Web Application Engineering
Course code: AT70.12
This course is required
The World Wide Web has already revolutionized the way we work, learn, and publish. The Web not only dramatically increases the size of the potential audience for our content, but also makes it possible to bring physically disparate people together into more tightly-knit communities than hitherto possible. In this highly distributed and collaborative environment, Web application developers face the triple challenge of 1) system complexity, 2) massive concurrency, and 3) a fickle user base always ready to abandon one site for the next. In this course, students will learn to cope with these challenges by using appropriate technology and a user-centered approach to the design and construction of large-scale Web applications.
AT70.12 is a project-oriented course in which student teams will be paired with client organizations needing online community collaborative learning and information sharing systems. Using a Web server, programming language, and relational database of their own choice, students will take the system from an initial concept through the stages of requirements specification, design, implementation, and usability testing. Along the way, focused laboratory sessions will give students experience with specific technologies and techniques useful across many applications, and lectures will introduce students to the most recent developments in enterprise application frameworks, middleware, and thick clients. Students successfully completing Web Application Engineering will be competent database-backed Web application developers capable of designing, deploying, and maintaining large-scale services like amazon.com.
Web technology background. Software architecture for Web applications. Data modeling. Version control. Web application security. Ajax. Web services. Scaling Web applications.
I. Web technology background
II. Software architecture for Web applications
2. Model-View-Controller pattern
3. Modern MVC frameworks
III. Data modeling
2. Database normalization
3. Object-relational mapping
IV. Version control
V. Web application security
1. Attack methods
2. Client authentication best practices
3. Cross-site scripting (XSS) and SQL injection attacks
4. Framework support for security
1. Client-side scripting
2. Browser support for asynchronous behavior
3. Ajax toolkits and frameworks
4. Ajax components
5. Comet and reverse Ajax
VII. Web services
1. Representational state transfer (REST)
2. Resource-oriented analysis and design
3. Remote procedure call (RPC) services
VIII. Scaling Web applications
1. Bottleneck analysis
2. Scaling strategies
Installing Linux, Apache, and PostgreSQL; Ruby on Rails; JSP; Eclipse IDE; User authentication; Flex; Ajax; REST; Load balancing.
E. Anderson, P, Greenspun, and A. Grumet.
None. [Online resources such as experts' blogs are more important.]
M. Andrews and J.A. Whitaker. How to Break Web Software:
Functional and Security Testing of Web Applications and Web Services, Addison-Wesley, 2006.
JavaServer Pages, 3rd edition, O'Reilly, 2003.
B. Collins-Sussman, B. Fitzpatrick, and C.M. Pilato.
D. Crane and P. McCarthy.
Comet and Reverse Ajax: The Next-Generation Ajax 2.0, Apress, 2008.
C. Fowler. Rails Recipes,
Pragmatic Programmers, 2006.
M. Fowler. Patterns of Enterprise Application Architecture, Addison-Wesley, 2003.
K. Fu, E. Sit, K. Smith, and N. Feamster,
Dos and don'ts of client authentication on the Web. In Proceedings of the 10th USENIX Security Symposium, 2001.
J. Gehtland, B. Galbraith, and D. Almaer.
Pragmatic Ajax: A Web 2.0 Primer, Pragmatic Bookshelf, 2006.
Building Scalable Web Sites: Building, Scaling, and Optimizing the Next Generation of Web Applications, O'Reilly, 2006.
E. Jendrock, J. Ball, D. Carson, I. Evans, S. Fordin, and K. Haase.
D.C. Johnson, A. White, and A. Charland.
Enterprise AJAX: Strategies for Building High Performance Web Applications, Prentice Hall, 2007.
Murugesan and Deshpande, eds.,
Web Engineering: Managing Diversity and Complexity of Web Application Development, Springer, 2001.
L. Richardson and S. Ruby.
RESTful Web Services, O'Reilly, 2007.
D. Thomas, D. Hansson, L. Breedt, M. Clark, J.D. Davidson, J. Gehtland, and A. Schwarz.
Agile Web Development with Rails, 3rd edition, Pragmatic Programmers, 2008.
Project and lab work - 60%
Midterm Exam - 20%
Final Exam - 20%
Any resources including Internet access are allowed during the exams.
Back to the list