Java Certification SCWCD : Servlet Technology Model

For each of the HTTP Methods (such as `GET`, `POST`, `HEAD`, and so on) describe the purpose of the method and the technical characteristics of the HTTP Method protocol, list triggers that might cause a Client (usually a Web browser) to use the method; and identify the `HttpServlet` method that corresponds to the HTTP Method.

The HttpServlet abstract subclass adds additional methods beyond the basic Servlet interface that are automatically called by the service method in the HttpServlet class to aid in processing HTTP-based requests. These methods are (HTTP 1.1):

doGet for handling HTTP GET requests.
```
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a GET request.

Overriding this method to support a GET request also automatically supports an HTTP HEAD request. A HEAD request is a GET request that returns NO BODY in the response, only the request header fields. When overriding this method, read the request data, write the response headers, get the response's writer or output stream object, and finally, write the response data. It's best to include content type and encoding. When using a PrintWriter object to return the response, set the content type before accessing the PrintWriter object.
```
import java.io.*; 
import javax.servlet.*; 
import javax.servlet.http.*;

public class DisplayServlet extends HttpServlet {
	public void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws IOException, ServletException { 
		resp.setContentType("text/html");
		PrintWriter out = resp.getWriter();
		out.println("<html><head><title>Display Information");
		out.println("</title></head><body>");
		out.println("Hello, World");
		out.println("</body></html>");
	} 
}

								
```
The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.

The GET method should be safe, that is, without any side effects for which users are held responsible. For example, most form queries have no side effects. If a client request is intended to change stored data, the request should use some other HTTP method (for example, POST method).

The GET method should also be idempotent, meaning that it can be safely repeated. Sometimes making a method safe also makes it idempotent. For example, repeating queries is both safe and idempotent, but buying a product online or modifying data is neither safe nor idempotent.

GET method purpose.

The GET method means retrieve whatever information (in the form of an entity) is identified by the Request-URI. If the Request-URI refers to a data-producing process, it is the produced data which shall be returned as the entity in the response and not the source text of the process, unless that text happens to be the output of the process.

In short, this method should be used for getting (retrieving) data only. It should not be used for storing data in DB.

GET method technical characteristics.

Query string or form data during this method is simply appended to the URL as name-value pairs separated with '&'.
```
name1=value1&name2=value2&name3=value3

								
```
Query length is limited (it depends on servlet container's plaform, but usually should not exceed 1024 bytes). Users can see data in the browser's address bar.
```
http://some-server.com/some-script?name1=value1&name2=value2&name3=value3

								
```
Only ASCII (text) data can be sent to server with GET method.

Easy to bookmark.

GET method triggers.

The web browser sends an HTTP GET request when:
- The user types a URL in the browser's address bar.
- The user clicks a link.
- Retrieve a resource which was defined in src (image) or href (cascade style sheet) attributes.
```
<img src="image.gif">
```
```
<link href="style.css" rel="stylesheet" type="text/css">
```
- The user (or JavaScript) submits a form that specifies attribute method="GET":
```
<form action="/servlet/display" method="GET">
	First Name: <input type="text" name="firstName"><p>
	Last Name: <input type="text" name="lastName"><p>
	<input type="submit" value="Display">
</form>
```
- The user (or JavaScript) submits a form that specifies NO method attribute (forms use method GET BY DEFAULT):
```
<form action="/servlet/display">
	First Name: <input type="text" name="firstName"><p>
	Last Name: <input type="text" name="lastName"><p>
	<input type="submit" value="Display">
</form>
```
doPost for handling HTTP POST requests.
```
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a POST request. The HTTP POST method allows the client to send data of UNLIMITED length to the Web server a single time and is useful when posting information such as credit card numbers.

When overriding this method, read the request data, write the response headers, get the response's writer or output stream object, and finally, write the response data. It's best to include content type and encoding. When using a PrintWriter object to return the response, set the content type before accessing the PrintWriter object.
```
import java.io.*; 
import javax.servlet.*; 
import javax.servlet.http.*;

public class DisplayServlet extends HttpServlet {
	public void doPost(HttpServletRequest req, HttpServletResponse resp)
			throws IOException, ServletException { 
		resp.setContentType("text/html");
		PrintWriter out = resp.getWriter();
		out.println("<html><head><title>Display Information");
		out.println("</title></head><body>");
		out.println("Hello, World");
		out.println("</body></html>");
	} 
}
```
The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.

This method does not need to be either safe or idempotent. Operations requested through POST can have side effects for which the user can be held accountable, for example, updating stored data or buying items online.

POST method purpose.

The POST method is used to request that the origin server accept the entity enclosed in the request as a new subordinate of the resource identified by the Request-URI in the Request-Line. POST is designed to allow a uniform method to cover the following functions:
- Annotation of existing resources;
- Posting a message to a bulletin board, newsgroup, mailing list, or similar group of articles;
- Providing a block of data, such as the result of submitting a form, to a data-handling process;
- Extending a database through an append operation.
In short, this method should be used for posting newgroups messages, submitting long data fields to a database (such as a SQL insert of lengthy string), or sending binary files to server.

POST method technical characteristics.

Sends information to the server such as form fields, large text bodies, and key-value pairs.

Hides form data from users because it is not passed as a query string, but in the message body.

Sends UNLIMITED length data as part of its HTTP request body.

For sending ASCII (text) or binary data.

Disallows bookmarks.

POST method triggers.

The web browser sends an HTTP POST request when:
- The user (or JavaScript) submits a form that specifies attribute method="POST":
```
<form action="/servlet/display" method="POST">
	First Name: <input type="text" name="firstName"><p>
	Last Name: <input type="text" name="lastName"><p>
	<input type="submit" value="Display">
</form>
```
doPut for handling HTTP PUT requests.
```
protected void doPut(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a PUT request. The PUT operation allows a client to place a file on the server and is similar to sending a file by FTP.

When overriding this method, leave intact any content headers sent with the request (including Content-Length, Content-Type, Content-Transfer-Encoding, Content-Encoding, Content-Base, Content-Language, Content-Location, Content-MD5, and Content-Range). If your method cannot handle a content header, it must issue an error message and discard the request.

This method does not need to be either safe or idempotent. Operations that doPut performs can have side effects for which the user can be held accountable. When using this method, it may be useful to save a copy of the affected URL in temporary storage.

The fundamental difference between the POST and PUT requests is reflected in the different meaning of the Request-URI. The URI in a POST request identifies the resource that will handle the enclosed entity. That resource might be a data-accepting process, a gateway to some other protocol, or a separate entity that accepts annotations. In contrast, the URI in a PUT request identifies the entity enclosed with the request -- the user agent knows what URI is intended and the server MUST NOT attempt to apply the request to some other resource.
```
<form enctype="multipart/form-data" action="some_url" method="PUT">
	<input type="file" name="fileToUpload" value="Select File">
	<input type="submit" value="Upload">
	<input type="reset" value="Reset">
</form>
```
doDelete for handling HTTP DELETE requests.
```
protected void doDelete(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a DELETE request. The DELETE operation allows a client to remove a document or Web page from the server.

This method does not need to be either safe or idempotent. Operations requested through DELETE can have side effects for which users can be held accountable. When using this method, it may be useful to save a copy of the affected URL in temporary storage.
doHead for handling HTTP HEAD requests.
```
protected void doHead(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Receives an HTTP HEAD request from the protected service method and handles the request. The client sends a HEAD request when it wants to see ONLY the HEADERS of a response, such as Content-Type or Content-Length. The HTTP HEAD method counts the output bytes in the response to set the Content-Length header accurately.

The doHead method in HttpServlet is a specialized form of the doGet method that returns only the headers produced by the doGet method.
doOptions for handling HTTP OPTIONS requests.
```
protected void doOptions(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a OPTIONS request.

The OPTIONS request determines which HTTP methods the server supports and returns an appropriate header. For example, if a servlet overrides doGet, this method returns the following header:
```
Allow: GET, HEAD, TRACE, OPTIONS
```
doTrace for handling HTTP TRACE requests.
```
protected void doTrace(HttpServletRequest req, HttpServletResponse resp)
	throws ServletException, IOException
								
```
Called by the server (via the service method) to allow a servlet to handle a TRACE request.

The doTrace method generates a response containing all instances of the headers sent in the TRACE request to the client, so that they can be used in debugging. There's no need to override this method.

Typically when developing HTTP-based servlets, a Servlet Developer will only concern himself with the doGet and doPost methods. The other methods are considered to be methods for use by programmers very familiar with HTTP programming.

Tutorials

SCWCD : Servlet Technology Model

Chapter 1. The Servlet Technology Model