aspose file tools*
The moose likes Servlets and the fly likes servlets or just jsp custom tags Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "servlets or just jsp custom tags" Watch "servlets or just jsp custom tags" New topic
Author

servlets or just jsp custom tags

Stephen Huey
Ranch Hand

Joined: Jul 15, 2003
Posts: 618
I was reading a post here:
http://www.caucho.com/quercus/faq/question.xtp?question_id=9
In general, people are arguing that when there is user input or other interaction involved, it's best to let the servlet handle that and then pass on to a JSP for the response. That makes sense to me. However, one guy said that he has found JSP custom tags adept at handling the input and so doesn't need servlets to clean that up. Personally, I have been writing a lot of JSPs but still don't know much about custom tags, so I'm wondering if any of you have the same opinion, or if I should definitely just use servlets for that stuff.
Thanks for any helpful opinions...
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61202
    
  66

I make heavy use of servlets for any processing and also heavy use of custom tags to help format the view. I seldom use custom tags to replace processing; I still see them as part of the "view".


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Stephen Huey
Ranch Hand

Joined: Jul 15, 2003
Posts: 618
Bear, I like your responses (your experience has affected my decisions numerous times!). I'm wondering what you think about this guy's design for creating reusable input validation custom tags:
http://www.developer.com/java/web/print.php/3287891
Apparently, his argument is that this is a good approach just because you can update the tags or reuse the tags in numerous pages and you always have the validation taken care of (whereas in a servlet you would have to rewrite every time you had a servlet validating a zip code or something like that).
Is he correct? Or can you achieve the same thing with servlets, and in as just a reusable manner?
Also, this guy has his own style for trying to use JSPs and JavaBeans, which suggests it's better than using servlets for validation:
http://www.javaworld.com/javaworld/jw-03-2000/jw-0331-ssj-forms.html
Are these guys just smoking something?
Thanks for any more opinions...
[ February 16, 2004: Message edited by: S. C. Huey ]
Gregg Bolinger
GenRocket Founder
Ranch Hand

Joined: Jul 11, 2001
Posts: 15299
    
    6

My 2 cents on the validation issue:
I don't agree at all that such trivial validation as input validation should be processed by the server, Custom Tag or Servlets. That type of validation should always be done on the client side with Javascript. I don't care how fast servers have become. That speed should be utalized for REAL server side work. Not bogged down because some idiot can't type in a SSN correctly.
Javascript can be updated just as easily as Custom Tags if not easier. I agree with Bear that Custom Tags should be used for View purposes. Not for processing. And on top of that, not for validation.
But that is just my opinion. Bear has much more experience at this stuff than I do, so I would definatly recommend considering whatever he says.


GenRocket - Experts at Building Test Data
Stephen Huey
Ranch Hand

Joined: Jul 15, 2003
Posts: 618
I believe a strong reason for avoiding relying on Javascript is simply that it can be turned off. That opens the door to some extra security headaches if I'm not mistaken...
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61202
    
  66

(whereas in a servlet you would have to rewrite every time you had a servlet validating a zip code or something like that).

I didn't have the time to go look at the link (sorry), but to the above all I have to say is that it's just as easy -- far easier, in fact -- to create re-usable Java components as it is to create re-usable tags.
With regards to where to perform validation, I have to disagree with Gregg on this one (rare). Since it's so easy for users to turn off client-side Javascript, or to just type in URL's, or to spoof their own forms that submit to your server (detectable), I never rely upon client-side validation and always perform validation on the server side upon submittal. That's not to say that I don't do client-side validation: I do when it will make the "user experience" better. I just never assume that any client-side validation has taken place.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: servlets or just jsp custom tags