Errata

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

"Sun's JavaServer Toolkit and JavaServer Engine, ..."

Changed to read:

"Sun's JavaServer Engine, ..."

Also, at the end of the second sentence, changed "Java Server
Toolkit." to "JavaServer Engine."

Finally, changed the URL in the last sentence to:

http://java.sun.com/products/javaserverengine/

"Sun's JavaServer Toolkit and JavaServer Engine, ..."

Changed to read:

"Sun's JavaServer Engine, ..."

Also, at the end of the second sentence, changed "Java Server
Toolkit." to "JavaServer Engine."

Finally, changed the URL in the last sentence to:

http://java.sun.com/products/javaserverengine/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

used to read:

"This servlet extends the HttpServlet class and overloads
the doGet() method inherited from it."

Now reads:

"This servlet extends the HttpServlet class and overrides
the doGet() method inherited from it."

The word "overloads" has been replaced with "overrides". Also,
the word "receives" in the next sentence is now in roman font,
rather than constant width.

The footnote at the bottom of the page, 2nd line, used to read:


...generate output for a servlets used ...

It now reads:

...generate output for a servlet used ...

The figure needs to be corrected: "<HEAD>" should be
"</HEAD>", "<BODY>" should be "</BODY>", and "<HTML>" should
be "</HTML>".

The word "last" was changed to "previous"

The first sentence of the last paragraph used to read:

"How does this involves servlets?"

It now reads:

"How does this involve servlets?"

", extra path information, and query string."
now reads
", and extra path information."

", extra path information, and query string."
now reads
", and extra path information."

In line twelve, the text should read:

...usually "HTTP/1.0" or "HTTP/1.1"

In other words, cut the three v's and replace them with
straight quotes. "HTTP/1.0" and "HTTP/1.1" should be in constant
width font.

The line of code that checks for the "Content-Length" header field reads:

if ("Content-Length").equalsIgnoreCase(header))

There is a ')' before the dot.
The line should read:

if ("Content-Length".equalsIgnoreCase(header))
1 2 21

... stream, you should to use getReader()

to:
... stream, you should use getReader()

read:

"getParameterNamess"

The second "s" has been deleted. It now reads:

"getParameterNames "

... request, a directory to saves files to, ...

to

... request, a directory to save files to, ...

Removed the following line of code:

PrintWriter out = res.getWriter();

Removed the following line of code:

PrintWriter out = res.getWriter();

In the last line of code on the page:

// Send the page to the response s output stream

there was a missing '. It now reads "response's".

In the last line of code on the page:

// Send the page to the response s output stream

there was a missing '. It now reads "response's".

Removed the following line of code:

PrintWriter out = res.getWriter();

Removed the following line of code:

PrintWriter out = res.getWriter();

the line of code that sends the "SC_INTERNAL_SERVER_ERROR" reads:

res.sendError(res.SC._INTERNAL_SERVER_ERROR);

This line contains a dot after "SC".
It should read:

res.sendError(res.SC_INTERNAL_SERVER_ERROR);

(without the dot)

PrinWriter

should read:

PrintWriter

"Netscape Navigator 3 and 4 on Unix and Microsoft Internet
Explorer 4 on"

was removed from the bottom of page 188.

Changed last sentence to read:

"Note, however, that server push is not yet supported by
Microsoft Internet Explorer, and extended use..."

Changed last sentence to read:

"Note, however, that server push is not yet supported by
Microsoft Internet Explorer, and extended use..."

Fields" section used to read:

"You include hidden form files with HTML like this:"

It now reads:

"You include hidden form fields with HTML like this:"

The 2nd to last line the function call used to read:

"isRequestedSessionIdValue()"

Changed to:

"isRequestedSessionIdValid()"

A client wants "and it also want"

should read:

"and it also wants"

Information" used to read:

"A server""

It now reads:

"A servlet"

Browser misspelled as "brower" in the 3/00 printing of this book.

key encryption schemes have been around...", removed that
paragraph and the three that followed it and replaced them
with the following five paragraphs:

-----

Public key encryption schemes have been around for several years and
are quite well developed. Most are based on the patented RSA algorithm
developed by Ron Rivest, Adi Shamir, and Leonard Adelman. RSA uses
very large prime numbers to generate a pair of asymmetric keys (i.e.,
each key can decode messages encoded with the other). Individual keys
come in varying lengths, usually expressed in terms of the number of
bits that make up the key. 1024- or 2048-bit keys are adequate for
secure RSA communications.

Because keys are so large, it is not practical for a user to type one
into her web browser for each request. Instead, keys are stored on
disk in the form of digital certificates. Digital certificates can be
generated by software like Phil Zimmerman's PGP package, or they
can be issued by a third party. The certificate files themselves can
be loaded by most security-aware applications, such as servers,
browsers, and email software.

Public key cryptography solves the confidentiality problem because the
communication is encrypted. It also solves the integrity problem: Will
knows that the message he received was not tampered with since it
decodes properly. So far, though, it does not provide any
authentication. Will has no idea whether Jason actually sent the
message. This is where digital signatures come into play. Because
public and private keys are asymmetric, Jason can first use his
private key to encode a message and then use Will's public key to
encode it again. When Will gets the message, he decodes it first with
his private key, and then with Jason's public key. Because only
Jason can encode messages with his private key--messages that can be
decoded only with his public key--Will knows that the message was
truly sent by Jason.

This is different from simpler symmetric key systems, where a single
key is used for encoding and decoding. While asymmetric keys have the
significant advantage of allowing secure communication without ever
requiring a secure channel, they have the disadvantage of requiring
much more computational muscle. As a compromise, many encryption
systems use asymmetric public and private keys to identify each other
and then confidentially exchange a separate symmetric key for
encrypting the actual exchange. The symmetric key is usually based on
DES (Data Encryption Standard).

U.S. government restrictions currently limit symmetric key size to 56
bits (about 72 quadrillion possible keys). Messages encrypted with a
56-bit key are difficult to decode, but by no means impossible--large
networks have been used to decode such messages within a matter of
days. With the United States, however, many systems use 128-bit DES
keys (about 3.40282 x 10^38 possible keys). Because there is no known
way to decode a DES-encrypted message short of brute-force trial and
error, messages sent using large keys are very, very secure.

in this list item.

approaches works very well" changed "works" to "work"

signed using digital certificates." to "can be digitally signed."

tier between a client and our ultimate date source is...". I believe that
the reference to "date" should really be "data".

The text used to read:

"thin:dbhost"

It now reads:

"thin:@dbhost"

Changed the following line:

out.println("<PARAM NAME=user VALUE=">" + user + """);

To:

out.println("<PARAM NAME=user VALUE="" + user + "">");

Changed the following line:

out.println("<PARAM NAME=user VALUE=">" + user + """);

To:

out.println("<PARAM NAME=user VALUE="" + user + "">");

The last sentence of the paragraph that ends

"Servlet API. 2.0."

now ends:

"Servlet API."

The last sentence of the paragraph that ends

"Servlet API. 2.0."

now ends:

"Servlet API."

1.1 used to read:

Chinese, Korean, Russian, and Hebrew.

Now reads:

Chinese, Korean, and Russian.

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

Changed the URL for the JSDK from:

http://jserv.java.sun.com

To:

http://java.sun.com/products/servlet/

"HTTPClient"

Has been changed to:

"HttpClient"

"server_root"

is now in Courier-Italic (twice).

"getLastAccessTime()" to

"getLastAccessedTime()"

", extra path information, and query string."

to

", and extra path information."