Introduction To Web Technologies - Day 1: E&R Department, Mysore

Introduction to Web Technologies – Day 1
E&R Department, Mysore

Course Objective
• To introduce participants to the basic concepts of Inter-Networking,
World Wide Web
• To familiarize with the concept of Web Servers, various web servers

and to illustrate the features of each of them
• To introduce the concept of Web Applications, load balancing,

Application servers and real world scenarios of Web Applications
• To provide the overview of web security.
Copyright © 2004, 2 ER/CORP/CRS/OS41/003

Infosys Technologies Ltd Version no: 2.0
Session Plan
Day 1
• Introduction to the Networking and Internet
• TCP/IP protocol and IP Addressing
• Domain Name System
• Introduction to Firewall
• Virtual Private Network (VPN)
• Directory service and Active Directory
• Introduction to the World Wide Web
• Key terminologies of WWW

Day 2
• Web Applications
• Web Servers
• Introduction to the Common Gateway Interface (CGI)
• Load Balancing
• Application Server
• Web Security
• Encryption
• Digital Certificates
• Performance of web Applications
• Appendix

References
• History of the Internet
– http://www.davesite.com/webstation/net-history.shtml
• Apache Foundation
– http://www.apache.org

Introduction to Networking and Internet
Background
• 1957: US Government Formed ARPA (Advanced Research Projects Agency)
within DoD (Department of Defense)
• 1962: The US DoD was looking at means to make all its computers to talk to each
other to achieve better command and control and commissioned RAND
Corporation to do a study on how it could be achieved
• 1968: ARPA awarded the contract for ARPANET to BBN
• ARPA got renamed as DARPA (Defence Advanced Research Projects Agency)
• 1973: Development began on a protocol which was later to be named TCP/IP
• This new protocol would allow diverse computer networks to communicate with
each other
• ARPANET would use TCP/IP protocol from here and would become the base for
the Internet

Who decides the Standards
• IAB (Internet Architecture Board)
– An autonomous organization created in 1983
– Evolved from the ARPA research group
– Managed by Volunteers
– Reorganized in 1986
• IETF – Internet Engineering Task Force
• IRTF – Internet Research Task Force
– Documentation given out in the form of RFCs
– RFC: (Request for Comments)
• A set of technical and organizational notes about the Internet (originally the
ARPANET), beginning in 1969

Internet
• One huge network of networks
• Millions of Hosts hooked on to the net
• Roughly 40 million users
• Uses TCP/IP Protocol
• Means to connect to Internet

– Dial-up Line (Through telephone): Domestic users
– DSL (Through telephone): Domestic users
– Mobile Phones: Domestic users,
– Dedicated Links: Medium and small sized companies
– T1,T3 connections: Large Corporations

Internet Contd..…
Network 3
Server Mainframe
Fremont
PC PDA
PC Laptop
Network 4
Laptop PC PC
Mainframe
Bangalore
PC
Sydney
PC PC
PC
Cell phone Server

Plotter PC
Network 1
Scanner PC
TO
Berlin
Laptop OTHER
Printer
NETWORKS
Minicomputer
Fax
Network 2

Internet Service Providers (ISP)
• ISP is a company which provides Internet access for individuals,
organizations, and companies.
• An ISP usually has multiple access methods, including dial-up, DSL,

cable modem, ISDN, T1, and sometimes T3.
• The service provider gives the user a software package, username,

password and access phone number. Equipped with a modem, user can
log on to the Internet and browse www and use net, and send and
receive e-mail.
• ISPs serve large companies, providing a direct connection from the

company's networks to the Internet.
• ISPs themselves are connected to one another through Network Access

Points (NAP)

TCP/IP Protocol
• Packet switching Protocol
– Involves breaking down of data into Packets or Datagrams
– Packets are labeled with origin and destination address
– Packets are forwarded from one computer to other until it reaches the
destination
– If packets are lost, originator re-sends the packets
• Principles and ideas resulted from research funded by ARPA
• ARPA’s technology includes a set of standards to specify
– How computers communicate?
– What are the conventions to interconnect the networks?
– How to route traffic?
• Interoperability: key reasons for TCP/IP
• TCP/IP is a packet-switched protocol

What is packet switching?
192.168.121.40
G
iMac
Ethernet Ethernet
Ethernet
Card Card Card
Network
Ethernet
Ethernet Card
Card F
192.168.223.208
192.168.121.40
1111110000010010 192.168.223.208
0011111001000100 4
10100010000111..
1010001000011111
0010101110010001 192.168.121.40
192.168.223.208
1110111111000001 3
`
0010010001000011 00100100010000..
1110010101110010 192.168.121.40
0011110011111001 192.168.223.208
2
0001001010001000 0111110001000..
0111110001000111 192.168.121.40
1001111100100011 192.168.223.208
1
1100111110111001 1100111110111..
Data /File Packets
192.168.121.40
192.168.121.40
192.168.121.40 192.168.121.40 192.168.223.208
192.168.223.208
192.168.223.208 192.168.223.20 1
2
4 3 1100111110111..
0111110001000..
10100010000111..
00100100010000.
Ethernet 1111110000010010
Card 0011111001000100
1010001000011111
F 0010101110010001
1110111111000001
0010010001000011
1110010101110010
0011110011111001
192.168.223.208 0001001010001000
0111110001000111
1001111100100011
1100111110111001

TCP/IP Model

Internet Protocol Address
• A 4-byte network addressing scheme used by the IP layer
• Within a private or closed network, one can assign any IP address
• Every Internet host must have a distinct IP address
• It has two components,
– Network ID
– Host ID
• IP address is provided by the Internet service provider
• IP addresses are a scare resource!!

IP Addressing scheme
Class B
w x y z
NETWORK ID HOST ID
EXAMPLE: 130.99.128.25
1 0 0 0 0 0 1 0 1 1 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1
Class Range Remarks

A 1.0.0.0 to 126.0.0.0
B 128.0.0.0 to 191.255.0.0
C 192.0.1.0 to 223.255.255.0
D 224.0.0.0 to 239.255.255.255 (Multi-Casting)
E 240.0.0.0 to 247.255.255.255 (Reserved for future use)

Classes of Networks
NUMBER NUMBER
OF N/Ws OF HOSTS
Class A
0 w x y z 126 16,777,214
NETWORK
ID
HOST ID
Class B
1 0 w x y z 16,384 65,534
NETWORK ID HOST ID
Class C
1 1 0 w x y z 2,097,152 254
NETWORK ID HOST ID

DHCP (Dynamic Host Configuration Protocol)
STATIC IP CASE Other
Computers
on Network.
Server
LAN
Computer
Boots up Sys Admin Ensures
(Assumes Static that IP address is unique
IP addr set by Admin) for all nodes
IBM Compatible
DYNAMIC IP CASE
Assigns IP
address and other P
n sI d DHCP Other
config info si g an fo
As ress ig in SERVER Computers
d f
User Dials into Modem Ad r con on Network.
the network e
oth
(Connect)
LAN
Server
Computer
Boots up
(Broadcasts on the
Network) IBM Compatible

Sub-Netting
Default IP Address Definition

Internet ID Host ID
1 0 0 0 0 0 1 0 1 1 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1
Internet ID Host ID
Sub-Netting
Physical
Network
• To create sub-networks within a given IP address range

• Changes interpretation of IP Address slightly
– Extend the network portion of IP address into the Host Part
• Dividing Local Part is flexible
• The 32 bit Subnet mask decides how many bits are used for Physical Network
ID and how many for host ID.

Subnet Mask
130 99 128 25
IP Address
1 0 0 0 0 0 1 0 1 1 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1
Internet ID Host ID
Physical
Subnet Mask Network
1 1 1 1 1 1 1 1 1 1 1 111 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0
3 5
Bits Bits
255 255 224 0

Domain Name Servers
• It’s too difficult to remember IP Addresses
• Domain Name
– Hierarchical name space
– Last word in Domain name typically identifies type of organization or
country
• Domain Name Servers
– Translates Domain Name to IP Address
– De-Centralized naming
– Delegation of authority to portions of name space
• Example:137.107.2.24 = petshop.com
• Email ID: user1@petshop.com

Internet vs Intranet
• Internet
– Not owned by any single entity
– Have publicly known IP addresses (Unique world-wide)
• Intranet
– Used by corporations for their own business or operational needs
– Usually accessible only to the members, employees of the organization
– Use the same technology as Internet
– Smaller in size
– Private networks
– Better Controlled and More secure

Secure networks
Virtual Private Network (VPN)
• Secure Private communication over public internet
• Private IP packets are encapsulated with in public packets (Tunnels)
• Additional header added
• Authentication
• Private packets may also be encrypted (Desirable)
• Option of disabling access to local LAN resources when VPN connection is
active
• Running VPNs across the internet offers a cost effective solution
• Alternates: Dedicated links, Leased lines
Uses of VPN:
• Leased lines are expensive
• VPN is used as a secure mechanism to connect to a remote network
• Users on the go use VPN to access their corporate network
• Companies use VPN to connect to customer’s network

VPN – How it works? (1 of 2)
Infosys Customer
Switch Belgium
Printer
Laptop
Mainframe
PC

Infosys Technologies Ltd Version no: 2.0 Laptop
VPN – How it works? (2 of 2)
• Overview of how VPN works
– Secured communication channel between intranets over the internet
– Works on the concept of tunnelling
• Enclosing one protocol within another
– Configurable
• Typical high security environments disable local network access

Proxy Servers
• Multiplexing outbound requests through a single connection
• Typically used to address Outbound traffic security
• Support incoming traffic as well
Eg.
• There may be restrictions to visit certain sites from within a corporate network,
such rules may be imposed at the proxy server layer
• Also, there may be restrictions in accepting certain kinds of files within an
intranet domain from outside, these are also monitored by the proxy server

Fire Wall
• A system designed to prevent unauthorized access to or from a private
network.
• Can be implemented in both hardware and software, or a combination
of both.
• Frequently used to prevent unauthorized Internet users from accessing
private networks connected to the Internet, especially intranets.
• All messages entering or leaving the intranet pass through the firewall
– Messages are examined and those that do not meet the specified
security criteria are blocked

Fire Walls
securitypolicy,itis
doesntadhereto
2 a. If the packet
rejected
Web Server
File Server
2b.Ifpacketadheresto
1. Anypacketfrom the securitypolicy,itis
intranetto outside forwarded The Internet
networkisexamined
byfirewall 3.Firewallsexaminesall
incoming packetsaswell.
The Intranet
SecurityPolicy Database Server
implemented on the
firewall
Application Server

Types of Fire walls
1. IP Filtering Firewalls:
– Works at the packet level.
– Designed to control the flow of packets based the source, destination,
port and type information in each packet.
– Evaluates the packets against a series of predefined rules to
determine when to allow or deny the access of specific
packets to the internal network
2. Packet filtering on Proxy Servers
– Provides the tighter security than normal servers.
– Mostly used to control, or monitor, outbound traffic.
– Uses additional controls so that only specific hosts can access to the
server.
– Listens for requests from clients within the firewall and forwards these
requests to remote internet servers outside the firewall

World Wide Web
Background
• The origin of internet is the ARPANET
• For many years it had a text based User Interface
• 1989 – Introduction of World Wide Web (WWW)
• Wide area information retrieval project in 1989 by Tim-Berners-Lee
• Initial Proposal: Hypertext system to enable easy information sharing
among researchers
• Line Browser (called www) in 1990
• NCSA Mosaic browser in 1993
• 1994… Marc Andreessen starts Netscape

Overview
File System
Web Server
HTML Pages
GIF/JPG Images etc
Web Gateway
Database
Non-Web Content
(Dynamic Content)

Web Browser Architecture
Mime-type Mapping
app/pdf - acroread.exe
video/mpeg mplayer.exe
Driver
HTML Interpreter Monitor

/Renderer
Keyboard Controller
Optional
Optional Interpreter
Interpreter
Optional Interpreter
/Renderer
/Renderer
/Renderer
Mouse
HTTP Client Optional

Optional Client
OptionalClient
Client
HTTP
Other
Network Interface
TCP/IP

MIME-Type
• Defined in 1992 by IETF
• MIME – Multipurpose Internet Mail Extensions
• Originally designed for formatting non-ASCII messages so that they
can be sent over the internet via mail
• Browsers and Web Servers also rely on mime-type to determine the
type of content
• Examples of mime types
– text/plain – Plain text
– text/html – HTML data
– app/pdf – Adobe Acrobat Document
– video/mpeg – MPEG format video file
• A new version called S/MIME supports encrypted messages

Constituents of World Wide Web
• Web Browsers
• Web Content
• Web Site
• URL – Uniform Resource Locator
• HTTP – Hyper Text Transfer Protocol
• HTML – Hyper Text Markup Language
• Gateway to Non-Web Resources (Common Gateway Interface )

Types of Content
• Web Content (Static Content)

– Content resides in a file
– Author determines the content at the time of creation
– Each request will return exactly the same data (Content doesn’t change)
– Example: HTML files, gif/jpeg files
– Disadvantage: Not possible to implement applications

Types of Content (Continued…)
• Dynamic Content
– Created on the fly by a web server upon a request to reflect the current info
– Content may vary for each request
– Example: A typical web application (Banking etc)
– Disadvantage: More processing power required on the server
• Active Content
– Server returns a run-able copy of the program
– Browser executes the program locally on the client machine
– May need continuous information feed
– Examples: Java Applets, Active-X controls for IE
– Disadvantage: Possible Security risks

URL
• Uniform Resource Locator

• String of characters that uniquely identifies a resource
Protocol:// Host :Port / Path

Protocol: The protocol to be used (http, ftp, gopher…)
Host: Domain Name/IP Address that identifies the host
Port: Optional port (if not specified assumes default port for protocol)
Path: Path of the resource on the specified host
Example:
http://server1.mydomain.com/about.html
Protocol = http
Host = server1.mydomain.com
port = (default for http) 80
Path = /about.html
HTML
• Hyper Text Markup Language
– Uses markup tags to format text and graphics
– Allows creating of hyper links
– Allows users to navigate through the documents on the web
– All browsers can understand HTML and render it
• An Example HTML file
<html>
<head>
<title>A sample HTML page...</title>
</head>
<body>
<center>
<h2>A HTML Page</h2>
<p>This is a sample HTML page which demos <b>Bold</b>, <i>italic</i> text and a table.
<table cols=“2” cellpadding=“2” cellspacing=“2” BORDER=“1”>

<tr> <td>1</td> <td>Row-1</td> </tr>
<tr> <td>2</td> <td>Row-2</td> </tr>
</table>
</center>
</body>
</html>

HTTP Protocol
HTTP Protocol
• Simple Request-Response model based protocol
• Application Layer protocol built on TCP/IP
• Plain-text protocol (Not Secure)
• Stateless Protocol
• Does not define how network connection is initiated or managed
• Standardized (Allows any Vendor’s HTTP client to communicate with
any vendor’s server)
• Client sends a request to the server (HTTP Request)

• Server sends a response to the client (HTTP Response)

HTTP Request
• A HTTP Request can have
– An Initial Line (Method, URL, Protocol Version)
– Zero or more Header lines (Client information, configuration, acceptable
formats of data)
– A Blank line
– An optional message body (Additional Data – to be used by HTTP POST
method)
• Example: http://www.infosys.com/usr/index.html
GET /usr/index.html HTTP/1.0

User_Agent: Mozilla/3.0 Gold
Accept: text/plain
Accept: text/html

HTTP Methods
• GET method
– Parameters are encoded and passed along with the URL
– URL encoding
– In web usually, parameters are passed as name-value pairs
• Example: http://abcbooks.co.in/cgi-bin/getinfo.exe?title=Web+Servers
• POST method
– The parameters from the browser are passed as part of the Message body
– Typically the CGI program receives the message body through STDIN and
decodes it
– HTTP response for POST is usually a program output
• HEAD method
– Gets just the header information from the server
– Usually used to get only information about the content
– Helps save on bandwidth

HTTP Response
• A HTTP Response can have
– An initial line or Status Line (Server HTTP Version, Status Code, Reason)
– Headers – (Typically contain description of information in the response)
– Message Body (The requested information)
• Example: Response for /usr/index.html
HTTP/1.0 Status 200 OK

Server: NCSA/2.0
Date: Wed, 05 May 2004 16:00:04 GMT
Content-type: text/html
Content-length: 2400
<html>
<head>
<title>Welcome to Infosys Home Page</title>
</head>
<body>
…
</body>

HTTP Versions
• HTTP 1.0
– A new connection is established for every request
– Closes the connection to server once the server sends the required data
• HTTP 1.1
– Once a connection is established, it is maintained till the browser is closed
(Also known as persistent connection)
– Allows server side session management even though the HTTP protocol
itself doesn’t support it

Advantages/Disadvantages of HTTP
• Advantages
– Very simple to use
– Very Flexible (Can be used to send other types of data as well)
– Easy and lightweight to implement
• Disadvantages
– No support for session management at the protocol level
– Less secure

Web Servers
Process, Thread, Daemon Process, Server
• Process: An instance of an application in memory.
• Thread: Basic unit of program execution
– An independent code path within your program
– Common example: MS Word – Spelling and Grammar check
– Servers rely on threads
• Daemon process (Background Process): Starts when OS starts up
– They cannot be terminated by any user process
– In Unix, runs typically with either ‘root’ or specific user-id created for the
daemon process
– Windows NT equivalent: Windows Services
• Server: A software, that provides specific services to client programs
– Clients can run either on the machine or different machine
– Examples: Web Server (Sparsh), Mail Server etc
– Servers are typically implemented as a Daemon process
• Servers employ threads for multi-processing

Working of a simple client and server
Server
Assign a thread
to service the
REQUEST request
Param: Service Name
Additional Parameters er vice t
S ues
Service1
Service2 ReqThread Pool
Client
RESPONSE a ck to
Status tu rn b l
Re Poo
Requested Data
File System
Configuration File
1. Thread Pool size
2. Service configuration
3. Other Parameters

Web Server
• Understands HTTP Protocol
• It intercepts HTTP request from the client
• Built on similar architecture as a classic client -server architecture
• Offers different HTTP services like GET, POST, HEAD etc.
• Uses thread pools to service multiple concurrent requests
• Originally designed to serve HTML, image and other files
– Evolved as a mechanism to share documentation among researchers

Working of a Web Server
DNS Server
(Local Network) 3. Cannot Resolve
Locally? Resolve
on
from other DNS e cti d
n
Con lishe
.
2. Translate DNS 4. Returns IP Addr
6 tab
Es
Name to IP address 202.68.33.47
The
th e Internet
h ru
t t r ath ns Web Server
n ec erve P n tai
. C on to s t for e (co (Internet)
5 n/w e s s l)
equ l p on .htm
R s t
1. User Invokes URL TP t.htm P Re f tes my.mydomain.com
T
H /tes T o
http://my.mydomain.com/ nd d HT ents 202.68.33.47
e n t
test.html 7.
S Se con
8.
9. Browser Renders
Web
HTMLBrowser
PC

Developer’s role in this scenario - 1(Static Content)
• Installation of Web Server Software
– Both commercial and Open source Web Servers
• Web Servers: iPlanet, IIS, Apache Web Server (Open Source, available on
many platforms)
• Configuration of Web Server Software
– Typical configuration parameters
• TCP/IP Port by default is 80 and TCP/IP port is also 80
• Web Server Root
• Thread Pool size, Performance parameters

Developer’s role in this scenario – 2 (Static Content)
• Developing Content
– Create HTML files
• Applications to use: Notepad or any text editor, MS Front Page, Netscape
Composer…
– Create JPEG or GIF images
• Applications to use: Windows Paintbrush (GIF, JPEG and PNG Formats
supported), GIMP (Open Source, available on many platforms), Adobe
Photoshop etc
• Domain Name/Server Name registration (if required)
– Registering with Domain Name Providers (Internet)
– Registering with DNS (Intranet)
• Debug and Test

Summary
• Networking and Internet
• Protocols like TCP/IP, HTTP etc
• Domain Name System
• Secure Networks
– VPN
– Proxy Servers
– Firewalls
• World Wide Web
• HTTP Protocol

Thank You!


Introduction To Web Technologies - Day 1: E&R Department, Mysore

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Introduction To Web Technologies - Day 1: E&R Department, Mysore

Загружено:

Авторское право:

Доступные форматы

Introduction to Web Technologies – Day 1

E&R Department, Mysore

• To familiarize with the concept of Web Servers, various web servers

• To introduce the concept of Web Applications, load balancing,

• To provide the overview of web security.

Copyright © 2004, 2 ER/CORP/CRS/OS41/003

Copyright © 2004, 3 ER/CORP/CRS/OS41/003

Copyright © 2004, 4 ER/CORP/CRS/OS41/003

Copyright © 2004, 5 ER/CORP/CRS/OS41/003

Copyright © 2004, 7 ER/CORP/CRS/OS41/003

Copyright © 2004, 8 ER/CORP/CRS/OS41/003

• Means to connect to Internet

Copyright © 2004, 9 ER/CORP/CRS/OS41/003

Cell phone Server

Copyright © 2004, 10 ER/CORP/CRS/OS41/003

• An ISP usually has multiple access methods, including dial-up, DSL,

• The service provider gives the user a software package, username,

• ISPs serve large companies, providing a direct connection from the

• ISPs themselves are connected to one another through Network Access

Copyright © 2004, 11 ER/CORP/CRS/OS41/003

Copyright © 2004, 12 ER/CORP/CRS/OS41/003

Data /File Packets

Copyright © 2004, 13 ER/CORP/CRS/OS41/003

Copyright © 2004, 14 ER/CORP/CRS/OS41/003

Copyright © 2004, 15 ER/CORP/CRS/OS41/003

Class Range Remarks

Copyright © 2004, 16 ER/CORP/CRS/OS41/003

Copyright © 2004, 17 ER/CORP/CRS/OS41/003

Copyright © 2004, 18 ER/CORP/CRS/OS41/003

Default IP Address Definition

• To create sub-networks within a given IP address range

Copyright © 2004, 19 ER/CORP/CRS/OS41/003

255 255 224 0

Copyright © 2004, 20 ER/CORP/CRS/OS41/003

Copyright © 2004, 21 ER/CORP/CRS/OS41/003

Copyright © 2004, 22 ER/CORP/CRS/OS41/003

Copyright © 2004, 24 ER/CORP/CRS/OS41/003

Copyright © 2004, 25 ER/CORP/CRS/OS41/003

Copyright © 2004, 26 ER/CORP/CRS/OS41/003

Copyright © 2004, 27 ER/CORP/CRS/OS41/003

Copyright © 2004, 28 ER/CORP/CRS/OS41/003

Copyright © 2004, 29 ER/CORP/CRS/OS41/003

Copyright © 2004, 30 ER/CORP/CRS/OS41/003

Copyright © 2004, 32 ER/CORP/CRS/OS41/003

Copyright © 2004, 33 ER/CORP/CRS/OS41/003

HTML Interpreter Monitor

HTTP Client Optional

Copyright © 2004, 34 ER/CORP/CRS/OS41/003

Copyright © 2004, 35 ER/CORP/CRS/OS41/003

Copyright © 2004, 36 ER/CORP/CRS/OS41/003

• Web Content (Static Content)

Copyright © 2004, 37 ER/CORP/CRS/OS41/003

Copyright © 2004, 38 ER/CORP/CRS/OS41/003

• Uniform Resource Locator

Protocol:// Host :Port / Path

<table cols=“2” cellpadding=“2” cellspacing=“2” BORDER=“1”>

Copyright © 2004, 40 ER/CORP/CRS/OS41/003

• Client sends a request to the server (HTTP Request)

Copyright © 2004, 42 ER/CORP/CRS/OS41/003

GET /usr/index.html HTTP/1.0

Copyright © 2004, 43 ER/CORP/CRS/OS41/003

Copyright © 2004, 44 ER/CORP/CRS/OS41/003