iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Using NonStop Servlets for JavaServer Pages With
The iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide—522659-001
9-32
Request and Response Streams
You should be aware that multithreading may require you to allow for threading
synchronization. Every client has access to each field in the servlet - the fields of the
servlet are being shared by each client. If a field contains client-specific data, then the
access to that field must be synchronized.
You must also exercise caution when you use Pathway or iTPWebServer commands that
stop server class executions in environments where threads are spawned from within the
web container. Stopping the web container immediately stops all execution threads that
are running within the web container. There are no runtime checks that allow the web
container to stay up and wait for all threads to finish executing when a Pathway STOP
command has been issued against the web container.
If you require it, single threading/multiple instances can be invoked by the
SingleThreadModel interface, for example:
public class myServlet extends HttpServlet implements SingleThreadModel
makes myServlet single threaded. An instance of myServlet will be created for each
individual user request.
Request and Response Streams
The CGI interfaces of the iTP Secure WebServer implement standard input and output
as streams. Therefore the length of a request to or response from a servlet is unlimited.
The Guardian interprocess communications mechanism is not inherently stream-
oriented. The Pathway CGI interfaces simulate stream behavior by accepting a series of
interprocess messages as stream.
Security Considerations
You can use the Region directive to restrict access to an NSJSP process or a servlet by
protecting its URL. In addition, you can use Safeguard to restrict access to any disk, file,
or process on a NonStop system.
Beyond these rudimentary types of protection, all servlets are considered trusted in the
current product version. The fact that all servlets must be loaded from the local iTP
Secure WebServer environment tends to limit, but does not rule out, breaches of security.
Specifically, neither the iTP Secure WebServer nor the NSJSP places any restrictions on
what a servlet does, beyond restrictions imposed by NonStop Server for Java.
The web container inherits the security attributes of the PATHMON environment.
International Character Set Support
The iTP Secure WebServer supports international character sets (Unicode) for input to
and output from the Servlet environment. No specific configuration procedures are
required to use international character sets with servlets in the iTP Secure WebServer
environment.