|
Visual InterDev
6
Web Dev Process
-
Planning Phase determine content,
feasibility (time, cost, budget, benefits),
localization
Project Management
-
Conceptual Design
Complete and accurate business
requirements (workflow, tasks, phys. Environment, business
goals.) Business rules, structure relationships. Important
phase because creates accurate business requirements that
addresses the problem, needs and capabilities, desired state
of the work, whether upgrading existing solution is
viable
-
Logical Design
Visual Modeler. Data, user
interface, components, services. Specification doc.
Prototypes
Browser History
-
3G Integration; e.g., component technology. Web
development team (InterDev local mode, source code
control, interoperability with other dev tools)
Web Projects
Project name\project location
Server name (SSL?)
Enable site searching?
.sln project & other files that make
application
.vip project interdev specific
.asa
active server application
layouts navigation
themes css
Toolboxes
-
Design-time controls
usually data-bound
-
ActiveX controls;
e.g., Treeview
-
Server Objects;
e.g., dictionary
-
HTML standard HTML elements
-
General
e.g., HTML fragments
-
Source view
(middle tab) design time
controls, Java applets, edit scripts, text & HTML tags
(HTML outline, Properties window, script outline,
debugging.)
HTML
NOFRAMES <FRAMESET COLS *, 2*>
DIV
groups tags (line inserted after)
SPAN (line not
inserted after)
FORM - Form handler action
attribute
Elements need a name attribute to be
submitted
ActiveX control use hidden HTML control value
attribute and onsubmit event
DHTML
ID attribute of HTML tags
DOM interface
that permits scripts to update content, structure and
style
All DOM collections have ITEM and LENGTH (number of
elements)
(for definition of DHTML)
DOM Hierarchy
-
WINDOW top-level object represents browser window
IE4
-
Event exposes the information about a user's actions
-
History
-
Location - URL
-
Navigator browser version, appName, appVersion
-
Screen
WINDOW
Each element object (e.g., input, form etc.) is
accessed through document collections (e.g., All, Children,
StyleSheets) by using index or ID. All elements have tagName,
ID, ClassName
Event Procedures
<SCRIPT> block
Assign procedure in HTML tag <INPUT onclick=procedure>
Include script in tag that defines
object <INPUT onclick=msgbox..>
Name a procedure
objectname_onclick
Event bubbling to top element (document) -means
that events can be handled centrally through the event object
- reduces code & code changes
Dynamic styles/positioning
Style object
div.style.fontsize
Zindex
Absolute xy to parent
element
Display none
Visibility hidden
Relative
xy to preceding element
Dynamic content
Add/remove content
Text properties innerText
or HTML properties innerHTML
Scriptlets (DHTML & server)
right-click .htm and mark as
scriptlet
Reusable UI components
Easy to
create/maintain
Small and efficient
Prototype
quickly
Raise Event, Bubble Event expose to browser
through window. Standard events can also be fired
Frozen,
SetContextMenu, event, readystate
Public read/write
variable declare
Public_get (read)
Public_put
(write)
Public function/sub (method)
(for definition of Scriptlets)
ASP
NT4 NT4 9x
IIS Peer Web Services Personal Web
Server
Can use any language if appropriate engine
installed on server
Browser independent sends HTML
Uses server-side components (system, data or
business)
Scripts cannot be read on server
-
CGI lots of processes (lots of clients), RAM, time
consuming, performance, wait times
-
IIS also supports ISAPI (low o/head, fast, scaleable C++
slow dev time), CGI, IDC & SSI
-
ASP runs in same process as web server, easy to
develop, familiar framework, can retain user info between
sessions, starting point directory, global data (active
server application)
Application collection of files in a directory
whose properties can be set & can be run in a separate
process space
HTTP stateless
Global.asa located in root directory,
processed automatically (application & session)
ASP Session object (special user id)
Sessions begin ...
-
on first request of asp page & global asa has
session_onstart
-
user stores variable in session object
-
object tag with session scope called from page
Sessions end ...
Sessionid sent to client as cookie
Cookie
reused to track session
<% or <SCRIPT RUNAT=SERVER
(for more resources on ASP)
ASP Objects
Based on HTTP headers and body fields. GET
retrieves page. PUT sends back.
-
Session.
Timeout, abandon. State data management.
New object created for each user
-
Application. Lock/unlock (multi-user change)
-
Server
-
ObjectContext
-
Debug.
If IIS running on PC (enable debugging).
Local mode test
Remote debugging one user at a time
with right components on server (remote machine debug &
Interdev server.) Admin level permissions
COM Components
<OBJECT > or Server.CreateObject
instantiate
RUNAT attribute
SCOPE application/session
(default is page)
PROGID
CLASSID
Server objects tab of toolbox
Page Objects
Design time control based on scripting object
model
Define methods and properties navigate,
execute and return value
ADO
Based on COM and UDA strategy. Application-level
interface on OLEDB (extends ODBC by accessing all data sources
not just RDBMS)
(ADO in the real world)
7 ADO Objects
-
Command defines
info about what data is
retrieved from a db connection. Cmd.CreateParam
-
Connection
establishes connection (OLE DB
or ODBC) DSN while adding connection or through ODBC in
Control Panel. Establishes connection (ADODB.Connection)
Cnn.Open
Connectstring
Cnn.close
Set cnn=nothing
Managing
number of connections is important
-
Error
-
Field
-
Parameter
-
Property
-
Recordset Represents results of executed
command working with cursor dynamic, forward only, keyset or
static. Can create by command object or by itself
ADODB.Recordset
Rs.Open Source (e.g., sql or table),
ActiveConnection (open object better for pooling or connect
string not scalable), CursorType, LockType, Options
Can also create by execute method of connection (sql) or command objects
(sql, stored procedure, table)
Use SQL commands where possible & business
objects to access db to simplify maintenance & isolate
logic
RDS
Web based extends ADO. Caches records on users
pc traffic times (only works in ie4, win9x, or
nt4)
Binds data from a recordset to HTML elements or
ActiveX controls on a web page
Data updates isolated in
business objects instead of data-update code in HTML
documents
RDS.DataControl object - Add to HTML document.
Runs queries, makes recordsets available to
controls
RDS.DataSpace.CreateObject creates instances of
bus. Objects on server
ADOR.Recordset fewer features than
ADO but faster
RDSServer.DataFactory bus object runs
queries (server)
(for definition of RDS)
Data-binding
Data Service Objects (DSO) RDS
Data
consumers HTML elements in IE4 support DSO
Data Environment
-
Is the repository for storing & reusing data
connections & commands in an InterDev project. Contains
the info required to access data in a db and contains one or
more connections
-
Is a sub-folder of global.asa connections stored in
application-level variables
-
Can use DE objects to access data. Stores data
connections and data commands. Add connections at design
time and then add commands
Database Projects
Create, modify & execute and save queries
and stored procedures. Tools for building and managing
databases separate from web-pages. Database diagrams, view
relations alter structures. Save to script or direct to db.
Data-view window
Live view of databases, objects and props.
Provides sophisticated development and admin. Can use
data-view to open, edit and delete db objects
Query Designer
Diagram, grid, sql, results. Can differentiate
between different breeds of sql (e.g., sql server, oracle)
Data-bound controls
Bound using a recordset
control
RecordsetNavBar
Form Manager based on script
objects e.g. listbox, recordset design-time controls, can
advise/unadvise events
Can change script platform to take advantage of
RDS if IE
Script object is an object that can be
manipulated with code; e.g., design-time control. Set its
properties, call its methods & respond to associated
events
(for more information on creating a Data-Bound
Control)
COM Components (apartment threaded)
Business rules algorithms that companies use
to help them operate. Can be used together to complete a
business process
Business components are objects that contain
business rules
Advantages of ActiveX COM components:
-
Work with MTS
-
Simplify complex processes
-
Enable natural modeling techniques
-
Encapsulation
-
Reuse
-
Variety of languages can create (VB, VC++, J++)
(for definition of Apartment Threaded)
DLL in process, efficient runs in
same process as client. Fast. Less fault tolerant than EXE
EXE out of process. Runs in own address
space. Slower. Need to minimize calls. Fault tolerant
Process win app residing in an address
space that OS assigned. Has one or more threads running in the
context of the process. Threads are used to run the
application
Thread
basic unit to which OS allocates
processor time. A thread runs in the address space of the
process and uses resources allocated to the process
Instancing Private, PublicNotCreatable, MultiUse, GlobalMultiUse
CLASSID
A class is a template for an object
An
object is an instance of a class (initialise/terminate.)
Project name and Class name make
PROGID
PROGID, CLSID and TypeLib are referenced by
applications to use objects
Binary compatibility
must be set for MTS (project compatibility is not
backwards compatible)
Restart IIS to release object
To
register a component - run setup, compile dll, or run
regsvr32.exe
Add components to web project properties
custom register on server
Copy Web Application ->
Register Server Components
Debug
in process add project to group
out of process - use second instance of VB
MTS
ACID atomicity, consistency, isolation,
durability
Simplifies development of n-tier
apps
Provides transaction and resource management for
server-based components. Provides infrastructure and admin.
Support for building scalable, robust, enterprise apps
MTS components execute in MTS run-time
environment
-
Must be compiled as ActiveX DLL
-
Must provide a type library & be self-registering
(VB auto does this)
-
Components can run on multiple computers for higher
availability, scalability and performance (DCOM installed
with Win98, NT4 SP3, 95 sep. install.) DCOM required for
communication
-
Share database connections
-
Secured centrally
-
Scalable thread pooling, JIT object instantiation
-
Less complexity
MTS Services provide:
-
Component transactions two phase commit
-
Object brokering
-
Resource pooling connections and threads
-
JIT activation server resources efficient
Admin MTS Explorer
-
Create & manage packages package consists
of one or more components administer them as a group.
Process isolation, automatic thread pooling, transactions,
security (declarative NT or programmatic roles)
Create MTS package for deploying -> export
from MTS Explorer *.PAK. Clients folder is also created which
contains an exe file for client pc to access component
MTS Security
Packages define security boundaries
Roles
used in securing COM components execute in MTS run-time
environment
Map users to application functionality to
determine security
Declarative security configured with MTS
explorer (cannot use on 9x)
MTS roles (logical
group of users that define access to component of a package
(created at development time)
Roles mapped to NT accounts
during deployment (declarative.) Security can be enabled at
package & component level (both if component)
By default, package impersonates interactive
user but, if set to specific NT account, can pool
Programmatic security provided by code; e.g.,
IsCallerInRole(rolename) or IsSecurityEnabled
Configure component properties.
Each
component has transaction property. If ObjectContext required
during init or terminate, implement ObjectControl interface
(-otherwise events not available)
Use CreateInstance to instantiate
objects
GetObjectContext requires transaction/uses
transaction
SetComplete on ObjectContext
SetAbort on
ObjectContext
(for more information on MTS Security)
MTS & ASP
Instantiate in ASP using Server.CreateObject ( -
do not use <OBJECT>)
<% Transaction = Required or
Requires_New or Supported or Not Supported
Transaction ends
when page ends and can only involve one page. A transaction
completes only if all components call SetComplete
Security
All computers connected to the Internet or
indirectly through a proxy are potential victims
Security is a combination of technology and
policy; e.g., physically securing access to sensitive
resources & local logon rights only given to trusted
individuals
Determine who has access to site/part of site.
Can use InterDev to manage security web project -> web
permissions
Integrate with NT Access Control security using
Access Control lists authentication and authorization
Access control methods
-
Anonymous (can be set through IIS) e.g. IUSER_servername
guest account
-
Basic (can be set through IIS) userid and password
-
Digest Authentication hashes password
-
Content Rating client side
-
NTFS
-
NT LAN Manager (can be set through IIS) NT
challenge/response requires IE4 clients
-
SiteServer Membership - scalability
-
TCP/IP Address
Web security issues
Security auditing
-
NT event log
-
IIS logs
-
Custom logs
Security Strategies
-
Server Solutions
-
Privacy & data integrity ensure unauthorized
users do not access secure communications (data cant be
altered) via encryption
-
MTS transactions
-
Private Communication Technology (PCT) more advanced
than SSL
-
Secure Sockets Layer provides secure channel by
providing security handshake to initiate TCP/IP
connection. Encrypts all info in request &
response
-
Shared Solutions
-
Certificates
-
SSL, PCT & SET
-
Dont forget to secure global.asa
Mail Services
SMTP (layered on top of
TCP)
POP(3)
Exchange Server
CDO (calendaring
etc)
CDONTS
CDO rendering library (displays exchange
data in HTML format)
MAPI
CDONTS
CDONTS works by itself on IIS & Exchange
-
Smaller and faster than CDO
-
Can be used by VB, VBScript, C, C++, and Jscript
-
Supports plain text, HTML, file attachments, URLs etc
-
Quick and easy
CDONTS.NewMail object
Can also do via place message in pickup
directory (plain text)
(for advanced CDONTS techniques)
SEARCH SERVICES
Index Server 2.0 searching and indexing
-
Indexes content of website content index service
creates master index
-
Allows queries against that content (text, HTML + via
filters e.g. Adobe)
-
Basic query multiple words
-
Complex query Boolean, fuzzy
-
Free text English language
-
Document property query file size
etc
Administered through IIS, logging via IIS,
security via NT. Obtain status, stats, which directories to
exclude etc. Stop/start service.
Query form passes info to index server
reconciled against master index, returns results
Can update content index automatically as
background process, or administratively, or programmatically.
MULTIMEDIA DELIVERY
Speed limitations of modems
Streaming dont
have to wait for whole file to download
IE supports many formats
Interactive Music Control
dynamic musical accompaniment via software wave-table
synthesis (consistent & configurable via any soundcard)
Liquid Motion
multimedia application tool
(works on any platform that supports Java.
NetShow
-
Integration of audio and video.
-
Integrated with NT server
-
Client/server
-
Efficient, reliable, scalable & secure
-
Can stream over low bandwidth
-
Powerful broadcast system
-
Ease of use (integrated with IIS, NT Server & IE)
-
High quality audio and video
-
Instant play
Compressed and encoded using codecs
NetShow is codec independent
Unicast each client requests
separately
Multicast send single copy to multiple people.
Active Streaming Format (ASF)
-
Foundation of all NetShow components
-
Open standards based
-
Adds error correction over unreliable networks
-
Synchronises different data-types
-
Multimedia content must be converted to ASF before
delivery
-
Can be hosted on HTTP server, local drive or specialised
media server such as NetShow
NetShow channels
-
Set up channel before broadcast to establish
communications
-
Users connect via NetShow player or web page
-
They see whatevers being played at the time
NetShow program
-
Channel is populated with programs (live or on-demand)
-
Programs can be scheduled at specific times
-
Cant skip ahead or back but can switch off or change
channels (like TV)
|
