Handlind AJAX request with JAVA...

3. AJAX Requests

There are a lot of AJAX libraries these days. YUI's AJAX implementation has a lighter footprint than some other libraries. The Connection Manager class handles AJAX requests in YUI. It provides a simple but powerful interface while handling cross-browser instantiation of the XMLHttpRequest, handles' states, and server responses.

To use the Connection Manager, include the prerequisites Yahoo and Custom Event, and then the Connection Manager.

When you want to handle a response from an AJAX call, create a callback object to handle the server response and the returned data. If you don't care what information comes back from the server, you can omit the callback object.

var callback =
{
   success: function(o) {/*success handler code*/},
   failure: function(o) {/*failure handler code*/},
}

The response object is passed into each function in your callback object. If you need to pass in additional objects, numbers, strings, or arrays to your callback methods, you can do this by using the optional argument member.

Each of these members is optional. The Connection Manager will automatically call either success or response member functions depending on the server response. Each of these members is optional because you are overriding the callback object in the Connection Manager and passing in a custom methods for handling the response. If there is no response method defined in your code, nothing happens.

To make an AJAX request, you also need to define the data you want to send to the server, the URL to send the data to, and the method to use. In this example, you'll use the following URL, URL param string, and the HTTP POST method. If the data string has special characters, you would need to encode the postData string.

var sUrl     = 'http://myserver.com/ajax_url';
var postData = 'username=anonymous&password=blank';
var myMethod = 'POST';

At this point, you have defined methods defined to handle success and failure, your designation URL, your POST data string, and your HTTP method. Now, you just need to make your AJAX request using the Connection Manager. Use the asyncRequest method of the Connection Manager to query the server.

var request = YAHOO.util.Connect.asyncRequest(myMethod, sUrl,
   callback, postData);

Note: You also could retrieve a form element from the page by using the DOM class and pass the form object in to the Connection Manager.

The JAVA things...!!!!

2. Manipulating the DOM

Creating interactive interfaces on the web requires interacting with the Document Object Model. It's okay if you don't have the innermost knowledge of the DOM because YUI does a lot of this work for you in one of its core libraries.

The YUI DOM class offers convenient methods to access DOM elements. This library is a singleton and doesn't require instantiation. Simply put, just include the prerequisite yahoo.js and the library, dom.js, and call the methods directly.

elements for manipulation. You also can get and set styles, the XY coordinate of an element, manipulate class names, and even get the Viewport size.

The DOM library is probably most often used to retrieve page elements by either ID or class for manipulation. You also can shorten your code by assigning this singleton object to a variable at the beginning of a function or class. You can do this with almost all of the YUI utility classes.

$D = YAHOO.util.Dom;

This allows you to call any method of the DOM class using a much shorter line of code throughout your function or class.

$D.get('myid');

Using the new Java 6 Desktop API to do cool things.

A new class in Java 6 is Desktop. Desktop allows you to open, print and edit files by calling their associated application. It lets you open yous OS's default email client, as well as default web browser.

An example of using the system's default web browser to open a URI.

Code:

public class DesktopTest {

public static void main(String[]args) {
//if the desktop is not supported, just exit the program. 
if (!Desktop.isDesktopSupported()) {
else {
//insta
System.exit(0);
}
iate a
n
t desktop object.
p = Desktop.getDesktop();
//open syste
Desktop deskt
om default web browser and navigate to a specified URL
try {
}
catch(IOException ioe) {
desktop.browse(new URI("http://www.yahoo.com"));
       
             System.out.println("Default email app not found!");

            }
            catch(URISyntaxException use) {
System.out.println("URI Syntax error!");
            }
        }//end else
    }//end main
}//end class

This will open whatever browser you use as default and navigate to yahoo.com. Nice.

You can also use these methods:

open(new File("file.txt")); - uses default app to open specified file.

edit(new File("file.txt")); - opend default file editor for specified file type.

print(new File("file.txt")); - opens default app used for printing documents. Mine is Notepad.exe

mail() - opens mail client

mail(new URI("mailto:user@emailaddress.com"); - opens mail client with mailto name filled out.

This is a nice class that makes printing from java apps easier. The other things it does are nice as well

.

Java Tip 96: Use HTTPS in your Java client code Find out how to use the HTTPS protocol with the standard URL class

If you've ever tried to implement secure communication between a Java client and an HTTPS (HyperText Transfer Protocol Secure) server, you've probably discovered that the standard java.net.URL class doesn't support the HTTPS protocol. The server-side implementation of that equation is fairly straightforward. Almost any Web server available today provides a mechanism for requesting data, using HTTPS. Once you have your Web server set up, any browser can request secure information from your server simply by specifying HTTPS as the protocol for the URL. If you don't already have an HTTPS server set up, you can test your client code with almost any HTTPS Webpage on the Internet. The Resources section contains a short list of candidates that you can use for that purpose.

From the client perspective, however, the simplicity of the S at the end of the familiar HTTP is deceiving. The browser is actually doing a considerable amount of behind-the-scenes work to ensure that no one has tampered with or monitored the information that you requested. As it turns out, the algorithm to do the encryption for HTTPS is patented by RSA Security (for at least a few more months). The use of that algorithm has been licensed by browser manufacturers but was not licensed by Sun Microsystems to be included in the standard Java URL class implementation. As a result, if you attempt to construct a URL object with a string specifying HTTPS as the protocol, a MalformedURLException will be thrown.

Fortunately, to accommodate that constraint, the Java specification provides for the ability to select an alternate stream handler for theURL class. However, the technique required to implement that is different, depending on the virtual machine (VM) you use. For Microsoft's JDK 1.1-compatible VM, JView, Microsoft has licensed the algorithm and provided an HTTPS stream handler as part of itswininet package. Sun, on the other hand, has recently released the Java Secure Sockets Extension (JSSE) for JDK 1.2-compatible VMs, in which Sun has also licensed and provided an HTTPS stream handler. This article will demonstrate how to implement the use of an HTTPS-enabled stream handler, using the JSSE and Microsoft'swininet package.

JDK 1.2-compatible virtual machines

The technique for using JDK 1.2-compatible VMs relies primarily on the Java Secure Sockets Extension (JSSE) 1.0.1. Before that technique will work, you must install the JSSE and add it to the class path of the client VM in question.

After you have installed the JSSE, you must set a system property and add a new security provider to the Security class object. There are a variety of ways to do both of these things, but for the purposes of this article, the programmatic method is shown:

System.setProperty("java.protocol.handler.pkgs",
        "com.sun.net.ssl.internal.www.protocol");
   Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

After making the previous two method calls, the MalformedURLException will no longer be thrown by calling the following code

   URL url = new URL("https://[your server]");

If you are connecting to the standard SSL port, 443, you have the option of appending the port number to the URL string. However, if your Web server is using a nonstandard port for SSL traffic, you'll need to append the port number to your URL string like this:

URL url = new URL("https://[your server]:7002");

One caveat of that technique concerns a URL that refers to a server that has an unsigned or invalid SSL certificate. In that case an attempt to retrieve the input or output stream from the URL's connection object will throw an SSLException with the message "untrusted server cert chain." If the server has a valid, signed certificate, no exception will be thrown.

URL url = new URL("https://[your server]");
   URLConnection con = URL.openConnection();
   //SSLException thrown here if server certificate is invalid
   con.getInputStream();

The obvious solution to that problem is to get signed certificates for your server. However, one of the following URLs may also provide a solution: "Java Secure Socket Extension 1.0.2 Changes" (Sun Microsystems) or Sun's Java Developer Connection forum.

Microsoft JView

Due in part to the ongoing dispute between Microsoft and Sun over the licensing of Java for use on Windows platforms, the Microsoft JView VM is currently only JDK 1.1-compliant. Therefore, the technique described above will not work for clients running in JView, as the JSSE requires at least a 1.2.2-compatible VM. Conveniently enough, however, Microsoft provides an HTTPS-enabled stream handler as part of the com.ms.net.wininet package.

You can set the stream handler in a JView environment by calling a single static method on the URL class:

URL.setURLStreamHandlerFactory(new
    com.ms.net.wininet.WininetStreamHandlerFactory());

After making the previous method call, the MalformedURLException will no longer be thrown by calling the following code:

URL url = new URL("https://[your server]");

There are two caveats associated with that technique. First, according to the JDK documentation, thesetURLStreamHandlerFactory method may be called at most once in a given VM. Subsequent attempts to call that method will throw an Error. Second, as is the case with the 1.2 VM solution, you must be cautious when using a URL that refers to a server with an unsigned or invalid SSL certificate. As with the previous case, problems occur when an attempt is made to retrieve the input or output stream from the URL's connection object. However, instead of throwing an SSLException, the Microsoft stream handler throws a standard IOException.

URL url = new URL("https://[your server]");
    URLConnection con = url.openConnection();
    //IOException thrown here if server certificate is invalid
    con.getInputStream();

Again, the obvious solution to that problem is to attempt HTTPS communication only with servers that have a signed, valid certificate. However, JView offers one other option. Immediately prior to retrieving the input or output stream from the URL's connection object, you can call setAllowUserInteraction(true) on the connection object. That will cause JView to display a message warning the user that the server's certificates are invalid, but giving him or her the option to proceed anyway. Keep in mind, however, that such messages may be reasonable for a desktop application, but having dialog boxes appear on your server for anything other than debugging purposes is probably unacceptable.

Note: You can also call the setAllowUserInteraction() method in JDK 1.2-compatible VMs. However, in using Sun's 1.2 VM (with which this code was tested), no dialogs are displayed even when that property is set to true.

URL url = new URL("https://[your server]");
    URLConnection con = url.openConnection();
    //causes the VM to display a dialog when connecting
    //to untrusted servers
    con.setAllowUserInteraction(true);
    con.getInputStream();

The com.ms.net.wininet package appears to be installed and placed on the system classpath by default on Windows NT 4.0, Windows 2000, and Windows 9x systems. Also, according to the Microsoft JDK documentation, WinInetStreamHandlerFactory is "...the same handler that is installed by default when running applets."

Platform independence

Although both of those techniques I've described cover most of the platforms on which your Java client may run, your Java client may need to run on both JDK 1.1- and JDK 1.2-compliant VMs. "Write once, run anywhere," remember? As it turns out, combining those two techniques so that the appropriate handler is loaded depending on the VM, is fairly straightforward. The following code demonstrates one way to go about that:

String strVendor = System.getProperty("java.vendor");
  String strVersion = System.getProperty("java.version");
  //Assumes a system version string of the form:
  //[major].[minor].[release]  (eg. 1.2.2)
  Double dVersion = new Double(strVersion.substring(0, 3));
  //If we are running in a MS environment, use the MS stream handler.
  if( -1 < strVendor.indexOf("Microsoft") )
  {
    try
    {
      Class clsFactory = 
        Class.forName("com.ms.net.wininet.WininetStreamHandlerFactory" );
      if ( null != clsFactory )
        URL.setURLStreamHandlerFactory(
         (URLStreamHandlerFactory)clsFactory.newInstance());
    }
    catch( ClassNotFoundException cfe )
    {
      throw new Exception("Unable to load the Microsoft SSL " +
        "stream handler.  Check classpath."  +  cfe.toString());
    }
    //If the stream handler factory has 
    //already been successfully set
    //make sure our flag is set and eat the error
    catch( Error err ){m_bStreamHandlerSet = true;}
  }
  //If we are in a normal Java environment,
  //try to use the JSSE handler.
  //NOTE:  JSSE requires 1.2 or better
  else if( 1.2 <= dVersion.doubleValue() )
  {
    System.setProperty("java.protocol.handler.pkgs", 
      "com.sun.net.ssl.internal.www.protocol"); 
    try
    {
    //if we have the JSSE provider available, 
    //and it has not already been
    //set, add it as a new provide to the Security class.
    Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
    if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
        Security.addProvider((Provider)clsFactory.newInstance());
    }
    catch( ClassNotFoundException cfe )
    {
      throw new Exception("Unable to load the JSSE SSL stream handler." +  
        "Check classpath."  + cfe.toString());
    }
  }

What about applets?

Performing HTTPS-based communication from within an applet seems like a natural extension of scenarios described above. In reality, it's even easier in most cases. In 4.0 and later versions of Netscape Navigator and Internet Explorer, HTTPS is enabled by default for their respective VMs. Therefore, if you want to create an HTTPS connection from within your applet code, simply specify HTTPS as your protocol when creating an instance of the URL class:

URL url = new URL("https://[your server]");

If the client browser is running Sun's Java 2 plug-in, then there are additional limitations to how you can use HTTPS. A full discussion on using HTTPS with the Java 2 plug-in can be found on Sun's Website (see Resources).

Conclusion

Using the HTTPS protocol between applications can be a quick and effective way to gain a reasonable level of security in your communication. Unfortunately, the reasons that it is not supported as part of the standard Java specification appear to be more legal than technical. However, with the advent of the JSSE and the use of Microsoft's com.ms.net.winint package, secure communication is possible from most platforms with only a few lines of code.

think JAVA think NEW...!!!!

Top Java Story

The Future of Java: forking, death, or stasis

TheServerSideCOM.com | 06 Oct 2010

It’s popular nowadays to complain about the state of Java. What is the right approach for the future of Java? I’d like to outline a few possibilities, along with starting a discussion of the benefits and problems associated with each.

Java News

• 21 Apr 2011

  NetBeans 7.0 is Now Available (TheServerSide Newsfeed)
  NetBeans IDE 7.0 is the industry's first IDE to support the upcoming JDK 7 release and seeks to enable developers to take advantage of the latest...
• Start yourself with Apache Hadoop (TheServerSide Newsfeed)
  This tutorial contains instructions for Hadoop installation on Ubuntu, here you will get all the commands and their descriptions required to install...

• 19 Apr 2011

  The backlash against the data grid JSR and JCP reform (TheServerSide Newsfeed)
  The recent backlash against Red Hat's data grid JSR proposal sparked interest as the JCP is going under reform right now. By raising the new JSR, Red...

• 18 Apr 2011

  With Coherence 3.7, Oracle Continues to Drive Innovation in the Data Grid Market (TheServerSide Newsfeed)
  The interesting thing about this latest product release is the work and effort the Coherence team seems to be putting into efficiently managing the...

• 15 Apr 2011

  Contexts and Dependency Injection in Java EE: Which Annotations to Use? (TheServerSide Newsfeed)
  Java Platform, Enterprise Edition (Java EE) 5 brought dependency injection (DI) with Convention over Configuration to Enterprise JavaBeans (EJB) 3.0....
• Getting the Java out of your Scala (TheServerSide Newsfeed)
  To get some grip on the configuration of the Weblogic domains and servers at my current client, I created a tool that reads domain config files and...
• Troubleshooting response time problems – why you cannot trust your system metrics (TheServerSide Newsfeed)
  Production Monitoring is about ensuring the stability and health of our system, that also includes the application. A lot of times we encounter...

• 13 Apr 2011

  Stop Handling Exceptions: Your Code Could Run Faster (TheServerSide Newsfeed)
  When working with customers we very often find a lot of exceptions they are not aware of. After removing these exceptions, the code runs...

• 06 Apr 2011

  The future of Java on the Mac (TheServerSide Newsfeed)
  Hopefully, by now, everyone knows that Apple joined the OpenJDK project last year. This is good news for Java developers who want to develop on Mac....

• 05 Apr 2011

  From Zero to Java EE in 60 seconds: Seam Forge is heating up Java Web Development (TheServerSide Newsfeed)
  It's been a few months since their last release, but they have a lot of goodies for you this time, and for those of you who haven't taken a look, or...