Book Information


Authors: Bryan Basham, Kathy Sierra, Bert Bates
Paperback: 886 pages
Publisher: O'Reilly Media, Inc.; 1 edition (July 2004)
Language: English
ISBN: 0596005407
Product Dimensions: 9.2 x 8.0 x 1.9 inches Link

 Book Review

Written by Bryan Basham, Kathy Sierra and Bert Bates, this book has lived up to its expectations, and stands out as one of the top titles on Java. Those who enjoyed reading any of the Head First titles will surely enjoy this book.


‘Head First Servlets and JSP’ is designed, for those who wish to crack the SCWCD Examination. The exam syllabus is completely covered in the book and it could be taken for granted that, if there is any guide that helps to crack the exam, it is undoubtedly this one. Not because it has been written by those who are the creators of the examination, but because it sticks to the requirements so well and also gives excellent understanding of the subject. If there are two steps to become a Sun Certified Web Component Developer, they are 1. Study this book 2. Give the exam.



With the main intention of making the reader ready for the exam, the book concentrates on giving thorough understanding on Servlets 2.4, JSP 2.0 along with JSTL 1.1. There are 14 chapters in the book along with a Final Mock Exam which is given at the end of the book as Appendix A.

The book could be divided into four parts and as mentioned earlier you get the entire syllabus for the SCWCD Exam. The first part (1, 2, 3 chapters) of the book gives an introduction to Servlets and JSP, brief overview of web applications, their architecture. The second part (4, 5, 6 chapters) concentrates on Servlets-creating Servlets, Thread safety issues and state management. The third part covers JSP and JSTL in four chapters (7, 8, 9, 10 chapters). The final part concentrates on miscellaneous topics like Deployment of web applications, Web App Security, Filters and Design Patterns & Struts.

The best part of the book is that deployment of web applications and Security is covered in an excellent manner. Every developer in his daily routine is guaranteed to encounter some problem or the other with deployment and security related issues and this hands-on guide can give enough knowledge about deployment, configuration and troubleshooting secure web applications. One thing that we miss here is ANT scripts, but using ANT itself can span over huge volumes and doesn’t form the part of the syllabus.

Each chapter lists out the exam objectives and specifies to what extent the objectives shall be covered and then an introduction to the concepts follow. Each of the concepts is explained with simple (but hilarious) situations and FAQs. The chapter concludes with Mock Exam for that chapter where a few model questions from the concepts covered are given along with the answers.


Any other book has the same content as in this book, so why should one opt for this funny book? This is the question that many “anti-Head First” may ask, don’t be one of them. The layout of the book is the first thing that attracts many and the first impression is the best and the authors of the Head First Series have always been successful in maintaining the impression throughout their books. Head First Concepts makes the subject so easy to grasp. (Had it not been so, these titles would not have been the top-sellers). As you skim through the book, you get the feeling that you are reading some notes prepared by an experienced programmer. Not once in the book do you find the content stuffed with dull and boring theory and one cannot ignore any part of the book, its that important.


The book is best suited for those who wish to crack the SCWCD Exam, and if you are a person with strong will to read, register for the exam as you buy this book, you are guaranteed to be busy with the book for another week or two and this is the thing with head first books – they keep the readers “excitingly” busy and not to mention the fun the reader gets studying the subject. They are addictive in nature and with minimal efforts one can easily cover an entire book in a week and the end result would always be very good. Not many can resist buying the rest in the series once they get the taste of the head first books.

 Table of Contents


  • Why use Servlets and JSPs: an introduction
  • Web app architecture: high-level overview
  • Mini MVC tutorial: hands-on MVC app
  • Being a Servlet: request and response
  • Being a web app: attributes and listeners
  • Conversational state: bean/entity synchronization
  • Being a JSP: writing JSP code
  • Script-free pages : writing scriptless JSPs
  • Custom tags are powerful : using JSTL
  • When JSTL is not enough : custom tag development
  • Deploying your web app : web app deployment
  • Keep it secret, keep it safe : web app security
  • The power of filters : wrappers and filters
  • Enterprise design patterns : patterns and struts

Appendix A: Final Mock Exam

 Overview of Chapters

Intro: How to use this book

    1. Why use Servlets and JSPs: an introduction
      • Exam objectives
      • How Web Servers and client talk to each other
      • Two minute introduction to HTML
      • Overview of HTTP, anatomy of GET, POST requests and responses
      • URLs explained
      • Static web pages and CGI
      • Servlets Demystified: Writing your first Servlet
      • Introduction to JSP



    1. Web app architecture: high-level overview
      • Exam objectives
      • What is a container and what is its significance
      • What makes a Servlet
      • How to name Servlets and map them to URLs using Deployment Descriptors
      • Overview of Model-View-Controller architecture
      • How does J2EE fits into Web applications scenario



    1. Mini MVC tutorial: hands-on MVC app
      • Exam Objectives
      • Designing an MVC application
      • Creating development and deployment environment
      • Build and test the HTML form
      • Building and testing the version 1 of Controller Servlet
      • Building a test class
      • Upgrading the Servlet to version 2
      • Building the JSP, upgrading the Servlet to version 3

    1. Being a Servlet: request and response
      • Exam Objectives
      • Servlets lifecycle
      • Servlet initialization and threads
      • Non-idempotent requests
      • POST and GET requests: how to decide?
      • Sending and using a single parameter
      • Sending and using two parameters
      • Request object explored
      • Review: Servlet lifecycle and API, Http and HttpServletRequest
      • Using the response for I/O
      • Sending JAR file to the client
      • What are content types
      • Adding response headers
      • Servlet redirect vs. request dispatcher
      • Review: HttpServletResponse

    1. Being a web app: attributes and listeners
      • Exam Objectives
      • Using Init Parameters and ServletConfig
      • How to get servlet init parameters in a JSP?
      • What are context init parameters?
      • ServletConfig vs. ServletContext
      • Writing a simple ServletContextListener
      • Compiling, deploying and testing the listener
      • Review of ServletContextListener
      • Eight Listeners and the HttpSessionBindingListener
      • What is an attribute?
      • The three Scopes: Context, Request and Session
      • The Attribute API and dark side of attributes
      • Context attributes and thread safety
      • SingleThreadModel
      • Request attributes and request dispatching

    1. Conversational state: bean/entity synchronization
      • Exam objectives
      • Session IDs, Cookies and other basics
      • URL rewriting
      • Getting rid of bad sessions
      • Key milestones of HttpSession
      • The HttpSessionBindingListener
      • Session Migration
      • Listener Examples

    1. Being a JSP: writing JSP code
      • Exam Objectives
      • Creating simple JSP page using “out” and a page directive
      • Using JSP Expressions, variables and declarations
      • How a JSP-generated servlet does looks like?
      • Implicit objects in a JSP
      • Lifecycle and initialization of a JSP
      • Page, Taglib and Include directives
      • Introduction to Expression Language and actions

    1. Script-free pages : writing scriptless JSPs
      • Exam objectives
      • When attributes are beans?
      • Standard actions: useBean, getProperty, setProperty
      • Polymorphic Bean references?
      • Using the param attribute
      • How to covert properties?
      • Expression language explained
      • Using dot operator to access properties and map values
      • More information on dot(.) and [] operators
      • The EL implicit objects, functions and handling “null”
      • Reusable template pieces
      • standard action
      • A preview of JSTL Tags

    1. Custom tags are powerful : using JSTL
      • Exam objectives
      • Using for looping
      • Conditional control tags: and
      • Using and tags
      • Including content with
      • Customizing the includes and
      • Hyperlinks with
      • How to make our own error pages?
      • Using the tag
      • The tag handler, the TLD and the JSP
      • How about the taglib ?
      • Using more than one tag library in a JSP

    1. When JSTL is not enough : custom tag development
      • Exam objectives
      • Working with tag files
      • Simple tag handlers and how to use them
      • What if the tag body uses an expression?
      • Classic tag handlers
      • Tag Handler API
      • Writing a small Classic Tag Handler and the lifecycle
      • Iteration tags
      • Default return values from TagSupport
      • BodyTag and the new methods: setBodyContent() and doInitBody()
      • Using the tags that work together
      • Using the PageContext API for tag handlers

    1. Deploying your web app : web app deployment
      • Exam objectives
      • Key deployment tasks
      • What are WAR files?
      • How does servlet mapping works?
      • Configuring welcome files in the DD(Deployment Descriptor)
      • Configuring error pages in DD
      • Configuring servlet initialization in the DD
      • How to make an XML-Compliant JSP?

    1. Keep it secret, keep it safe : web app security
      • Exam objectives
      • Authentication, Authorization, confidentiality and Data Integrity in Servlets
      • How to authenticate in HTTP world
      • Top Ten Reasons for doing security declaratively
      • Implementation of security in web apps
      • Authorization: roles and constraints
      • Authentication and four types-Basic, Digest, Client-Cert and Form
      • Implementing Authentication
      • Form-based authentication and implementation
      • Securing data in transit using HTTPS
      • How to implement data confidentiality and integrity sparingly and declaritively
      • How to protect the Request data

    1. The power of filters : wrappers and filters
      • Exam objectives
      • How to build a request tracking filter
      • Filter’s life cycle
      • Declaring and ordering filters
      • Compressing output with a response side filter
      • Using Wrappers
      • Compression filter code
      • Compression Wrapper code

    1. Enterprise design patterns : patterns and struts
      • Exam objectives
      • Software design principles: a review
      • Patterns to support remote model components
      • Overview of JNDI and RMI
      • The Business Delegate
      • Simplifying business delegates with Service Locators
      • What are Transfer objects?
      • MVC Revisited
      • Struts and Front Controller in a nutshell
      • Refactoring the Beer app for Struts
      • Review of patterns
      • This mock test gives the real feel of the actual SCWCD Exam and is a bit more difficult than the actual one, but as per the authors it is for the sake of giving the reader exact idea about their preparation, that they made it difficult.

Appendix A: Final Mock Exam