William Crawford

Bio: William Crawford is an academic researcher. The author has contributed to research in topics: Java applet & Java servlet. The author has an hindex of 2, co-authored 2 publications receiving 314 citations.

Java Servlet Programming

Abstract: From the Publisher: A few years ago, the hype surrounding applets put Java on the map as a programming language for the Web. Today, Java servlets stand poised to take Java to the next level as a Web development language. The main reason is that servlets offer a fast, powerful, portable replacement for CGI scripts. The Java Servlet API, introduced as the first standard extension to Java, provides a generic mechanism to extend the functionality of any kind of server. Servlets are most commonly used, however, to extend Web servers, performing tasks traditionally handled by CGI programs. Web servers that can support servlets include: Apache, Netscape's FastTrack and Enterprise Servers, Microsoft's IIS, O'Reilly's WebSite, and JavaSoft's Java Web Server. The beauty of servlets is that they execute within the Web server's process space and they persist between invocations. This gives servlets tremendous performance benefits over CGI programs. Yet because they're written in Java, servlets are far less likely to crash a Web server than a C-based NSAPI or ISAPI extension. Servlets have full access to the various Java APIs and to third-party component classes, making them ideal for use in communicating with applets, databases, and RMI servers. Plus, servlets are portable between operating systems and between servers -- with servlets you can "write once, serve everywhere." Java Servlet Programming covers everything you need to know to write effective servlets and includes numerous examples that you can use as the basis for your own servlets. The book explains the servlet life cycle, showing how you can use servlets to maintain state information effortlessly. It also describes how to serve dynamic Web content, including both HTML pages and multimedia data. Finally, it explores more advanced topics like integrated session tracking, efficient database connectivity using JDBC, applet-servlet communication, inter-servlet communication, and internationalization.

Java servlet programming, second edition

Abstract: Servlets are an exciting and important technology that ties Java to the Web, allowing programmers to write Java programs that create dynamic web content. Java Servlet Programming covers everything Java developers need to know to write effective servlets. It explains the servlet lifecycle, showing how to use servlets to maintain state information effortlessly. It also describes how to serve dynamic web content, including both HTML pages and multimedia data, and explores more advanced topics like integrated session tracking, efficient database connectivity using JDBC, applet-servlet communicaton, interservlet communication, and internationalization. Readers can use the book's numerous real-world examples as the basis for their own servlets. The second edition has been completely updated to cover the new features of Version 2.2 of the Java Servlet API. It introduces chapters on servlet security and advanced communication, and also introduces several popular tools for easier integration of servlet technology with dynamic web pages. These tools include JavaServer Pages (JSP), Tea, XMLC, and the Element Construction Set. In addition to complete coverage of 2.2 specification, Java Servlet programming, 2nd Edition, also contains coverage of the new 2.3 final draft specification.

People, places, things: Web presence for the real world

Abstract: The convergence of Web technology, wireless networks, and portable client devices provides new design opportunities for computer/communications systems. In the HP Labs' Cooltown project we have been exploring these opportunities through an infrastructure to support Web presence for people, places and things. We put Web servers into things like printers and put information into Web servers about things like artwork; we group physically related things into places embodied in Web servers. Using URLs for addressing, physical URL beaconing and sensing of URLs for discovery, and localized Web servers for directories, we can create a location-aware but ubiquitous system to support nomadic users. On top of this infrastructure we can leverage Internet connectivity to support communications services. Web presence bridges the World Wide Web and the physical world we inhabit, providing a model for supporting nomadic users without a central control point.

System and method for maintaining security in a distributed computer network

Abstract: A system and method for maintaining security in a distributed computing environment comprises a policy manager located on a server for managing and distributing a security policy, and an application guard located on a client for managing access to securable components as specified by the security policy. In the preferred embodiment, a global policy specifies access privileges of the user to securable components. The policy manager may then preferably distribute a local client policy based on the global policy to the client. An application guard located on the client then manages access to the securable components as specified by the local policy.

Model driven security: From UML models to access control infrastructures

Abstract: We present a new approach to building secure systems. In our approach, which we call Model Driven Security, designers specify system models along with their security requirements and use tools to automatically generate system architectures from the models, including complete, configured access control infrastructures. Rather than fixing one particular modeling language for this process, we propose a general schema for constructing such languages that combines languages for modeling systems with languages for modeling security. We present several instances of this schema that combine (both syntactically and semantically) different UML modeling languages with a security modeling language for formalizing access control requirements. From models in the combined languages, we automatically generate access control infrastructures for server-based applications, built from declarative and programmatic access control mechanisms. The modeling languages and generation process are semantically well-founded and are based on an extension of Role-Based Access Control. We have implemented this approach in a UML-based CASE-tool and report on experiments.

Implementing distribution and persistence aspects with aspectJ

Abstract: This paper reports our experience using AspectJ, a general-purpose aspect-oriented extension to Java, to implement distribution and persistence aspects in a web-based information system This system was originally implemented in Java and restructured with AspectJ Our main contribution is to show that AspectJ is useful for implementing several persistence and distribution concerns in the application considered, and other similar applications We have also identified a few drawbacks in the language and suggest some minor modifications that could significantly improve similar implementations Despite the drawbacks, we argue that the AspectJ implementation is superior to the pure Java implementation Some of the aspects implemented in our experiment are abstract and constitute a simple aspect framework The other aspects are application specific but we suggest that different implementations might follow the same aspect pattern The framework and the pattern allow us to propose architecture-specific guidelines that provide practical advice for both restructuring and implementing certain kinds of persistent and distributed applications with AspectJ

System and method for server security and entitlement processing

Abstract: A pluggable architecture allows security and business logic plugins to be inserted into a security service hosted by a server, and to control access to one or more secured resources on that server, on another server within the security domain, or between security domains. The security service may act as a focal point for security enforcement, and access rights determination, and information used or determined within one login process can flow transparently and automatically to other login processes. Entitlements denote what a particular user may or may not do with a particular resource, in a particular context. Entitlements reflect not only the technical aspects of the secure environment (the permit or deny concept), but can be used to represent the business logic or functionality required by the server provider. In this way entitlements bridge the gap between a simple security platform, and a complex business policy platform.