Source code of this article: @ L_ 403_ 0 @ | gitee · click here

1、 Basic concepts

1. CS and BS architecture

CS architecture mode

In the client / server mode, both the server-side program and the client-side program should be developed. When updating the software, the client and server-side need to be updated at the same time. The overall mode is more complex than the BS architecture, but the security is relatively high.

B / S architecture mode

That is, the browser / server only needs to write the server-side program, and the browser interface is used as the access to the server-side. The architecture is relatively simple and can iterate quickly, but the security is poor.

2. Socket communication mechanism

TCP / IP protocol

Transmission control protocol / Internet Protocol refers to a protocol cluster that can realize information transmission between multiple different networks. TCP / IP protocol refers not only to TCP and IP, but also to a protocol cluster composed of FTP, SMTP, TCP, UDP, IP and other protocols. It is called TCP / IP protocol because TCP protocol and IP protocol are the most representative in TCP / IP protocol.

Socket socket

The abstraction of the endpoint of two-way communication between application processes on different hosts in the network. A socket is one end of process communication on the network, which provides a mechanism for application layer processes to exchange data using network protocol. Generally, the server that receives the request data and does business processing is called server socket, and the client that sends the request and receives the processing results is called client.

2、 HTTP protocol

1. HTTP and HTTPS

HTTP protocol

HTTP hypertext transmission protocol is a transmission protocol used to transmit hypertext from the world wide web server to the local browser. It transmits data based on TCP / IP communication protocol: HTML files, pictures, query data, etc. HTTP protocol is based on client server architecture mode. As an HTTP client, the browser sends a request to the server, that is, the web server, through a URL. According to the received request, the web server sends response information to the client after processing the request.

Protocol features: simple, fast, flexible, connectionless, stateless, supporting client / server mode.

HTTPS protocol

The HTTP channel based on security is the secure version of HTTP. The SSL layer is added to the HTTP request. The security basis of HTTPS is SSL. Therefore, SSL is required for the details of encryption. In short, HTTPS protocol is a network protocol built by SSL + HTTP protocol, which can carry out encrypted transmission and identity authentication. It is safer than HTTP protocol. The main functions of HTTPS protocol can be divided into two kinds: one is to establish an information security channel to ensure the security of data transmission; The other is to confirm the authenticity of the website.

Difference between HTTPS and http

Security certificate: HTTPS protocol needs to apply for a certificate from ca. generally, there are few free certificates, so it requires a certain fee.

Data transmission: http is a hypertext transmission protocol, information is transmitted in plaintext, and HTTPS is a secure SSL encrypted transmission protocol.

Connection mode: HTTP and HTTPS use completely different connection modes and different ports. The former is 80 and the latter is 443.

2. Get and post requests

Browser side

From the perspective of the browser, the difference between the two requests is that the get method reads resources, such as get to a static page. Even if multiple reads will not affect the access data, it is also called an "idempotent" request. Post defines the form in the page. Submitting the form will submit the data to the server, and in most cases, it will generate data. For example, the commonly used data saving interface is not an "idempotent" operation, which means that it cannot be executed multiple times at will.

Service interface

This refers to the type of request submitted by requesting the service interface with Ajax program. Or other HTTP request tool classes, as well as requests between various feign interfaces in microservices. In this case, there are relatively few restrictions when the interface sends requests. For example, rest style interfaces often use get, post, put and delete to obtain, create, update and delete resources respectively.

3. Handshake mobile phone system

Three handshakes

First handshake: the client actively initiates a request connection to the server. Syn = 1 is sent in the request message. At this time, the initial serial number SEQ = x is randomly generated. At this time, the client process enters the syn-sent synchronization sent state.

Second handshake: after receiving the request message, the server confirms the syn of the customer. If the request is not rejected, it sends a confirmation message. In the message, ACK = 1, syn = 1, ACK = x + 1 and send a syn packet SEQ = y. at this time, the server process enters the syn-rcvd synchronization receiving state.

The third Handshake: after receiving the confirmation, the client needs to confirm the ACK = 1 and ACK = y + 1 of the message to the server. At this time, the TCP connection is established and the client enters the established connection state. After three handshakes, the client and server start transmitting data.

Four waves

First wave: the client sends an end fin to actively close the data transmission with the server, release the connection and stop sending data. The message header: fin = 1, serial number SEQ = u; Then, the client enters the termination wait 1 state fin-wait-1.

The second wave: the server receives this fin and sends a confirmation message ack = 1. The confirmation received serial number is the received serial number + 1, that is, ACK = u + 1, and carries its own serial number SEQ = v. like syn, a fin will occupy a serial number. In this way, the server informs the application process that the client has no data to send. If the server sends data, the client still needs to receive it. This state will last for a period of time, and the server enters the closed-wait state. After receiving the confirmation request from the server, the client enters the termination state fin-wait-2 and waits for the server to send the connection release message.

The third wave: the server sends the release connection message fin = 1, ACK = u + 1 to the client. At this time, the server is still in the semi closed state, and the server may also send some data. At this time, the serial number is SEQ = W. in this way, the server enters the final confirmation state last-ack and waits for the confirmation of the client.

The fourth wave: after receiving the connection release message from the server, the client sends back a confirmation, ACK = 1, ACK = w + 1, and the serial number is SEQ = u + 1. In this way, the client enters the time-wait state time-wait. At this time, the TCP connection has not been released, and the longest message segment life must pass before it enters the closed state. MSL: the longest message segment life, usually 2 minutes. When the TCP connection is released, the active party must go through 2msl before entering the closed state. Therefore, the active party closes late.

3、 Servlet component

The server-side program written in Java is independent of the platform and protocol. Its main function is to interactively browse and generate data and generate dynamic web content. Using servlet, you can collect user input from web forms, render records from databases or other sources, and dynamically create web pages.

1. Implementation mode

Inherit httpservlet. Httpservlet plays the role of abstract template. Template method: Service () method plays the role;

Inherit the genericservlet abstract class, in which the service method is an abstract method;

Implement servlet interface, including init, getservletconfig, service, getservletinfo and destroy;

2. Life cycle

Load and instantiate, initialize init, service, destroy.

3. Core API components

ServletConfig: get servlet initialization parameters and ServletContext object;

ServletContext: share data among dynamic resources of the whole web application;

ServletRequest: encapsulates HTTP request information and is created at the time of request;

Servletresponse: encapsulates HTTP response information and creates it when requested;

4. Forwarding and redirection

Forwarding: control of page Jump at the server;

Redirection: the server responds to the jump information and the browser jumps the page;

5. Cookies and sessions

Cookie mechanism

@H_ 301_ 186@

In HTTP, cookies are usually used to identify the user's identity and track the session. The data stored on the user's local terminal is generally encrypted and temporarily or permanently saved by the user's client computer. Its structure is composed of a key and a value. With the server-side response sent to the client browser. Then the client browser will save the cookie and send the cookie to the server the next time it accesses the server.

Session session

When a user jumps between web pages of an application, the variables stored in the session object will not be lost, but will persist throughout the user session. The servlet can save the data to be shared in a session to the httsession object. Four domain objects: pagecontext, ServletRequest, httpsession and ServletContext.

6. Monitor Filter intercept

monitor

The three major components of Java Web: servlet, listener and filter. Listener refers to the components that monitor the state changes of related objects in the application.

filter

When the client requests a servlet, it executes the relevant filter first. If the filter passes, it inherits the servlet executing the request; If the filter fails, the servlet requested by the user will not be executed. Filters can dynamically intercept requests and responses.

Interceptor

The interceptor in the spring framework is similar to the filter in the servlet. It is mainly used to intercept user requests and process them accordingly. For example, through the interceptor, you can verify permissions, log request information, judge whether users log in, etc. Request forwarding does not perform interception and filtering; Redirection performs interception and filtering.

4、 Database connection pool

1. C3p0 connection pool

C3p0 is an open source JDBC connection pool. The application initializes the database connection according to the c3p0 configuration, which can automatically recycle the idle connection.

2. Druid connection pool

Druid connection pool is born for monitoring. It has built-in powerful monitoring function. The monitoring feature does not affect the performance. The built-in statfilter function can collect the execution information of accessing the database in a very complete connection pool. The Druid connection pool has a built-in monitoring page that provides very complete monitoring information, which can quickly diagnose the bottleneck of the system. It is also the most commonly used connection pool at present.

1. Jetty container

Jetty is an open source servlet container that provides a running environment for Java based web containers, such as JSPS and servlets. Jetty is written in the Java language, and its API is published as a set of jar packages. Developers can instantiate the jetty container into an object, which can quickly provide network and web connections for some stand-alone Java applications.

2. Tomcat server

Tomcat server is a free open source web application server. It is a lightweight application server. It is widely used in small and medium-sized systems and when there are not many concurrent access users. It is the first choice for developing and debugging JSP programs. Two key operations of using Tomcat: connecting Tomcat with development tools and deploying web applications; Package the application and run it under Tomcat service.

6、 Source code address

GitHub·地址
https://github.com/cicadasmile
GitEE·地址
https://gitee.com/cicadasmile

Recommended reading: programming system sorting