JWt has a lot to offer. It includes the essential basic widgets and building blocks to
build web applications, but also offers built-in security, PDF rendering, a 2D and 3D painting system,
a charting library, and an authentication framework.
Supports major browsers (Firefox, Safari, Chrome, ...), but also plain HTML browsers
and web crawlers.
Simple deployment in standard Java Servlet 2.4 or 3.0 containers.
No need for IDE plugins: it's plain old Java.
Equal behavior with or without support for JavaScript or Ajax,
as far as possible, by using graceful degradation or progressive
enhancement.
Efficient rendering and low latency.
Support for browser history navigation (back/forward buttons and
bookmarks), pretty URLs with HTML5 History if available, and
search engine optimization with a unified behavior for plain HTML
or Ajax sessions.
Widget centric API that promotes component reuse and increases
productivity.
Event handling
Uses an event listener system for server-side event handling,
comparable to Java GUI frameworks (SWT, Swing).
Listen for keyboard, mouse, focus, scroll or drag&drop events,
and get event details (such as mouse position, modifier buttons, or
keyboard key).
Automatically synchronizes form field data
from browser to server and tracks server-side changes to be rendered
in browser.
Integrate with JavaScript libraries
Timed events and server-initiated updates ("server push"), the
latter using Servlet 3.0 async features when deployed in a Servlet
3.0 container.
Native painting system
Unified 2D painting API which uses the browsers native (vector)
graphics support (inline VML, inline SVG, or HTML5 canvas), or
renders to common image formats (PNG, GIF, ...) or vector formats
(SVG, PDF).
Unified GL-based 3D painting API which leverages WebGL in the browser
or server-side OpenGL (fallback).
Built-in security
Enables continuous use of HTTPS through low bandwidth
requirements.
Built-in Cross-Site Scripting (XSS) prevention. Rendered text is
always filtered against potentially malicious code, making XSS
attacks against JWt applications (close to) impossible.
Not vulnerable to Cross-site Request Forgery (CSRF) because
cookies are not needed for session tracking.
Not vulnerable to breaking the application logic by skipping to
a particular URL, since only those events exposed in the interface
can be triggered.
Deployment
Deploy into servlet containers (Tomcat, Jetty) and application
servers (JBoss).
Consists out of (currently four) jar files that need to be
included in the IDE or used in war/ear archives.
No XML, except for JEE's web.xml and message resource bundles.