Developing a secure website within an hour
No, I’m not joking. It’s reality. You can develop a website within an hour. You have to just follow few instructions and download some tools before starting the real development. The technology we are going to use is JSP i.e., Java Server Pages.
Before starting building your own website, you have some understanding of web server, databases and servlets and little bits knowledge of HTML. Web server is the software running which accepts request from the user anywhere around the world and grant the permission to access the requested page or information. Here, we can going to use Apache tomcat Server preconfigured for running Servlets and JSP applications. Click here to download preconfigured Tomcat Server.
Database is the place on your machine where confidential data are stored. Database has its own security measures to check the unauthorized intrusion. This combination is considered to be the most secure if implemented properly. The database we are going to use is MySQL.
Servlet are codes in Java Programming Language, which browsers can understand. The important fact of Servlet is that it is stored on your server and not in temporary folders of your web client and the page generated after processing the servlet is sent to the user. All this processes take place at the server side and hence it is known as Servlet.
JSP is the extension to servlet and you don’t have to write unnecessary JAVA codes i.e., you can write HTML codes directly or add any JavaScript as you add to youur HTML webpage. The JSP is compiled by their server to generate servlet and then processed to generate HTML pages.
This method is only for windows users.
Why JSP and not PHP?
Every now an then, we hear news of sites getting broken and all the confidential data regarding the user of websites getting out like SSN number, phone number, etc. Basically, most of these websites are written in PHP. This has happened with some really major sites, which are used by technical projects that have a lot more resources and time to spend on upkeep for the site than you and I. But I’ve n’t heard of any JSP sites getting broken and rifled through. Since JSP is written in Java, you are pretty protected against things like Buffer Overruns which plague software written in C. JSP has traditionally taken a little more effort to work with. Part of the reason for this was JSP was such a bare bones standard. But with JSP Maker, it is a piece of cake. In the past couple of years, that has steadily and dramatically changed. First there was Struts, which helped organize a site but was still somewhat tedious. Then came JSTL and JSP 2.0. These have dramatically improved the power - and the simplicity of Java Server Pages based web site creation. For instance, JSP 2.0 introduces these things that are like macros. You create your own tags, basically by creating macros and storing them in a file.
We will not be going into depth of writing JSP codes but some elementary things might be discussed in another blog.
Things you have download & configure before beginning the development of website
Java JDK 1.5
You can download it from http://java.sun.com/j2se/1.5.0/download.jsp. If you want furter to enhance your security, you can use Java(TM) Cryptography Extension (JCE) if you are very concerned with security but I’ve nt tried it yet.
Apache Tomcat Server preconfigured for JSP & Servlet applications.
http://www.coreservlets.com/Apache-Tomcat-Tutorial/tomcat5.5-files/jakarta-tomcat-5.5.9-preconfigured.zip
How to configure in windows:
1. You have to simply unzip the file and save the contents of its in C:/. The path of the server is C:/Jakarta-tomcat-5.0.19/….
2. You have to set class path of some library files and your server. Please look in autoexec.bat and open it in any text editor. Click on My computer Properties, go to Advanced Tab and click on ‘Environment Variables’ button.
3. Click on the New button and you will find something .Enter the name of the variable and then its value.
For Example: in autoexec.bat in the unzipped folder.
set CLASSPATH=.;C:\jakarta-tomcat-5.5.9\common\lib\servlet-api.jar;C:\jakarta-tomcat-5.5.9\common\lib\jsp-api.jar; C:\Servlets+JSP;..;..\..;C:\jakarta-struts-1.2.4\lib\struts.jar.
Here, the variable name is CLASSPATH and variable value is .;C:\jakarta-tomcat-5.5.9\common\lib\servlet-api.jar;C:\jakarta-tomcat-5.5.9\common\lib\jsp-api.jar;C:\Servlets+JSP;..;..\..;C:\jakarta-struts-1.2.4\lib\struts.jar.
Once you completed this, your webserver is properly configure and you can start your webserver by running startup.bat from C:\jakarta-tomcat-5.5.9\bin.
MY SQL Server 5.0
http://dev.mysql.com/downloads/mysql/5.0.html
1. You have just download the installation package and configure it according to your needs. If you know SQL, it would be suffice otherwise it is better to download another tool, MYSQL Administrator.
http://dev.mysql.com/downloads/administrator/1.1.html
2. It create table with a GUI even if you dont know how to write a single query. You cannot login into the Administrator with ROOT. Create an ew account by typing this command in Program Files à MySQL àMySQL Server 5.0 à MySQL command line client.GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; To create a database, login with new userID created and select catalogs, right click anywhere on the schemata thing.
3. You have to download the appropriate connector which is required to connect the database with the applications. http://dev.mysql.com/downloads/connector/j/5.0.html
4. Once you have downloaded it, unzip the package and add the path of java-connector-xx-bin.jar to the CLASSPATH environment variable.
JSPMAKER 1.0
This is the tool which is going to generate .jsp pages according to your needs. Download it from http://www2.hkvstore.com/download/jspmkr.exe
Install it and set some settings in ToolsàJDBC drivers
Provide the path of JVM which would be ….. Java\jre1.5.0\bin\client\jvm.dll
Provide the path of Jconnector driver.
After that, everything is fun, just write localhost as hostname or IP address. Connection method is direct if you are checking on ‘Localhost’ otherwise you can specify URL. Give username and password which you specified of your Database connection. Click the Connect button once the database you are looking for is available.
On the left side of the screen , tables will appear. Set the settings according to you. See Help if you are stuck. Anyhow, I will be posting another blog in which I’ll be discussing how I develop my own website with login facility and all.
No, I’m not joking. It’s reality. You can develop a website within an hour. You have to just follow few instructions and download some tools before starting the real development. The technology we are going to use is JSP i.e., Java Server Pages.
Before starting building your own website, you have some understanding of web server, databases and servlets and little bits knowledge of HTML. Web server is the software running which accepts request from the user anywhere around the world and grant the permission to access the requested page or information. Here, we can going to use Apache tomcat Server preconfigured for running Servlets and JSP applications. Click here to download preconfigured Tomcat Server.
Database is the place on your machine where confidential data are stored. Database has its own security measures to check the unauthorized intrusion. This combination is considered to be the most secure if implemented properly. The database we are going to use is MySQL.
Servlet are codes in Java Programming Language, which browsers can understand. The important fact of Servlet is that it is stored on your server and not in temporary folders of your web client and the page generated after processing the servlet is sent to the user. All this processes take place at the server side and hence it is known as Servlet.
JSP is the extension to servlet and you don’t have to write unnecessary JAVA codes i.e., you can write HTML codes directly or add any JavaScript as you add to youur HTML webpage. The JSP is compiled by their server to generate servlet and then processed to generate HTML pages.
This method is only for windows users.
Why JSP and not PHP?
Every now an then, we hear news of sites getting broken and all the confidential data regarding the user of websites getting out like SSN number, phone number, etc. Basically, most of these websites are written in PHP. This has happened with some really major sites, which are used by technical projects that have a lot more resources and time to spend on upkeep for the site than you and I. But I’ve n’t heard of any JSP sites getting broken and rifled through. Since JSP is written in Java, you are pretty protected against things like Buffer Overruns which plague software written in C. JSP has traditionally taken a little more effort to work with. Part of the reason for this was JSP was such a bare bones standard. But with JSP Maker, it is a piece of cake. In the past couple of years, that has steadily and dramatically changed. First there was Struts, which helped organize a site but was still somewhat tedious. Then came JSTL and JSP 2.0. These have dramatically improved the power - and the simplicity of Java Server Pages based web site creation. For instance, JSP 2.0 introduces these things that are like macros. You create your own tags, basically by creating macros and storing them in a file.
We will not be going into depth of writing JSP codes but some elementary things might be discussed in another blog.
Things you have download & configure before beginning the development of website
Java JDK 1.5
You can download it from http://java.sun.com/j2se/1.5.0/download.jsp. If you want furter to enhance your security, you can use Java(TM) Cryptography Extension (JCE) if you are very concerned with security but I’ve nt tried it yet.
Apache Tomcat Server preconfigured for JSP & Servlet applications.
http://www.coreservlets.com/Apache-Tomcat-Tutorial/tomcat5.5-files/jakarta-tomcat-5.5.9-preconfigured.zip
How to configure in windows:
1. You have to simply unzip the file and save the contents of its in C:/. The path of the server is C:/Jakarta-tomcat-5.0.19/….
2. You have to set class path of some library files and your server. Please look in autoexec.bat and open it in any text editor. Click on My computer Properties, go to Advanced Tab and click on ‘Environment Variables’ button.
3. Click on the New button and you will find something .Enter the name of the variable and then its value.
For Example: in autoexec.bat in the unzipped folder.
set CLASSPATH=.;C:\jakarta-tomcat-5.5.9\common\lib\servlet-api.jar;C:\jakarta-tomcat-5.5.9\common\lib\jsp-api.jar; C:\Servlets+JSP;..;..\..;C:\jakarta-struts-1.2.4\lib\struts.jar.
Here, the variable name is CLASSPATH and variable value is .;C:\jakarta-tomcat-5.5.9\common\lib\servlet-api.jar;C:\jakarta-tomcat-5.5.9\common\lib\jsp-api.jar;C:\Servlets+JSP;..;..\..;C:\jakarta-struts-1.2.4\lib\struts.jar.
Once you completed this, your webserver is properly configure and you can start your webserver by running startup.bat from C:\jakarta-tomcat-5.5.9\bin.
MY SQL Server 5.0
http://dev.mysql.com/downloads/mysql/5.0.html
1. You have just download the installation package and configure it according to your needs. If you know SQL, it would be suffice otherwise it is better to download another tool, MYSQL Administrator.
http://dev.mysql.com/downloads/administrator/1.1.html
2. It create table with a GUI even if you dont know how to write a single query. You cannot login into the Administrator with ROOT. Create an ew account by typing this command in Program Files à MySQL àMySQL Server 5.0 à MySQL command line client.GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; To create a database, login with new userID created and select catalogs, right click anywhere on the schemata thing.
3. You have to download the appropriate connector which is required to connect the database with the applications. http://dev.mysql.com/downloads/connector/j/5.0.html
4. Once you have downloaded it, unzip the package and add the path of java-connector-xx-bin.jar to the CLASSPATH environment variable.
JSPMAKER 1.0
This is the tool which is going to generate .jsp pages according to your needs. Download it from http://www2.hkvstore.com/download/jspmkr.exe
Install it and set some settings in ToolsàJDBC drivers
Provide the path of JVM which would be ….. Java\jre1.5.0\bin\client\jvm.dll
Provide the path of Jconnector driver.
After that, everything is fun, just write localhost as hostname or IP address. Connection method is direct if you are checking on ‘Localhost’ otherwise you can specify URL. Give username and password which you specified of your Database connection. Click the Connect button once the database you are looking for is available.
On the left side of the screen , tables will appear. Set the settings according to you. See Help if you are stuck. Anyhow, I will be posting another blog in which I’ll be discussing how I develop my own website with login facility and all.
posted by Modern Saint @ 6:48 PM
0 Comments:
Post a Comment
<< Home