Skip to main content
View by: Most Recent | Topic | Community | Webloggers   
Monthly Archives:    

Blogs by topic Java Enterprise and user swchan2

• Accessibility • Ajax • Blogging • Business • Community 
• Databases • Deployment • Distributed • Eclipse • Education 
• EJB • Extreme Programming • Games • GlassFish • Grid 
• GUI • IDE • Instant Messaging • J2EE • J2ME 
• J2SE • Jakarta • JavaFX • JavaOne • Jini 
• JSP • JSR • JXTA • LDAP • Linux 
• Mobility • NetBeans • Open Source • OpenSolaris • OSGi 
• P2P • Patterns • Performance • Porting • Programming 
• Research • RMI • RSS Feeds • Search • Security 
• Servlets • Struts • Swing • Testing • Tools 
• Virtual Machine • Web Applications • Web Design • Web Development Tools • Web Services and XML 


Server-Sent Events (SSE) is part of HTML5. SSE is a simple, undirectional communication from server to browser. It allows server to push data to client once a connection is established. The entire point of SSE is to make it easy for the server to push messages to the browser, once the browser has first established a connection to the server. These messages are of the form "field: value" with...
on May 21, 2014
javax.servlet.http.HttpSession provides a way to identify an user across multiple HTTP requests and to store user specified information. In other words, it provides a support of stateful communications with the stateless HTTP protocol. For security and memory management, sessions need to be invalidated at a certain time. There are two related methods in HttpSession. HttpSession.invalidate() By...
on Aug 29, 2013
WebSocket is a bi-directional, full-duplex, TCP based messaging protocol. It is originally proposed as part of HTML5 and is a IETF-defined Protocol (RFC 6455). And W3C has defined JavaScript API for WebSocket which is in candidate recommendation since 2012-09-20. JSR 356: Java API for WebSocket provides a standard Java API for creating WebSocket Applications. The specification provides an API for...
on Aug 7, 2013
Expression Language (EL) was first introduced as part of JSTL 1.0, was then moved JSP 2.0 and was unified with JSF 1.2 in JSP 2.1. In Java EE 7, EL is a new separate JSR, JSR 341. Many new features are introduced in EL 3.0. This blog shows how to use new following new features of EL 3.0: Standalone environment Lambda expression (section 1.20 of EL 3.0 spec) The new operator ; to separate...
on Jul 1, 2013
Asynchronous operation was introduced in Servlet 3.0. ServletRequest#startAsync is used to put the request into asynchronous mode. A thread need to be created implicitly or explicitly (see here for an example). Servlet 3.1, JSR 340 includes clarifications in asynchronous area. Besides Servlet 3,1, Concurreny Utilities for Java EE 1.0, JSR 236 is introduced in Java EE 7. JSR 236 provides a...
on Jun 6, 2013
Update: In Servlet 3.0, the behavior of using response is undefined after invoking #complete or #dispatch. In Servlet 3.1, it is clarified that AsyncContext#getResponse will throw IllegalStateException. The blog has been updated for this. Asynchronous operation is supported in Servlet 3.0. I have discussed startAsync in my previous blog, startAsync in Servlet 3.0. In this blog, I will discuss...
on May 14, 2013
Update: Invoke WebConnection#close when there is an error. Servlet 3.1 Specification (JSR 340) is almost ready for the release. One of the new features is the support for protocol upgrade. HTTP protocol upgrade was introduced in HTTP 1.1 (RFC 2616): The Upgrade general-header allows the client to specify what additional communication protocols it supports and would like to use if the server...
on May 7, 2013


Java API for WebSocket is a new JSR to Java EE 7. It provides a stardard Java API for creating WebSocket applications. This gives web applications the ability to push data. In Java EE 6 samples, we added a chat room sample to illustrate how to use of Servlet 3.0 asynchronous operation. In that sample, the servlet code did the following: keep track of AsyncContext in a Queue create a thread to...
on Aug 13, 2013


Servlet 3.1 Specification (JSR 340) and Java Authorization Contract for Containers (JSR 115) MR3 are almost ready for release. Besides "*", the role-name "**" is introduced in the above two specifications. In a nutshell, "*" means any role defined in web.xml and "**" means any authenticated user. Prior to Servlet 3.1, web containers use proprietary mechanisms to add security-constraints for any...
on Apr 19, 2013
Servlet 3.1 Specification (JSR 340) is almost ready for the release. Several new security features have been added in this version of Servlet specification. In this blog, I will explain one of the security features, namely deny-uncovered-http-methods. Let us take a look at a simple security-constraint in web.xml as follows: <web-app xmlns="" ...
on Apr 19, 2013
Servlet 3.1 was in Public Review in Janurary 2013. And it is in Proposed Final Draft now. Most of the new features are related to security. In this following, I will highlight features since Servlet 3.1 Public Review: add new API javax.servlet.http.Part#getSubmittedFileName add new API javax.servlet.ServletContext#getVirtualServerNameThis API allows a JASPIC module to be registered in a Servlet...
on Mar 18, 2013


Update: One should not use response in AsyncListener#onComplete. Only print debug in this example. Servlet 3.1 (JSR 340) is almost ready for the release. One of the new features is the support for non-blocking IO. ReadListener and WriteListener are introduced to allow non-blocking processing in Servlet. Non-blocking IO can only be used in async (defined in Servlet 3.0) or the upgrade mode. We can...
on Apr 16, 2013