JEE - Spring - Spring Boot Flashcards

1
Q

What is JEE ?

A

JEE is Jakarta EE, a java framework to build web applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Key components in JEE ?

A

*Servlets
*JSP : Java ServerPages
*EJB : Enterprise Java Beans
*JMS : Java Message Service
*JTA : Java Transaction API
*JPA : Java Persistence API
*CDI : Context and Dependency Injection
*JAX-RS : Java API for RESTful Web Services
*JAX-WS : Java API for Web Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why we need application servers ?

A

JEE applications are deployed and run on application servers that support JEE specifications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Give some popular JEE application servers

A

*Apache Tomcat
*WildFly ( JBoss )
*GlassFish
*WebLogic ( by Oracle )
*WebSphere ( by IBM )

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is servlet ?

A

*Servlet is a JEE server-side component that handle HTTP requests/responses
*Servlet is a class which extends HttpServlet ,redefine methods like doGet(),doPost(),doPut(),doDelete(),doHead() , and make processes on server side after receiving HTTP requests.
*La méthode doX() est exécutée si la requête HTTP est envoyée avec la méthode X.
____________________________________________
method syntax : doGet(req,resp)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are Sevlets lifecycle methods ?

A

*init() : invoked before app start
*service()
*destroy() : invoked before class object destroyed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is JSP ?

A

JSP is a technology that allows embedding java code directly in HTML for generating dynamic content
=> the code in jsp file gets compiled into a servlet by web container ( Tomcat ).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is JPA ?

A

JPA is a specification for managing relational data in java apps.It provides an Object-Relational Mapping (ORM) mechanism to map java objects to database tables and vice versa
=> JPA eliminates the need for manual JDBC ( Java Database Connectivity ) code and simplifies database interactions.
=> JPA uses Entity Classes to represent database tables.
=> Common annotations : @Entity, @Id , @OneToMany …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is JAX-RS ?

A

Used for creating RESTful WS, works over HTTP and stateless.REST based on HTTP methods ( GET,POST,PUT,DELETE,OPTIONS,HEAD…)
=> supports different data format : XML , JSON…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is JAX-WS ?

A

Building SOAP WS. It supports only XML format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Socket ?

A

Socket is an interface for network communication to receive/send data over network. It is commonly used in a client-server architecture where a client connects to a server with IP address and port number.
TCP sockets provide a reliable communication , while UDP sockets offer faster but less reliable communication
________________________________________
Example of sockets use : web browsers,chat apps, and real-time multiplayer games

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are Socket components ?

A

*IP Address : usually IPv4 or IPv6
*Port Number : port 80 for HTTP, 443 for HTTPS , 3306 for MySQL
*Protocol : TCP or UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Communication Process for Client-Server Model ?

A

*A client specifies IP address and port number.
*Once connection established , client and server can send/receive data through the socket
=>vice versa ( server instead of client ) for steps above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is HTTP ?

A

HTTP (HyperText Transfer Protocol) is a protocol to restore data from a server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is CORS ?

A

CORS ( Cross-Origin Resource Sharing ) is a security feature implemented by web browsers to prevent malicious websites from making unauthorized requests on a different domain ( origin ) than the one from which the page was served.It is a protocol that allows or restrict resources to be accessed by different origin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Origin in the context of CORS ?

A

An origin is defined by the combination of:

Protocol (e.g., HTTP, HTTPS)
Domain (e.g., example.com)
Port (e.g., 8080)

17
Q

Why CORS is needed ?

A

*Enforce Same-Origin Policy (SOP)
*prevent CSRF (Cross-Site Request Forgery) and XSS (Cross-Site Scripting) attacks

18
Q

What are common CORS headers ?

A

*Access-Control-Allow-Origin
*Access-Control-Allow-Methods
*Access-Control-Allow-Headers
*Access-Control-Allow-Credentials

19
Q

What are common code status ?

A

1xx: Informational Responses
________________________________________
2xx:Successful Reponses
=>200:OK
=>201:CREATED
_________________________________________
3xx :Redirection Responses
=>301:Moved Permanently
=>302:Found (Moved Temporarily)
________________________________________
4xx:Client Error Reponses
=>400:Bad Request
=>401:Unauthorized
=>403:Forbidden
=>404:Not Found
=>405:Method Not Allowed
=>408:Request Timeout
________________________________________
5xx:Server Error Responses
=>500:Internal Server Error
=>502:Bad Gateway
=>504:Gateway Timeout

20
Q

What are Cookies ?

A

Cookie is a small piece of data sent by server and stored on client (browser). The client then send this cookie back to server on subsequent requests to the same domain.

21
Q

What are Cookies key points ?

A

*Storage : a cookie is stored on client
*Persistence : a cookie can be persistent (stored for a set of duration) or session-based (deleted after browser closed)
*Data size : Small
*Security : less secure (because it is stored on client side , then exposed )
*Use case : used to store user preferences/identication, tracking, simple data…

22
Q

What are Sessions ?

A

Session is a server-side mechanism that is used to store data about client across multiple HTTP requests .Unlike cookies, session data is stored on server side, and the client use a Session ID (stored in cookie) to identify the session.

23
Q

What are Sessions key points ?

A

Storage : a session is stored on server side
Persistence : session can last until a user log out or after a period of inactivity
Data Size: Larger
Security : more secure (stored on server , not exposed)
Use cases:Authentication , user data , complex information.
Identification : server identify a session by unique Session ID passed between client and server via cookies or URL parameters.

24
Q

What is CSRF ?

A

CSRF (Cross-Site Request Forgery) is a type of web security vulnerability that trick a user on performing unintended actions on web apps in which they are authenticated.It exploits the trust of website on user’s browser,and occurs when attacker gets a user to send malicious requests ( like making transaction ) without their knowledge.
______________________________________
Example of how it works :
Attacker send a malicious form , which victim fill then without knowing (by user) it performs actions like making a transaction.

25
Q

How we prevent CSRF ?

A

use CSRF synchronizer Token , which is unique , has a period of validity, generated by server and associated with user session

26
Q

What is XSS ?

A

XSS ( Cross-Site Scripting ) is a type of web security vulnerability that allows attacker to use multiple scripts on web pages viewed by user. It is used for stealing sensitive information like login credentials or cookies , performing actions on behalf of the user or redirecting user to malicious websites.

27
Q

How to prevent XSS ?

A

*Input validation and sanitization ( prevent special characters like ‘<’ and ‘>’ )
*Use ‘HttpOnly’ and ‘Secure’ flags on cookies
*Avoid embedding javascript code directly on HTML

28
Q

SOAP VS REST ?

A

SOAP : is a protocol , use only XML
__________________________________
REST : is an architectural style , use multiple format like XML , JSON …