CS 416

Web Programming
Final exam review

Dr. Williams
Central Connecticut State University

Exam info
Final worth 20% of your grade
2 letter size piece of paper, hand written
notes both sides
Exam will be a mix of:

True/False
Short answer
Essay
Design a solution

Key aspect will be testing your

understanding of the fundamentals of each
of the technologies and how multiple
technologies work together

Important details
Exam will be given at university scheduled time:
Monday, December 12th 11:00 am - 1:00 pm

Monday, December 12th 4:30 pm - 6:30 pm

I GIVE PARTIAL CREDIT if you dont know

the full answer explain what you do so I can give
you partial credit for what you do understand
If we didnt cover it in class it wont be on the
exam. The slides and book go into some details we
didnt touch upon in class.

What to expect
Questions similar to the midterm but which
technologies to use will be cumulative:
What would you use technology XXX for?
Describe the difference between technology XXX and
YYY
Given an application description, describe how you
would use one or more technologies to solve it
For situation YYY is technology XXX the best choice
(Note this would be within technology stack i.e.
Java/Rails not which is better Java or Rails)

The goal of the test is to demonstrate

that you know all of the technologies
available to you and when and how to
use each

Broad level what we have covered

HTML, Javascript, Ajax
JEE core
Servlets
JSPs
JDBC, JPA

Rails

Routes
Controller
View
Model

MVC design

JEE
Ruby on Rails

Security

Concepts to think about critical

Integration of technologies and selection of the right

technologies for solution will be key focus

HTML and Javascript What to know

GET vs POST
Forms
What is the purpose of Javascript
Cancelling form submit
JUST BECAUSE WE CAN DO THINGS SERVER-SIDE
DOESNT MEAN IT IS ALWAYS THE BEST CHOICE,
SAME IS TRUE OF THE OPPOSITE

While Rails generates the majority of tying page

elements to server objects and javascript for AJAX it is
important that you understand what is happening at a
low level with the code it generates

Ajax
What capability does it give your web
application/when would you use it
Sample application, given a description of a
dynamic page describe how you would use
Ajax to solve it describing the steps in the Ajax
flow

Ajax cont.
From server side what forms can the response
take how does that effect how read on
javascript side
How do you write AJAX return to the page
Conceptually how to process an XML
response, how to process JSON response
why would you want one of these response
types
While Rails can generate Ajax code you
still need to understand how it works
(i.e. what is the underlying flow)

Servlets
What is purpose of a Servlet
Responding to requests

What is it, when would it be used, how

would you integrate it with other
technologies
Request forwarding
Response redirection

Accessing request data

Servlets cont.
Using request, session, context attributes
make sure you know the difference and
when you would use each
Processing data and using views
Example question: Youve been asked to
implement this application using a Servlet as
a controller, how would you implement it,
contrast this to how it would be done with
Rails

JSP
What is it, when would you use it over a
servlet/when would you use a servlet instead,
relation to Rails
Using scriptlets, expressions
JavaBeans
Provide easy integration of JPA model for
display in JSP view

JDBC
What elements are necessary to setup a database
to be accessed by the application server
How would you make a 1-many relationship in
the database
What would be a scenario when it makes more
sense to use JDBC rather than JPA?

Java Persistence API

Advantages over JDBC
How do you create a Entity bean
What if bean fields dont match database tables
exactly?
How do you implement complex relationships
such as 1-1,1-many, many-many
Know matching table design

How do you persist such beans

Inserting, Update, Delete transactions

Searching and working with results - JPQL

Java EE
MVC with Java EE
What plays each role and how integrate
Why MVC?
How do you develop and what are the
responsibilities of the controller
Ex. You are developing a web page where the user is
entering and creating a new record. What classes are
involved, the role of each of these classes and how
are they implemented

Java EE and Ajax

The two methods of creation
Event based
Action listeners

How do you pass to server?

How do you pass data back and forms
Given some Ajax code describe what the
generated javascript code is doing (ie. What is
being done with the initial server call, how is it
knowing to update the page and how would you
do that if you coded it by hand

High level Rails model

Controller per application area
Multiple views registered to same controller in
application area

Database schema is the model

Validation belongs in model

Database schema versioned like code

(migrations)
Strength is rapid prototyping

What will not be tested for Rails

Ruby syntax
But you do need to know how you would pass a
value from controller to view

The syntax of various command line operators,

but do know conceptually what is available that
we have covered
Helper syntax/commands
Sass syntax
Byebug commands
JQuery

Rails flow

REpresentational State Transfer (REST)

Application components modeled as resources
Created, Read, Updated, and Deleted (CRUD)
HTTP requests: POST, GET, PATCH, and DELETE

Idea is for all components in application to be

thought of in this way to guide choices of what
type of calls and controllers to provide

Important while we covered RESTful

operations in the context of Rails it is not
Rails specific

RESTful routes by Users resources

HTTP request

URL

Action

Purpose

GET

/users

index

page to list all users

GET

/users/1

show

page to show user with id 1

GET

/users/new

new

page to make a new user

POST

/users

create

create a new user

GET

/users/1/edit

edit

page to edit user with id 1

PATCH

/users/1

update

update user with id 1

DELETE

/users/1

destroy

delete user with id 1

For Rails
Know how to conceptually explain

Gemfile, purpose and benefits

What is the routes file used for
What is a DB migration and how it relates to MVC
What is a RESTful resource
Critical parts of what is being generated by
scaffolding command
How model relationships are defined
What purpose do layouts and partials serve
Extract commonality and ability to pass variables to
each

What is asset pipeline and what is included

How you would manage authentication and
authorization
What are strong parameters and their purpose
Ajax remote = true and respond to format

Rails vs Java EE
Potential question formats
Given application description
Create conceptual design and flow for each
architecture
Compare and contrast similarities between
specific solutions either given or one you came up
with (see above)

The Rails we (or the framework) did XXX,

conceptually how might a similar type of
functionality be done in Java EE using just
what we covered

Security
What does it mean to program securely
What is XSS, what specifically happens
What is SQL injection, show/describe how it could
be used
Safe linking to new tabs

Why HTTPS
Secure login considerations
Storage of password
Why SSL critical

Web programming: application security

Many issues
Input validation: to prevent SQL injection,
command injection, other condentiality attacks.
Ajax: beware client-side validation! Understand
metacharacters at every point. Use labels/indexes
for hidden values, not values themselves.
Output ltering: Beware passing informative
error messages.
Careful cryptography: encryption/hashing to
protect server state in client, use of appropriate
authentication mechanisms for web accounts

MVC architecture and design

What is the purpose of the MVC architecture
What is the role of each part of the MVC
Given application description design
implementation in anyone of our frameworks
Identify model
Identify business logic (and where it resides based on
chosen framework)
Identify views
Identify controllers
How implemented

Be able to draw flow tying elements together

Compare and contrast basics

University has many Departments. Each
Department can offer many classes (assume each
class associated with only one department) There
should be:
A page to display a list of departments
A page displays a list of classes, and
A page that displays a single department showing its
detail and all of its classes.

Design an MVC architecture solution for this same

description in both Java and Rails including DB
design.
Create bullet point list of similarity/differences at each
component.

Diagram a step-by-step flow for each architecture, pay

particular attention to interaction for this call

Adding Ajax search

Conceptually describe how you could add an
Ajax search to the Class list page for each
architecture
High level what code are you adding/changing to
each MVC component(s) in each architecture
Draw flow of sample Ajax call for each

Kitchen sink problem design web site

Starting with Rails solution to Department/Classes
problem
1. Add Professor
Professor is associated to single department, department has
multiple professors
Professor is associated to multiple classes, each class single
professor

2. Add Security/Authorization (security checks where appropriate)

a) Professors can log in
b) If logged in, on all pages see a link to list the professors
c) To show/edit/update, must be that logged in professor

Draw data model

Conceptually describe what needs to be done to support each
of these specific requirements