Resources.....................................................................................29Multiple Hosts and Servlet Contexts............................................30Reloading Considerations ............................................................30Temporary Working Directories ..................................................31Chapter 4: The Request .....................................................................32Parameters ...................................................................................32Attributes .....................................................................................33Headers ........................................................................................33Request Path Elements.................................................................34Path Translation Methods ............................................................35Cookies ........................................................................................36SSL Attributes .............................................................................36Internationalization ......................................................................37Request data encoding .................................................................37PROPOSED FINAL DRAFTContents 6Chapter 5: The Response .................................................................. 38Buffering ..................................................................................... 38Headers........................................................................................ 39Convenience Methods ................................................................. 40Internationalization...................................................................... 40Closure of Response Object ........................................................ 41Chapter 6: Servlet Filtering .............................................................. 42What is a filter ? .......................................................................... 42Examples of Filtering Components .................................... 43Main Concepts............................................................................. 43Filter Lifecycle................................................................... 43Filter environment .............................................................. 45Configuration of Filters in a Web Application ................... 45Chapter 7: Sessions ............................................................................ 48Session Tracking Mechanisms .................................................... 48URL Rewriting................................................................... 48Cookies .............................................................................. 49SSL Sessions...................................................................... 49Session Integrity................................................................. 49Creating a Session ....................................................................... 49Session Scope.............................................................................. 50Binding Attributes into a Session ................................................ 50Session Timeouts......................................................................... 50Last Accessed Times ................................................................... 51Important Session Semantics....................................................... 51Threading Issues ................................................................ 51Distributed Environments................................................... 51PROPOSED FINAL DRAFT7 Java Servlet 2.3 Specification - PROPOSED FINAL DRAFT• October 20, 2000Client Semantics .................................................................52Chapter 8: Dispatching Requests ......................................................54Obtaining a RequestDispatcher....................................................54Query Strings in Request Dispatcher Paths.........................55Using a Request Dispatcher .........................................................55Include .........................................................................................56Included Request Parameters ..............................................56Forward........................................................................................56Query String .......................................................................57Error Handling .............................................................................57Chapter 9:Web Applications.............................................................58Relationship to ServletContext ....................................................58Elements of a Web Application ...................................................58Distinction Between Representations...........................................59Directory Structure ......................................................................59Sample Web Application Directory Structure.....................60Web Application Archive File .....................................................60Web Application Configuration Descriptor .................................61Dependencies on extensions: Library Files.........................61Web Application Classloader..............................................62Replacing a Web Application ......................................................62Error Handling .............................................................................62Welcome Files .............................................................................63Web Application Environment ....................................................64Chapter 10:Application Lifecycle Events ........................................66Introduction .................................................................................66Event Listeners ............................................................................66PROPOSED FINAL DRAFTContents 8Configuration of Listener Classes ............................................... 68Listener Instances and Threading ................................................ 69Distributed Containers................................................................. 69Session Events- Invalidation vs Timeout..................................... 69Chapter 11: Mapping Requests to Servlets ...................................... 70Use of URL Paths........................................................................ 70Specification of Mappings........................................................... 71Implicit Mappings .............................................................. 71Example Mapping Set ........................................................ 71Chapter 12: Security.......................................................................... 74Introduction ................................................................................. 74Declarative Security .................................................................... 75Programmatic Security ................................................................ 75Roles ........................................................................................... 76Authentication ............................................................................. 76HTTP Basic Authentication ............................................... 76HTTP Digest Authentication.............................................. 77Form Based Authentication................................................ 77HTTPS Client Authentication ............................................ 78Server Tracking of Authentication Information .......................... 79Propogation of Security Identity.................................................. 79Specifying Security Constraints .................................................. 80Default Policies .................................................................. 80Chapter 13: Deployment Descriptor................................................. 82Deployment Descriptor Elements................................................ 82Deployment Descriptor DOCTYPE ................................... 82DTD ............................................................................................ 83PROPOSED FINAL DRAFT9 Java Servlet 2.3 Specification - PROPOSED FINAL DRAFT• October 20, 2000Examples .....................................................................................96A Basic Example ................................................................97An Example of Security......................................................98Chapter 14: API Details .....................................................................100Config.................................................................................... 104Filter ...................................................................................... 106FilterConfig ........................................................................... 108GenericServlet....................................................................... 110RequestDispatcher ................................................................ 115Servlet ................................................................................... 117ServletConfig ........................................................................ 120ServletContext....................................................................... 121ServletContextAttributeEvent ............................................... 129ServletContextAttributesListener.......................................... 131ServletContextEvent ............................................................. 133ServletContextListener.......................................................... 135ServletException ................................................................... 136ServletInputStream................................................................ 139ServletOutputStream............................................................. 141ServletRequest ...................................................................... 146ServletRequestWrapper ........................................................ 153ServletResponse .................................................................... 159ServletResponseWrapper ...................................................... 163SingleThreadModel............................................................... 167UnavailableException ........................................................... 168Cookie ................................................................................... 173HttpServlet ............................................................................ 179PROPOSED FINAL DRAFTContents 10HttpServletRequest ............................................................... 185HttpServletRequestWrapper ................................................. 193HttpServletResponse............................................................. 200HttpServletResponseWrapper............................................... 212HttpSession ........................................................................... 217HttpSessionAttributesListener .............................................. 222HttpSessionBindingEvent ..................................................... 224HttpSessionBindingListener ................................................. 227HttpSessionContext............................................................... 228HttpSessionEvent .................................................................. 229HttpSessionListener .............................................................. 231HttpUtils................................................................................ 232Appendix A: Deployment Descriptor Version 2.2............................ 236Appendix B: Glossary........................................................................ 250
