计算机毕设外文翻译

Talking about security loopholesRichard S. Kraus reference to the core network security business objective is to protect the sustainability of the system and data security, This two of the main threats come from the worm outbreaks, hacking attacks, denial of service attacks, Trojan horse. Worms, hacker attacks problems and loopholes closely linked to, if there is major security loopholes have emerged, the entire Internet will be faced with a major challenge. While traditional Trojan and little security loopholes, but recently many Trojan are clever use of the IE loophole let you browse the website at unknowingly were on the move.Security loopholes in the definition of a lot, I have here is a popular saying: can be used to stem the "thought" can not do, and are safety-related deficiencies. This shortcoming can be a matter of design, code realization of the problem.Different perspective of security loo phole sIn the classification of a specific procedure is safe from the many loopholes in classification.1. Classification from the user groups:● Public loopholes in the software category. If the loopholes in Windows, IEloophole, and so on.● specialized software loophole. If Oracle loopholes, Apach e, etc. loopholes.2. Data from the perspective include :● could not reasonably be read and read data, including the memory of thedata, documents the data, Users input data, the data in the database, network,data transmission and so on.● designa ted can be written into the designated places (including the localpaper, memory, databases, etc.)● Input data can be implemented (including native implementation,according to Shell code execution, by SQL code execution, etc.)3. From the point of view of the scope of the role are :● Remote loopholes, an attacker could use the network and directly throughthe loopholes in the attack. Such loopholes great harm, an attacker can createa loophole through other people's computers operate. Such loopholes and caneasily lead to worm attacks on Windows.● Local loopholes, the attacker must have the machine premise accesspermissions can be launched to attack the loopholes. Typical of the local authority to upgrade loopholes, loopholes in the Unix system are widespread, allow ordinary users to access the highest administrator privileges.4. Trigger conditions from the point of view can be divided into:● Initiative trigger loopholes, an attacker can take the initiative to use the loopholes in the attack, If direct access to computers.● Passive trigger loopholes must be computer operators can be carried out attacks with the use of the loophole. For example, the attacker made to a mail administrator, with a special jpg image files, if the administrator to open image files will lead to a picture of the software loophole was triggered, thereby system attacks, but if managers do not look at the pictures will not be affected by attacks.5. On an operational perspective can be divided into:● File opera tion type, mainly for the operation of the target file path can be controlled (e.g., parameters, configuration files, environment variables, the symbolic link HEC), this may lead to the following two questions: ◇Content can be written into control, the contents of the documents can be forged. Upgrading or authority to directly alter the important data (such as revising the deposit and lending data), this has many loopholes. If history Oracle TNS LOG document can be designated loopholes, could lead to any person may control the operation of the Oracle computer services;◇information content can be output Print content has been contained to a screen to record readable log files can be generated by the core users reading papers, Such loopholes in the history of the Unix system crontab subsystem seen many times, ordinary users can read the shadow ofprotected documents;● Memory coverage, mainly for memory modules can be specified, writecontent may designate such persons will be able to attack to enforce the code (buffer overflow, format string loopholes, PTrace loopholes, Windows 2000 history of the hardware debugging registers users can write loopholes), or directly alter the memory of secrets data.● logic errors, such wide gaps exist, but very few changes, so it is difficult todiscern, can be broken down as follows : ◇loopholes competitive conditions (usually for the design, typical of Ptrace loopholes, The existence of widespread document timing of competition) ◇wrong tactic, usually in design. If the history of the FreeBSD Smart IO loopholes. ◇Algorithm (usually code or design to achieve), If the history of Microsoft Windows 95/98 sharing password can easily access loopholes. ◇Imperfections of the design, such as TCP / IP protocol of the three-step handshake SYN FLOOD led to a denial of service attack. ◇realize the mistakes (usually no problem for the design, but the presence of coding logic wrong, If history betting system pseudo-random algorithm)● External orders, Typical of external commands can be controlled (via the PATH variable, SHELL importation of special characters, etc.) and SQL injection issues.6. From time series can be divided into:● has long found loopholes: manufacturers already issued a patch or repairmethods many people know already. Such loopholes are usually a lot of people have had to repair macro perspective harm rather small.● recently discovered loophole: manufacturers just made patch or repairmethods, the people still do not know more. Compared to greater danger loopholes, if the worm appeared fool or the use of procedures, so will result in a large number of systems have been attacked.● 0day: not open the loophole in the private transactions. Usually such loopholes to the public will not have any impact, but it will allow an attacker to the targetby aiming precision attacks, harm is very great.Different perspective on the use of the loopholesIf a defect should not be used to stem the "original" can not do what the (safety-related), one would not be called security vulnerability, security loopholes and gaps inevitably closely linked to use.Perspective use of the loopholes is:● Data Perspective: visit had not visited the data, including reading and writing.This is usually an attacker's core purpose, but can cause very serious disaster (such as banking data can be written).● Competence Perspective: Major Powers to bypass or p ermissions. Permissionsare usually in order to obtain the desired data manipulation capabilities.● Usability perspective: access to certain services on the system of controlauthority, this may lead to some important services to stop attacks and lead to a denial of service attack.● Authentication bypass: usually use certification system and the loopholes willnot authorize to access. Authentication is usually bypassed for permissions or direct data access services.● Code execution perspective: mainly procedures for the importation of thecontents as to implement the code, obtain remote system access permissions or local system of higher authority. This angle is SQL injection, memory type games pointer loopholes (buffer overflow, format string, Plastic overflow etc.), the main driving. This angle is usually bypassing the authentication system, permissions, and data preparation for the reading.Loopholes explore methods mustFirst remove security vulnerabilities in software BUG in a subset, all software testing tools have security loopholes to explore practical. Now that the "hackers" used to explore the various loopholes that there are means available to the model are:● fuzz testing (black box testing), by constructing procedures may lead toproblems of structural input data for automatic testing.● FOSS audit (White Box), now have a series of tools that can assist in thedetection of the safety procedures BUG. The most simple is your hands the latest version of the C language compiler.● IDA anti-compilation of the audit (gray box testing), and above the sourceaudit are very similar. The only difference is that many times you can obtain software, but you can not get to the source code audit, But IDA is a very powerful anti-Series platform, let you based on the code (the source code is in fact equivalent) conducted a safety audit.● dynamic tracking, is the record of proceedings under different conditions andthe implementation of all security issues related to the operation (such as file operations), then sequence analysis of these operations if there are problems, it is competitive category loopholes found one of the major ways. Other tracking tainted spread also belongs to this category.● patch, the software manufacturers out of the question usually addressed in thepatch. By comparing the patch before and after the source document (or the anti-coding) to be aware of the specific details of loopholes.More tools with which both relate to a crucial point: Artificial need to find a comprehensive analysis of the flow path coverage. Analysis methods varied analysis and design documents, source code analysis, analysis of the anti-code compilation, dynamic debugging procedures.Grading loopholesloopholes in the inspection harm should close the loopholes and the use of the hazards related Often people are not aware of all the Buffer Overflow Vulnerability loopholes are high-risk. A long-distance loophole example and better delineation:●R emote access can be an OS, application procedures, version information.●open unnecessary or dangerous in the service, remote access to sensitiveinformation systems.● Remote can be restricted for the documents, data reading.●remotely important or res tricted documents, data reading.● may be limited for long-range document, data revisions.● Remote can be restricted for important documents, data changes.● Remote can be conducted without limitation in the important documents, datachanges, or for general service denial of service attacks.● Remotely as a normal user or executing orders for system and network-leveldenial of service attacks.● may be remote management of user identities to the enforcement of the order(limited, it is not easy to use).● can be remote management of user identities to the enforcement of the order(not restricted, accessible).Almost all local loopholes lead to code execution, classified above the 10 points system for:●initiative remote trigger code execution (such a s IE loophole).● passive trigger remote code execution (such as Word gaps / charting softwareloopholes).DEMOa firewall segregation (peacekeeping operation only allows the Department of visits) networks were operating a Unix server; operating systems only root users and users may oracle landing operating system running Apache (nobody authority), Oracle (oracle user rights) services.An attacker's purpose is to amend the Oracle database table billing data. Its possible attacks steps:● 1. Access pea cekeeping operation of the network. Access to a peacekeepingoperation of the IP address in order to visit through the firewall to protect the UNIX server.● 2. Apache services using a Remote Buffer Overflow Vulnerability direct accessto a nobody's competence hell visit.● 3. Using a certain operating system suid procedure of the loophole to upgradetheir competence to root privileges.● 4. Oracle sysdba landing into the database (local landing without a password).● 5. Revised target table data.Over five down for process analysis:●Step 1: Authentication bypass●Step 2: Remote loopholes code execution (native), Authentication bypassing ● Step 3: permissions, authentication bypass● Step 4: Authentication bypass● Step 5: write data安全漏洞杂谈Richard S. Kraus 网络安全的核心目标是保障业务系统的可持续性和数据的安全性，而这两点的主要威胁来自于蠕虫的暴发、黑客的攻击、拒绝服务攻击、木马。

外文文献原文THE TECHNIQUE DEVELOPMENT HISTORY OF JSPThe Java Server Pages( JSP) is a kind of according to web of the script plait distance technique, similar carries the script language of Java in the server of the Netscape company of server- side JavaScript( SSJS) and the Active Server Pages(ASP) of the Microsoft. JSP compares the SSJS and ASP to have better can expand sex, and it is no more exclusive than any factory or some one particular server of Web. Though the norm of JSP is to be draw up by the Sun company of, any factory can carry out the JSP on own system.The After Sun release the JSP( the Java Server Pages) formally, the this kind of new Web application development technique very quickly caused the people's concern. JSP provided a special development environment for the Web application that establishes the high dynamic state. According to the Sun parlance, the JSP can adapt to include the Apache WebServer, IIS4.0 on the market at inside of 85% server product.This chapter will introduce the related knowledge of JSP and Databases, and JavaBean related contents, is all certainly rougher introduction among them basic contents, say perhaps to is a Guide only, if the reader needs the more detailed information, pleasing the book of consult the homologous JSP.1.1 GENERALIZEThe JSP(Java Server Pages) is from the company of Sun Microsystems initiate, the many companies the participate to the build up the together of the a kind the of dynamic the state web the page technique standard, the it have the it in the construction the of the dynamic state the web page the strong but the do not the especially of the function. JSP and the technique of ASP of the Microsoft is very alike. Both all provide the ability that mixes with a certain procedure code and is explain by the language engine to carry out the procedure code in the code of HTML. Underneath we are simple of carry on the introduction to it.JSP pages are translated into servlets. So, fundamentally, any task JSP pages can perform could also be accomplished by servlets. However, this underlying equivalence does not mean that servlets and JSP pages are equally appropriate in all scenarios. The issue is not the power of the technology, it is the convenience, productivity, and maintainability of one or the other. After all, anything you can do on a particular computer platform in the Java programming language you could also do in assembly language. But it still matters which you choose.JSP provides the following benefits over servlets alone:• It is easier to write and maintain the HTML. Your static code is ordinary HTML: no extra backslashes, no double quotes, and no lurking Java syntax.• You can use standard Web-site development tools. Even HTML tools that know nothing about JSP can be used because they simply ignore the JSP tags.• You can divide up your development team. The Java programmers can work on the dynamic code. The Web developers can concentrate on the presentation layer. On large projects, this division is very important. Depending on the size of your team and the complexity of your project, you can enforce a weaker or stronger separation between the static HTML and the dynamic content.Now, this discussion is not to say that you should stop using servlets and use only JSP instead. By no means. Almost all projects will use both. For some requests in your project, you will use servlets. For others, you will use JSP. For still others, you will combine them with the MVC architecture . You want the appropriate tool for the job, and servlets, by themselves, do not complete your toolkit.1.2 SOURCE OF JSPThe technique of JSP of the company of Sun, making the page of Web develop the personnel can use the HTML perhaps marking of XML to design to turn the end page with format. Use the perhaps small script future life of marking of JSP becomes the dynamic state on the page contents.( the contents changes according to the claim of)The Java Servlet is a technical foundation of JSP, and the large Web applies the development of the procedure to need the Java Servlet to match with with the JSP and then can complete, this name of Servlet comes from the Applet, the local translation method of now is a lot of, this book in order not to misconstruction, decide the direct adoption Servlet but don't do any translation, if reader would like to, can call it as" small service procedure". The Servlet is similar to traditional CGI, ISAPI, NSAPI etc. Web procedure development the function of the tool in fact, at use the Java Servlet hereafter, the customer need not use again the lowly method of CGI of efficiency, also need not use only the ability come to born page of Web of dynamic state in the method of API that a certain fixed Web server terrace circulate. Many servers of Web all support the Servlet, even not support the Servlet server of Web directly and can also pass the additional applied server and the mold pieces to support the Servlet. Receive benefit in the characteristic of the Java cross-platform, the Servlet is also a terrace irrelevant, actually, as long as match the norm of Java Servlet, the Servlet is complete to have nothing to do with terrace and is to have nothing to do with server of Web. Because the Java Servlet is internal to provide the service by the line distance, need not start a progress to the each claimses, and make use of the multi-threadingmechanism can at the same time for several claim service, therefore the efficiency of Java Servlet is very high.But the Java Servlet also is not to has no weakness, similar to traditional CGI, ISAPI, the NSAPI method, the Java Servlet is to make use of to output the HTML language sentence to carry out the dynamic state web page of, if develop the whole website with the Java Servlet, the integration process of the dynamic state part and the static state page is an evil-foreboding dream simply. For solving this kind of weakness of the Java Servlet, the SUN released the JSP.A number of years ago, Marty was invited to attend a small 20-person industry roundtable discussion on software technology. Sitting in the seat next to Marty was James Gosling, inventor of the Java programming language. Sitting several seats away was a high-level manager from a very large software company in Redmond, Washington. During the discussion, the moderator brought up the subject of Jini, which at that time was a new Java technology. The moderator asked the manager what he thought of it, and the manager responded that it was too early to tell, but that it seemed to be an excellent idea. He went on to say that they would keep an eye on it, and if it seemed to be catching on, they would follow his company's usual "embrace and extend" strategy. At this point, Gosling lightheartedly interjected "You mean disgrace and distend."Now, the grievance that Gosling was airing was that he felt that this company would take technology from other companies and suborn it for their own purposes. But guess what? The shoe is on the other foot here. The Java community did not invent the idea of designing pages as a mixture of static HTML and dynamic code marked with special tags. For example, Cold Fusion did it years earlier. Even ASP (a product from the very software company of the aforementioned manager) popularized this approach before JSP came along and decided to jump on the bandwagon. In fact, JSP not only adopted the general idea, it even used many of the same special tags as ASP did.The JSP is an establishment at the model of Java servlets on of the expression layer technique, it makes the plait write the HTML to become more simple.Be like the SSJS, it also allows you carry the static state HTML contents and servers the script mix to put together the born dynamic state exportation. JSP the script language that the Java is the tacit approval, however, be like the ASP and can use other languages( such as JavaScript and VBScript), the norm of JSP also allows to use other languages.1.3 JSP CHARACTERISTICSIs a service according to the script language in some one language of the statures system this kind of discuss, the JSP should be see make is a kind of script language.However, be a kind of script language, the JSP seemed to be too strong again, almost can use all Javas in the JSP.Be a kind of according to text originally of, take manifestation as the central development technique, the JSP provided all advantages of the Java Servlet, and, when combine with a JavaBeans together, providing a kind of make contents and manifestation that simple way that logic separate. Separate the contents and advantage of logical manifestations is, the personnel who renews the page external appearance need not know the code of Java, and renew the JavaBeans personnel also need not be design the web page of expert in hand, can use to take the page of JavaBeans JSP to define the template of Web, to build up a from have the alike external appearance of the website that page constitute. JavaBeans completes the data to provide, having no code of Java in the template thus, this means that these templates can be written the personnel by a HTML plait to support. Certainly, can also make use of the Java Servlet to control the logic of the website, adjust through the Java Servlet to use the way of the document of JSP to separate website of logic and contents.Generally speaking, in actual engine of JSP, the page of JSP is the edit and translate type while carry out, not explain the type of. Explain the dynamic state web page development tool of the type, such as ASP, PHP3 etc., because speed etc. reason, have already can't satisfy current the large electronic commerce needs appliedly, traditional development techniques are all at to edit and translate the executive way change, such as the ASP → ASP+;PHP3 → PHP4.In the JSP norm book, did not request the procedure in the JSP code part( be called the Scriptlet) and must write with the Java definitely. Actually, have some engines of JSP are adoptive other script languages such as the EMAC- Script, etc., but actually this a few script languages also are to set up on the Java, edit and translate for the Servlet to carry out of. Write according to the norm of JSP, have no Scriptlet of relation with Java also is can of, however, mainly lie in the ability and JavaBeans, the Enterprise JavaBeanses because of the JSP strong function to work together, so even is the Scriptlet part not to use the Java, edit and translate of performance code also should is related with Java.1.4 JSP MECHANISMTo comprehend the JSP how unite the technical advantage that above various speak of, come to carry out various result easily, the customer must understand the differentiation of" the module develops for the web page of the center" and" the page develops for the web page of the center" first.The SSJS and ASP are all in several year ago to release, the network of that time is still very young, no one knows to still have in addition to making all business, datas and the expression logic enter the original web page entirely heap what better solvethe method. This kind of model that take page as the center studies and gets the very fast development easily. However, along with change of time, the people know that this kind of method is unwell in set up large, the Web that can upgrade applies the procedure. The expression logic write in the script environment was lock in the page, only passing to shear to slice and glue to stick then can drive heavy use. Express the logic to usually mix together with business and the data logics, when this makes be the procedure member to try to change an external appearance that applies the procedure but do not want to break with its llied business logic, apply the procedure of maintenance be like to walk the similar difficulty on the eggshell. In fact in the business enterprise, heavy use the application of the module already through very mature, no one would like to rewrite those logics for their applied procedure.HTML and sketch the designer handed over to the implement work of their design the Web plait the one who write, make they have to double work-Usually is the handicraft plait to write, because have no fit tool and can carry the script and the HTML contents knot to the server to put together. Chien but speech, apply the complexity of the procedure along with the Web to promote continuously, the development method that take page as the center limits sex to become to get up obviously.At the same time, the people always at look for the better method of build up the Web application procedure, the module spreads in customer's machine/ server the realm. JavaBeans and ActiveX were published the company to expand to apply the procedure developer for Java and Windows to use to come to develop the complicated procedure quickly by" the fast application procedure development"( RAD) tool. These techniques make the expert in the some realm be able to write the module for the perpendicular application plait in the skill area, but the developer can go fetch the usage directly but need not control the expertise of this realm.Be a kind of take module as the central development terrace, the JSP appeared. It with the JavaBeans and Enterprise JavaBeans( EJB) module includes the model of the business and the data logic for foundation, provide a great deal of label and a script terraces to use to come to show in the HTML page from the contents of JavaBeans creation or send a present in return. Because of the property that regards the module as the center of the JSP, it can drive Java and not the developer of Java uses equally. Not the developer of Java can pass the JSP label( Tags) to use the JavaBeans that the deluxe developer of Java establish. The developer of Java not only can establish and use the JavaBeans, but also can use the language of Java to come to control more accurately in the JSP page according to the expression logic of the first floor JavaBeans.See now how JSP is handle claim of HTTP. In basic claim model, a claimdirectly was send to JSP page in. The code of JSP controls to carry on hour of the logic processing and module of JavaBeanses' hand over with each other, and the manifestation result in dynamic state bornly, mixing with the HTML page of the static state HTML code. The Beans can be JavaBeans or module of EJBs. Moreover, the more complicated claim model can see make from is request other JSP pages of the page call sign or Java Servlets.The engine of JSP wants to chase the code of Java that the label of JSP, code of Java in the JSP page even all converts into the big piece together with the static state HTML contents actually. These codes piece was organized the Java Servlet that customer can not see to go to by the engine of JSP, then the Servlet edits and translate them automatically byte code of Java.Thus, the visitant that is the website requests a JSP page, under the condition of it is not knowing, an already born, the Servlet actual full general that prepared to edit and translate completes all works, very concealment but again and efficiently. The Servlet is to edit and translate of, so the code of JSP in the web page does not need when the every time requests that page is explain. The engine of JSP need to be edit and translate after Servlet the code end is modify only once, then this Servlet that editted and translate can be carry out. The in view of the fact JSP engine auto is born to edit and translate the Servlet also, need not procedure member begins to edit and translate the code, so the JSP can bring vivid sex that function and fast developments need that you are efficiently.Compared with the traditional CGI, the JSP has the equal advantage. First, on the speed, the traditional procedure of CGI needs to use the standard importation of the system to output the equipments to carry out the dynamic state web page born, but the JSP is direct is mutually the connection with server. And say for the CGI, each interview needs to add to add a progress to handle, the progress build up and destroy by burning constantly and will be a not small burden for calculator of be the server of Web. The next in order, the JSP is specialized to develop but design for the Web of, its purpose is for building up according to the Web applied procedure, included the norm and the tool of a the whole set. Use the technique of JSP can combine a lot of JSP pages to become a Web application procedure very expediently.JSP six built-in objectsrequest for:The object of the package of information submitted by users, by calling the object corresponding way to access the information package, namely the use of the target users can access the information.response object:The customer's request dynamic response to the client sent the data.session object1. What is the session: session object is a built-in objects JSP, it in the first JSP pages loaded automatically create, complete the conversation of management.From a customer to open a browser and connect to the server, to close the browser, leaving the end of this server, known as a conversation.When a customer visits a server, the server may be a few pages link between repeatedly, repeatedly refresh a page, the server should bethrough some kind of way to know this is the same client, which requires session object.2. session object ID: When a customer's first visit to a server on the JSP pages, JSP engines produce a session object, and assigned aString type of ID number, JSP engine at the same time, the ID number sent to the client, stored in Cookie, this session objects, and customers on the establishment of a one-to-one relationship. When a customer to connect to the server of the other pages, customers no longer allocated to the new session object, until, close your browser, the client-server object to cancel the session, and the conversation, and customer relationship disappeared. When a customer re-open the browser to connect to the server, the server for the customer to create a new session object.aplication target1. What is the application:Servers have launched after the application object, when a customer to visit the site between the various pages here, this application objects are the same, until the server is down. But with the session difference is that all customers of the application objects are the same, that is, all customers share this built-in application objects.2. application objects commonly used methods:(1) public void setAttribute (String key, Object obj): Object specified parameters will be the object obj added to the application object, and to add the subject of the designation of a keyword index.(2) public Object getAttribute (String key): access to application objects containing keywords for.out targetsout as a target output flow, used to client output data. out targets for the output data.Cookie1. What is Cookie:Cookie is stored in Web server on the user's hard drive section of the text. Cookie allow a Web site on the user's computer to store information on and then get back to it.For example, a Web site may be generated for each visitor a unique ID, and then to Cookie in the form of documents stored in each user's machine.If you use IE browser to visit Web, you will see all stored on your hard drive on the Cookie. They are most often stored in places: c: \ windows \ cookies (in Window2000 is in the C: \ Documents and Settings \ your user name \ Cookies).Cookie is "keyword key = value value" to preserve the format of the record.2. Targets the creation of a Cookie, Cookie object called the constructor can create a Cookie. Cookie object constructor has two string .parameters: Cookie Cookie name and value.Cookie c = new Cookie ( "username", "john");3. If the JSP in the package good Cookie object to send to the client, the use of the response addCookie () method.Format: response.addCookie (c)4. Save to read the client's Cookie, the use of the object request getCookies () method will be implemented in all client came to an array of Cookie objects in the form of order, to meet the need to remove the Cookie object, it is necessary to compare an array cycle Each target keywords.JSP的技术发展历史Java Server Pages(JSP)是一种基于web的脚本编程技术，类似于网景公司的服务器端Java脚本语言—— server-side JavaScript(SSJS)和微软的Active Server Pages(ASP)。

本文摘自《计算机英语》（第二版）机械工业出版社出版的第五单元Unit 5 Software DevelopmentSection AComputer Program1>IntroductionA computer program is a set of instructions that directs a computer to perform some processing function or combination of functions. For the instructions to be carried out ,a computer must execute a program , that is , the computer reads the program , and then follows the steps encoded in the program in a precise order until completion . A program can be executed many different times , with each execution yielding a potentially different result depending upon the options and data that the user gives the computer .Programs fall into two major classes : application programs and operating systems . An application program is one that carries out some function directly for a user , such as word processing or game playing . An operating system is program that manages the computer and the various resources and devices connected to it , such as RAM ( random access memory ) , hard drives , monitors , keyboards , printers , and modems , so that they may be used by other programs . Examples of operating systems are DOS , Windows 95 , OS/2 , and UNIX.2>Program DevelopmentSoftware designers create new programs by using special applications programs , often called utility programs or development programs . A programmer uses another type of program called a text editor to write the new program in a special notation called a programmer creates a text file , which is an ordered list of instructions , also called the program source file . The individual instructions that make up the program source file are calledsource code . At this point , a special applications program translates the source code into machine language , or object code---a format that the operating system will recognize as a proper program and be able to execute .Three types of applications programs translate from source code to object code : compilers , interpreters , and assemblers . The three operate differently and on different types of programming languages , but they serve the same purpose of translating from a programming language into machine language .A compiler translates text files written in a high-level programming language---such as FORTRAN , C, or Pascal---from the source code to the object code all at once . This differs from the approach taken by interpreted languages such as BASIC , in which a program is translated into object code statement by statement as each instruction is executed . The advantage to interpreted languages is that they can begin executing the program immediately instead of having to wait for all of the source code to be compiled . Changes can also be made to the program fairly quickly without having to wait for it to be compiled again . The disadvantage of interpreted languages is that they are slow to execute , since the entire program must be translated one instruction at a time , each time the program is run . On the other hand , compiled languages are compiled only once and thus can be executed by the computer much more quickly than interpreted languages . For this reason , compiled languages are more common and are almost always used in professional and scientific applications .Another type of translator is the assembler , which is used for programs or parts of programs written in assembly language . Assembly language is another programming language , but it is much more similar to machine language than other types of high-level languages . In assembly language , a single statement can usually be translated into a single instruction ofmachine language . Today , assembly language is rarely used to write an entire program , but is instead most often used when the programmer needs to directly control some aspect of the computer’s function .Programs are often written as a set of smaller pieces , with each piece representing some aspect of the overall application program . After each piece has been compiled separately , a program called a linker combines all of the translated pieces into a single executable program .Programs seldom work correctly the first time , so a program callec a debugger is often used to help find problems called bugs . Debugging programs usually detect an event in the executing program and point the programmer back to the origin of the event in the program code .Recent programming systems , such as Java , use a combination of approaches to create and execute programs . A compiler takes a Java source program and translates it into an intermediate form . Such intermediate programs are then transferred over the Internet into computers where an interpreter program then executes the intermediate form as an application program .3>Program ElementsMost programs are built from just a few kinds of steps that are repeated many times in different contexts and in different combinations throughout the program . The most common step performs some computation , and then proceeds to the next step in the program , in the order specified by the programmer .Programs often need to repeat a short series of steps many times , for instance in looking through a list of game scores and finding the highest score . Such repetitive sequences of code are called loops .One of the capabilities that make computers so useful is their ability to make conditional decisions and perform different instructions based on the values of data being processed . IF-then-else statements implement this function by testing some piece of data and then selecting one of twosequences of instructions on the basis of the result . One of the instructions in these alternatives may be a goto statement that directs the computer to select its next instruction from a different part of the program . For example , a program might compare two numbers and branch to a different part of the program depending on the result of the comparision: Programs often use a specific sequence of steps more than once . Such a sequence of steps can be grouped together into a subroutine , which can then be called , or accdssed , as needed in different parts of the main program . Each time a subroutine is called , the computer remembers where it was in the program when the call was made , so that it can return there upon completion of the subroutine . Preceding each call , a program can specify that different data be used by the subroutine , allowing a very general piece of code to be written once and used in multiple ways .Most programs use several varieties of subroutines . The most common of these are functions , procedures , library routines , system routines , and device drivers . Functions are short subroutines that compute some value , such as computations of angles , which the computer cannot compute with a single basic instruction . Procedures perform a more complex function , such as sorting a set of names . Library routines are subroutines that are written for use by many different programs . System routines are similar to library routines but are actually found in the operating system . They provide some service for the application programs , such as printing a line of text . Device drivers are system routines that are added to an operating system to allow the computer to communicate with a new device , such as a scanner , modem , or printer . Device drivers often have features that can be executed directly as applications programs . This allows the user to directly control the device , which is useful if , for instance , a color printer needs to be realigned to attain the best printing quality after changing an ink cartridge .4>Program FunctionModern computers ususlly store programs on some form of magnetic storage media that can be accessed randomly by the computer , such as the hard drive disk permanently located in the computer , or a portable floppy disk . Additional information on such disks , called directories , indicates the names of the various programs on the disk , when they were written to the disk , and where the program begins on the disk media . When a user directs the computer to execute a particular application program , the operating system looks through these directories , locates the program , and reads a copy into RAM . The operating system then directs the CPU ( central processing unit ) to start executing the instructions at the beginning of the program . Instructions at the beginning of the program prepare the computer to process information by locating free memory locations in RAM to hold working data , retrieving copies of the standard options and defaults the user has indicated from a disk , and drawing initial displays on the monitor .The application program requests a copy of any information the user enters by making a call to a system routine . The operating system converts any data so entered into a standard internal form . The application then uses this information to decide what to do next---for example , perform some desired processing function such as reformatting a page of text , or obtain some additional information from another file on a disk . In either case , calls to other system routines are used to actually carry out the display of the results or the accessing of the file from the disk .When the application reaches completion or is prompted to quit , it makes further system calls to make sure that all data that needs to be saved has been written back to disk . It then makes a final system call to the operating system indicating that it is finished . The operating system then frees up the RAM and any devices that the application was using and awaits a command from the user to start another program .5>HistoryPeople have been storing sequences of instructions in the form of a program for several centuries . Music boxes of the 18th century and player pianos of the late 19th and early 20th centuries played musical programs stored as series of metal pins , or holes in paper , with each line ( of pins or holes ) representing when a note was to be played , and the pin or hole indicating what note was to be played at that time . More elaborate control of physical devices became common in the early 1800s with French inventor Joseph Marie Jacquard’s invention of the punch-card controlled weaving loom . In the process of weaving a particular pattern , various parts of the loom had to be mechanically positioned . To automate this process , Jacquard used a single paper card to represent each positioning of the loom , with holes in the card to indicate which loom actions should be done . An entire tapestry could be encoded onto a deck of such cards , with the same deck yielding the same tapestry design each time it was used . Programs of over 24000 cards were developed and used .The world’s first programmable machine was designed---although never fully built---by the English mathematician and inventor , Charles Babbage . This machine , called the Analytical Engine , used punch cards similar to those used in the Jacquard loom to select the specific arithmetic operation to apply at each step . Inserting a different set of cards changed the computations the machine performed . This machine had counterparts for almost everything found in modern computers , although it was mechanical rather than electrical . Construction of the Analutical Engine was never completed because the technology required to build it did not exist at the time .The first card deck programs for the Analutical Engine were developed by British mathemstician Augusta Ada Byron , daughter of the poet Lord Byron . For this reason she is recognized as the world’s first programmer .The modern concept of an internally stored computer program was first proposed by Hungarian-American mathematician John von Neumann in1945 . V on Neumann’s idea was to use the computer’s memory to store th e program as well as the data . In this way , programs can be viewed as data and can be processed like data by other programs . This idea greatly simplifies the role of program storage and execution in computers .6>The FutureThe field of computer science has grown rapidly since the 1950s due to the increase in their use . Computer programs have undergone many changes during this time in response to user need and advances in technology . Newer ideas in computing such as parallel computing , distributed computing , and artificial intelligence , have radically altered the traditional concepts that once determined program form and function .Computer scientists working in the field of patallel computing , in which multiple CPUs cooperate on the same problem at the same time , have introduced a number of new program models . In parallel computing parts of a problem are worked on simultaneously by different processors , and this speeds up the solution of the problem . Many challenges face scientists and engineers who design programs for parallel processing computers , because of the extreme complexity of the systems and the difficulty involved in making them operate as effectively as possible . Another type of parallel computing called distributed computing uses CPUs from many interconnected computers to solve problems , Often the computers used to process information in a distributed computing application are connected over the Internet . Internet applications are becoming a particularly useful form of distributed computing , especially with programming languages such as Java . In such applications , a user logs on to a Web site and downloads a Java program onto their computer . When the Java program is run , it communicate with other programs at its home Web site , and may also communicate with other programs running on different computers or Web sites .Research into artificial intelligence ( AI ) has led to several other newstyles of programming . Logic programs , for example , do not consist of individual instructions for the computer to follow blindly , but instead consist of sets of rules : if x happens then do y . A special program called an inference engine uses these rules to “ reason” its way to a conclusion when presented with a new problem . Applications of logic programs include automatic monitoring of complex systems , and proving mathematical theorems .A radically different approach to computing in which there is no program in the conventional sense is called a neural network . A neural network is a group of highly interconnected simple processing elements , disigned to music the brain . Instead of having a program direct the information processing in the way that a traditional computer does , a neural network processes information depending upon the way that its processing elements are connected . Programming a neural network is accomplished by presenting it with known patterns of input data and adjusting the relative importance of the interconnections between the processing elements until the desired pattern matching is accomplished . Neural networks are usually simulated on traditional computers , but unlike traditional computer programs , neural networks are able to learn from their experience .译文部分如下：计算机程序1.引言一个计算机程序是一系列的指示说明用来指挥电脑的进程功能或者排列组合功能。

本科毕业设计(论文) 外文翻译（附外文原文）系 ( 院 )：信息科学与工程学院课题名称：学生信息管理系统专业(方向)：计算机科学与技术（应用）7.1 Enter ActionMappingsThe Model 2 architecture (see chapter 1) encourages us to use servlets and Java- Server Pages in the same application. Under Model 2, we start by calling a servlet.The servlet handles the business logic and directs control to the appropriate pageto complete the response.The web application deployment descriptor (web.xml) lets us map a URL patternto a servlet. This can be a general pattern, like *.do, or a specific path, like saveRecord.do.Some applications implement Model 2 by mapping a servlet to each business operation. This approach works, but many applications involve dozens or hundredsof business operations. Since servlets are multithreaded, instantiating so manyservlets is not the best use of server resources. Servlets are designed to handle anynumber of parallel requests. There is no performance benefit in simply creatingmore and more servlets.The servlet’s primary job is to interact with the container and HTTP. Handlinga business operation is something that a servlet could delegate to another component. Struts does this by having the ActionServlet delegate the business operationto an object. Using a servlet to receive a request and route it to a handler is knownas the Front Controller pattern [Go3].Of course, simply delegating the business operation to another componentdoes not solve the problem of mapping URIs [W3C, URI] to business operations.Our only way of communicating with a web browser is through HTTP requests and URIs. Arranging for a URI to trigger a business operation is an essential part of developing a web application.Meanwhile, in practice many business operations are handled in similar ways.Since Java is multithreaded, we could get better use of our server resources if wecould use the same Action object to handle similar operations. But for this towork, we might need to pass the object a set of configuration parameters to usewith each operation.So what’s the bottom line? To implement Model 2 in an efficient and flexibleway, we need to:Enter ActionMappings 195♉ Route requests for our business operations to a single servlet♉ Determine which business operation is related to the request♉ Load a multithreaded helper object to handle the business operation♉ Pass the helper object the specifics of each request along with any configuration detail used by this operationThis is where ActionMappings come in.7.1.1 The ActionMapping beanAn ActionMapping (org.apache.struts.action.ActionMapping) describes howthe framework handles each discrete business operation (or action). In Struts,each ActionMapping is associated with a specific URI through its path property. When a request comes in, the ActionServlet uses the path property to select the corresponding ActionMapping. The set of ActionMapping objects is kept in an ActionMappings collection (org.apache.struts.action.ActionMappings). Originally, the ActionMapping object was used to extend the Action objectrather than the Action class. When used with an Action, a mapping gives a specific Action object additional responsibilities and new functionality. So, it was essentiallyan Action decorator [Go4]. Along the way, the ActionMapping evolved into anobject in its own right and can be used with or without an Action.DEFINITION The intent of the decorator pattern is to attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassingfor extending functionality [Go4].The ActionMappings are usually created through the Struts configuration file.For more about this file, see chapter 4.7.1.2 The ActionMappings catalogThe ActionMappings catalog the business logic available to a Struts application.When a request comes in, the servlet finds its entry in the ActionMappings catalogand pulls the corresponding bean.The ActionServlet uses the ActionMapping bean to decide what to do next. Itmay need to forward control off to another resource. Or it may need to populateand validate an ActionForm bean. At some point, it may have to pass control to an Action object, and when the Action returns, it may have to look up an Action-Forward associated with this mapping.196 CHAPTER 7Designing with ActionMappingsThe ActionMapping works like a routing slip for the servlet. Depending onhow the mapping is filled out, the request could go just about anywhere.The ActionMappings represent the core design of a Struts application. If youwant to figure out how a Struts application works, start with the ActionMappings. Ifyou want to figure out how to write a new Struts application, start with the Action- Mappings. The mappings are at the absolute center of every Struts application.In this chapter, we take a close look at the ActionMapping properties andexplore how they help you design the flow of a Struts application.1.0 vs 1.1 In Struts 1.1, ActionMapping subclasses ActionConfig (org.apache. struts.config.ActionConfig) and adds API methods required forbackward compatibility. ActionMapping is not deprecated, and how thehierarchy will be handled in future releases has not been determined.For now, we refer to the ActionMapping class, but you should note thatin Struts 1.1 all of the action properties are actually defined by the ActionConfigsuper class. The ActionMapping class otherwise works thesame way in both versions.7.2 ActionMapping propertiesTable 7.1 describes the base ActionMapping properties. As with other configuration components, developers may extend ActionMapping to provide additionalproperties.Table 7.1 The base ActionMapping propertiesProperty Descriptionpath The URI path from the request used to select this mapping. (API command) forward The context-relative path of the resource that should serve this request via a forward.Exactly one of the forward, include, or type properties must be specified.orinclude The context-relative path of the resource that should serve this request via aninclude. Exactly one of the forward, include, or type properties must be specified.ortype Optionally specifies a subclass oforg.apache.struts.action.ActionMappingthat should be used when instantiating this mapping.className The fully qualified name of the Action class used by this mapping. SinceStruts 1.1ActionMapping properties 197In the sections that follow, we take a look at each of these properties.7.2.1 The path propertyThe ActionMapping URI, or path, will look to the user like just another file onthe web server. But it does not represent a file. It is a virtual reference to our ActionMapping.Because it is exposed to other systems, the path is not really a logical name, likethose we use with ActionForward. The path can include slashes and an extension—as if it referred to a file system—but they are all just part of a single name.The ActionMappings themselves are a “flat” namespace with no type of internalhierarchy whatsoever. They just happen to use the same characters that we areused to seeing in hierarchical file systems.name The name of the form bean, if any, associated with this action. This is not the classname. It is the logical name used in the form bean configuration.roles The list of security roles that may access this mapping.scope The identifier of the scope (request or session) within which the form bean, if any,associated with this mapping will be created.validate Set to true if the validate method of the form bean (if any) associated with thismapping should be called.input Context-relative path of the input form to which control should be returned ifa validationerror is encountered. This can be any URI: HTML, JSP, VM, or another Action- Mapping.parameter General-purpose configuration parameter that can be used to pass extra informationto the Action selected by this ActionMapping.attribute Name of the request-scope or session-scope attribute under which our form bean isaccessed, if it is other than the bean's specified name.prefix Prefix used to match request parameter names to form bean property names, if any.suffix Suffix used to match request parameter names when populating the properties ofour ActionForm bean, if any.unknown Can be set to true if this mapping should be configured as the default for this application(to handle all requests not handled by another mapping). Only one mappingcan be defined as the default unknown mapping within an application.forwards(s) Block of ActionForwards for this mapping to use, if any.exception(s) Block of ExceptionHandlers for this mapping to use, if any.Table 7.1 The base ActionMapping properties (continued)Property DescriptionSinceStruts 1.1SinceStruts 1.1198 CHAPTER 7Designing with ActionMappingsOf course, it can still be useful to treat your ActionMappings as if they werepart of a hierarchy and group related commands under the same "folder." Theonly restriction is that the names must match whatever pattern is used in the application’s deployment description (web.xml) for the ActionServlet. This is usuallyeither /do/* or *.do, but any similar pattern can be used.If you are working in a team environment, different team members can begiven different ActionMapping namespaces to use. Some people may be workingwith the /customer ActionMappings, others may be working with the /vendor ActionMappings. This may also relate to the Java package hierarchy the team isusing. Since the ActionMapping URIs are logical constructs, they can be organizedin any way that suits your project.With Struts 1.1, these types of namespaces can be promoted to applicationmodules. Each team can work independently on its own module, with its own setof configuration files and presentation pages. Configuring your application to use multiple modules is covered in chapter 4.DEFINITION The web runs on URIs, and most URIs map to physical files. If you want to change the resource, you change the corresponding file. Some URIs, likeStruts actions, are virtual references. They do not have a correspondingfile but are handled by a programming component. To change the resource,we change how the component is programmed. But since thepath is a URI and interacts with other systems outside our control, thepath is not a true logical reference—the name of an ActionForward, forinstance. We can change the name of an ActionForward without consultingother systems. It’s an internal, logical reference. If we change thepath to an ActionMapping, we might need to update other systems thatrefer to the ActionMapping through its public URI.7.2.2 The forward propertyWhen the forward property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.forward. Since the operationdoes not use an Action class, it can be used to integrate Struts with otherresources and to prototype systems. The forward, include, and type propertiesare mutually exclusive. (See chapter 6 for more information.)7.2.3 The include propertyWhen the include property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.include. The operationActionMapping properties 199does not use an Action class and can be used to integrate Struts with other components. The forward, include, and type properties are mutually exclusive. (Seechapter 6 for more information.)7.2.4 The type propertyMost mappings will specify an Action class type rather than a forward or include.An Action class may be used by more than one mapping. The mappings may specifyform beans, parameters, forwards, or exceptions. The forward, include, andtype properties are mutually exclusive.7.2.5 The className propertyWhen specified, className is the fully qualified Java classname of the ActionMapping subclass that should be used for this object. This allows you to use your own ActionMapping subclass with specialized methods and properties. See alsosection 7.4.7.2.6 The name propertyThis property specifies the logical name for the form bean, as given in the formbean segment of the Struts configuration file. By default, this is also the name tobe used when placing the form bean in the request or session context. Use theattribute property of this class to specify a different attribute key.7.2.7 The roles propertyThis property is a comma-delimited list of the security role names that are allowed access to this ActionMapping object. By default, the same system that is used with standard container-based security is applied to the list of roles given here. Thismeans you can use action-based security in lieu of specifying URL patterns in the deployment descriptor, or you can use both together.The security check is handled by the processRoles method of the Request- Processor (org.apache.struts.action.RequestProcessor). By subclassing RequestProcessor, you can also use the roles property with application-based security. See chapter 9 for more about subclassing RequestProcessor.7.2.8 The scope propertyThe ActionForm bean can be stored in the current request or in the session scope (where it will be available to additional requests). While most developers userequest scope for the ActionForm, the framework default is session scope. Tomake request the default, see section 7.4.SinceStruts 1.1SinceStruts 1.1200 CHAPTER 7Designing with ActionMappings7.2.9 The validate propertyAn important step in the lifecycle of an ActionForm is to validate its data before offering it to the business layer. When the validate property for a mapping is true, the ActionServlet will call the ActionForm’s validate method. If validate returns false, the request is forwarded to the resource given by the input property.Often, developers will create a pair of mappings for each data entry form. Onemapping will have validate set to false, so you can create an empty form. Theother has validate set to true and is used to submit the completed form.NOTE Whether or not the ActionForm validate method is called does not relateto the ActionServlet’s validating property. That switch controlshow the Struts configuration file is processed.7.2.10 The input propertyWhen validate is set to true, it is important that a valid path for input be provided. This is where control will pass should the ActionForm validate methodreturn false. Often, this is the address for a presentation page. Sometimes it willbe another Action path (with validate set to false) that is required to generatedata objects needed by the page.NOTE The input path often leads back to the page that submitted the request.While it seems natural for the framework to return the request to whereit originated, this is not a simple task in a web application. A request is oftenpassed from component to component before a response is sent backto the browser. The browser only knows the path it used to retrieve theinput page, which may or may not also be the correct path to use for theinput property. While it may be possible to try and generate a default inputpage based on the HTTP referrer attribute, the Struts designersdeemed that approach unreliable.inputForwardIn Struts 1.0, the ActionMapping input property is always a literal URI. InStruts 1.1, it may optionally be the name of an ActionForward instead. The ActionForward is retrieved and its path property is used as the input property.This can be a global or local ActionForward.To use ActionForwards here instead of literal paths, set the inputForwardattribute on the <controller> element for this module to true:SinceStruts 1.1ActionMapping properties 201<controller inputForward="true">For more about configuring Struts, see chapter 4. For more about ActionForwards,see chapter 6.7.2.11 The parameter propertyThe generic parameter property allows Actions to be configured at runtime. Severalof the standard Struts Actions make use of this property, and the standardScaffold Actions often use it, too. The parameter property may contain a URI, the name of a method, the name of a class, or any other bit of information an Actionmay need at runtime. This flexibility allows some Actions to do double and tripleduty, slashing the number of distinct Action classes an application needs on hand.Within an Action class, the parameter property is retrieved from the mappingpassed to perform:parameter = mapping.getParameter();Multiple parametersWhile multiple parameters are not supported by the standard ActionMappingsclass, there are some easy ways to implement this, including using HttpUtils, a StringTokenizer, or a Properties file (java.util.Properties).HttpUtils. Although deprecated as of the Servlet API 2.3 specification, theHttpUtils package (javax.servlet.http.HttpUtils) provides a static method that parses any string as if it were a query string and returns a Hashtable(java.util.Hashtable):Hashtable parameters = parseQueryString(parameter);The parameter property for your mapping then becomes just another query string, because you might use it elsewhere in the Struts configuration. stringTokenizer. Another simple approach is to delimit the parameters using the token of your choice—such as a comma, colon, or semicolon—and use the StringTokenizer to read them back:StringTokenizer incoming =new StringTokenizer(mapping.getParameter(),";");int i = 0;String[] parameters = new String[incoming.countTokens()]; while (incoming.hasMoreTokens()) {parameters[i++] = incoming.nextToken().trim();}202 CHAPTER 7Designing with ActionMappingsProperties file. While slightly more complicated than the others, another popular approach to providing multiple parameters to an ActionMapping is with a standard Properties files (java.util.Properties). Depending on your needs, the Properties file could be stored in an absolute location in your file system or anywhere on your application’s CLASSPATH.The Commons Scaffold package [ASF, Commons] provides a ResourceUtils package (mons.scaffold.util.ResourceUtils) with methods forloading a Properties file from an absolute location or from your application’s CLASSPATH.7.2.12 The attribute propertyFrom time to time, you may need to store two copies of the same ActionForm inthe same context at the same time. This most often happens when ActionFormsare being stored in the session context as part of a workflow. To keep their names from conflicting, you can use the attribute property to give one ActionForm bean a different name.An alternative approach is to define another ActionForm bean in the configuration, using the same type but under a different name.7.2.13 The prefix and suffix propertiesLike attribute, the prefix and suffix properties can be used to help avoid naming conflicts in your application. When specified, these switches enable aprefix or suffix for the property name, forming an alias when it is populatedfrom the request.If the prefix this was specified, thenthisName=McClanahanbecomes equivalent toname=McClanahanfor the purpose of populating the ActionForm. Either or both parameters would call getName("McClanahan");This does not affect how the properties are written by the tag extensions. It affects how the autopopulation mechanism perceives them in the request.Nested components 2037.2.14 The unknown ActionMappingWhile surfing the Web, most of us have encountered the dreaded 404— page not found message. Most web servers provide some special features for processing requests for unknown pages, so webmasters can steer users in the right direction. Struts offers a similar service for ActionMapping 404s—the unknown ActionMapping. In the Struts configuration file, you can specify one ActionMapping toreceive any requests for an ActionMapping that would not otherwise be matched:<actionname="/debug"forward="/pages/debug.jsp"/>When this option is not set, a request for an ActionMapping that cannot bematched throws400 Invalid path /notHere was requestedNote that by a request for an ActionMapping, we mean a URI that matches the prefix or suffix specified for the servlet (usually /do/* or *.do). Requests for other URI patterns, good or bad, will be handled by other servlets or by the container:/do/notHere (goes to the unknown ActionMapping)/notHere.txt (goes to the container)7.3 Nested componentsThe ActionMapping properties are helpful when it comes to getting an Action torun a business operation. But they tell only part of the story. There is still much todo when the Action returns.An Action may have more than one outcome. We may need to register several ActionForwards so that the Action can take its pick.7.3.1 Local forwardsIn the normal course, an ActionMapping is used to select an Action object to handle the request. The Action returns an ActionForward that indicates which pageshould complete the response.The reason we use ActionForwards is that, in practice, presentation pages areeither often reused or often changed, or both. In either case, it is good practice to encapsulate the page’s location behind a logical name, like “success” or “failure.”The ActionForward object lets us assign a logical name to any given URI.204 CHAPTER 7Designing with ActionMappingsOf course, logical concepts like success or failure are often relative. What represents success to one Action may represent failure to another. Each Action-Mapping can have its own set of local ActionForwards. When the Action asks for a forward (by name), the local set is checked before trying the global forwards. See chapter 6 for more about ActionForwards.Local forwards are usually specified in the Struts configuration file. See chapter4 for details.7.3.2 Local exceptionsMost often, an application’s exception handlers (org.apache.struts.action. ExceptionHandler) can be declared globally. However, if a given ActionMapping needs to handle an exception differently, it can have its own set of local exception handlers that are checked before the global set.Local exceptions are usually specified in the Struts configuration file. Seechapter 4 for details.7.4 Rolling your own ActionMappingWhile ActionMapping provides an impressive array of properties, developers may also provide their own subclass with additional properties or methods. InStruts 1.0, this is configured in the deployment descriptor (web.xml) for the ActionServlet:<init-param><param-name>mapping</param-name><param-value>app.MyActionMapping</param-value></init-param>In Struts 1.1, this is configured in the Struts configuration file as an attribute to the <action-mappings> element:<action-mappings type="app.MyActionMapping">Individual mappings may also be set to use another type through the className attribute:<action className="app.MyActionMapping">For more about configuring Struts, see chapter 4.SinceStruts 1.1Summary 205The framework provides two base ActionMapping classes, shown in table 7.2. They can be selected as the default or used as a base for your own subclasses.The framework default is SessionActionMapping, so scope defaults to session. Subclasses that provide new properties may set them in the Struts configuration using a standard mechanism:<set-property property="myProperty" value="myValue" /> Using this standard mechanism helps developers avoid subclassing the Action- Servlet just to recognize the new properties when it digests the configuration file. This is actually a feature of the Digester that Struts simply inherits.7.5 SummarySun’s Model 2 architecture teaches that servlets and JavaServer Pages should be used together in the same application. The servlets can handle flow control and data acquisition, and the JavaServer Pages can handle the HTML.Struts takes this one step further and delegates much of the flow control anddata acquisition to Action objects. The application then needs only a single servletto act as a traffic cop. All the real work is parceled out to the Actions and theStruts configuration objects.Like servlets, Actions are efficient, multithreaded singletons. A single Actionobject can be handling any number of requests at the same time, optimizing your server’s resources.To get the most use out of your Actions, the ActionMapping object is used as a decorator for the Action object. It gives the Action a URI, or several URIs, and away to pass different configuration settings to an Action depending on which URIis called.In this chapter, we took a close look at the ActionMapping properties andexplained each property’s role in the scheme of things. We also looked at extendingthe standard ActionMapping object with custom properties—just in case yourscheme needs even more things.Table 7.2 The default ActionMapping classesActionMapping Descriptionorg.apache.struts.action.SessionActionMapping Defaults the scope property to sessionorg.apache.struts.action.RequestActionMapping Defaults the scope property to request206 CHAPTER 7Designing with ActionMappingsIn chapter 8, the real fun begins. The configuration objects covered so far aremainly a support system. They help the controller match an incoming requestwith a server-side operation. Now that we have the supporting players, let’s meet the Struts diva: the Action object.7.1 进入ActionMappingModel 2 架构(第1章)鼓励在同一个应用中使用servlet和JSP页面。

计算机专业毕业设计中英对照外文翻译-对象的创建和存在时间外文资料Object landscapes and lifetimesTechnically, OOP is just about abstract data typing, inheritance, and polymorphism, but other issues can be at least as important. The remainder of this section will cover these issues.One of the most important factors is the way objects are created and destroyed. Where is the data for an object and how is the lifetime of the object controlled? There are different philosophies at work here. C++ takes the approach that control of efficiency is the most important issue, so it gives the programmer a choice. For maximum run-time speed, the storage and lifetime can be determined while the program is being written, by placing the objects on the stack (these are sometimes called automatic or scoped variables) or in the static storage area. This places a priority on the speed of storage allocation and release, and control of these can be very valuable in some situations. However, you sacrifice flexibility because you must know the exact quantity, lifetime, and type of objects while you're writing the program. If you are trying to solve a more general problem such as computer-aided design, warehouse management, or air-traffic control, this is too restrictive.The second approach is to create objects dynamically in a pool of memory called the heap. In this approach, you don't know until run-time how many objects you need, what their lifetime is, or what their exact type is. Those are determined at the spur of the moment while the program is running. If you need a new object, you simply make it on the heap at the point that you need it. Because the storage is managed dynamically, at run-time, the amount of time required to allocate storage on the heap is significantly longer than the time to create storage on the stack. (Creating storage on the stack is often a single assembly instruction to move the stack pointer down, and another to move it back up.) The dynamic approach makes the generally logical assumption that objects tend to be complicated, so the extra overhead of finding storage andreleasing that storage will not have an important impact on the creation of an object. In addition, the greater flexibility is essential to solve the general programming problem.Java uses the second approach, exclusively]. Every time you want to create an object, you use the new keyword to build a dynamic instance of that object.There's another issue, however, and that's the lifetime of an object. With languages that allow objects to be created on the stack, the compiler determines how long the object lasts and can automatically destroy it. However, if you create it on the heap the compiler has no knowledge of its lifetime. In a language like C++, you must determine programmatically when to destroy the object, which can lead to memory leaks if you don’t do it correctly (and this is a common problem in C++ programs). Java provides a feature called a garbage collector that automatically discovers when an object is no longer in use and destroys it. A garbage collector is much more convenient because it reduces the number of issues that you must track and the code you must write. More important, the garbage collector provides a much higher level of insurance against the insidious problem of memory leaks (which has brought many a C++ project to its knees).The rest of this section looks at additional factors concerning object lifetimes and landscapes.1 Collections and iteratorsIf you don’t know how many objects you’re going to need to solve a particular problem, or how long they will last, you also don’t know how to store those objects. How can you know how much space to create for those objects? You can’t, since that information isn’t known until run-time.The solution to most problems in object-oriented design seems flippant: you create another type of object. The new type of object that solves this particular problem holds references to other objects. Of course, you can do the same thing with an array, which is available in most languages. But there’s more. This new object, generally called a container (also called a collection, but the Java library uses that term in a different sense so this book will use “container”), will expanditself whenever necessary to accommodate everything you place inside it. So you don’t need to know how manyobjects you’re going to hold in a container. Just create a container object and let it take care of the details.Fortunately, a good OOP language comes with a set of containers as part of the package. In C++, it’s part of the Standard C++ Library and is sometimes called the Standard Template Library (STL). Object Pascal has containers in its Visual Component Library (VCL). Smalltalk has a very complete set of containers. Java also has containers in its standard library. In some libraries, a generic container is considered good enough for all needs, and in others (Java, for example) the library has different types of containers for different needs: a vector (called an ArrayList in Java) for consistent access to all elements, and a linked list for consistent insertion at all elements, for example, so you can choose the particular type that fits your needs. Container libraries may also include sets, queues, hash tables, trees, stacks, etc.All containers have some way to put things in and get things out; there are usually functions to add elements to a container, and others to fetch those elements back out. But fetching elements can be more problematic, because a single-selection function is restrictive. What if you want to manipulate or compare a set of elements in the container instead of just one?The solution is an iterator, which is an object whose job is to select the elements within a container and present them to the user of the iterator. As a class, it also provides a level of abstraction. This abstraction can be used to separate the details of the container from the code that’s accessing that container. The container, via the iterator, is abstracted to be simply a sequence. The iterator allows you to traverse that sequence without worrying about the underlying structure—that is, whether it’s an ArrayList, a LinkedList, a Stack, or something else. This gives you the flexibility to easily change the underlying data structure without disturbing the code in your program. Java began (in version 1.0 and 1.1) with a standard iterator, called Enumeration, for all of its container classes. Java 2 has added a much more complete container library thatcontains an iterator called Iterator that does more than the older Enumeration.From a design standpoint, all you really want is a sequence that can be manipulated to solve your problem. If a single type of sequence satisfied all of your needs, there’d be no reason to have different kinds. There are two reasons that you need a choice of containers. First, containers provide different types of interfaces and external behavior. A stack has a different interface and behavior than that of a queue, which is different from that of a set or a list. One of these might provide a more flexible solution to your problem than the other. Second, different containers have different efficiencies for certain operations. The best example is an ArrayList and a LinkedList. Both are simple sequences that can have identical interfaces and external behaviors. But certain operations can have radically different costs. Randomly accessing elements in an ArrayList is a constant-time operation; it takes the same amount of time regardless of the element you select. However, in a LinkedList it is expensive to move through the list to randomly select an element, and it takes longer to find an element that is further down the list. On the other hand, if you want to insert an element in the middle of a sequence, it’s much cheaper in a LinkedList than in an ArrayList. These and other operations have different efficiencies depending on the underlying structure of the sequence. In the design phase, you might start with a LinkedList and, when tuning for performance, change to an ArrayList. Because of the abstraction via iterators, you can change from one to the other with minimal impact on your code.In the end, remember that a container is only a storage cabinet to put objects in. If that cabinet solves all of your needs, it doesn’t really matter how it is implemented (a basic concept with most types of objects). If you’re working in a programming environment that has built-in overhead due to other factors, then the cost difference between an ArrayList and a LinkedList might not matter. You might need only one type of sequence. You can even imagine the “perfect” container abstraction, which can automatically change its underlying implementation according to the way it is used.2 The singly rooted hierarchyOne of the issues in OOP that has become especially prominent since the introduction of C++ is whether all classes should ultimately be inherited from a single base class. In Java (as with virtually all other OOP languages) the answer is “yes” and the name of this ultimate base class is simply Object. It turns out that the benefits of the singly rooted hierarchy are many.All objects in a singly rooted hierarchy have an interface in common, so they are all ultimately the same type. The alternative (provided by C++) is that you don’t know that everything is the same fundamental type. From a backward-compatibility standpoint this fits the model of C better and can be thought of as less restrictive, but when you want to do full-on object-oriented programming you must then build your own hierarchy to provide the same convenience that’s built into other OOP languages. And in any new class library you acquire, some other incompatible interface will be used. It requires effort (and possibly multiple inheritance) to work the new interface into your design. Is the extra “flexibility” of C++ worth it? If you need it—if you have a large investment in C—it’s quite valuable. If you’re starting from scratch, other alternatives such as Java can often be more productive.All objects in a singly rooted hierarchy (such as Java provides) can be guaranteed to have certain functionality. You know you can perform certain basic operations on every object in your system. A singly rooted hierarchy, along with creating all objects on the heap, greatly simplifies argument passing (one of the more complex topics in C++).A singly rooted hierarchy makes it much easier to implement a garbage collector (which is conveniently built into Java). The necessary support can be installed in the base class, and the garbage collector can thus send the appropriate messages to every object in the system. Without a singly rooted hierarchy and a system to manipulate an object via a reference, it is difficult to implement a garbage collector.Since run-time type information is guaranteed to be in all objects, you’llnever end up with an object whose type you cannot determine. This is especially important with system level operations, such as exception handling, and to allow greater flexibility in programming.3 Collection libraries and support for easy collection useBecause a container is a tool that you’ll use frequently, it makes sense to have a library of containers that are built in a reusable fashion, so you can take one off the shelf Because a container is a tool that you’ll use frequently, it makes sense to have a library of containers that are built in a reusable fashion, so you can take one off the shelf and plug it into your program. Java provides such a library, which should satisfy most needs.Downcasting vs. templates/genericsTo make these containers reusable, they hold the one universal type in Java that was previously mentioned: Object. The singly rooted hierarchy means that everything is an Object, so a container that holds Objects can hold anything. This makes containers easy to reuse.To use such a container, you simply add object references to it, and later ask for them back. But, since the container holds only Objects, when you add your object reference into the container it is upcast to Object, thus losing its identity. When you fetch it back, you get an Object reference, and not a reference to the type that you put in. So how do you turn it back into something that has the useful interface of the object that you put into the container?Here, the cast is used again, but this time you’re not casting up the inheritance hierarchy to a more general type, you cast down the hierarchy to a more specific type. This manner of casting is called downcasting. With upcasting, you know, for example, that a Circle is a type of Shape so it’s safe to upcast, but you don’t know that an Object is necessarily a Circle or a Shape so i t’s hardly safe to downcast unless you know that’s what you’re dealing with.It’s not completely dangerous, however, because if you downcast to thewrong thing you’ll get a run-time error called an exception, which will be described shortly. When you fetch object references from a container, though, you must have some way to remember exactly what they are so you can perform a proper downcast.Downcasting and the run-time checks require extra time for the running program, and extra effort from the programm er. Wouldn’t it make sense to somehow create the container so that it knows the types that it holds, eliminating the need for the downcast and a possible mistake? The solution is parameterized types, which are classes that the compiler can automatically customize to work with particular types. For example, with a parameterized container, the compiler could customize that container so that it would accept only Shapes and fetch only Shapes.Parameterized types are an important part of C++, partly because C++ has no singly rooted hierarchy. In C++, the keyword that implements parameterized types is “template.” Java currently has no parameterized types since it is possible for it to get by—however awkwardly—using the singly rooted hierarchy. However, a current proposal for parameterized types uses a syntax that is strikingly similar to C++ templates.译文对象的创建和存在时间从技术角度说，OOP（面向对象程序设计）只是涉及抽象的数据类型、继承以及多形性，但另一些问题也可能显得非常重要。

题目Programming Overlay Networkswith Overlay SocketsProgramming Overlay Networks with Overlay Sockets The emergence of application-layer overlay networks has inspired the development of new network services and applications. Research on overlay net-workshas focused on the design of protocols to maintain and forward data in an overlay network, however, less attention has been given to the software development process of building application programs in such an environment. Clearly,the complexity of overlay network protocols calls for suitable application programming interfaces (APIs) and abstractions that do not require detailed knowledge of the overlay protocol, and, thereby, simplify the task of the application programmer. In this paper, we present the concept of an overlay socket as a new programming abstraction that serves as the end point of communication in an overlay network. The overlay socket provides a socket-based API that is independent of the chosen overlay topology, and can be configured to work for different overlay topologies. The overlay socket can support application data transfer over TCP, UDP, or other transport protocols. This paper describes the design of the overlay socket and discusses API and configuration options.1 IntroductionApplication-layer overlay networks [5, 9, 13, 17] provide flexible platforms for develop-ing new network services [1, 10, 11, 14, 18–20] without requiring changes to the network-layer infrastructure. Members of an overlay network, which can be hosts, routers, servers, or applications, organize themselves to form a logical network topology, and commu-nicate only with their respective neighbors in the overlay topology. A member ofan overlay network sends and receives application data, and also forwards data intended for other members. This paper addresses application development in overlay networks. We use the term overlay network programming to refer to the software development process of building application programs that communicate with one another in an application-layer overlay_This work is supported in part by the National Science Foundation through grant work. The diversity and complexity of building and maintaining overlay networks make it impractical to assume that application developers can be concerned with the complexity of managing the participation of an application in a specific overlay networktopology.We present a software module, called overlay socket, that intends to simplify the task of overlay network programming. The design of the overlay socket pursues the following set of objectives: First, the application programming interface (API) of the overlay socket does not require that an application programmer has knowledge of the overlay network topology. Second, the overlay socket is designed to accommodate dif-ferent overlay network topologies. Switching to different overlay network topologies is done by modifying parameters in a configuration file. Third, the overlay socket, which operates at the applicationlayer,can accommodate different types of transport layer protocols. This is accomplished by using network adapters that interface to the un-derlying transport layer network and perform encapsulation and de-encapsulation of messages exchanged by the overlay socket. Currently available network adapters are TCP, UDP, and UDP multicast. Fourth, the overlay socket provides mechanisms for bootstrapping new overlay networks. In this paper, we provide an overview of the overlay socket design and discuss over-lay network programming with the overlay socket. The overlay socket has been imple-mented in Java as part of the HyperCast 2.0 software distribution [12]. The software has been used for various overlay applications, and has been tested in both local-area as well as wide-area settings. The HyperCast 2.0 software implements the overlay topolo-gies described in [15] and [16]. This paper highlights important issues of the overlay socket, additional information can be found in the design documentation available from[12]. Several studies before us have addressed overlay network programming issues. Evenearly overlay network proposals, such as Yoid [9], Scribe [4], and Scattercast [6], have presented APIs that aspire to achieve independence of the API from the overlay network topology used. Particularly, Yoid and Scattercast use a socket-like API, how-ever, these APIs do not address issues that arise when the same API is used by different overlay network topologies. Several works on application-layer multicast overlays inte-grate the application program with the software responsible for maintaining the overlay network, without explicitly providing general-purpose APIs.These include Narada [5], Overcast [13], ALMI [17], and NICE [2]. A recent study [8] has proposed a common API for the class of so-called structured overlays, which includes Chord [19], CAN [18], and Bayeux [20], and other overlays that were originally motivated by distributed hash tables. Our work has a different emphasis than [8], since we assume a scenario where an application programmer must work with several, possibly fundamentally dif-ferent, overlay network topologies and different transmission modes (UDP, TCP), and, therefore, needs mechanisms that make it easy to change the configuration of the un-derlying overlay network..Internet Overlay socket Application Overlay socket Application Application Overlay socket Application Application Overlay socket Application Overlay Network. Fig. 1. The overlay network is a collection of overlay sockets. Root (sender) Root (receiver) (a) Multicast (b) Unicast.Fig. 2. Data forwarding in overlay networks.The rest of the paper is organized as following. In Section 2 we introduce con-cepts, abstractions, and terminology needed for the discussion of the overlay socket. In Section 3 we present the design of the overlay socket, and discuss its components. In Section 4 we show how to write programs using the overlay socket. We present brief conclusions in Section 5.2 Basic ConceptsAn overlay socket is an endpoint for communication in an overlay network, and an overlay network is seen as a collection of overlay sockets that self-organize using an overlay protocol (see Figure 1). An overlay socket offers to an application programmer a Berkeley socket-style API [3] for sending and receiving data over an overlay network.Each overlay socket executes an overlay protocol that is responsible for maintaining the membership of the socket in the overlay network topology. Each overlay socket has a logical address and a physical address in the overlay network. The logical address is dependent on the type of overlay protocol used. In the overlay protocols currently implemented in HyperCast 2.0, the logical addresses are 32- bit integers or_x_y_coordinates, where x and y are positive 32-bit positive integers. The physical address is a transport layer address where overlay sockets receive messages from the overlay network. On the Internet, the physical address is an IP address and a TCP or UDP port number. Application programs that use overlay sockets only work with logical addresses, and do not see physical addresses of overlay nodes. When an overlay socket is created, the socket is configured with a set of configu-ration parameters, called attributes. The application program can obtain the attributes from a configuration file or it downloads the attributes from a server. The configuration file specifies the type of overlay protocol and the type of transport protocol to be used,.but also more detailed information such as the size of internal buffers, and the value of protocol-specific timers. The most important attribute is the overlay identifier (overlay ID) which is used as a global identifier for an overlay network and which can be used as a key to access the other attributes of the overlay network. Each new overlay ID corresponds to the creation of a new overlay network. Overlay sockets exchange two types of messages, protocol messages and application messages. Protocol messages are the messages of the overlay protocol that main-tain the overlay topology. Application messages contain applicationdata that is encap-sulatedn an overlay message header. An application message uses logical addresses in the header to identify source and, for unicast, the destination of the message. If an overlay socket receives an application message from one of its neighbors in the over-laynetwork, it determines if the message must be forwarded to other overlay sockets, and if the message needs to be passed to the local application. The transmission modes currently supported by the overlay sockets are unicast, and multicast. In multicast, all members in the overlay network are receivers.In both unicast and multicast,the com-mon abstraction for data forwarding is that of passing data in spanning trees that are embedded in the overlay topology. For example, a multicast message is transmitted downstream a spanning tree that has the sender of the multicast message as the root (see Figure 2(a)). When an overlay socket receives a multicast message, it forwards the message to all of its downstream neighbors (children) in the tree, and passes the mes-sage to the local application program. A unicast message is transmitted upstream a tree with the receiver of the message as the root (see Figure 2(b)). An overlay socket that receives a unicast message forwards the message to the upstream neighbor (parent) in the tree that has the destination as the root. An overlay socket makes forwarding decisions locally using only the logical ad-dresses of its neighbors and the logical address of the root of the tree. Hence, there is a requirement that each overlay socket can locally compute its parent and its children in a tree with respect to a root node. This requirement is satisfied by many overlay network topologies, including [15, 16, 18–20].3 The Components of an Overlay SocketAn overlay socket consists of a collection of components that are configured when the overlay socketis created, using the supplied set of attributes. These components include the overlay protocol, which helps to build and maintain the overlay network topology, a component that processes application data, and interfaces to a transport-layer network. The main components of an overlay socket, as illustrated in Figure 3, are as follows:The overlay node implements an overlay protocol that establishes and maintains the overlay network topology. The overlay node sends and receives overlay protocol messages, and maintains a set of timers. The overlay node is the only component of an overlay socket that is aware of the overlay topology. In the HyperCast 2.0. Overlay socket Forwarding EngineApplication Programming InterfaceStatistics InterfaceProtocol MessagesApplicationReceiveBufferApplicationTransmitBuffer Overlay NodeO verlay NodeInterfac eNode AdapterAdapter InterfaceSocket AdapterA dapter InterfaceApplication MessagesApplication ProgramTransport-layer NetworkApplication MessagesFig. 3. Components of an overlay socket.software, there are overlay nodes that build a logical hypercube [15] and a logical Delaunay triangu-lartion [16].The forwarding engine performs the functions of an application-layer router, that sends, receives, and forwards formatted application-layer messages in the overlay network. The forwarding engine communicates with the overlay node to query next hop routing information for application messages. The forwarding decision is made using logical addresses of the overlay nodes. Each overlay socket has two network adapters that each provides an interface to transport-layer protocols, such as TCP or UDP. The nodeadapter serves as the in-terface for sending and receiving overlay protocol messages, and the socket adapter serves as the interface for application messages. Each adapter has a transport level address, which, in the case of the Internet, consists of an IP address and a UDP or TCP port number. Currently, there are three different types of adapters, for TCP, UDP, and UDP multicast. Using two adapters completely separates the handling of messages for maintaining the overlay protocol and the messages that transport application data.The application receive buffer and application transmit buffer can temporarily store messages that, respectively, have been received by the socket but not been deliv-ered to theapplication, or that have been released by the application program, but not been transmitted by the socket. The application transmit buffer can play a role when messages cannot be transmitted due to rate control or congestion control con-straints. The application transmit buffer is not implemented in the HyperCast 2.0 software.Each overlay socket has two external interfaces. The application programming in-terface (API) of the socket offers application programs the ability to join and leave existing overlays, to send data to other members of the overlay network, and receive data from the overlay network. The statistics interface of the overlay socket provides access to status information of components of the overlay socket, and is used for monitoring and management of an overlay socket. Note in Figure 3 that some components of the overlay socket also have interfaces, which are accessed by other components of the overlay socket. The overlay manager is a component external to the overlay socket (and not shown in Figure 3). It is responsible for configuring an overlay socket when the socket is created. The overlay manager reads a configuration file that stores the attributes of an overlay socket, and, if it is specified in the configuration file, may access attributes from a server, and then initiates the instantiation of a new overlay socket.4 Overlay Network ProgrammingAn application developer does not need to be familiar with the details of the components of an overlay socket as described in the previous section. The developer is exposed only to the API of the overlay socket and to a file with configuration parameters.The configuration file is a text file which stores all attributes needed to configure an overlay socket. The configuration file is modified whenever a change is needed to the transport protocol, the overlay protocol, or some other parameters of the overlay socket. In the following, we summarize only the main features of the API, and we refer to [12] for detailed information on the overlay socket API.4.1 Overlay Socket APISince the overlay topology and the forwarding of application-layer data is transparent to the application program, the API for overlay network programming can be made simple. Applications need to be able to create a new overlay network, join and leave an existing overlay network, send data to and receive data from other members in the overlay.The API of the overlay socket is message-based, and intentionally stays close to the familiar Berkeley socket API [3]. Since space considerations do not permit a description of the full API, we sketch the API with the help of a simplified example. Figure 4 shows the fragment of a Java program that uses an overlay socket. An application program configures and creates an overlay socket with the help of an overlay manager (o m). The overlay manager reads configuration parameters for the overlay socket from a configu-ration file (hypercast.pro p), which can look similarly as shown in Figure 5. The applica-tion program reads the overlay ID with command om.getDefaultProperty(“OverlayID”) from the file, and creates an configuration object (confi g) for an overlay socket with the.// Generate the configuration object OverlayManager om = newOverlayManager("hypercast.prop");String MyOverlay = om.getDefaultProperty("OverlayID"); OverlaySocketConfig config = new om.getOverlaySocketConfig(MyOverlay); // create an overlay socketOL Socket socket = config.createOverlaySocket(callback);// Join an overlaysocket.joinGroup();// Create a messageOL Message msg = socket.createMessage(byte[] data, int length);// Send the message to all members in overlay networksocket.sendToAll(msg);// Receive a message from the socketOL Message msg = socket.receive();Fig. 4. Program with overlay sockets.# OVERLAY Server:OverlayServer =# OVERLAY ID:OverlayID = 1234KeyAttributes= Socket,Node,SocketAdapter# SOCKET:Socket = HCast2-0HCAST2-0.TTL = 255HCAST2-0.ReceiveBufferSize = 200# SOCKET ADAPTER:SocketAdapter = TCPSocketAdapter.TCP.MaximumPacketLength = 16384# NODE:Node = DT2-0DT2-0.SleepTime = 400# NODE ADAPTER:NodeAdapter = NodeAdptUDPServer NodeAdapter.UDP.MaximumPacketLength = 8192 NodeAdapter.UDPServer.UdpServer0 =128.143.71.50:8081Fig. 5. Configuration file (simplified) given overlay ID. The configuration objectalso loads all configuration information from the configuration file, and then creates the overlay socket(config.createOverlaySocke t).Once the overlay socket is created, the socket joins the overlay network (socket.join-Grou p). When a socket wants to multicast a message, it instantiates a new message (socket.createMessage) and trans-mits the message using the sendToAll method. Other transmission options are send-To-Parent, send-To-Children, sendToNeighbors, and sendToNode, which, respectively, send a message to the upstream neighbor with respect to a given root (see Figure 2), to the downstream neighbors, to all neighbors, or to a particular node with a given logical address.4.2 Overlay Network Properties ManagementAs seen, the properties of an overlay socket are configured by setting attributes in a configuration file. The overlay manager in an application process uses the attributes to create a new overlay socket. By modifying the attributes in the configuration file, an application programmer can configure the overlay protocol or transport protocol that is used by the overlay socket. Changes to the file must be done before the socket is created. Figure 5 shows a (simplified) example of a configuration file. Each line of the configuration file assigns a value to an attribute. The complete list of attributes and the range of values is documented in [12]. Without explaining all entries in Figure 5, the file sets, among others, the ov erlay ID to …1234 ‟, selects version 2.0 of the DT protocol as overlay protocol (…Node=DT2-0 ‟), and it sets the transport protocol of the socket adaptor to TCP(…SocketAdapter=TCP ‟).Each overlay network is associated with a set of attributes that characterize the properties of the over-lay sockets that participate in the overlay network. As mentioned earlier, the most important attribute is the overlay ID, which is used to identify an y network, andwhich can be used as a key toaccess all other attributes of an overlay network. The overlay ID should be a globally unique identifier.A new overlay network is created by generating a new overlay ID and associating a set of attributes that specify the properties of the overlay sockets in the overlay network. To join an overlay network, an overlay socket must know the overlay ID and the set of attributes for this overlay ID. This information can be obtained from a configuration file, as shown in Figure 5.All attributes have a name and a value, both of which are strings. For example, the overlay protocol of an overlay socket can be determined by an attribute with name NODE. If the attribute is set to NOD-E=DT2- 0, then the overlay node in the overlay socket runs the DT (version 2) overlay protocol. The overlay socket distinguishes between two types of attributes: key attributes and configurable attributes. Key attributes are specific to an overlay network with a given overlay ID. Key attributes are selectedwhen the overlay ID is created for an overlay network, and cannot be modified after-wards.Overlay sockets that participate in an overlay network must have identical key attributes, but can have different configurable attributes. The attributes OverlayID and KeyAttributes are key attributes by default in all overlay networks. Configurable at-tributes specify parameters of an overlay socket, which are not considered essential for establishing communication between overlay sockets in the same overlay network, and which are considered …tunable‟.5 ConclusionsWe discussed the design of an overlay socket which attempts to simplify the task of overlay network programming. The overlay socket serves as an end point of commu-nication in the overlay network. The overlay socket can be used for various overlay topologies and support different transport protoc-ols. The overlay socket supports a simple API for joining and leaving an overlaynetwork, and for sending and receiving data to and from other sockets in the overlay network. The main advantage of the overlay socket is that it is relatively easy to change the configuration of the overlay network. An implementation of the overlay socket is distributed with the HyperCast2.0 soft-ware. The software has been extensively tested. A variety of different applications, such as distributed whiteboard and a video streaming application, have been developed with the overlay sockets. Acknowledgement. In addition to the authors of this article the contributors include Bhupinder Sethi, Tyler Beam, Burton Filstrup, Mike Nahas, Dongwen Wang, Konrad Lorincz, Jean Ablutz, Haiyong Wang, Weisheng Si, Huafeng Lu, and Guangyu Dong.应用层覆盖网络的出现促进了新网络服务和应用的发展。

Talking about security loopholesRichard S. Kraus reference to the core network security business objective is to protect the sustainability of the system and data security, This two of the main threats come from the worm outbreaks, hacking attacks, denial of service attacks, Trojan horse. Worms, hacker attacks problems and loopholes closely linked to, if there is major security loopholes have emerged, the entire Internet will be faced with a major challenge. While traditional Trojan and little security loopholes, but recently many Trojan are clever use of the IE loophole let you browse the website at unknowingly were on the move.Security loopholes in the definition of a lot, I have here is a popular saying: can be used to stem the "thought" can not do, and are safety-related deficiencies. This shortcoming can be a matter of design, code realization of the problem.Different perspective of security loo phole sIn the classification of a specific procedure is safe from the many loopholes in classification.1. Classification from the user groups:● Public loopholes in the software category. If the loopholes inWindows, IE loophole, and so on.● specialized software loophole. If Oracle loopholes, Apach e, etc.loopholes.2. Data from the perspective include :● could not reasonably be read and read data, including the memoryof the data, documents the data, Users input data, the data in thedatabase, network, data transmission and so on.● designa ted can be written into the designated places (includingthe local paper, memory, databases, etc.)● Input data can be implemented (including native implementation,according to Shell code execution, by SQL code execution, etc.)3. From the point of view of the scope of the role are :● Remote loopholes, an attacker could use the network and directlythrough the loopholes in the attack. Such loopholes great harm, an attacker can create a loophole through other people's computers operate. Such loopholes and can easily lead to worm attacks on Windows.● Local loopholes, the attacker must have the machine premiseaccess permissions can be launched to attack the loopholes.Typical of the local authority to upgrade loopholes, loopholes in the Unix system are widespread, allow ordinary users to access the highest administrator privileges.4. Trigger conditions from the point of view can be divided into:● Initiative trigger loopholes, an attacker can take theinitiative to use the loopholes in the attack, If direct access to computers.● Passive trigger loopholes must be computer operators can becarried out attacks with the use of the loophole. For example, the attacker made to a mail administrator, with a special jpg image files, if the administrator to open image files will lead to a picture of the software loophole was triggered, thereby system attacks, but if managers do not look at the pictures will not be affected by attacks.5. On an operational perspective can be divided into:● File opera tion type, mainly for the operation of the target filepath can be controlled ., parameters, configuration files, environment variables, the symbolic link HEC), this may lead to the following two questions:◇ Content can be written into control, the contents of the documents can be forged. Upgrading or authority to directly alter the important data (such as revising the deposit and lending data), this has many loopholes. If history Oracle TNS LOG document can be designated loopholes, could lead to any person may control the operation of the Oracle computer services;◇ information content can be output Print content has been contained to a screen to record readable log files can be generated by the core users reading papers, Such loopholes in the history of the Unix system crontab subsystem seen many times, ordinary users can read the shadow of protected documents;● Memory coverage, mainly for memory modules can be specified, write content may designate such persons will be able to attack to enforce the code (buffer overflow, format string loopholes, PTrace loopholes, Windows 2000 history of the hardware debugging registers users can write loopholes), or directly alter the memory of secrets data.● logic errors, such wide gaps exist, but very few changes, so it is difficult to discern, can be broken down as follows : ◇ loopholes competitive conditions (usually for the design, typical of Ptrace loopholes, The existence of widespread document timing of competition) ◇ wrong tactic, usually in design. If the history of the FreeBSD Smart IO loopholes. ◇ Algorithm (usually code or design to achieve), If the history of Microsoft Windows 95/98 sharing password can easily access loopholes. ◇Imperfections of the design, such as TCP / IP protocol of the three-step handshake SYN FLOOD led to a denial of service attack. ◇ realize the mistakes (usually no problem for the design, but the presence of coding logic wrong, If history betting system pseudo-random algorithm)● External orders, Typical of external commands can be controlled(via the PATH variable, SHELL importation of special characters, etc.) and SQL injection issues.6. From time series can be divided into:● has long found loopholes: manufacturers already issued a patchor repair methods many people know already. Such loopholes are usually a lot of people have had to repair macro perspective harm rather small.● recently discovered loophole: manufacturers just made patch orrepair methods, the people still do not know more. Compared to greater danger loopholes, if the worm appeared fool or the use of procedures, so will result in a large number of systems have been attacked.● 0day: not open the loophole in the private transactions. Usuallysuch loopholes to the public will not have any impact, but it will allow an attacker to the target by aiming precision attacks, harm is very great.Different perspective on the use of the loopholesIf a defect should not be used to stem the "original" can not do what the (safety-related), one would not be called security vulnerability, security loopholes and gaps inevitably closely linked to use. Perspective use of the loopholes is:● Data Perspective: visit had not visited the data, including readingand writing. This is usually an attacker's core purpose, but can cause very serious disaster (such as banking data can be written).● Competence Perspective: Major Powers to bypass or permissions.Permissions are usually in order to obtain the desired data manipulation capabilities.● Usability perspective: access to certain services on the systemof control authority, this may lead to some important services to stop attacks and lead to a denial of service attack.● Authentication bypass: usually use certification system and theloopholes will not authorize to access. Authentication is usually bypassed for permissions or direct data access services.● Code execution perspective: mainly procedures for the importationof the contents as to implement the code, obtain remote system access permissions or local system of higher authority. This angle is SQL injection, memory type games pointer loopholes (buffer overflow, format string, Plastic overflow etc.), the main driving. This angle is usually bypassing the authentication system, permissions, and data preparation for the reading.Loopholes explore methods mustFirst remove security vulnerabilities in software BUG in a subset, all software testing tools have security loopholes to explore practical. Now that the "hackers" used to explore the various loopholes that there are means available to the model are:● fuzz testing (black box testing), by constructing procedures maylead to problems of structural input data for automatic testing.● FOSS audit (White Box), now have a series of tools that can assistin the detection of the safety procedures BUG. The most simple is your hands the latest version of the C language compiler.● IDA anti-compilation of the audit (gray box testing), and abovethe source audit are very similar. The only difference is that many times you can obtain software, but you can not get to the source code audit, But IDA is a very powerful anti-Series platform, let you based on the code (the source code is in fact equivalent) conducted a safety audit.● dynamic tracking, is the record of proceedings under differentconditions and the implementation of all security issues related to the operation (such as file operations), then sequence analysis of these operations if there are problems, it is competitive category loopholes found one of the major ways. Other tracking tainted spread also belongs to this category.● patch, the software manufacturers out of the question usuallyaddressed in the patch. By comparing the patch before and after the source document (or the anti-coding) to be aware of the specific details of loopholes.More tools with which both relate to a crucial point: Artificial need to find a comprehensive analysis of the flow path coverage. Analysis methods varied analysis and design documents, source code analysis, analysis of the anti-code compilation, dynamic debugging procedures. Grading loopholesloopholes in the inspection harm should close the loopholes and the use of the hazards related Often people are not aware of all the Buffer Overflow Vulnerability loopholes are high-risk. A long-distance loophole example and better delineation:●Remote access can be an OS, application procedures, versioninformation.●open unnecessary or dangerous in the service, remote access tosensitive information systems.● Remote can be restric ted for the documents, data reading.●remotely important or restricted documents, data reading.● may be limited for long-range document, data revisions.● Remote can be restricted for important documents, data changes.● Remote can be conducted withou t limitation in the importantdocuments, data changes, or for general service denial of service attacks.● Remotely as a normal user or executing orders for system andnetwork-level denial of service attacks.● may be remote management of user identities to the enforcement ofthe order (limited, it is not easy to use).● can be remote management of user identities to the enforcement ofthe order (not restricted, accessible).Almost all local loopholes lead to code execution, classified above the10 points system for:●initiative remote trigger code execution (such as IE loophole).● passive trigger remote code execution (such as Word gaps / chartingsoftware loopholes).DEMOa firewall segregation (peacekeeping operation only allows the Department of visits) networks were operating a Unix server; operating systems only root users and users may oracle landing operating system running Apache (nobody authority), Oracle (oracle user rights) services. An attacker's purpose is to amend the Oracle database table billing data. Its possible attacks steps:● 1. Access peacekeeping operation of the network. Access to apeacekeeping operation of the IP address in order to visit through the firewall to protect the UNIX server.● 2. Apache services using a Remote Buffer Overflow Vulnerabilitydirect access to a nobody's competence hell visit.● 3. Using a certain operating system suid procedure of the loopholeto upgrade their competence to root privileges.● 4. Oracle sysdba landing into the database (local lan ding withouta password).● 5. Revised target table data.Over five down for process analysis:●Step 1: Authentication bypass●Step 2: Remote loopholes code execution (native), Authentication bypassing● Step 3: permissions, authentication bypass● S tep 4: Authentication bypass● Step 5: write data安全漏洞杂谈Richard S. Kraus 网络安全的核心目标是保障业务系统的可持续性和数据的安全性，而这两点的主要威胁来自于蠕虫的暴发、黑客的攻击、拒绝服务攻击、木马。

毕业设计(论文)外文资料翻译附件1：外文资料翻译译文Internet的历史起源——ARPAnetInternet是被美国政府作为一项工程进行开发的。

这项工程的目的，是为了建立远距离之间点与点的通信，以便处理国家军事范围内的紧急事件，例如核战争。

这项工程被命名为ARPAnet，它就是Internet的前身。

建立此工程的主要应用对象就是军事通讯，那些负责ARPAnet的工程师们当时也没有想到它将成为“Internet”。

根据定义，一个“Internet”应该由四或者更多的计算机连接起来的网络。

ARPAnet是通过一种叫TCP/IP的协议实现连网工作的。

此协议最基础的工作原理是：如果信息在网络中的一条路径发送失败，那么它将找到其他路径进行发送，就好象建立一种语言以便一台计算机与其他计算机“交谈”一样，但不注意它是PC，或是Macintosh。

到了20世纪80年代，ARPAnet已经开始变成目前更为有名的Internet了，它拥有200台在线主机。

国防部很满意ARPAnets的成果，于是决定全力将它培养为能够联系很多军事主机，资源共享的服务网络。

到了1984年，它就已经超过1000台主机在线了。

在1986年ARPAnet关闭了，但仅仅是建立它的机构关闭了，而网络继续存在与超过1000台的主机之间。

由于使用NSF连接失败，ARPAnet才被关闭。

NSF是将5个国家范围内的超级计算机连入ARPAnet。

随着NSF的建立，新的高速的传输介质被成功的使用，在1988年，用户能通过56k的电话线上网。

在那个时候有28，174台主机连入Internet。

到了1989年有80，000台主机连入Internet。

到1989年末，就有290，000台主机连入了。

另外还有其他网络被建立，并支持用户以惊人的数量接入。

于1992年正式建立。

现状——Internet如今，Internet已经成为人类历史上最先进技术的一种。

每个人都想“上网”去体验一下Internet中的信息财富。

附录A 外文原文(出处： Malcolm Davis. Struts--an open-source MVC implementation [J]. IBM Systems Journal, 2006,44(2):33-37.)Struts——an open-source MVC implementationMalcolm DavisThis article introduces Struts, a Model-View-Controller implementation that uses servlets and JavaServer Pages (JSP) technology. Struts can help you control change in your Web project and promote specialization. Even if you never implement a system with Struts, you may get some ideas for your future servlets and JSP page implementation.IntroductionKids in grade school put HTML pages on the Internet. However, there is a monumental difference between a grade school page and a professionally developed Web site. The page designer (or HTML developer) must understand colors, the customer, product flow, page layout, browser compatibility, image creation, JavaScript, and more. Putting a great looking site together takes a lot of work, and most Java developers are more interested in creating a great looking object interface than a user interface. JavaServer Pages (JSP) technology provides the glue between the page designer and the Java developer.If you have worked on a large-scale Web application, you understand the term change. Model-View-Controller (MVC) is a design pattern put together to help control change. MVC decouples interface from business logic and data. Struts is an MVC implementation that uses Servlets 2.2 and JSP 1.1 tags, from the J2EE specifications, as part of the implementation. You may never implement a system with Struts, but looking at Struts may give you some ideas on your future Servlets and JSP implementations.Model-View-Controller (MVC)JSP tags solved only part of our problem. We still have issues with validation, flow control, and updating the state of the application. This is where MVC comes to therescue. MVC helps resolve some of the issues with the single module approach by dividing the problem into three categories:•ModelThe model contains the core of the application's functionality. The modelencapsulates the state of the application. Sometimes the only functionality it contains is state. It knows nothing about the view or controller.•ViewThe view provides the presentation of the model. It is the look of theapplication. The view can access the model getters, but it has no knowledge of the setters. In addition, it knows nothing about the controller. The viewshould be notified when changes to the model occur.•ControllerThe controller reacts to the user input. It creates and sets the model.MVC Model 2The Web brought some unique challenges to software developers, most notably the stateless connection between the client and the server. This stateless behavior made it difficult for the model to notify the view of changes. On the Web, the browser has to re-query the server to discover modification to the state of the application. Another noticeable change is that the view uses different technology for implementation than the model or controller. Of course, we could use Java (or PERL, C/C++ or what ever) code to generate HTML. There are several disadvantages to that approach:•Java programmers should develop services, not HTML.•Changes to layout would require changes to code.•Customers of the service should be able to create pages to meet their specific needs.•The page designer isn't able to have direct involvement in page development.•HTML embedded into code is ugly.For the Web, the classical form of MVC needed to change. Figure 4 displays the Web adaptation of MVC, also commonly known as MVC Model 2 or MVC 2.Struts detailsDisplayed in Figure 6 is a stripped-down UML diagram of theorg.apache.struts.action package. Figure 6 shows the minimal relationshipsamong ActionServlet (Controller), ActionForm (Form State), and Action (Model Wrapper).Figure 6. UML diagram of the relationship of the Command (ActionServlet) to the Model (Action & ActionForm)The ActionServlet classDo you remember the days of function mappings? You would map some input event to a pointer to a function. If you where slick, you would place the configuration information into a file and load the file at run time. Function pointer arrays were the good old days of structured programming in C.Life is better now that we have Java technology, XML, J2EE, and all that. The Struts Controller is a servlet that maps events (an event generally being an HTTP post) to classes. And guess what -- the Controller uses a configuration file so you don_t have to hard-code the values. Life changes, but stays the same.ActionServlet is the Command part of the MVC implementation and is the core of the Framework. ActionServlet (Command) creates and uses Action, an ActionForm, and ActionForward. As mentioned earlier, the struts-config.xml file configures the Command. During the creation of the Web project, Action and ActionForm are extended to solve the specific problem space. The filestruts-config.xml instructs ActionServlet on how to use the extended classes. There are several advantages to this approach:•The entire logical flow of the application is in a hierarchical text file. This makes it easier to view and understand, especially with large applications.•The page designer does not have to wade through Java code to understand the flow of the application.•The Java developer does not need to recompile code when making flow changes.Command functionality can be added by extending ActionServlet.The ActionForm classActionForm maintains the session state for the Web application. ActionForm is an abstract class that is sub-classed for each input form model. When I say input form model, I am saying ActionForm represents a general concept of data that is set or updated by a HTML form. For instance, you may have a UserActionForm that is set by an HTML Form. The Struts framework will:•Check to see if a UserActionForm exists; if not, it will create an instance of the class.•Struts will set the state of the UserActionForm using corresponding fields from the HttpServletRequest. No more dreadful request.getParameter()calls. For instance, the Struts framework will take fname from request stream and call UserActionForm.setFname().•The Struts framework updates the state of the UserActionForm before passing it to the business wrapper UserAction.•Before passing it to the Action class, Struts will also conduct form state validation by calling the validation() method on UserActionForm. Note:This is not always wise to do. There might be ways of using UserActionFormin other pages or business objects, where the validation might be different.Validation of the state might be better in the UserAction class.•The UserActionForm can be maintained at a session level.Notes:•The struts-config.xml file controls which HTML form request maps to which ActionForm.•Multiple requests can be mapped UserActionForm.•UserActionForm can be mapped over multiple pages for things such as wizards.The Action classThe Action class is a wrapper around the business logic. The purpose of Action classis to translate the HttpServletRequest to the business logic. To use Action, subclass and overwrite the process() method.The ActionServlet (Command) passes the parameterized classes to ActionForm using the perform() method. Again, no more dreadful request.getParameter() calls. By the time the event gets here, the input form data (or HTML form data) has already been translated out of the request stream and into an ActionForm class.Figure 4. MVC Model 2Struts, an MVC 2 implementationStruts is a set of cooperating classes, servlets, and JSP tags that make up a reusable MVC 2 design. This definition implies that Struts is a framework, rather than a library, but Struts also contains an extensive tag library and utility classes that work independently of the framework. Figure 5 displays an overview of Struts.Figure 5. Struts overviewStruts overview•Client browserAn HTTP request from the client browser creates an event. The Web container will respond with an HTTP response.•ControllerThe Controller receives the request from the browser, and makes thedecision where to send the request. With Struts, the Controller is a command design pattern implemented as a servlet. The struts-config.xml fileconfigures the Controller.•Business logicThe business logic updates the state of the model and helps control the flow of the application. With Struts this is done with an Action class as a thinwrapper to the actual business logic.•Model stateThe model represents the state of the application. The business objectsupdate the application state. ActionForm bean represents the Model state ata session or request level, and not at a persistent level. The JSP file readsinformation from the ActionForm bean using JSP tags.•ViewThe view is simply a JSP file. There is no flow logic, no business logic, and no model information -- just tags. Tags are one of the things that make Struts unique compared to other frameworks like Velocity.Note: "Think thin" when extending the Action class. The Action class should control the flow and not the logic of the application. By placing the business logic in a separate package or EJB, we allow flexibility and reuse.Another way of thinking about Action class is as the Adapter design pattern. The purpose of the Action is to "Convert the interface of a class into another interface the clients expect. Adapter lets classes work together that couldn_t otherwise because of incompatibility interface" (from Design Patterns - Elements of Reusable OO Software by Gof). The client in this instance is the ActionServlet that knows nothing about our specific business class interface. Therefore, Struts provides a business interface it does understand, Action. By extending the Action, we make our business interface compatible with Struts business interface. (An interesting observation is that Action is a class and not an interface. Action started as an interface and changed into a class over time. Nothing's perfect.)The Error classesThe UML diagram (Figure 6) also included ActionError and ActionErrors. ActionError encapsulates an individual error message. ActionErrors is a containerof ActionError classes that the View can access using tags. ActionError s is Struts way of keeping up with a list of errors.Figure 7. UML diagram of the relationship of the Command (ActionServlet) to the Model (Action)The ActionMapping classAn incoming event is normally in the form of an HTTP request, which the servlet Container turns into an HttpServletRequest. The Controller looks at the incoming event and dispatches the request to an Action class. The struts-config.xml determines what Action class the Controller calls. The struts-config.xml configuration information is translated into a set of ActionMapping, which are put into container of ActionMappings. (If you have not noticed it, classes that end with s are containers)The ActionMapping contains the knowledge of how a specific event maps to specific Actions. The ActionServlet (Command) passes the ActionMapping to the Action class via the perform() method. This allows Action to access the information to control flow.ActionMappingsActionMappings is a collection of ActionMapping objects.Struts pros•Use of JSP tag mechanismThe tag feature promotes reusable code and abstracts Java code from the JSPfile. This feature allows nice integration into JSP-based development toolsthat allow authoring with tags.•Tag libraryWhy re-invent the wheel, or a tag library? If you cannot find something you need in the library, contribute. In addition, Struts provides a starting point if you are learning JSP tag technology.•Open sourceYou have all the advantages of open source, such as being able to see thecode and having everyone else using the library reviewing the code. Manyeyes make for great code review.•Sample MVC implementationStruts offers some insight if you want to create your own MVCimplementation.•Manage the problem spaceDivide and conquer is a nice way of solving the problem and making theproblem manageable. Of course, the sword cuts both ways. The problem ismore complex and needs more management.Struts cons•YouthStruts development is still in preliminary form. They are working towardreleasing a version 1.0, but as with any 1.0 version, it does not provide all the bells and whistles.•ChangeThe framework is undergoing a rapid amount of change. A great deal ofchange has occurred between Struts 0.5 and 1.0. You may want to download the most current Struts nightly distributions, to avoid deprecated methods.In the last 6 months, I have seen the Struts library grow from 90K to over270K. I had to modify my examples several times because of changes inStruts, and I am not going to guarantee my examples will work with theversion of Struts you download.•Correct level of abstractionDoes Struts provide the correct level of abstraction? What is the proper level of abstraction for the page designer? That is the $64K question. Should weallow a page designer access to Java code in page development? Someframeworks like Velocity say no, and provide yet another language to learn for Web development. There is some validity to limiting Java code access inUI development. Most importantly, give a page designer a little bit of Java, and he will use a lot of Java. I saw this happen all the time in Microsoft ASP development. In ASP development, you were supposed to create COMobjects and then write a little ASP script to glue it all together. Instead, the ASP developers would go crazy with ASP script. I would hear "Why wait for a COM developer to create it when I can program it directly with VBScript?"Struts helps limit the amount of Java code required in a JSP file via taglibraries. One such library is the Logic Tag, which manages conditionalgeneration of output, but this does not prevent the UI developer from going nuts with Java code. Whatever type of framework you decide to use, you should understand the environment in which you are deploying andmaintaining the framework. Of course, this task is easier said than done. •Limited scopeStruts is a Web-based MVC solution that is meant be implemented with HTML, JSP files, and servlets.•J2EE application supportStruts requires a servlet container that supports JSP 1.1 and Servlet 2.2 specifications. This alone will not solve all your install issues, unless you are using Tomcat 3.2. I have had a great deal of problems installing the library with Netscape iPlanet 6.0, which is supposedly the first J2EE-compliantapplication server. I recommend visiting the Struts User Mailing List archive (see Resources) when you run into problems.•ComplexitySeparating the problem into parts introduces complexity. There is noquestion that some education will have to go on to understand Struts. With the constant changes occurring, this can be frustrating at times. Welcome to the Web.•Where is...I could point out other issues, for instance, where are the client sidevalidations, adaptable workflow, and dynamic strategy pattern for thecontroller? However, at this point, it is too easy to be a critic, and some of the issues are insignificant, or are reasonable for a 1.0 release. The way the Struts team goes at it, Struts might have these features by the time you read this article, or soon after.Future of StrutsThings change rapidly in this new age of software development. In less than 5 years, I have seen things go from cgi/perl, to ISAPI/NSAPI, to ASP with VB, and now Java and J2EE. Sun is working hard to adapt changes to the JSP/servlet architecture, just as they have in the past with the Java language and API. You can obtain drafts of the new JSP 1.2 and Servlet 2.3 specifications from the Sun Web site. Additionally, a standard tag library for JSP files is appearing.附录B 外文译文(译自： Malcolm Davis. Struts--an open-source MVC implementation [J]. IBM Systems Journal , 2006,44(2):33-37.)Struts——MVC 的一种开放源码实现Malcolm Davis本文介绍 Struts，它是使用 servlet 和 JavaServer Pages 技术的一种Model-View-Controller 实现。

外文翻译Birth of the NetThe Internet has had a relatively brief, but explosive history so far. It grew out of an experiment begun in the 1960's by the U.S. Department of Defense. The DoD wanted to create a computer network that would continue to function in the event of a disaster, such as a nuclear war. If part of the network were damaged or destroyed, the rest of the system still had to work. That network was ARPANET, which linked U.S. scientific and academic researchers. It was the forerunner of today's Internet.In 1985, the National Science Foundation (NSF) created NSFNET, a series of networks for research and education communication. Based on ARPANET protocols, the NSFNET created a national backbone service, provided free to any U.S. research and educational institution. At the same time, regional networks were created to link individual institutions with the national backbone service.NSFNET grew rapidly as people discovered its potential, and as new software applications were created to make access easier. Corporations such as Sprint and MCI began to build their own networks, which they linked to NSFNET. As commercial firms and other regional network providers have taken over the operation of the major Internet arteries, NSF has withdrawn from the backbone business.NSF also coordinated a service called InterNIC, which registered all addresses on the Internet so that data could be routed to the right system. This service has now been taken over by Network Solutions, Inc., in cooperation with NSF.How the Web WorksThe World Wide Web, the graphical portion of the Internet, is the most popular part of the Internet by far. Once you spend time on the Web,you will begin to feel like there is no limit to what you can discover. The Web allows rich and diverse communication by displaying text, graphics, animation, photos, sound and video.So just what is this miraculous creation? The Web physically consists of your personal computer, web browser software, a connection to an Internet service provider, computers called servers that host digital data and routers and switches to direct the flow of information.The Web is known as a client-server system. Your computer is the client; the remote computers that store electronic files are the servers. Here's how it works:Let's say you want to pay a visit to the the Louvre museum website. First you enter the address or URL of the website in your web browser (more about this shortly). Then your browser requests the web page from the web server that hosts the Louvre's site. The Louvre's server sends the data over the Internet to your computer. Your web browser interprets the data, displaying it on your computer screen.The Louvre's website also has links to the sites of other museums, such as the Vatican Museum. When you click your mouse on a link, you access the web server for the Vatican Museum.The "glue" that holds the Web together is called hypertext and hyperlinks. This feature allow electronic files on the Web to be linked so you can easily jump between them. On the Web, you navigate through pages of information based on what interests you at that particular moment, commonly known as browsing or surfing the Net.To access the Web you need web browser software, such as Netscape Navigator or Microsoft Internet Explorer. How does your web browser distinguish between web pages and other files on the Internet? Web pages are written in a computer language called Hypertext Markup Language or HTML.Some Web HistoryThe World Wide Web (WWW) was originally developed in 1990 at CERN, the European Laboratory for Particle Physics. It is now managed by The World Wide Web Consortium, also known as the World Wide Web Initiative.The WWW Consortium is funded by a large number of corporate members, including AT&T, Adobe Systems, Inc., Microsoft Corporation and Sun Microsystems, Inc. Its purpose is to promote the growth of the Web by developing technical specifications and reference software that will be freely available to everyone. The Consortium is run by MIT with INRIA (The French National Institute for Research in Computer Science) acting as European host, in collaboration with CERN.The National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign, was instrumental in the development of early graphical software utilizing the World Wide Web features created by CERN. NCSA focuses on improving the productivity of researchers by providing software for scientific modeling, analysis, and visualization. The World Wide Web was an obvious way to fulfill that mission. NCSA Mosaic, one of the earliest web browsers, was distributed free to the public. It led directly to the phenomenal growth of the World Wide Web.Understanding Web AddressesYou can think of the World Wide Web as a network of electronic files stored on computers all around the world. Hypertext links these resources together. Uniform Resource Locators or URLs are the addresses used to locate thesefiles. The information contained in a URL gives you the ability to jump from one web page to another with just a click of your mouse. When you type a URL into your browser or click on a hypertext link, your browser is sending a request to a remote computer to download a file.What does a typical URL look like? Here are some examples:/The home page for study english.ftp:///pub/A directory of files at MIT* available for downloading.news:rec.gardens.rosesA newsgroup on rose gardening.The first part of a URL (before the two slashes* tells you the type of resource or method of access at that address. For example:•http - a hypertext document or directory•gopher - a gopher document or menu•ftp - a file available for downloading or a directory of such files•news - a newsgroup•telnet - a computer system that you can log into over the Internet•WAIS* - a database or document in a Wide Area Information Search database•file - a file located on a local drive (your hard drive)The second part is typically the address of the computer where the data or service is located. Additional parts may specify the names of files, the port to connect to, or the text to search for in a database.You can enter the URL of a site by typing it into the Location bar of your web browser, just under the toolbar.Most browsers record URLs that you want to use again, by adding them to a special menu. In Netscape Navigator, it's called Bookmarks. In Microsoft Explorer, it's called Favorites. Once you add a URL to your list, you can return to that web page simply by clicking on the name in your list, instead of retyping the entire URL.Most of the URLs you will be using start with http which stands for Hypertext Transfer Protocol*. http is the method by which HTML files are transferred over the Web. Here are some other important things to know about URLs:• A URL usually has no spaces.• A URL always uses forward slashes (//).If you enter a URL incorrectly, your browser will not be able to locate the site or resource you want. Should you get an error message or the wrong site, make sure you typed the address correctly.You can find the URL behind any link by passing your mouse cursor over the link. The pointer will turn into a hand and the URL will appear in the browser's status ba r, usually located at the bottom of your screen.Domain NamesWhen you think of the Internet, you probably think of ".com." Just what do those three letters at the end of a World Wide Web address mean?Every computer that hosts data on the Internet has a unique numerical address. For example, the numerical address for the White House is198.137.240.100. But since few people want to remember long strings of numbers, the Domain Name System (DNS)* was developed. DNS, a critical part of the Internet's technical infrastructure*, correlates* a numerical address to a word. To access the White House website, you could type its number into the address box of your web browser. But most people prefer to use "." In this case, the domain name is . In general, the three-letter domain name suffix* is known as a generictop-level domai n and describes the type of organization. In the last few years, the lines have somewhat blurred* between these categories..com - business (commercial).edu - educational.org - non-profit.mil - military.net - network provider.gov - governmentA domain name always has two or more parts separated by dots and typically consists of some form of an organization's name and the three-letter suffix. For example, the domain name for IBM is ""; the United Nations is "."If a domain name is available, and provided it does not infringe* on an existing trademark, anyone can register the name for $35 a year through Network Solutions, Inc., which is authorized to register .com, .net and .org domains. You can use the box below to see if a name is a available. Don't be surprised ifthe .com name you want is already taken, however. Of the over 8 million domain names, 85% are .com domains.ICANN, the Internet Corporation for Assigned Names and Numbers, manages the Domain Name System. As of this writing, there are plans to add additional top-level domains, such as .web and .store. When that will actually happen is anybody's guess.To check for, or register a domain name, type it into the search box.It should take this form: In addition to the generic top-level domains, 244 national top-level domains were established for countries and territories*, for example:.au - Australia.ca - Canada.fr - France.de - Germany.uk - United KingdomFor US $275 per name, you can also register an international domain name with Net Names. Be aware that some countries have restrictions for registering names.If you plan to register your own domain name, whether it's a .com or not, keep these tips in mind:The shorter the name, the better. (But it should reflect your family name, interest or business.)The name should be easy to remember.It should be easy to type without making mistakes.Remember, the Internet is global. Ideally, a domain name will "read" in a language other than English.Telephone lines were designed to carry the human voice, not electronic data from a computer. Modems were invented to convert digital computer signals into a form that allows them to travel over the phone lines. Those are the scratchy sounds you hear from a modem's speaker. A modem on theother end of the line can understand it and convert the sounds back into digital information that the computer can understand. By the way, the word modem stands for MOdulator/DEModulator.Buying and using a modem used to be relatively easy. Not too long ago, almost all modems transferred data at a rate of 2400 Bps (bits per second). Today, modems not only run faster, they are also loaded with features like error control and data compression. So, in addition to converting and interpreting signals, modems also act like traffic cops, monitoring and regulating the flow of information. That way, one computer doesn't send information until the receiving computer is ready for it. Each of these features, modulation, error control, and data compression, requires a separate kind of protocol and that's what some of those terms you see like V.32, V.32bis, V.42bis and MNP5 refer to.If your computer didn't come with an internal modem, consider buying an external one, because it is much easier to install and operate. For example, when your modem gets stuck (not an unusual occurrence), you need to turn it off and on to get it working properly. With an internal modem, that means restarting your computer--a waste of time. With an external modem it's as easy as flipping a switch.Here's a tip for you: in most areas, if you have Call Waiting, you can disable it by inserting *70 in front of the number you dial to connect to the Internet (or any online service). This will prevent an incoming call from accidentally kicking you off the line.This table illustrates the relative difference in data transmission speeds for different types of files. A modem's speed is measured in bits per second (bps). A 14.4 modem sends data at 14,400 bits per second. A 28.8 modem is twice as fast, sending and receiving data at a rate of 28,800 bits per second.Until nearly the end of 1995, the conventional wisdom was that 28.8 Kbps was about the fastest speed you could squeeze out of a regular copper telephoneline. Today, you can buy 33.6 Kbps modems, and modems that are capable of 56 Kbps. The key question for you, is knowing what speed modems your Internet service provider (ISP) has. If your ISP has only 28.8 Kbps modems on its end of the line, you could have the fastest modem in the world, and only be able to connect at 28.8 Kbps. Before you invest in a 33.6 Kbps or a 56 Kbps modem, make sure your ISP supports them.Speed It UpThere are faster ways to transmit data by using an ISDN or leased line. In many parts of the U.S., phone companies are offering home ISDN at less than $30 a month. ISDN requires a so-called ISDN adapter instead of a modem, and a phone line with a special connection that allows it to send and receive digital signals. You have to arrange with your phone company to have this equipment installed. For more about ISDN, visit Dan Kegel's ISDN Page.An ISDN line has a data transfer rate of between 57,600 bits per second and 128,000 bits per second, which is at least double the rate of a 28.8 Kbps modem. Leased lines come in two configurations: T1 and T3. A T1 line offers a data transfer rate of 1.54 million bits per second. Unlike ISDN, a T-1 line is a dedicated connection, meaning that it is permanently connected to the Internet. This is useful for web servers or other computers that need to be connected to the Internet all the time. It is possible to lease only a portion of a T-1 line using one of two systems: fractional T-1 or Frame Relay. You can lease them in blocks ranging from 128 Kbps to 1.5 Mbps. The differences are not worth going into in detail, but fractional T-1 will be more expensive at the slower available speeds and Frame Relay will be slightly more expensive as you approach the full T-1 speed of 1.5 Mbps. A T-3 line is significantly faster, at 45 million bits per second. The backbone of the Internet consists of T-3 lines. Leased lines are very expensive and are generally only used by companies whose business is built around the Internet or need to transfer massiveamounts of data. ISDN, on the other hand, is available in some cities for a very reasonable price. Not all phone companies offer residential ISDN service. Check with your local phone company for availability in your area.Cable ModemsA relatively new development is a device that provides high-speed Internet access via a cable TV network. With speeds of up to 36 Mbps, cable modems can download data in seconds that might take fifty times longer with a dial-up connection. Because it works with your TV cable, it doesn't tie up a telephone line. Best of all, it's always on, so there is no need to connect--no more busy signals! This service is now available in some cities in the United States and Europe.The download times in the table above are relative and are meant to give you a general idea of how long it would take to download different sized files at different connection speeds, under the best of circumstances. Many things can interfere with the speed of your file transfer. These can range from excessive line noise on your telephone line and the speed of the web server from which you are downloading files, to the number of other people who are simultaneously trying to access the same file or other files in the same directory.DSLDSL (Digital Subscriber Line) is another high-speed technology that is becoming increasingly popular. DSL lines are always connected to the Internet, so you don't need to dial-up. Typically, data can be transferred at rates up to 1.544 Mbps downstream and about 128 Kbps upstream over ordinary telephone lines. Since a DSL line carries both voice and data, you don't have to install another phone line. You can use your existing line to establish DSLservice, provided service is available in your area and you are within the specified distance from the telephone company's central switching office.DSL service requires a special modem. Prices for equipment, DSL installation and monthly service can vary considerably, so check with your local phone company and Internet service provider. The good news is that prices are coming down as competition heats up.Anatomy of a Web PageA web page is an electronic document written in a computer language called HTML, short for Hypertext Markup Language. Each web page has a unique address, called a URL* or Uniform Resource Locator, which identifies its location on the network.A website has one or more related web pages, depending on how it's designed. Web pages on a site are linked together through a system of hyperlinks* , enabling you to jump between them by clicking on a link. On the Web, you navigate through pages of information according to your interests.Home Sweet Home PageWhen you browse the World Wide Web you'll see the term home page often. Think of a home page as the starting point of a website. Like the table of contents of a book or magazine, the home page usually provides an overview of what you'll find at the website. A site can have one page, many pages or a few long ones, depending on how it's designed. If there isn't a lot of information, the home page may be the only page. But usually you will find at least a few other pages.Web pages vary wildly in design and content, but most use a traditional magazine format. At the top of the page is a masthead* or banner graphic*, then a list of items, such as articles, often with a brief description. The items in the list usually link to other pages on the website, or to other sites. Sometimes these links are highlighted* words in the body of the text, or are arranged in a list, like an index. They can also be a combination* of both. A web page can also have images that link to other content.How can you tell which text are links? Text links appear in a different color from the rest of the text--typically in blue and underlined. When you move yourcursor over a text link or over a graphic link, it will change from an arrow to a hand. The hypertext words often hint* at what you will link to.When you return to a page with a link you've already visited, the hypertext words will often be in a different color, so you know you've already been there. But you can certainly go there again. Don't be surprised though, if the next time you visit a site, the page looks different and the information has changed. The Web is a dynamic* medium. To encourage visitors to return to a site, some web publishers change pages often. That's what makes browsing the Web so excitingA Home (Page) of Your OwnIn the 60s, people asked about your astrological* sign. In the 90s, they want to know your URL. These days, having a web address is almost as important as a street address. Your website is an electronic meeting place for your family, friends and potentially*, millions of people around the world. Building your digital domain can be easier than you may think. Best of all, you may not have to spend a cent. The Web brims with all kinds of free services, from tools to help you build your site, to free graphics, animation and site hosting. All it takes is some time and creativity.Think of your home page as the starting point of your website. Like the table of contents of a book or magazine, the home page is the front door. Your site can have one or more pages, depending on how you design it. If there isn't a lot of information just yet, your site will most likely have only a home page. But the site is sure to grow over time.While web pages vary dramatically* in their design and content, most use a traditional magazine layout. At the top of the page is a banner graphic. Next comes a greeting and a short description of the site. Pictures, text, and links to other websites follow.If the site has more than one page, there's typically a list of items--similar to an index--often with a brief description. The items in the list link to other pages on the website. Sometimes these links are highlighted words in the body of the text. It can also be a combination of both. Additionally, a web page may have images that link to other content.Before you start building your site, do some planning. Think about whom the site is for and what you want to say. Next, gather up the material that you wantto put on the site: write the copy, scan the photos, design or find the graphics. Draw a rough layout on a sheet of paper.While there are no rules you have to follow, there are a few things to keep in mind:•Start simply. If you are too ambitious at the beginning, you may never get the site off the ground. You can always add to your site.•Less is better. Most people don't like to read a lot of text online. Break it into small chunks.•Use restraint. Although you can use wild colors and images for the background of your pages, make sure your visitors will be able to readthe text easily.•Smaller is better. Most people connect to the Internet with a modem.Since it can take a long time to download large image files, keep the file sizes small.•Have the rights. Don't put any material on your site unless you are sure you can do it legally. Read Learn the Net's copyright article for moreabout this.Stake Your ClaimNow it's time to roll up your sleeves and start building. Learn the Net Communities provides tools to help you build your site, free web hosting, and a community of other homesteaders.Your Internet service provider may include free web hosting services with an account, one alternative to consider.Decoding Error MessagesAs you surf the Net, you will undoubtedly find that at times you can't access certain websites. Why, you make wonder? Error messages attempt to explain the reason. Unfortunately, these cryptic* messages baffle* most people.We've deciphered* the most common ones you may encounter.400 - Bad RequestProblem: There's something wrong with the address you entered. You may not be authorized* to access the web page, or maybe it no longer exists.Solution: Check the address carefully, especially if the address is long. Make sure that the slashes are correct (they should be forward slashes) and that all the names are properly spelled. Web addresses are case sensitive, socheck that the names are capitalized in your entry as they are in the original reference to the website.401 - UnauthorizedProblem: You can't access a website, because you're not on the guest list, your password is invalid or you have entered your password incorrectly.Solution: If you think you have authorization, try typing your password again. Remember that passwords are case sensitive.403 - ForbiddenProblem: Essentially the same as a 401.Solution: Try entering your password again or move on to another site.404 - Not FoundProblem: Either the web page no longer exists on the server or it is nowhere to be found.Solution: Check the address carefully and try entering it again. You might also see if the site has a search engine and if so, use it to hunt for the document. (It's not uncommon for pages to change their addresses when a website is redesigned.) To get to the home page of the site, delete everything after the domain name and hit the Enter or Return key.503 - Service unavailableProblem: Your Internet service provider (ISP) or your company's Internet connection may be down.Solution: Take a stretch, wait a few minutes and try again. If you still have no luck, phone your ISP or system administrator.Bad file requestProblem: Your web browser may not be able to decipher the online form you want to access. There may also be a technical error in the form.Solution: Consider sending a message to the site's webmaster, providing any technical information you can, such as the browser and version you use.Connection refused by hostProblem: You don't have permission to access the page or your password is incorrect.Solution: Try typing your password again if you think you should have access.Failed DNS lookupProblem: DNS stands for the Domain Name System, which is the system that looks up the name of a website, finds a corresponding number (similar to a phone number), then directs your request to the appropriate web server on theInternet. When the lookup fails, the host server can't be located.Solution: Try clicking on the Reload or Refresh button on your browser toolbar. If this doesn't work, check the address and enter it again. If all else fails, try again later.File contains no dataProblem: The site has no web pages on it.Solution: Check the address and enter it again. If you get the same error message, try again later.Host unavailableProblem: The web server is down.Solution: Try clicking on the Reload or Refresh button. If this doesn't work, try again later.Host unknownProblem: The web server is down, the site may have moved, or you've been disconnected from the Net.Solution: Try clicking on the Reload or Refresh button and check to see that you are still online. If this fails, try using a search engine to find the site. It may have a new address.Network connection refused by the serverProblem: The web server is busy.Solution: Try again in a while.Unable to locate hostProblem: The web server is down or you've been disconnected from the Net.Solution: Try clicking on the Reload or Refresh button and check to see that you are still online.Unable to locate serverProblem: The web server is out-of-business or you may have entered the address incorrectly.Solution: Check the address and try typing it again.Web BrowsersA web browser is the software program you use to access the World Wide Web, the graphical portion of the Internet. The first browser, called NCSA Mosaic, was developed at the National Center for Supercomputing Applications in the early '90s. The easy-to-use point-and-click interface*helped popularize the Web, although few then could imagine the explosive growth that would soon occur.Although many different browsers are available, Microsoft Internet Explorer* and Netscape Navigator* are the two most popular ones. Netscape and Microsoft have put so much money into their browsers that the competition can't keep up. The pitched battle* between the two companies to dominate* the market has lead to continual improvements to the software. Version 4.0 and later releases of either browser are excellent choices. (By the way, both are based on NCSA Mosaic.) You can download Explorer and Navigator for free from each company's website. If you have one browser already, you can test out the other. Also note that there are slight differences between the Windows and MacIntosh* versions.You can surf to your heart's content, but it's easy to get lost in this electronic web. That's where your browser can really help. Browsers come loaded with all sorts of handy features. Fortunately, you can learn the basics in just a few minutes, then take the time to explore the advanced functions.Both Explorer and Navigator have more similarities than differences, so we'll primarily cover those. For the most up-to-date information about the browsers, and a complete tutorial, check the online handbook under the Help menu or go to the websites of the respective* software companies.Browser AnatomyWhen you first launch your web browser, usually by double-clicking on the icon on your desktop, a predefined web page, your home page, will appear. With Netscape Navigator for instance, you will be taken to Netscape's NetCenter.•The Toolbar （工具栏）The row of buttons at the top of your web browser, known as the toolbar, helps you travel through the web of possibilities, even keeping track ofwhere you've been. Since the toolbars for Navigator and Explorer differ slightly, we'll first describe what the buttons in common do:o The Back button returns you the previous page you've visited.o Use the Forward button to return to the page you just came from.o Home takes you to whichever home page you've chosen. (If you haven't selected one, it will return you to the default home page,usually the Microsoft or Netscape website.)。

Java and the InternetIf Java is, in fact, yet another computer programming language, you may question why it is so important and why it is being promoted as a revolutionary step in computer programming. The answer isn’t immediately obvious if you’re comin g from a traditional programming perspective. Although Java is very useful for solving traditional standalone programming problems, it is also important because it will solve programming problems on the World Wide Web.What is the Web?The Web can seem a bit of a mystery at first, with all this talk of “surfing,” “presence,” and “home pages.” It’s helpful to step back and see what it really is, but to do this you must understand client/server systems, another aspect of computing that’s full of confusing iss ues. Client/Server computingThe primary idea of a client/server system is that you have a central repository of information—some kind of data, often in a database—that you want to distribute on demand to some set of people or machines. A key to the client/server concept is that the repository of information is centrally located so that it can be changed and so that those changes will propagate out to the information consumers. Taken together, the information repository, the software that distributes the information and the machine where the information and software reside is called the server. The software that resides on the remote machine, communicates with the server, fetches the information, processes it, and then displays it on the remote machine is called the client.The basic concept of client/server computing, then, is not so complicated. The problems arise because you have a single server trying to serve many clients at once. Generally, a database management system is involved, so the designer “balances” the layout of data into tables for optimal use. In addition, systems often allow a client to insert new information into a server. This means you must ensure that one client’s new data doesn’t walk over another client’s new data, or that data isn’t l ost in the process of adding it to the database (this is called transaction processing). As client software changes, it must be built, debugged, and installed on the client machines, which turns out to be more complicated and expensive than you might think. It’s especially problematic to support multiple types of computers and operating systems. Finally, there’s the all-important performance issue: You might have hundreds of clients making requests of your server at any one time, so any small delay is crucial. To minimize latency, programmers work hard to offload processing tasks, often to the client machine, but sometimes to other machines at the server site, using so-calledmiddleware. (Middleware is also used to improve maintainability.)The simple idea of distributing information has so many layers of complexity that the whole problem can seem hopelessly enigmatic. And yet it’s crucial: Client/server computing accounts for roughly half of all programming activities. It’s responsible for everything from t aking orders and credit-card transactions to the distribution of any kind of data—stock market, scientific, government, you name it. What we’ve come up with in the past is individual solutions to individual problems, inventing a new solution each time. These were hard to create and hard to use, and the user had to learn a new interface for each one. The entire client/server problem needs to be solved in a big way.The Web as a giant serverThe Web is actually one giant client/server system. It’s a bit worse than that, since you have all the servers and clients coexisting on a single network at once. You don’t need to know that, because all you care about is connecting to and interacting with one server at a time (even though you might be hopping around the world in your search for the correct server).Initially it was a simple one-way process. You made a request of a server and it handed you a file, which your machine’s browser software (i.e., the client) would interpret by formatting onto your local machine. But in short order people began wanting to do more than just deliver pages from a server. They wanted full client/server capability so that the client could feed information back to the server, for example, to do database lookups on the server, to add new information to the server, or to place an order (which required more security than the original systems offered). These are the changes we’ve been seeing in the development of the Web.The Web browser was a big step forward: the concept that one piece of information could be displayed on any type of computer without change. However, browsers were still rather primitive and rapidly bogged down by the demands placed on them. They weren’t particularly interactive, and tended to clog up both the server and the Internet because any time you needed to do something that required programming you had to send information back to the server to be processed. It could take many seconds or minutes to find out you had misspelled something in your request. Since the browse r was just a viewer it couldn’t perform even the simplest computing tasks. (On the other hand, it was safe, because it couldn’t execute any programs on your local machine that might contain bugs or viruses.)To solve this problem, different approaches have been taken. To begin with, graphics standards have been enhanced to allow better animation and video within browsers. The remainder of the problem can be solved only byincorporating the ability to run programs on the client end, under the browser. This is called client-side programming.Client-side programmingThe Web’s initial server-browser design provided for interactive content, but the interactivity was completely provided by the server. The server produced static pages for the client browser, which would simply interpret and display them. Basic HyperText Markup Language (HTML) contains simple mechanisms for data gathering: text-entry boxes, check boxes, radio boxes, lists and drop-down lists, as well as a button that can only be programmed to reset t he data on the form or “submit” the data on the form back to the server. This submission passes through the Common Gateway Interface (CGI) provided on all Web servers. The text within the submission tells CGI what to do with it. The most common action is to run a program located on the server in a directory that’s typically called “cgi-bin.” (If you watch the address window at the top of your browser when you push a button on a Web page, you can sometimes see “cgi-bin” within all the gobbledygook there.) These programs can be written in most languages. Perl has been a common choice because it is designed for text manipulation and is interpreted, so it can be installed on any server regardless of processor or operating system. However, Python (my favorite—see ) has been making inroads because of its greater power and simplicity.Many powerful Web sites today are built strictly on CGI, and you can in fact do nearly anything with CGI. However, Web sites built on CGI programs can rapidly become overly complicated to maintain, and there is also the problem of response time. The response of a CGI program depends on how much data must be sent, as well as the load on both the server and the Internet. (On top of this, starting a CGI program tends to be slow.) The initial designers of the Web did not foresee how rapidly this bandwidth would be exhausted for the kinds of applications people developed. For example, any sort of dynamic graphing is nearly impossible to perform with consistency because a Graphics Interchange Format (GIF) file must be created and moved from the server to the client for each version of the graph. And you’ve no doubt had direct experience with something as simple as validating the data on an input form. You press the submit button on a page; the data is shipped back to the server; the server starts a CGI program that discovers an error, formats an HTML page informing you of the error, and then sends the page back to you; you must then back up a page and try again. Not only is this sl ow, it’s inelegant.The solution is client-side programming. Most machines that run Web browsers are powerful engines capable of doing vast work, and with the original static HTML approach they are sitting there, just idly waiting for the server to dish up the next page. Client-side programming means that the Web browser is harnessed to do whatever work it can, and the result for the user is a much speedier and more interactive experience at your Web site.The problem with discussions of client-side programming is that they aren’t very different from discussions of programming in general. The parameters are almost the same, but the platform is different; a Web browser is like a limited operating system. In the end, you must still program, and this accounts for the dizzying array of problems and solutions produced by client-side programming. The rest of this section provides an overview of the issues and approaches in client-side programming.Plug-insOne of the most significant steps forward in client-side programming is the development of the plug-in. This is a way for a programmer to add new functionality to the browser by downloading a piece of code that plugs itself into the appropriate spot in the browser. It tells the browser “from now on you can perform this new activity.” (You need to download the plug-in only once.) Some fast and powerful behavior is added to browsers via plug-ins, but writing a plug-in is not a trivial task, and isn’t something you’d want to do as part of the process of building a particular site. The value of the plug-in for client-side programming is that it allows an expert programmer to develop a new language and add that language to a browser without the permission of the browser manufacturer. Thus, plug-ins provide a “back door” that allows the creation of new client-side programming languages (although not all languages are implemented as plug-ins).Scripting languagesPlug-ins resulted in an explosion of scripting languages. With a scripting language, you embed the source code for your client-side program directly into the HTML page, and the plug-in that interprets that language is automatically activated while the HTML page is being displayed. Scripting languages tend to be reasonably easy to understand and, because they are simply text that is part of an HTML page, they load very quickly as part of the single server hit required to procure that page. The trade-off is that your code is exposed for everyone to see (and steal). Generally, however, you aren’t doing amazingly sophist icated things with scripting languages, so this is not too much of a hardship.This points out that the scripting languages used inside Web browsers are really intended to solve specific types of problems, primarily the creation of richer and more interactive graphical user interfaces (GUIs). However, a scripting language might solve 80 percent of the problems encountered in client-side programming. Your problems might very well fit completely within that 80 percent, and since scripting languages can allow easier and faster development, you should probably consider a scripting language before looking at a more involved solution such as Java or ActiveX programming.The most commonly discussed browser scripting languages are JavaScript (which has nothing to do with Java; it’s named that way just to grab some of Java’s marketing momentum), VBScript (which looks like Visual BASIC), and Tcl/Tk, which comes from the popular cross-platform GUI-building language. There are others out there, and no doubt more in development. JavaScript is probably the most commonly supported. It comes built into both Netscape Navigator and the Microsoft Internet Explorer (IE). Unfortunately, the flavor of JavaScript on the two browsers can vary widely (the Mozilla browser, freely downloadable from , supports the ECMAScript standard, which may one day become universally supported). In addition, there are probably more JavaScript books available than there are for the other browser languages, and some tools automatically cr eate pages using JavaScript. However, if you’re already fluent in Visual BASIC or Tcl/Tk, you’ll be more productive using those scripting languages rather than learning a new one. (You’ll have your hands full dealing with the Web issues already.)原文来源：(美)Bruce Ecket. Thinking in JAVA第三版. 2003Java 和Internet可能你会问，如果Java只是一种新的计算机编程语言的话（实际上这话也没错），它为什么会那么重要，为什么会被除数拔高到“计算机编程领域的革命性的进步”，这个高度。

毕业论文外文文献翻译2份目录1 外文文献译文（1） (1)1.1建立客户模型与业务数据:一个自动的方法基于模糊聚类和机器学习 (1)1.2摘要 (1)1.3介绍 (1)1.4提案 (3)2 外文文献原文（1） (4)2.1 title (4)2.2 Abstract (4)2.3 Introduction (5)2.4 Our Proposal (8)3 外文文献译文（2） (9)3.1客户的知识关系管理：整合知识管理和客户关系管理过程 (9)3.2摘要 (9)3.3介绍 (10)3.4文献综述 (11)3.5提出客户知识关系管理过程的概念模型 (12)4 外文文献原文（2） (13)4.1 title (13)4.2 Abstract (13)4.3 Introduction (14)4.4 Literature Review (15)4.5 Proposed Customer Knowledge Relationship Management Process: A Conceptual Model (17)1 外文文献译文（1）1.1建立客户模型与业务数据:一个自动的方法基于模糊聚类和机器学习1.2摘要据挖掘(DM)是一门新兴学科,旨在从数据中提取知识使用几种技术。

DM证明是有用的业务数据的描述客户和他们的交易以兆兆字节。

在本文中,我们提出的方法建立客户模型(也说在文献资料)与业务数据。

我们的方法是三步。

在第一步中,我们使用模糊聚类分类的客户,即确定客户群。

一个关键特性是,很多团体(或集群)自动计算从数据使用划分熵作为真实性的标准。

在第二步中,我们进行降维旨在保持为每组只有客户的信息最丰富的属性。

为此,我们定义了信息损失量化信息程度的一个属性。

因此,作为结果,第二步,我们获得的消费者群每个描述由一种独特的属性集。

在第三个和最后一步,我们使用摘要神经网络中获取有用的知识从这些组织。

真实世界的数据集上的实验结果揭示了我们的方法的良好性能,应该模拟未来的研究。