Event Listener Adapter
As described in Chapter 2, the UIInput component delivers a ValueChangeEvent to all registered event listeners. In addition, the ValueChangeEvent is also delivered to the backing bean via a MethodBinding stored in the UIInput's valueChangeListener attribute. The valueChangeListener attribute is exposed as a tag attribute on the standard input tags, such as lt h inputText gt .In JSF 1.2, the valueChangeListener attribute is deprecated on the UIInput component but is still present on the JSP tag...
The StateBag Class and the IStateManager Interface
The client-side state management technique ViewState exists in the .NET Framework class hierarchy as a member property of the System.Web.UI.Control class called ViewState, of type StateBag, which implements a dictionary data structure to store name value pairs. The StateBag class implements the interfaces in Table 3-3. Table 3-3. Interfaces Implemented by the StateBag Class Table 3-3. Interfaces Implemented by the StateBag Class Defines enumerators, synchronization methods, and size for...
How will caching be controlled
It's possible that an XMLHttpRequest response will be cached by the browser. Sometimes, that's what you want and sometimes it's not, so you need to exert some control over caching. With cache control, we're talking about GET-based requests. Use GET for read-only queries and other request types for operations that affect server state. If you use POST to get information, that information usually won't be cached. Likewise, if you use GET to change state, you run the risk that the call won't always...
SOA WOA and SaaS
SOA components contain Web services, RPC layer services for applications, and generic services written in traditional applications. Most of the SOA components are written in Web services, as modeled in Figure 2.11. A Web Service can be defined in the following way A Web service is a software component developed to support interoperability over a network using an interface described in WSDL, a machine-understandable format. Other systems communicate with the Web service, using SOAP messages that...
The Yahoo Geocoding API
Currently, the Yahoo Geocoding API is really useful only for geocoding addresses in the United States, though with competition from Google, we're sure this will change. Before Google's geocoder came along, this was the geocoder of choice for many people doing US-centric mashups using both the Google Maps API and the Yahoo Maps API. The only real limitation is that you can make only 5,000 lookup requests per day per IP address . Caution The rate limit for Yahoo is based on a 24-hour window, not...
The scroll event
You may also want to keep track of when a user scrolls the window or another element in order to ensure something remains visible on the screen at all times. By using the scroll event, this is easy lt title gt OnScroll Example lt title gt lt head gt lt body lt p gt Try scrolling this window. lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p gt lt p gt amp nbsp lt p...
Writing a simple test case
In JUnit, a test case is a class that may contain one or more tests. The purpose of the test case is to group a set of tests together, typically based on their function. For example, you may want to place all tests for a calendar widget in the same class, potentially allowing you to write private methods that can be shared among the tests. In the example, you'll write a test case that tests basic math functionality, giving you a feel for how to use JUnit. You begin by creating a new class named...
CSRF Vulnerability Detection with Web Applications
Traditional CSRF vulnerabilities can be identified by analyzing each important get and post request going to the application. If an attacker can reproduce a get or post request, this can lead to CSRF. If a specific get or post request on an application throws some magic number that cannot be guessed easily, this can act as a token to guard against a CSRF attack vector. This magic token can be part of a querystring in a GET request while in a data buffer as part of a posT request. These tokens...
Emulating Classes
As stated earlier, JavaScript doesn't use classes, but instead is prototype-based. Nevertheless, what JavaScript can do is emulate classes. Class emulation begins with constructors. You are familiar with constructors in .NET they are similar in JavaScript, but the big difference is that within the constructor you are able to declare properties for the object. The Point class function Point x, y this._x x this._y y this.toString function return this._x , this._y You can then use the new operator...
Setting new document preferences
Click the Preferences button at the bottom left of the New Document dialog box. Alternatively, choose Preferences from the Edit menu Dreamweaver menu on a Mac , and select the New Document category. Either presents you with the New Document Preferences dialog box shown in Figure 1-3. The dialog box lets you set the following global preferences Default document lets you choose the type of document that will be created when you use the keyboard shortcut for a new document Ctrl N Cmd N . For this...
The CascadingDropDown Extender
The CascadingDropDown extender can be attached to a DropDownList control to automatically populate it based on the current selection of one or more parent DropDownList controls. The CascadingDropDown extender is designed to fit in a relatively common scenario in which the contents of one drop-down list depends on the selection of another list. In this way, you don't need to transfer to the client the entire data set from which a child list can select a subset of items to display in accordance...
Wrapping it up in finally
What happens if you absolutely, positively have to do something regardless of whether or not an exception is thrown You can use a third block for that purpose called the finally block, which can be used only in the try catch block. The finally block is guaranteed to always execute regardless of whether or not an exception was thrown. To see how you might use the finally block, suppose that you're performing some database operation in the try block that throws a SQLException. Before making the...
Dropping and Adding Items
The checkltemAcceptance method relies on some housekeeping operations performed as items are dropped it expects the box weight to be correct and the allRMASerials list to be up-to-date. These go into Tree's onDndDrop extension point. The chain of events on a drop goes like this 1. The user lets go of the mouse. 2. checkAcceptance and checkltemAcceptance are called. If they both return true, the drop proceeds. 3. Tree updates the display and the data store. 4. Lastly, Tree calls the onDndDrop...
The use Attribute
Embedding code improperly in pages might cause a maintenance headache, so it's best to separate control code from the code for the UI. There are two ways to separate code from views. First, you could put these control codes in a separate Java class, and then register event listeners to invoke the proper methods accordingly. For example, you could invoke your methods to initialize or to cancel a process by registering the onCreate , onOK , and onCancelQ event listeners to invoke those methods...
AccordionContainer
Like a TabContainer, AccordionContainer inherits from StackContainer and is a means of displaying one child at a time from a collection of widgets. The visual difference is that the container looks like a vertical accordion, and animates when each child is selected. One important difference in how you use AccordionContainer, however, is that you must use a special child container called AccordionPane that provides an explicit wrapper for its child widgets. The actual reasoning for why this is...
GetState SetState
lTttp yjGcalfr gt 5t BQ68 - Prsrceissliig Remote - Mo _ X Figure 3-3. Applying the Representation Morphing pattern when adding two numbers Figure 3-3 shows two referenced representations Number and Result. Each of the representations has associated two methods GetState and SetState. The purpose of the methods is to extract and assign state to a representation. In programmatic terms, the representations and the associated methods represent a contract. Notice that it has not been mentioned how...
defaultChecked
Compatibility WinIE3 , MacIE3 , NN2 , Moz , Safari Sometimes you may find it beneficial to know if the initial setting of a checkbox has changed. The checked property alone can't tell you this because it reflects only the current state of a checkbox. Another property, defaultChecked, keeps up with the initial state of a checkbox. If you add the checked attribute to the lt input gt definition for a checkbox, the defaultChecked property for that object is true otherwise, the property is false....
Synchronizing ViewState
One of the things that is integral to ASP.NET is the ViewState. The ViewState is encoded data that saves important data about a page in a special hidden form element called __ViewState. This data includes values that are bound to a grid, drop-down list, or other form element. This information is used to keep the data consistent between page postbacks as well as allow for change events to occur on this page. The problem with this is that with ASP.NET AJAX calls can be made to the server and...
To monitor a URL
1. In your project's primary HTML file, include the Shockwave file Script 13.1 lt script src servicemonitor.swf type application x-shockwave- flash gt lt script gt To use the URLMonitor class, an application must include this file. For the type attribute, make sure you specify its value as application x-shockwave-flash. 2. In a JavaScript block, create the two objects var url new air.URLRequest 'http www.example.com' var monitor new air.URLMonitor url This code is pretty much the same as the...
The NewsTickerFeed Class
A news ticker isn't very useful without content to display. The NewsTickerFeed class pulls the required feeds, parses them with XParser, and assembles the HTML for the ticker. The constructor accepts two arguments a reference to its the NewsTicker object this allows access to the NewsTicker properties and methods when needed and the URL of the feed to download function NewsTickerFeed oParent, sUrl this.parent oParent this.url sUrl this.timer null this.container null Compared to the NewsTicker...
Defining Dynamic HTTP Validation
For those websites that read data as often as it is written, the static HTTP validation approach would be wrong because updating the file takes too many resources. In the case of dynamic HTTP validation, the server application framework has to manage everything, which includes the generation and verification of the entity tag. The major problem to solve is the generation of the entity tag ETag identifier. Traditionally, web developers do not write an ETag identifier. But what is an entity tag...
Caching on the Server
Although the previous section covered most of the caching mechanisms for both the browser and the web server, there are other ways by which we can cache data on the server. The server is often not the last link in the chain, and it often works with data that it must retrieve from files on the system, or data in a database. Therefore, if we can find efficient ways to cache this data, we can again avoid the expensive operations required to retrieve the data from its original source. With...
Implementing a continuously updating component
In this section, we'll revisit the Server Status component and allow it to periodically update itself. To do this, you'll add the ability to set the refresh rate for the data, as well as add the ability to change or stop the automatic updates. In doing so, we'll need to look at the GWT Timer class, which allows you to trigger timed events. If you've been following along with us, your Server Status component should be working and have a method that can be called to have it update its information...
ItemFileReadStore and Trees
An ItemFileReadStore can nest JSON hashes within JSON hashes, a technique we saw in Section 3.2, Literals and Hashes, on page 39.2 That structure translates directly to a tree a nested hash will display as a folder node that you can expand. 2. This kind of nesting is called native nesting. ItemFileReadStore also supports reference nesting, allowing more complex relationships such as assigning multiple parents to a child. These relationships cannot be modeled with a Tree anyway, but if you're...
Using variables in a SQL query
Changed To out whether an author has already been registered, you need to check the authors table to see if any record matches the values submitted in the first_name and family_name fields. In other words, you need to search the database or in this case, a single table . If there's a match, you need to stop the Insert Record server from executing. Otherwise, the insert operation can go ahead. Since you don't know what will be entered in the form fields, you need to pass their values as...
Multiplexing Requests
Instead of fighting with the connection limit, it may be better to consider sending the requests in batches. Yes, you read that right we are promoting a batch concept here. Take three or four requests, put them into one Ajax request, and send it on its way to the server. This is just the simple idea of multiplexing applied to Ajax. Now, you should doubt this approach as it would seem to be a return to the old style. However, what is being suggested is not waiting around for a batch request, but...
Capturing the Postback via IPostBackEventHandler
As part of our design, we had the requirement of rendering the button as either a normal button or as a specially configured hyperlink to submit the web form. With events in hand, we now move on to hooking the button click into the postback process through implementation of the IPostBackEventHandler interface. To achieve this, we next implement the single method of the postback interface, RaisePostBackEvent public void RaisePostBackEvent string argument RaisePostBackEvent takes a single...
Tampering with Data Types of the SOAP Message
Here is an example of a SOAP request that takes an array as input. lt xml version 1.0 encoding utf-16 gt lt soap Envelope lt soap Body lt tns solvesys gt lt Arr href id1 gt lt tns solvesys gt lt soapenc Array id id1 lt Item gt 0 lt Item gt lt soapenc Array gt lt soap Body gt lt soap Envelope gt The following node gives away information about the input parameter an array of items. lt soapenc Array id id1 lt Item gt 0 lt Item gt lt soapenc Array gt xsd double indicates that the array consists of...
ReorderList Control
In many web and desktop applications, you may have come across the typical UI construct for reordering lists that is often done by two buttons one for Up and another for Down placed adjacent to the list itself. The user then has to select the item in the list and click the appropriate button enough times to get the selected item in the designated position. It would certainly be nice to be able to simply drag the item to the desired position instead. You have already seen how easy it is with the...
Accessing Complex Properties with JSTL
More interesting in Example 3-17 is how the JSTL expression language EL is used to retrieve the collection of IDEs for the chosen language language The power of EL allows you to access normal JavaBean properties as well as mapped properties in almost any combination. To understand how the expression is evaluated, let's examine how it would be done in Java Map ideMap languageChoices.getLanguageldeMap get the selected language from the form bean DynaActionFrom form DynaActionForm String language...
Controlling Browser History
It has been said that he who controls history, controls the future. That is certainly true when using a browser. Everyone is familiar with the browser Forward and Back buttons, which allow the user to navigate back and forth amongst the pages already visited in the current session. Forward and Back are central to the browsing experience. The browser automatically enables and disables these buttons as necessary, if there are appropriate pages to navigate to. For example, if you are at the first...
Implementing the Standard Flash Widget
The standard implementation for the Flash widget creates the EMBED tag, as shown in Listing 15.129 by simply stringing together a number of Strings. In a real implementation, we would use the parameters passed in to set dimensions, etc., but, in our example, we just hard code all the parameters. Note that, in the URL, we set the title value to be the word Other, which is what we expect to be displayed on screen. Listing 15.129 Defining the Flash widget's implementation class for the majority of...
Moving JavaScript to an external file
This exercise demonstrates how to use the JavaScript Extractor using spry_selector.html from the preceding section. 1. Because the JavaScript Extractor cannot restore JavaScript once it has been removed from a page, it's always a good idea to create a new copy of the file that you want to work on. Save spry_selector.html from the previous exercise or from examples ch08 as spry_unobtrusive.html in workfiles ch08. 2. Close the original file and work with spry_unobtrusive.html. 3. Select Commands...
Encapsulating Remote Calls in a Faade
The Fa ade pattern is one of the software patterns described in the famed book Design Patterns Elements of Reusable Object-Oriented Software by Gamma, Helm, Johnson, and Vlissides. This book defines the fa ade software pattern as a way of providing a higher-level interface to make a subsystem easier to use. In our case we want to encapsulate all of the RPC logic into a class that provides a simple interface in an effort to achieve the following Reduce complexity by reducing the number of...
Giving elements a unique identity
An id attribute is like an ID in real life to provide a positive method of identification, an id attribute must be unique in the same way as a Social Security number. Once you have assigned an id, you must not reuse it within the same page. You can reuse it elsewhere in the same site, but only once in each page. Many web designers blithely ignore this rule, because CSS usually works perfectly well even if the same id is used several times on a page. Moreover, in spite of its commitment to...
Checked and Unchecked Exceptions
Java exceptions can be separated into two distinct groups checked and unchecked. A checked exception signals an abnormal condition that the client must handle. All checked exceptions must either be caught and handled within the calling method or be declared in the throws clause following the method signature. This is why they are called checked. The compiler and the JVM will verify that all checked exceptions that can occur in a method are handled. The compiler and JVM don't care if unchecked...
ConfirmButtonExtender Control
The ConfirmButtonExtender control, as the name suggests, captures the Click event of a button and displays a confirmation dialog box. If the user clicks OK after that, the button will function as implemented otherwise, the Click event will simply be ignored. This control is so simple that it only has two properties TargetControlID and ConfirmText. As you probably have guessed already, TargetControlID contains the ID of the target button, and ConfirmText holds the text message that will be...
referrer
Compatibility WinIE3 , MacIE3 , NN2 , Moz , Safari When a link from one document leads to another, the second document can, under JavaScript control, reveal the URL of the document containing the link. The document.referrer property contains a string of that URL. This feature can be a useful tool for customizing the content of pages based on the previous location the user was visiting within your site. A referrer contains a value only when the user reaches the current page through a link. Any...
ScriptControlDescriptor
Listing 17-8 presents the implementation of the replica ScriptControlDescriptor. As you can see, this class derives from the ScriptComponentDescriptor base class discussed in the previous sections. Note that the constructor of the ScriptControlDescriptor class makes use of the internal constructor of the ScriptComponentDescriptor base class. As discussed earlier, this internal constructor takes two parameters, the first containing the fully qualified name of the type of the ASP.NET AJAX control...
Multilingual Support
Most of us cringe at the thought of supporting user groups that are in one of several possible locales. In many cases, however, once an application has been installed and localized, it's like any other single-locale application. The users that access the application are either all from the same locale or are from locales similar enough that the language and cultural differences are insignificant. Multilingual applications, on the other hand, take internationalization to the next level by...
Sending Results to the Client
As I just showed in Example 16-5, the server will take care of creating the XHTML to send to the client so that the hints will appear to the user as quickly as possible. This is accomplished by taking the responseText of the server's response and immediately setting it to the innerHTML of the lt div gt element before making the lt div gt element visible. Each hint result that is passed to the client must be capable of submitting the search form to the server. An onclick event should be set for...
Using the UpdatePanel UpdateProgress and Timer Controls
For this first example, consider the following scenario You have a data-driven web page that needs to continuously alert the user with fast changing data, for instance, a page that displays the major financial indices in the U.S. capital markets Dow Jones Industrial Average DJIA , NASDAQ, and S amp P500. One approach is to place a lt META gt tag in your page with refresh values that then force the page to refresh itself in regular intervals based on the provided value. But if you wanted to make...
Listing The onComplete Private JavaScript Function
function onComplete response, eventArgs if response.get_responseAvailable var contentType if result response.get_object else if result response.get_xml result response.get_responseData var error var errorObj error true if errorObj result new Sys.Net.WebServiceError false, result.Message, result.StackTrace, result.ExceptionType var statusCode response.get_statusCode if statusCode lt 200 statusCode gt 300 errorObj result new Sys.Net.WebServiceError false timedout , methodName , ,...
Step Defining the realms
The second step is to define a realm in the Web container's server.xml file. A realm identifies a set of users, their passwords, and their associated roles. Four types of realms are possible, depending on how you set up your user information I UserDatabaseRealm The simplest but least flexible and secure choice. In this scenario, usernames, passwords, and roles are kept in a static file that is loaded into the Web container's memory at startup. For Tomcat, this file defaults to tomcat-users.xml....
Signing Content
A way of gaining trust with users is to prove that you are legit. Own your own words. Digitally sign your stuff, so that people know it came from you. This applies to everything on the Web web pages, RSS and ATOM feeds, blogs go nuts If you sign the content, people have an assurance that what they are getting is from a more trusted source. Also, if you share your public key for verifying your signature on a web page protected with SSL, you can extend the trust of the certificate providing SSL...
Table of Contents
About This How to Use This Book Foolish Assumptions Conventions Used in This Book How This Book Is Part I Getting to Know Jakarta Struts Part II Starting from the Part III Expanding Your Development Options 4 Part IV Putting It All Part V The Part of Part VI Icons Used in This Where to Go from Part I Getting to Know Jakarta Struts 7 Chapter 1 Starting with the Basics 9 What Is Jakarta Struts Structuring a Web Application Using Java Creating JavaServer Pages Using JavaBeans Understanding the...
Development Environment with Eclipse
The Eclipse IDE that we use is the recent Eclipse Ganymede release. Eclipse IDE comes in many packages and the one that we use here is Eclipse IDE for Java EE Developers. This package includes tools for developing JEE and web applications, and it has all the prerequisites of the Geronimo Eclipse Plugin that we install here. The easiest way to install the Geronimo Eclipse Plugin is to let Eclipse WTP Web Tools Platform to do the download and installation. After starting Eclipse, we specify a new...
Throwing Exceptions
Often it is desirable to allow a method to throw an exception that will be handled by the calling code. For example you may have a login function that returns a user data object on success, but, on failure, it throws an appropriate exception. 1.2351 UserData loginUser String username, String password 1.2352 throws FailedAuthenticationException When GWT calls your service method, and it throws an exception, it will serialize the exception and return it to the client browser. The only requirement...
IScriptControl
All ASP.NET AJAX script server controls implement an interface named IScriptControl, defined in Listing 17-3. As you can see, the IScriptControl interface exposes two methods GetScriptDescriptors The GetScriptDescriptors method of the IScriptControl interface plays the same role in a script server control that the GetScriptDescriptors method of the IExtenderControl plays in an extender server control. Recall that the GetScriptDescriptors method of the IExtenderControl interface takes a...
Validating a checkbox group with Spry
Validating a checkbox group is easy, but the default use of lt span gt tags makes it difficult to create a layout that uses valid code and looks halfway decent. However, this is also a good opportunity to show you that you don't need to be constrained by Dreamweaver's way of doing things. The best way to explain is with a practical example based on the form you have been using throughout the chapter. The form has a group of five checkboxes displayed in two columns, each of which is formed by a...