JWt: an introduction

JWt is a Java library for developing web applications.

The API is widget-centric and uses well-tested patterns of desktop GUI development tailored to the web. To the developer, it offers abstraction of web-specific implementation details, including client-server protocols, event handling, graphics support, graceful degradation (or progressive enhancement) and URL handling.

Unlike many page-based frameworks, JWt was designed for creating stateful applications that are at the same time highly interactive (leveraging techinques such as Ajax to their fullest) and accessible (supporting plain HTML browsers), using automatic graceful degradation or progressive enhancement. Things that are natural and simple with JWt would require an impractical amount of effort otherwise: switching widgets using animations, while being perfectly indexed by search robots with clean URLs, or having a persistent chat widget open throughout, that even works in legacy browsers like Microsoft Internet Explorer 6.

JWt applications can be deployed in a standard Java Servlet container.

Interactive, secure and accessible

Page-based web frameworks (JSP/JSF, Struts, Spring MVC, etc...) do not attempt to abstract underlying technologies (HTML/XHTML, JavaScript, CSS, Ajax, WebSockets, Comet, Forms, DHTML, SVG/VML/Canvas). As a consequence, a web developer needs to be familiar with all of these evolving technologies and is also responsible for graceful degradation when browser support is lacking. The structure of many web applications still follows mostly the page-centric paradigm of early day HTML. This means that not only will you need to implement a controller to indicate how a user moves from page to page, but when using advanced Ajax, you will need to design and maintain your client-server communication.

Pure Ajax frameworks on the other hand require tedious JavaScript programming to deal with browser quirks, and client-server programming to interact securely with server resources. These applications usually are not compliant with accessibility guidelines and cannot be indexed by a search robot.

In either case, generating HTML code or filling HTML templates is prone to security problems such as XSS (Cross-Site-Scripting) by unwillingly allowing JavaScript to be inserted in the page, and CSRF (Cross-Site Request Forgery) by trusting cookies for authentication. These security problems are hard to avoid by a framework when as a developer you need to implement JavaScript functionality thus the framework cannot filter it out.

In contrast, a web application developed with JWt is developed against a Java API, and the library provides the necessary HTML/XHTML, Javascript, CGI, SVG/VML/Canvas and Ajax code. The responsibility of writing secure and browser-portable web applications is carried by JWt. For example, if available, JWt will maximally use JavaScript and Ajax, but applications developed using JWt will also function correctly when JavaScript is not available. JWt will start with a plain HTML/CGI application and progressively enhance to a rich Ajax application if possible. With JWt, security is built-in and by default.

By using standard Java and JVMs, JWt applications can benefit from any existing Java libraries and JVM features including its support for your favourite scripting language.

Typical use scenarios:

  • High performance, complex web applications (with a database backend) that require a responsive and dynamic user interface and benefit from the use of Java, if only to use Java refactoring tools while keeping track of ever changing requirements.
  • Web applications which maximally benefit from modern browser capabilities but with graceful degradation to adhere to W3C accessibility guidelines and be search engine friendly.
  • Porting of Java desktop applications to the web.

Some benefits of using JWt

  • The library allows you to develop web applications much like you develop Java desktop applications, using your favourite JVM programming language, while benefitting fully from the powerful tools available for (Java) development such as flexible debugging and source code refactoring.
  • There are no fragile string-based bindings of parameters in templates or XML files, nor do you need to implement tedious (and security critical) request/response controller logic.
  • Just a library: no need for new conventions which imply behavior or requirements for organizing your source code.
  • JWt applications have automatic fall-back for non-JavaScript browsers where possible, allowing you to create fully accessible applications, which benefit from Ajax where available.
  • Optionally, use XHTML and CSS for layout and decoration.
  • Generates standards compliant HTML or XHTML code.
  • Portable, anti-aliased graphics optimized for web usage (using inline VML, inline SVG, HTML5 canvas or PNG images).
  • Avoid common security problems since Wt has complete control over the presentation layer and proactively filters out active tags and attributes, does not expose business logic, and simplifies authentication using a stateful design.
  • Ultra-fast load time and low bandwidth usage, which are affected only by screen complexity, not application size. Wt implements all the common tips and tricks for optimizing application responsiveness and even optimizes per browser.
  • Integrates well with modern object relational mapping techniques such as the Java Persistence API (e.g. Hibernate).