Advanced Internet technologies(MCS-051)

Course Code : MCS-051

Course Title : Advanced Internet technologies
Assignment Number : MCA(V)/051/Assignment/2019-20
Maximum Marks : 100
Weightage : 25%
Last Dates for Submission : 15th October, 2019 (For July, 2019 session)
15th April, 2020 (For January, 2020 session)

Q1. (a) What are the main objectives of session tracking? What are the two ways to
handle session tracking ? Explain with the help of an example.

Answer 1(a) : Session tracking enables you to track a user's progress over multiple servlets
or HTML pages, which, by nature, are stateless.

Session tracking methods :

1. User authorization
2. Session tracking API

1. User Authorization

Users can be authorized to use the web application in different ways. Basic concept is that the
user will provide username and password to login to the application. Based on that the user can
be identified and the session can be maintained.

2. Session tracking API

Session tracking API is built on top of the first four methods. This is inorder to help the
developer to minimize the overhead of session tracking. This type of session tracking is
provided by the underlying technology.

Example: public class CatalogServlet extends HttpServlet {

public void doGet (HttpServletRequest request,

HttpServletResponse response)
throws ServletException, IOException
{
// Get the user's session and shopping cart
HttpSession session = request.getSession(true);
ShoppingCart cart =
(ShoppingCart)session.getValue(session.getId());

// If the user has no cart, create a new one

[Type text] Page 1

 Advanced Internet technologies(MCS-051)

if (cart == null) {cart = new ShoppingCart();

session.putValue(session.getId(), cart);
}
...
}
}

Q1(b) What are the major differences between a session and a cookie ?

Ans 1(b) : Cookies and Session are used to store the information.Cookies are store only client
side while Session stored the information client side as well as server side. A session creates a
file in a temporary directory on the server where registered session variables and their values
are stored.

Question 2. Assume there is a table named students which created is Oracle database
having the
following fields:
- E-number
- S-name
- Name - of school
- Programme
- Year of admission
- Date of birth
(a) Enter at least 5 records and write a servlet code which will display all the fields of
the above table and all records entered in the table in a tabular form.
(b) Answer the following SQL queries related to the student table.
(i) List all the student enrolled in a school of computer sciences in the year 2016.
(ii) Count the number of students registered in BCA Programme.
(iii) List all the students below the age of 25 years.

Answer 2:
(A)
Create TABLE [dbo].[Students](
[ID] [int] IDENTITY(1,1) NOT NULL,
[Enrolment_Number] [bigint] NOT NULL,
[S_NAME] [varchar](50) NULL,
[Name_Of_School] [varchar](150) NULL,
[Programme] [varchar](50) NULL,
[Age] [varchar](50) NULL,
[Year_Of_Admission] [varchar](50) NULL,
[Stream] [varchar](100),
[CreatedDate] [datetime],
PRIMARY KEY(Enrolment_Number)
)
insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034567,'Ravi Bhaskar','IGNOU','MCA','25 years','july 2016','computer
sciences',getdate())
insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034577,'Diwakar','IGNOU','BCA','25 years','year 2016','computer
sciences',getdate())

[Type text] Page 2

 Advanced Internet technologies(MCS-051)

insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034557,'Vidatri Shing','IGNOU','MCA','25 years','july 2016','computer
sciences',getdate())
insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034537,'Gautam','IGNOU','MCA','25 years','july 2016','computer
sciences',getdate())
insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034527,'Ravi Jaiswal','IGNOU','BCA','25 years','year 2016','computer
sciences',getdate())
insert into
Students(Enrolment_Number,S_NAME,Name_Of_School,Programme,Age,Year_Of_Admission,Stream,
CreatedDate)Values(157034507,'Kaushal','IGNOU','MCA','24 years','july 2015','computer
sciences',getdate())

import javax.servlet.*;
import java.io.*;
import java.sql.*;
import javax.servlet.http.*;
public class Employee extends HttpServlet
{
public void doGet(HttpServletRequest req, HttpServletResponse res) throws
IOException, ServletException
{
res.setContentType("text/Html");
PrintWriter pw = res.getWriter();
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection con=DriverManager.getConnection("jdbc:odbc:dsn");
Statement st=con.createStatement();
ResultSet rs=st.executeQuery("select * from students");
String tr="";
while(rs.next()){
tr=tr+"<tr>";
tr=tr+"<td>"+rs.getString(1)+"</td>";
tr=tr+"<td>"+rs.getString(2)+"</td>";
tr=tr+"<td>"+rs.getString(3)+"</td>";
tr=tr+"<td>"+rs.getString(4)+"</td>";
tr=tr+"<td>"+rs.getString(5)+"</td>";
tr=tr+"</tr>";
}
String table="<table border='1'>"+tr+"</table>";
pw.write(table);
pw.close();
con.close();
}catch(Exception e)
{
pw.write(""+e);
}
}
}

(B)

[Type text] Page 3

 Advanced Internet technologies(MCS-051)

select * from Students where Stream='computer sciences'and Year_Of_Admission='year 2016'

select count(id) from students where Programme='BCA'
select * from students where age < '25 years'

Q3. Differentiate between the two different types of servlets? What are the two
interfaces in
the servlet API.

Answer 3 : There are two servlet types, generic and HTTP: Generic servlets are
sub classes of javax.servlet.GenericServlet . ... It has built-in HTTP protocol support. The
doGet and doPost methods are used to handle client requests (GET or POST requests)

Every Servlet must implement the java.servlet.Servlet interface, you can do it by extending
one of the following two classes: javax.servlet.GenericServlet or javax.servlet.http.HttpServlet .
The first one is for protocol independent Servlet and the second one for http Servlet.

Q4. (a) Explain the role of JSP in design of dynamic website.

Answer 4(A) : In this JSP tags are used to insert JAVA code into HTML pages.
It is an advanced version of Servlet Technology. It is a Web based technology
helps us to create dynamic and platform independent web pages. ... JSP is first
converted into servlet by JSP container before processing the client's request.
JavaServer Pages (JSP) is a technology for developing Webpages that supports
dynamic content. This helps developers insert java code in HTML pages by making
use of special JSP tags, most of which start with <% and end with %>.
A JavaServer Pages component is a type of Java servlet that is designed to fulfill
the role of a user interface for a Java web application. Web developers write JSPs
as text files that combine HTML or XHTML code, XML elements, and embedded JSP
actions and commands.
(b) Define custom tags in JSP and describe components that make
up a tag library in JSP.
Answer 4(B): A custom tag is a user-defined JSP language element. When a JSP
page containing a custom tag is translated into a servlet, the tag is converted to
operations on a tag handler. The web container then invokes those operations when
the JSP page’s servlet is executed.

Custom Tags: <?xml version="1.0" encoding="ISO-8859-1" ?>

<!DOCTYPE taglib
PUBLIC "-//Sun Microsystems, Inc.//DTD JSP Tag Library 1.2//EN"
"http://psvsolution.com/j2ee/dtd/web-jsptaglibrary_1_2.dtd">
<taglib>
<tlib-version>1.0</tlib-version>
<jsp-version>1.2</jsp-version>
<short-name>simple</short-name>

[Type text] Page 4

 Advanced Internet technologies(MCS-051)

<uri>http://tomcat.apache.org/example-taglib</uri>

<tag>
<name>today</name>
<tag-class>com.javatpoint.sonoo.MyTagHandler</tag-class> </tag> </taglib>
Components:

Q5. Assume there is product table in the company’s database created in Oracle
with the
following fields:
- Product - ID
- Product - name
- Year of manufacturing
- Product cost
Write a code connecting JSP to Oracle database through JDBC and perform the
following
operations:
- Insert 10 records in the database
- Modify these records
- Display the product name which was manufactured before 2017.

- Display the product ID which costs more than Rs. 50000 and manufactured after
2017.

Answer 5:
CREATE TABLE Products
(
ID int Identity(1,1)NOT null,
Product_ID int NOT NULL,
Product_Name varchar2(100) NOT NULL,
Year_of_Manufacturing varchar2(50) null,
Products_Cost decimal null,
CONSTRAINT Products_pk PRIMARY KEY (Product_ID)

[Type text] Page 5

 Advanced Internet technologies(MCS-051)

)
connecting JSP to Oracle database through JDBC

import java.sql.*;
public class connect
{
public static void main(String args[])
{
try
{
Class.forName("oracle.jdbc.driver.OracleDriver");

// Establishing Connection
Connection con = DriverManager.getConnection(
"jdbc:oracle:thin:@localhost:1521:orcl", "login1", "pwd1");

if (con != null)
System.out.println("Connected");
else
System.out.println("Not Connected");

con.close();
}
catch(Exception e)
{
System.out.println(e);
}
}
}
INSERT INTO Products VALUES (1, 'Bags', '2018', 12000)
INSERT INTO Products VALUES (2, 'TV', '2014', 25000)
INSERT INTO Products VALUES (3, 'Disney', '2013', 18000)
INSERT INTO Products VALUES (4, 'Bike', '2012', 49000)
INSERT INTO Products VALUES (5, 'Teblet', '2014', 12000)
INSERT INTO Products VALUES (6, 'Laptop', '2015', 13000)
INSERT INTO Products VALUES (7, 'Shose', '2016', 12000)
INSERT INTO Products VALUES (8, 'Shampoo', '2018', 12000)
INSERT INTO Products VALUES (9, 'Car', '2016', 120000)
INSERT INTO Products VALUES (10, 'Earphone', '2016', 1200)

update Products set Product_Name='Scarpio Car',Products_Costs=1900000 where product_id=9

select * from Products where Year_of_Manufacturing <2017

select Product_ID from Products where Products_Costs >50000 and Year_of_Manufacturing
>2017

Q6. What is the need of connecting servlet and JSP and explain the process
through a programme template.

Answer 6 : Servlet is html in java whereas JSP is java in html. Servlets run faster compared
to JSP JSP is a webpage scripting language that can generate dynamic content while
Servlets are Java programs that are already compiled which also creates dynamic web content.
In MVC, jsp acts as a view and servlet acts as a controller.

[Type text] Page 6

 Advanced Internet technologies(MCS-051)

Q7. Describe the following HTTP authentication mechanism for authentication of a

user to a web server:
(i) HTTP authentication (ii) HTTP click authentication

Answer 7: HTTP supports the use of several authentication mechanisms to control access
to pages and other resources. These mechanisms are all based around the use of
the 401 status code and the WWW-Authenticate response header.

The most widely used HTTP authentication mechanisms are:

Basic The client sends the user name and password as unencrypted base64
encoded text. It should only be used with HTTPS, as the password can be
easily captured and reused over HTTP.

Digest The client sends a hashed form of the password to the server. Although, the
password cannot be captured over HTTP, it may be possible to replay requests
using the hashed password.

NTLM This uses a secure challenge/response mechanism that prevents password capture
or replay attacks over HTTP. However, the authentication is per connection and will
only work with HTTP/1.1 persistent connections.

HTTP Authentication and HTTP click authentication :

Basic and Digest authentication use a four step process to authenticate users.
First HTTP client makes a request to the web server. ... And then client displays a
dialog box to take username and password as input. Once the credentials has been
enter the client sends it using the Authorization header

Q8. Discuss advantage of using entity bean for database operations over
directly using

[Type text] Page 7

 Advanced Internet technologies(MCS-051)

JDBCAPI. When would one need to be used over the other?

Answer 8: Advantages of Entity beans over JDBC:

o Separation of business logic from your database access logic makes Entity
Beans a better choice than session beans using JDBC.

o If you are using Entity beans you dont need to worry about database
transaction handling, database connection pooling etc. which are taken care by
the ejb container. But in case of JDBC you have to explicitly do transaction
handling & connection pooling.

o The great thing about the entity beans is that beans are container managed,
whenever the connection is failed during the transaction processing, the
database consistancy is mantained automatically. the container writes the data
stored at persistant storage of the entity beans to the database again to
provide the database consistancy. where as in jdbc api, developers has to do
manually.

o Entity beans use better security management

Generally JDBC is preferred over entity beans due to performance considerations.

Entity beans do add overhead compared to JDBC. while retrieving huge amount of data
from database performance is poor compared to JDBC API calls.

Q9. (i) Explain the difference between external entity and internal XML
entities
(ii) How Java Beans and enterprise java beans are different?

Answer 9(1) An internal entity is defined by a string giving the text

of the

entity, e.g.

<!ENTITY foo "hello world">

[Type text] Page 8

 Advanced Internet technologies(MCS-051)

An external entity is defined by a URL giving the location of the

entity text, e.g.

<!ENTITY foo SYSTEM "http://example.org/myent.ent">

where that URL refers to a file containing the text.

An entity whose declaration appears in the internal subset is called

"internally declared" and one whose declaration appears in the

external subset is called "externally declared". This is quite

independent of whether it is an internal or external entity.

Answer 9(2) : JavaBeans and Enterprise JavaBeans (EJB) are software

component models, their purpose is different. A JavaBean is a general-purpose
component model, whereas EJB, as the name suggests, is a component model
that is enterprise specific

Q10. (i) Design XML DTD for an organisation that contains employee
information. An
employee element has fields: first name, last name, age, address and
department. The
address element has fields: cities, state and pin code.

(iii) How can we check whether the DTD is correct? How

many elements should you have in a DTD?

Answer 10(1):

<?xml version = "1.0" standalone="yes"?>

<document>

[Type text] Page 9

 Advanced Internet technologies(MCS-051)

<employee>

< employee element >

<firstname>Jitendra kumar</firstname>

<lastname>Maurya</lastname>

<age>20</age>

<Address> a 137 1 seva sadan block mandawali delhi-92<Address>

<Department>IT Department<Department

</employee element>

<address element>

<city>New Delhi</city>

<state>Delhi</state>

<pincode>110092</pincpode>

</addresselements>

</employee>

</document>

[Type text] Page 10

 Advanced Internet technologies(MCS-051)

Answer 10(ii):

An XML document with correct syntax is called "Well Formed".

An XML document validated against a DTD is both "Well Formed" and "Valid".

 the mandatory fields are present

 there cannot be more than one case_list, given_name, or date_of_birth nodes
 there must be at least one case node, within the case_list element
 the code_value attributes are populated

Q11. Define the basic security concepts.

Answer 11: Three basic security concepts important to information on the

Internet are confidentiality, integrity, and availability. Concepts relating to the
people who use that information are authentication, authorization, and
nonrepudiation. When information is read or copied by someone not
authorized to do so, the result is known as loss of confidentiality. For some
types of information, confidentiality is a very important attribute. Examples
include research data, medical and insurance records, new product
specifications, and corporate investment strategies. In some locations, there
may be a legal obligation to protect the privacy of individuals that collect
taxes.

This Assignment is Created And Developed By Jitendra Kumar Maurya

[Type text] Page 11