After about 4-week part time study, I managed to pass the SCWCD(Sun certified web component developer) exam. I would not say the exam was difficult, but you do need to study the material thoroughly in order to pass it. My main reference is Head First Servlets and JSP book, the book is written with a goal of passing SCWCD exam and it has been appreciated by a number of successful candidates. I would strongly suggest this book for anyone who intends to take the SCWCD exam.
After reading the book, I tried the exam at the end of the book and a few other mock exams on the internet, the quality and difficualty of the exams varies but I found the one comes with the book reflects the real exam well, only a fraction more difficault.
During the period of my study, I made a note of all the key points in the book and some catchy stuff in the mock exam. Now it's the time for me to share this note with you guys, I hope it will help with your preparation:
The Container calls init() on the servlet instance after the servlet instance is created.
You might hear people say things like, “Each instance of the servlet...” but that’s just wrong. There aren’t multiple instances of any servlet class.
The Container runs multiple threads to process multiple requests to a single servlet. the servletservlet
getRemotePort() means “get the client’s port
println() to a PrintWriter
write() to an ServletOutputStream
response. getOutputStream()
response. getWriter()
The
Only Request attributes and local variables are thread-safe!
Don’t forget that the encodeURL() method is something you call on your HttpServletResponse
In the DD, using the
Three different JSP element types:
- Scriptlet: <% %>
- Directive: <%@ %>
- Expression: <%= %> e.g. <%= Counter.getCount() %> Expressions become the argument to an out.print(). - No semicolon
- Declaration: <%! %>
You can only disable scripting language through the DD.
Template Text - Plain old HTML.
You can override jspInit(), jspDestroy(). But you cannot override _jspService()!!!!
${person.name}
If the expression has a variable followed by a dot, the left-hand variable MUST be a Map or a bean.
The thing to the right of the dot MUST be a Map key or a bean property.
There is NO "=" in EL, only "=="
EL is null-friendly. It handles unknown or null values so that the page still displays, even if it can’t find an attribute/property/key with the name in the expression. In arithmetic, EL treats the null value as “zero”. In logical expressions, EL treats the null value as “false”.
For custom tags, default
Using the getParent() method,a Classic tag can access Classic tag parents, and a Simple tag can access either a Classic or Simple parent.
A user can’t be authorized until he’s been authenticated.
NO
The existence of an empty
This web.xml file MUST be in WEB-INF
RequestDispatcher view = request.getRequestDispatcher(“result.jsp”);
view.forward(request, response);
If you don’t put method=“POST” into your form, the default is an HTTP GET request.
Every request to a servlet runs in a separate thread! There is only one instance of any particular servlet class.
getServletContext().getInitParameter(“foo”);
getServletConfig().getInitParameter(“foo”);
ServletContext.getInitParameterNames() or ServletContext.getInitParameter(String)
The servlet to which a request is forwarded may access the original query string by calling getAttribute(“javax.servlet.forward.query_string”) on the ServletRequest.
Depending on the class whose method creates a RequestDispatcher, the path to the resource to be forwarded to will change.
If your servlet uses an Redirect(RequestDispatcher.forward), it can never send its own response.
if you don’t explicitly encode your URLs, and the client won’t accept cookies, you don’t get to use sessions. If you do encode your URLs, the Container will first attempt to use cookies for session management, and fall back to URL rewriting only if the cookie approach fails.
You do NOT configure session binding listeners in the DD.
HttpSessionListener and HttpSessionActivationListener must be registered in the DD, since they’re related to the session itself, rather than an individual attribute placed in the session.
SSL has a built-in mechanism that a servlet container could use to obtain data used to define a session.
If there’s a conflict between the
JSPs turn into plain old servlets, so they have access to the plain old ServletConfig and ServletContext objects... and it’s just a little early in the lifecycle to be talking about requests and responses.
exceptin and application are valid JSP implicit variables.
You can only disable scripting via the DD by using the
Automatic String-to-primitive conversion does NOT work if you use scripting!! It fails even if an expression is INSIDE the
Music is: ${musicMap[Ambient]}
Find an attribute named “Ambient”. Use the VALUE of that attribute as the key into the Map, or return null.
You can’t do ${foo.1}
Use requestScope to get request ATTRIBUTES, not request PROPERTIES.
${requestScope.person.name}
For request properties, you need to go through pageContext.
${pageContext.request.method}
The EL initParam is NOT for params configured using
email is: ${ initParam.mainEmail}
The include directive happens at translation time <%@ include fi le=”Header.jsp”%>
${header.User-Agent} is equivalent to ${header[“User-Agent”]} WRONG! - because of the dash in User-Agent. Only header[“User-Agent”] will work.
${cookies.foo} is WRONG because the variable is “cookie”.
Null values are rendered as blank text
This flavor of
You can never have BOTH the “var” and “target” attributes in a
If there’s no
The
Four places the Container looks for TLDs
- Directly inside WEB-INF
- Directly inside a sub-directory of WEB-INF
- Inside the META-INF directory inside a JAR file that’s inside WEB-INF/lib
- Inside a sub-directory of META-INF inside a JAR file that’s inside WEB-INF/lib
- Directly inside WEB-INF/tags
- Inside a sub-directory of WEB-INF/tags
- Inside the META-INF/tags directory inside a JAR file that’s inside WEB-INF/lib
- Inside a sub-directory of META-INF/tags inside a JAR file that’s inside WEB-INF/lib
Scripting elements, remember, are scriptlets (<% ... %>), scriptlet expressions (<%= ... %>), and declarations (<%! ... %>).
Tag File bodies are never allowed to have scripting!
If the tag file is deployed in a JAR, there MUST be a TLD for the tag file.
The setParent() method is called only when the tag is invoked from WITHIN another tag. Since this tag was not nested, setParent() is NOT called.
SkipPageException stops only the page that directly invoked the tag
If the page that invokes the tag was included from some other page, only the page that invokes the tag stops processing! The original page that did the include keeps going after the SkipPageException.
Tag Files implement tag functionality using a page, while tag handlers implement tag functionality using a Java tag handler class.
When you implement BodyTag (by extending BodyTagSupport), you get two more lifecyclesetBodyContent() and doInitBody(). You also get one new return value for doStartTag(), EVAL_BODY_BUFFERED.
Using the getParent() method, a Classic tag can access Classic tag parents, and a Simple tag can access either a Classic or Simple parent.
pageContext variable is only available to Classic tags.
findAncestorWithClass requires two parameters: A Tag and a Class.
doAfterBody() is only called when doStartTag() returns EVAL_BODY_INCLUDE.
the fragment is invoked by the doTag implementation, NOT before the doTag is called.
pageContext.getAttribute(String) only checks the page scope.
a Simple tag may include a Complex tag in the body as long as that tag contains no scripting code.
simple tags cannot have a body that includes a JSP expression tag.
The “classes” directory must NOT be under “lib”, it must be under “WEB-INF”.
Nothing under META-INF or WEB-INF is directly accessible.
The
You can configure a mapping between an extension and a mime type in the DD.Don’t include the “.” in the extension!
Constraints are not at the RESOURCE level. Constraints are at the HTTP REQUEST level.
1 When combining individual role names, all of the role names listed will be allowed.
2 A role name of “ * “ combines with anything else to allow access to everybody.
3 An empty
IMPORTANT: The Container’s rules for ordering filters: When more than one filter is mapped to a given resource, the Container uses the following rules: 1) ALL filters with matching URL patterns are located first. This is NOT the same as the URL mapping rules the Container uses to choose the “winner” when a client makes a request for a resource, because ALL filters that match will be placed in the chain!! Filters with matching URL patterns are placed in the chain in the order in which they are declared in the DD. 2) Once all filters with matching URLs are placed in the chain, the Container does the same thing with filters that have a matching
Request/Response wrappers implement the Decorator pattern.
SimpleTag extends JspTag. ClassicTag extends Tag.
getRequestDispatcher() method of ServletContext interface expect a URL starts with "/" i.e. absolute url.
Servlet attribute can be set in these scopse: request, session, and context
HttpSessionBindingEvent can access the ServletContext via getSession().getServletContext()
ServletRequest.getRequestDispatcher can take a relative URL.
ServletContext.getRequestDispatcher cannot
Use of the methods in the HttpSessionActivationListener does not require configuration in the deployment descriptor
The HttpSessionBindingListener does not need to be configured in the deployment descriptor.
BASIC authentication is easy to set up but the forms are ugly and there is no encryption security
Digest security is not considered strong and Digest in not supported by all browsers. DIGEST authentication is defined within the HTTP protocol, though it is not widely used as it is not supported by all browsers.
Form authentication allows better looking login forms than BASIC, but still has no security. To use FORM authentication the form is required trigger an action called j_security_check and the userid and password must have the names j_username and j_pssword. FORM authentication is defined within the J2EE spec
Client Cert authentication has good security, but it is complex to implement and maintain
<% @include file=”menu.jsp” %>
The include directive happens at translation time and the include standard action happens at runtime
JSP comments are the equivalent of Java comments in that they are discarded by the parsing process and do not appear in the text that is sent to the browser.
The jspInit method is called by the container once and only once for a servlet instance.
JSP implicit objects:
- request,
- response,
- out,
- session,
- config, an instance of javax.servlet.ServletConfig
- application, an instance of javax.servlet.ServletContext.
- page, The page implicit object is of type Object and it is assigned a reference to the servlet that executing the _jspService() method.
- pageContext, and
- exception.
The following words are reserved and cannot be used as a prefix for a taglib jsp:, jspx:, java:, javax:, servlet:, sun:, and sunw
The
- -request getRequest
- -response getResponse
- -out getOut
- -session getSession
- -config getServletConfig
- -application getServletContext
- -page getPage
- -exception getException
You need to memorize the method return values for the classic tag methods
- -The doStart method: SKIP_BODY or EVAL_BODY_INCLDE
- -The doAfterBody method: IterationTag.EVAL_BODY_AGAIN or Tag.SKIP_BODY
- -The doEndTag method: SKIP_PAGE or EVAL_PAGE
jspTag Tag getParent()
jspTag Tag findAncestorWithClass(Tag from, java.lang.Class klass)
getParent and findAncestoryWith class are available to both simple and classic tags
The findAncestorWithClass method allows an arbitrary ancestor to be retrieved rather than just the enclosing parent.
Simple tags cannot have scriptlet code (JSP) within the body. Because of this the
public void setDynamicAttribute(String uri, String localName, Object value){}
Using a tag file that is not wrapped in a jar is very convenient because it needs no Tag Library
Descriptor File (tld). However when wrapped in a jar (Java archive) tag files require a tld.
However when wrapped in a jar (Java archive) tag files require a tld. A tag file is similar but not identical to a regular tld. Instead of matching tags to handlers it matches the names of tag files to their paths, and so it uses the new
- The implicit objects available in JSP pages are: request, response, pageContext, session, application, out, config, page, exception (in error pages only).
- The implicit objects available in EL pages are: pageContext, pageScope, requestScope, sessionScope, applicationScope, param, paramValues, header, headerValues, cookie, initParam.
- The implicit objects available in Tag file are: request, response, out, session, application,config,jspContext
This is similar, but not identical to the implicit objects available to standard JSP pages. JSP pages have a page object, pageContext object and can have an exception object.
a war file must contain a directory called META-INF
Unlike the TagSupport class the SimpleTagSupport class does not have its own pageContext field. The getJspContext can be used to get the the page context passed in by the container via setJspContext.
The jspInit() method may be overriden within a JSP page
If scripting is disabled in the deployment descriptor a compilation error will be generated if you try to compile a page with scripting elements
The taglib directive can use either the tagdir or the uri attribute to locate the tld file
A resource that is included using the RequestDispatcher.include method will share attributes of the originating resource.
The beanName attribute of useBean is only used with serialized beans
The body of a call to a tagfile cannot contain scripting. Thus by default a tag file body is scriptless.
The scope of an attribute can be HttpSession,ServletRequest,or ServletContext.
FORM based authentication is a Java (JSP/Servlet) specific technology. Not defined in HTTP specification.
If your servlet uses an RD, it can never send its own response The page attribute of the
Good stuff. Very useful, thanks.
ReplyDeleteLooks like the xml fragments are not showing.. can you check, please?
ReplyDeleteSorry, blogspot escaped XML tags by default, i will look into it.
ReplyDelete