Servlet container and application servers in Java
Servlet container is a server program that provides system support for servlets and ensures their life cycle in accordance with the rules defined in the specifications. It can act as a full-fledged stand-alone web server, provide pages for another web server, or integrate into a Java EE application server.
The servlet container provides data exchange between the servlet and clients, takes on such functions as creating a software environment for a functioning servlet, identifying and authorizing clients, organizing a session for each of them.
The most famous implementations of servlet containers are:
- Apache Tomcat
- Jetty
- JBoss
- WildFly
- GlassFish
- IBM WebSphere
- Oracle Weblogic
Why do you need application servers when there are servlet containers?
- Database connection pools
- The ability to periodically test the availability of the DBMS and update the connection in the event of failure recovery
- Replacing access rights when connecting
- Load balancing between several DBMS, determining the availability or inaccessibility of a particular node
- Protection of the connection pool from incorrect code in the application, which inadvertently does not return connections, just picking it up after some timeout.
- JMS
- Out-of-the-box availability of a message queue server.
- The ability to cluster queues, i.e. availability of building distributed queues located on several servers at once, which significantly increases the scalability and availability of the application.
- Ability to migrate queues - if one of the servers crashes, its queues are automatically moved to another, saving unprocessed messages.
- Some application servers maintain a Unit-of-Order — a guaranteed order in which messages are processed that meet certain criteria.
- JTA Built-in support for distributed transactions to ensure consistency of data across different DBMS or queues.
- Safety
- Multiple security and authentication providers:
- in an embedded or external LDAP server
- in the database
- in various Internet-directory (specialized applications for managing access rights)
- Availability of Single-Sign-On (the ability to split the user session between applications) through Security Assertion Markup Language (SAML) 1/2 or Simple and Protected Negotiate (SPNEGO) and Kerberos: one of the servers acts as a base for storing users, all other servers when authenticating a user, they refer to this database.
- The ability to authorize using the eXtensible Access Control Markup Language (XACML) protocol, which allows you to describe rather complex policies (for example, the application is available to the user only during business hours).
- Clustering all of the above
- Multiple security and authentication providers:
- Scalability and High Availability Clustering is usually also possible for a servlet container, but it will be rather primitive as it has the following limitations:
- The complexity of transferring a user session from one data center (DC) to another via the Internet
- Inability to effectively configure session replication on a large (consisting of 40-50 server instances) cluster
- Inability to ensure migration of application instances to another server
- Unavailability of mechanisms for automatic monitoring and response to errors
- Controllability
- The presence of a single control center, the so-called AdminServer and NodeManager analog, which provides
- Ability to run multiple server instances simultaneously
- Viewing the status of running server instances, handlers of a particular queue, on a particular server, the number of connections to a particular database
- The presence of a single control center, the so-called AdminServer and NodeManager analog, which provides
- Administrative Channel and Production Mode Deployment. Some application servers allow you to enable a so-called "administrative channel", a separate port on which requests have priority.
- Viewing the status (running transactions, threads, queues) in case of server unavailability ("hangup")
- Updating applications on the fly, no downtime:
- adding a new version of the application to the server in a "closed" mode while users continue to work with the previous one
- testing the correctness of the deployment of the new version
- "hidden" transfer to use the new version of all users
Read also:
- Servlet in Java
- List of principles for multithreaded programming in Java
- Structure of servlet web project in Java
Comments
Post a Comment