You are on page 1of 15

SERVLET INTERVIEW QUESTIONS

1.What is the Servlet? A servlet is a Java programming language class that is used to extend the capabilities of servers that host applications accessed by means of a request- response programming model. 2.What are the new features added to Servlet 2.5? Following are the changes introduced in Servlet 2.5:       A new dependency on J2SE 5.0 Support for annotations Loading the class Several web.xml conveniences A handful of removed restrictions Some edge case clarifications

Learn more about Servlets 2.5 features 3.What are the uses of Servlet? Typical uses for HTTP Servlets include:     Processing and/or storing data submitted by an HTML form. Providing dynamic content, e.g. returning the results of a database query to the client. A Servlet can handle multiple request concurrently and be used to develop high performance system Managing state information on top of the stateless HTTP, e.g. for an online shopping cart system which manages shopping carts for many concurrent customers and maps every request to the right customer.

4.What are the advantages of Servlet over CGI? Servlets have several advantages over CGI:       A Servlet does not run in a separate process. This removes the overhead of creating a new process for each request. A Servlet stays in memory between requests. A CGI program (and probably also an extensive runtime system or interpreter) needs to be loaded and started for each CGI request. There is only a single instance which answers all requests concurrently. This saves memory and allows a Servlet to easily manage persistent data. Several web.xml conveniences A handful of removed restrictions Some edge case clarifications

5.What are the phases of the servlet life cycle? The life cycle of a servlet consists of the following phases:

 Initialization (call the init method) : After instantiation. they are delegated to the servlet through the service() method. the service() method invokes a different handler method for each type of HTTP request. When client requests arrive. the servlet may not service any more client requests. the container may keep it ready for handling client requests. This can happen when the servlet engine itself is started. or later when a client request is actually delegated to the servlet. In the HttpServlet class. In the init() method.  Servlet instantiation : After loading. the servlet can read configuration parameters from the deployment descriptor or perform any other one-time activities. The container initializes the servlet by invoking its init() method. passing the request and response objects as parameters. the container initializes a servlet before it is ready to handle client requests. In the case of HTTP requests. To do this. the servlet container calls the destroy() method on the servlet. doPost() method for POST requests. it instantiates one or more object instances of the servlet class to service the client requests.  Removal from service (call the destroy method) : A servlet container may decide to remove a servlet from service for various reasons. such as to conserve memory resources. passing an object implementing the ServletConfig interface. the servlet container locates and loads a class of the type of the servlet. Once the destroy() method has been called.  Request handling (call the service method) : After the servlet is initialized. . Servlet class loading : For each servlet defined in the deployment descriptor of the Web application. the request and response objects are implementations of HttpServletRequest and HttpServletResponse respectively. Now the servlet instance is eligible for garbage collection The life cycle of a servlet is controlled by the container in which the servlet has been deployed. and so on. so the init() method is invoked once and only once by the servlet container. doGet() method for GET requests.

a constructor is still required to instantiate the servlet.6. Even though you as the developer would never need to explicitly call the servlet's constructor. it is no use calling the init method if you haven't constructed an object to call it on yet. This saves memory and allows a Servlet to easily manage persistent data.Why do we need a constructor in a servlet if we use the init method? Even though there is an init method in a servlet which gets called to initialize it.How the servlet is loaded? A servlet can be loaded when:     First request is made. Server starts up (auto-load).How a Servlet is unloaded? A servlet is unloaded when:   Server shuts down. There is only a single instance which answers all requests concurrently. . Administrator manually loads. 8. Just like a normal POJO (plain old java object) that might have an init method. Administrator manually unloads. it is still being used by the container (the container still uses the constructor to create an instance of the servlet). 7.

It extends the GenericServlet base class and provides an framework for handling the HTTP protocol. namelyjavax. 11. however. In addition to the methods declared in these two interfaces. since it is not specific to any protocol. HttpServlet An abstract class that simplifies writing HTTP servlets.9. People who read this.What is the GenericServlet class? GenericServlet is an abstract class that implements the Servlet interface and the ServletConfig interface. also read:EJB Interview Questions JSF-MyFaces Tag Reference JSF Tutorial iBatis an alternative to Hibernate Note: This class is known as generic Tibco Interview Questions  servlet. Note: Most Servlets. HttpServlet only supports HTTP and HTTPS protocol. more commonly by extending a class that implements it. . and implements the log method declared in the  ServletContext interface. this class also provides simple versions of  the lifecycle methods init and destroy.servlet.What is Servlet interface? The central abstraction in the Servlet API is the Servlet interface.What's the difference between GenericServlet and HttpServlet? GenericServlet The GenericServlet is an abstract class that is extended by HttpServlet to provide HTTP protocol-specific methods. sessions and setting response headers. either directly or .http.servlet. cookies. extend one of the standard implementations of that interface. The GenericServlet does not include protocol-specific methods for handling request parameters. The HttpServlet subclass passes generic service method requests to the relevant doGet() or doPost() method.HttpServlet. All servlets implement this interface. 10. GenericServlet is not specific to any protocol.GenericServlet and javax.

Can servlet have a constructor ? One can definitely have constructor in servlet.but this type of approch is not so common. doget should Operations requested through POST can have side 6 be able to be repeated safely many times effects for which the user can be held accountable. it does not 3 (or should not) change anything on the server. 15.When to use doGet() and when doPost()? Always prefer to use GET (As because GET is faster than POST). on the other hand will (typically) send the information through a socket back to the webserver and it won't show up in the URL bar.Even you can use the constrctor in servlet for initialization purpose. 8 It allows bookmarks.and it's not restricted to textual data either.Why is HttpServlet declared abstract? The HttpServlet class is declared abstract because the default implementations of the main service methods do nothing and must be overridden. servlet container is responsible for instantiating the servlet.What is the difference between doGet() and doPost()? # 1 doGet() In doGet() the parameters are appended to the URL and sent along with header information. doPost() In doPost(). This is a convenience implementation of the Servlet interface.doPost is slower compared to doGet since doPost does not write the content length The amount of information you can send back 2 using a GET is restricted as URLs can only be 1024 characters. doGet() is a request for information.In the case of servlet. 13. so the constructor is also called by servlet container only. 7 doGet() should be safe without any side effects for which user is held responsible This method does not need to be either safe It disallows bookmarks.The only thing is that you cannot call that constructor explicitly by the new keyword as we normally do. 14. Thus increasing the performance This method does not need to be idempotent. HttpServlet only supports HTTP and HTTPS protocol. i.12. You can perform common operations with the constructor as you normally do. there is no need to write adoPost() method too. It is possible to send files and even binary data such as serialized Java objects! doPost() provides information (such as placing an order for merchandise) that the server is expected to remember Parameters are encrypted doPost() is generally used to update or post some information to the server. doGet() should be idempotent. except mentioned in the following reason: .e. 16. So. which means that developers do not need to implement all service methods. You can send much more information to the server this way . If your servlet is required to handle doGet() requests for example.What are the types of protocols supported by HttpServlet ? It extends the GenericServlet base class and provides a framework for handling the HTTP protocol. (doGet() should be idempotent) 4 Parameters are not encrypted doGet() is faster if we set the response content 5 length since the same connection is used.

} 18. just support POST. Only override the appropriate doXXX() method. it is not necessary to override the service method itself.How the typical servlet code look like ? . response). if the HTTP request method is GET.Should I override the service() method? We never override the service method. The default service function invokes the doXXX() method corresponding to the method of the HTTP request. doGet() method is called by default. HttpServletResponse response) throws ServletException.How do I support both GET and POST from the same Servlet? The easy way is. Because HTTP service method check the request method and calls the appropriate handler method. since the HTTP Servlets have already taken care of it . then have your doGet method call your doPost method: public void doGet(HttpServletRequest request.For example. 19. 17.   If data is sensitive Data is greater than 1024 characters If your application don't need bookmarks. IOException { doPost(request. A servlet should override the doXXX() method for the HTTP methods that servlet supports.

There is one ServletContext for the entire webapp and all the servlets in a webapp share it.What are the differences between the ServletConfig interface and the ServletContext interface? ServletConfig The ServletConfig interface is implemented by the servlet container in order to pass configuration information to a servlet.What's the difference between forward() and sendRedirect() methods? . 21.What is a servlet context object? A servlet context object contains the information about the Web application of which the servlet is a part. Each Web application in a container has a single servlet context associated with it. It also provides access to the resources common to all the servlets in the application. The param-value pairs for ServletContext object are specified in the <context-param> tags in the web.xml file ServletContext A ServletContext defines a set of methods that a servlet uses to communicate with its servlet container. 22.xml file. The server passes an object that implements the ServletConfig interface to the servlet's init() method. The param-value pairs for ServletConfig object are specified in the <init-param> within the <servlet> tags in the web. There is one ServletConfig parameter per servlet.20.

Any browser reload of the resulting page will simple repeat the original request. as if it were part of the was originally called. but the response is issued under the same URL that was originally requested. also read:    Core Java Questions iBatis Tutorials PMP Certification iBatis an alternative to Hibernate . Because this involves a new request. it is not the same as a redirection. page. but will rather fetch the second URL. with all of its parameters and attributes are no longer available after a redirect. which differs from the original. the previous request scope objects. the original request context is retained sendRedirect() A redirect is a two step process. JSP or static HTML document. processing some input and "boilerplate" text or template markup that may be deciding the outcome by returning a particular response included by many servlets. is doing the work and knows that it's making a new request.What is the difference between the include() and forward() methods? include() forward() The RequestDispatcher include() method inserts the The RequestDispatcher forward() method is used to the contents of the specified resource directly in the show a different resource in place of the servlet that flow of the servlet response. The forward() method is often used where a servlet is The include() method is often used to include common taking a controller role. People who read this. in this case. with the original URL Both resources must be part of the same context (Some containers make provisions for cross-context communication but this tends not to be very portable) Since both resources are part of same context. since it requires two browser requests. A browser reloads of the second URL . 23. If you include a servlet or JSP document. or even in the same domain.forward() A forward is performed internally by the servlet. not one. In other words. any such request will be ignored. The forwarded resource may be another servlet. calling servlet. The browser. where the web application instructs the browser to fetch a second URL. so its original URL remains intact. The browser is completely unaware that it has taken place. This method can be used to redirect users to resources that are not part of the current context. redirect is marginally slower than a forward. Forward is marginally faster than redirect.will not repeat the original request. (Variables will need to be passed by via the session object). the included resource must not attempt to change the response status code or HTTP headers.

ServletRequest interface and javax. 25. 27.24.What's the use of the servlet wrapper Struts Interview Questions  classes?? The HttpServletRequestWrapper and HttpServletResponseWrapper classes are designed to make it easy for developers to create custom implementations of the servlet request and response types. The information provided by a deployment descriptor is declarative and therefore it can be modified without changing the source code of a bean. It declares transaction attributes and security authorization for an enterprise bean.What is the difference between the getRequestDispatcher(String path) method of javax.What is the directory structure of a WAR file? 26. The JavaEE server reads the deployment descriptor at run time and acts upon the component accordingly.What is a deployment descriptor? A deployment descriptor is an XML document with an .ServletContext interface? .servlet. It defines a component's deployment settings.xml extension. The classes are constructed with the standard HttpServletRequest and HttpServletResponse instances respectively and their default behaviour is to pass all method calls directly to the underlying objects.servlet.

which can be specified in the deployment descriptor to make the servlet container load and initialize the servlet as soon as it starts up.ServletRequest.servlet.getRequestDispatcher(String path) The getRequestDispatcher(String path) method ofjavax. As a result. The <load-on-startup> element is written in the deployment descriptor as follows: <servlet> <servlet-name>ServletName</servlet-name> <servlet-class>ClassName</servlet-class> <load-on-startup>1</load-on-startup> </servlet> Note: The container loads the servlets in the order specified in the <load-on-startup> element. which can be relative to the request of the calling servlet. every user of an application has a separate session and has access to a separate set of session variables.ServletContext interface cannot accept relative paths. it initializes a servlet when it receives a request for that servlet first time. 31. This is called lazy loading. Sessions are specific to both the individual user and the application.What is the <load-on-startup> element? The <load-on-startup> element of a deployment descriptor is used to load a servlet file when the server starts instead of waiting for the first request.What is Session Tracking? . All path must start with a “/” and are interpreted as relative to current context root. 29.ServletRequest interface accepts parameter the path to the resource to be included or forwarded to. ServletContext. 28. The servlet specification defines the element.getRequestDispatcher(String path) The getRequestDispatcher(String path) method ofjavax. If the path begins with a “/” it is interpreted as relative to the current context root. The process of loading a servlet before any request comes in is called preloading or preinitializing a servlet.What is preinitialization of a servlet? A container does not initialize the servlets as soon as it starts up.What is session? A session refers to all the requests that a single client might make to a server in the course of viewing any pages associated with a given application.servlet. It is also used to specify the order in which the files are to be loaded. 30.

from within custom tag code. and later sent back to the server in subsequent requests. .How do I use cookies to store session state on the client? In a servlet. Typical example: Putting things one at a time into a shopping cart. 32. When the client submits the form to the server the hidden fields identify the client. preferably.Session tracking is a mechanism that servlets use to maintain state about a series of requests from the same user (that is. Such information which is part of the application is reffered as "state". a single value. A cookie has a name. To keep track of this state we need session tracking. every request is treated as new request. Saved by the browser. the HttpServletResponse and HttpServletRequest objects passed to method HttpServlet.service() can be used to create cookies on the client and use cookie information transmitted during client requests.What are the types of Session Tracking ? Sessions need to work with all web browsers and take into account the users security preferences. This extra data identifies the session. This method is used with browsers that do not support cookies or where the user has disabled the cookies.e.  Secure Socket Layer (SSL) Sessions : Web browsers that support Secure Socket Layer communication can use SSL's support via HTTPS for generating a unique session key as part of the encrypted conversation. The server can associate this session identifier with the data it has stored about that session. A cookie's value can uniquely identify a client..  Hidden Form Fields : Similar to URL rewriting. 33. and optional attributes. then checking out--each page request must somehow be associated with previous requests.What is the need of Session Tracking in web application? HTTP is a stateless protocol i. Learn more about Session Tracking 34. in scriptlet code or. JSPs can also use cookies.  Cookies : Cookie is a small amount of information sent by a servlet to a Web browser. requests originating from the same browser) across some period of time. The server embeds new hidden fields in every dynamically generated form page for the client. Therefore there are a variety of ways to send and receive the identifier:  URL rewriting : URL rewriting is a method of session tracking in which some extra data (session ID) is appended at the end of each URL. For web applications to be more realistic they have to retain information across multiple requests.

Servlets and JSP pages that rely exclusively on cookies for client-side session state will not operate properly for all clients. and a single cookie name may have multiple values.jsessionid=123465hfhs Advantages  URL rewriting works just about everywhere. etc. also read:-      JDBC Interview Questions Cookies are controlled by programming a low-level API. use the addCookie() method in class HttpServletResponse. This is because cookies are a feature of the HTTP protocol.servlet. and so on. or if the session tracking is turned off.What are some advantages of storing session state in cookies?   Cookies are usually persistent. Notice that the while package javax.What is URL rewriting? URL rewriting is a method of session tracking in which some extra data is appended at the end of each URL. the browser version may not support them..jsp.) can be maintained easily with no server interaction. Each time a URL is output. 37.servlet has no such support. Cookie-based solutions work only for HTTP clients. historical information. E.http supports session management (via classHttpSession). user data that needs to be stored longterm (such as a user ID. so users cannot have multiple simultaneous sessions. use the getCookies() method of class HttpServletRequest 35. complicates development and maintenance. and then switching to an alternate clientside session state strategy in cases where cookies aren't available. Every URL on the page must be encoded using method HttpServletResponse. Corruption. Browser instances share cookies.encodeURL(). This extra data identifies the session. inconsistent.g. or missing information. All data for a session are kept on  iBatis an alternative to Hibernate the client. Using cookies. the servlet passes the URL to encodeURL(). so for low-security sites. the browser may be behind a firewall that filters cookies. To get all of the cookies associated with a single HTTP request.  To set a cookie on the client. For small. http://abc/path/index. expiration or purging of cookie files can all result Hibernate Interview Questions  in incomplete. Multiple cookies may be set for the same request. package javax. The server can associate this session identifier with the data it has stored about that session.and medium-sized session data. 36. Cookies may not be available for many reasons: the user may have disabled them. which Hibernate Tutorial  is more difficult to implement than  SCWCD Certification some other approaches. . the entire session data (instead of just the session ID) can be kept in the cookie. especially when cookies are turned off.What are some disadvantages of storing session state in cookies?  People who read this. which encodes session ID in the URL if the browser isn't accepting cookies.

URL rewriting does not work well with JSP technology. which makes the container abonden the session on which the method is called. since users can start a new browser instance using a URL for an active session. since it's stored in URLs in each page being displayed. URL rewriting limits the client's interaction with the server to HTTP GETs. since every link must be dynamically written with the session state. i. . 39. makes the container stop tracking session. Note :Setting the inactive period as negative(-1).  Multiple simultaneous sessions are possible for a single user. If a client workstation crashes.e. Not only is this expensive computationally. using (for example) templating or server-side includes. which can result in awkward restrictions on the page. all of the URLs (and therefore all of the data for that session) are lost. DisAdvantages     Every URL on a page which needs the session information must be rewritten each time a page is served. Session information is local to each browser instance. though.How can the session in Servlet can be destroyed? An existing session can be destroyed in the following two ways:  Programatically : Using session.invalidate() method. but it can greatly increase communication overhead. 38. The syntax for setting the timeout programmatically is as follows: public void setMaxInactiveInterval(int interval) The setMaxInactiveInterval() method sets the maximum time in seconds before a session becomes invalid.How can an existing session be invalidated? An existing session can be invalidated in the following two ways:  Setting timeout in the deployment descriptor: This can be done by specifying timeout between the <session-timeout>tags as follows: <session-config> <session-timeout>10</session-timeout> </session-config> This will set the time for session timeout to be ten minutes. It is possible to combine static and dynamic content. This limitation is also a barrier to integrating legacy web pages with newer.  Setting timeout programmatically: This will set the timeout for a specific session. servlet-based pages. session never expires. Entirely static pages cannot be used with URL rewriting. and confuse the server by interacting with the same session through two instances. This scheme isn't foolproof.

It is used to abstract any useful information contained in the request or response. 40.A client sends requests to two different web components. it initializes a servlet when it receives a request for that servlet first time. 41. The output of the second servlet could be piped into a third servlet. 43. The last servlet in the chain returns the output to the Web browser. and so on. When the server itself is shutdown. various modifications can be performed on a single request and response. The process of loading a servlet before any request comes in is called preloading or preinitializing a servlet. .What are the functions of an intercepting filter? The functions of an intercepting filter are as follows:    It intercepts the request from a client before it reaches the servlet and modifies the request if required. There can be many filters forming a chain. Hence. which can be specified in the deployment descriptor to make the servlet container load and initialize the servlet as soon as it starts up. Some of the important functions performed by filters are as follows:      Security checks Modifying the request or response Data compression Logging and auditing Response compression Filters are configured in the deployment descriptor of a Web application. Will they end up using the same session object or different session ? Creates only one session i. in which case the output of one filter becomes an input to the next filter.e.What is Servlet Chaining? Servlet Chaining is a method where the output of one servlet is piped into a second servlet. Hence. they end up with using same session .What is servlet lazy loading?    A container doesnot initialize the servlets ass soon as it starts up. 42.How are filters? Filters are Java components that are used to intercept an incoming request to a Web resource and a response sent back from the resource. It intercepts the response from the servlet back to the client and modifies the request if required. The servlet specification defines the <load-on-startup> element. a user is not required to recompile anything to change the input or output of the Web application.. Sessions is specific to the client but not the web components. And there is a 1-1 mapping between client and a session. This is called lazy loading. 44. Both of the components access the session.

such as class loading. the thread dies. Multithreading support : It automatically creates a new thread for every servlet request received. initialization.45. instantiation. When the Servlet service() method completes. and making servlet instances eligible for garbage collection. Communication support : It handles the communication between the servlet and the Web server. . service.What are the functions of the Servlet container? The functions of the Servlet container are as follows:      Lifecycle management : It manages the life and death of a servlet. JSP support : The container is responsible for converting JSPs to servlets and for maintaining them. Declarative security : It manages the security inside the XML deployment descriptor file.