The Advantages of Servlets Over “Traditional” CGI

By: aathishankaran Emailed: 1768 times Printed: 2515 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

The Advantages of Servlets Over “Traditional” CGI


Java servlets are more efficient, easier to use, more powerful, more portable, safer, and cheaper than traditional CGI and many alternative CGI-like technologies.




With traditional CGI, a new process is started for each HTTP request. If the CGI program itself is relatively short, the overhead of starting the process can dominate the execution time. With servlets, the Java Virtual Machine stays running and handles each request using a lightweight Java thread, not a heavyweight operating system process. Similarly, in traditional CGI, if there are N simultaneous requests to the same CGI program, the code for the CGI program is loaded into memory N times. With servlets, however, there would be N threads but only a single copy of the servlet class. Finally, when a CGI program finishes handling a request, the program terminates. This makes it difficult to cache computations, keep database connections open, and perform other optimizations that rely on persistent data. Servlets, however, remain in memory even after they complete a response, so it is straightforward to store arbitrarily complex data between requests.




Servlets have an extensive infrastructure for automatically parsing and decoding HTML form data, reading and setting HTTP headers, handling cookies, tracking sessions, and many other such high-level utilities. Besides, you already know the Java programming language. Why learn Perl too? You’re already convinced that Java technology makes for more reliable and reusable code than does C++. Why go back to C++ for server-side programming?




Servlets support several capabilities that are difficult or impossible to accomplish with regular CGI. Servlets can talk directly to the Web server, whereas regular CGI programs cannot, at least not without using a server-specific API. Communicating with the Web server makes it easier to translate relative URLs into concrete path names, for instance. Multiple servlets can also share data, making it easy to implement database connection pooling and similar resource-sharing optimizations. Servlets can also maintain information from request to request, simplifying techniques like session tracking and caching of previous computations.




Servlets are written in the Java programming language and follow a standard API. Consequently, servlets written for, say, I-Planet Enterprise Server can run virtually unchanged on Apache, Microsoft Internet Information Server (IIS), IBM Web Sphere, or Star Nine Web Star. For example, virtually all of the servlets and JSP pages in this book were executed on Sun’s Java Web

Server, Apache Tomcat and Sun’s Java Server Web Development Kit (JSWDK) with no changes whatsoever in the code. Many were tested on BEA Web Logic and IBM Web Sphere as well. In fact, servlets are supported directly or by a plug-in on virtually every major Web server. They are now part of the Java 2 Platform, Enterprise Edition (), so industry support for servlets is becoming even more pervasive.




One of the main sources of vulnerabilities in traditional CGI programs stems from the fact that general-purpose operating system shells often execute them. So the CGI programmer has to be very careful to filter out characters such as back quotes and semicolons that are treated specially by the shell. This is harder than one might think, and weaknesses stemming from this problem are constantly being uncovered in widely used CGI libraries. A second source of problems is the fact that languages that do not automatically check array or string bounds process some CGI programs. For example, in C and C++ it is perfectly legal to allocate a 100-element array then write into the 999th “element,” which is really some random part of program memory. So programmers who forget to do this check themselves open their system up to deliberate or accidental buffer overflow attacks. Servlets suffer from neither of these problems. Even if a servlet executes a remote system call to invoke a program on the local operating system, it does not use a shell to do so. And of course array bounds checking and other memory protection features are a central part of the Java programming language.




There are a number of free or very inexpensive Web servers available that are good for “personal” use or low-volume Web sites. However, with the major exception of Apache, which is free, most commercial-quality Web servers are relatively expensive. Nevertheless, once you have a Web server, no matter its cost, adding servlet support to it (if it doesn’t come pre configured to support servlets) costs very little extra. This is in contrast to many of the other CGI alternatives, which require a significant initial investment to purchase a proprietary package.



JSP Home | All JSP Tutorials | Latest JSP Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.

Bookmark and Share


Be the first one to add a comment

Your name (required):

Your email(required, will not be shown to the public):

Your sites URL (optional):

Your comments:

More Tutorials by aathishankaran
Web Security Issues
The Web User's Perspective
Server-side plug-Ins
The best way to avoid security vulnerabilities with new server
JavaScript Security
Window Object
Working with Status Bar Messages
Retrieving a Portion of a String
Referencing Windows
Math Object
Frame Object
Document Object
Closing Windows
Built-in Object in Javascript
Textarea Object

More Tutorials in JSP
LifecycleException: service.getName(): "Catalina"; Protocol handler start failed: ` Permission denied <null>:80
JSP Alert Example
JSP CheckBox Example
Uploading an Image to a Database using JSP
Uploading a file to a server using JSP
A JSP page that gets properties from a bean
The page Directive in JSP
The taglib, tag, include, attribute and the variable Directive in JSP
Declarations in JSP
Scriptlets and Expressions in JSP
Tag Libraries in JSP
The Request Object in JSP
The Response Object in JSP
The Out Object in JSP
The Session Object in JSP

More Latest News
Most Viewed Articles (in JSP )
What are the different scopes in JSP?
JSP Example to connect to MS SQL database and retrieve records
Sending Email using JSP
Automatically Refreshing a JSP
LifecycleException: service.getName(): "Catalina"; Protocol handler start failed: ` Permission denied <null>:80
The JSP Program running first Time.
Embedding java codes in jsp sciptlets
JSP Program for display Date
The Advantages of Servlets Over “Traditional” CGI
The Servlet Life Cycle
Enabling Expression Language Evaluation in JSP
Deploying an Individual JSP on Tomcat
The page Directive in JSP
Most Emailed Articles (in JSP)
What is JSP?
Declaring variable in JSP
Techniques for form editing
A Simple Servlet Generating Plain Text
An Example Using Servlet Initialization and Page Modification Dates
Text Object
The Basic Syntax Expression Language in JSP
Disabling Scriptlets in JSP using web.xml
The BodyTag Interface in JSP
What are the different scopes in JSP?
Sending Email using JSP
Using a DataSource from WebLogic in a JSP
Getting HTTP Request Headers in a JSP