Common Interviews for JAVA web

First, String,stringbuffer, StringBuilder is what the difference is. Why the string is immutable.

A: 1, string is a literal constant, StringBuffer and StringBuilder are string variables. The character content of the latter two is variable, and the former is immutable after creation.

2. String immutable because the string class is declared as a final class in the JDK.

3, StringBuffer is thread-safe, and StringBuilder is not thread-safe.

PS: Thread safety can result in additional overhead, so StringBuilder is more efficient than stringbuffer. If you have a good grasp of the thread in your system, you can use StringBuffer to add keyword synchronize to your online security.

Second, vector,arraylist, linkedlist the difference is what.

A: 1, vectors, ArrayList are stored in a similar array of memory in the form of LinkedList is stored in the form of a linked list.

2. The elements in the list are ordered and allow duplicate elements, and the elements in the set are unordered and do not allow duplicate elements.

3, Vector thread synchronization, ArrayList, LinkedList thread is different step.

4, LinkedList suitable for the insertion of the specified position, delete operations, not suitable for search; ArrayList, vector suitable for lookup, not suitable for the insertion of the specified location, delete operation.

5. The ArrayList automatically expands the container size by 50% When the element fills the container, while the vector is 100%, so the ArrayList is more space-saving.

See: http://www.cnblogs.com/mgod/archive/2007/08/05/844011.html

three, HashTable, Hashmap,treemap difference.

Answer: 1, Hashtable thread synchronization, HashMap not thread synchronization.

2, Hashtable does not allow < key, value > have null value, HashMap allow < key, value > has null value.

3, Hashtable use Enumeration,hashmap use iterator.

4, hashtable the default size of the hash array is 11, the increase in the way of the Old*2+1,hashmap hash array default size is 16, the growth method must be 2 of the number of times.

5, TreeMap can keep its records according to the key sorting, by default is sorted in ascending order.

See: http://www.zlmind.com/?p=679

Five, Tomcat,apache,jboss difference.

A: 1, Apache is the HTTP server, Tomcat is the Web server, JBoss is the application server.

2. apache resolves static HTML files; Tomcat can resolve JSP dynamic pages, or it can act as a servlet container.

See: http://foohsinglong.iteye.com/blog/1195780

six, get,post difference.

A: The basic knowledge: HTTP request format is as follows.

<request line> contains three main information: 1, type of request (get or post), 2, resources to be accessed (such as \res\img\a.jif), 3, HTTP version (http/1.1)

<blank line> This is the HTTP rule, must be empty line

Content data requested by [<request-body>]

Difference:

1, get is to obtain data from the server side, post is to send data to the server side.

2, in the client, get way to submit data through the URL, in the URL address bar can see the request message, the message was encoded; Post data is submitted in the HTML header.

3, for Get way, the server end uses the request.querystring to obtain the variable the value, to use the post way, the server end uses the Request.Form to obtain the submitted data value.

4, get way to submit data up to 1024 bytes, and post is not limited.

5, get way to submit parameters and parameter values will be displayed in the Address bar, unsafe, and post will not be more secure.

See: http://www.cnblogs.com/wxf0701/archive/2008/08/17/1269798.html

Seven, session, Cookie Difference

A: 1, session by the application server maintenance of a server-side storage space, cookies are the client's storage space, maintained by the browser.

2. The user can decide whether to save the cookie through the browser settings, and not decide whether to save the session, because the session is maintained by the server side.

3, the session is to save the object, the cookie is stored in a string.

4, session and cookies can not be used across windows, each open a browser system will give a sessionid, at this time SessionID different, to complete the Cross-browser access to data, you can use application.

5, session, cookies have expiration time, after the expiration will automatically delete, reduce system overhead.

See: http://www.chinahtml.com/1007/128010707619425.html

Eight, the lifecycle of the servlet

Answer: Roughly divided into 4: servlet class loading--> instantiation--> Service--> Destroy

The following figure is a servlet sequence diagram in Tomcat.

1. WEB client issues HTTP requests to the servlet container (Tomcat).

2, the servlet container receives client-side requests.

3. The servlet container creates a HttpRequest object that encapsulates the client's request information into this object.

4. The servlet creates a HttpResponse object.

5. The servlet invokes the service method of the HttpServlet object, passing the HttpRequest object and the HttpResponse object as parameters to the HttpServlet object.

6, HttpServlet calls the HttpRequest object method, obtains the HTTP request, and carries on the corresponding processing.

7, processing completes HttpServlet calls the HttpResponse object method, returns the response data.

8. The servlet container returns the HttpServlet response results back to the client.

3 of these methods illustrate the lifecycle of the servlet:

1, Init (): is responsible for initializing the Servlet object.

2, Service (): Responsible for responding to client requests.

3. Destroy (): When the Servlet object is launched, it is responsible for releasing the resource that is occupied.

See: http://sunnylocus.iteye.com/blog/342996

Nine, HTTP message contains content

A: There are four main parts:

1. Request Line

2, Header line

3, blank line

4, Request body

See: http://blog.csdn.net/heruiup/article/details/6072961

10, the difference between statement and PreparedStatement, what is SQL injection, how to prevent SQL injection

A: 1, preparedstatement support dynamic setting parameters, statement not supported.

2, PreparedStatement can avoid such as the code like single quotes trouble, statement not.

3, PreparedStatement support precompiled, statement not supported.

4, in the SQL statement error PreparedStatement difficult to check, and statement is more convenient to check the wrong.

5, PreparedStatement can prevent SQL to help, more secure, and statement not.

See: http://blog.163.com/xiaokangzhijia@126/blog/static/1659548562010927222912/

What is SQL injection:

Through the concatenation of SQL statements, the method of querying database data without parameters is achieved.

If the SQL statement to be executed is a select * from table where name = "+appname+", use the input of the AppName parameter value to generate a malicious SQL statement, such as passing [' or ' 1 ' = ' 1 '] into the database to execute.

Therefore, you can use preparestatement to avoid SQL injection, in the server to receive parameter data, the verification, at this time preparestatement will automatically detect, and statement not, the need for manual detection.

11, Sendredirect, foward difference

A: 1, foward is the server-side control page turn, in the client's browser address will not show the direction of the address; Sendredirect is a complete jump, the browser will show the address of the jump and resend the request link.

Principle: Forward is the server request resources, the server directly access the URL of the destination address, the URL of the response content read over, and then return the content to the browser, the browser does not know where the server sent these content from, so the address bar or the original address.

Redirect is the server-side logically, sending a status code, telling the browser to go back to the requested address, the browser will use all the parameters just to resend the new request.

See: http://dubaopeng.iteye.com/blog/1056564

12, about the Java memory model, an object (two properties, four methods) instantiated 100 times, now in memory storage state, Several objects, several attributes, several methods.

A: Because new objects in Java are placed in the heap, so if you want to instantiate 100 times, you will generate 100 objects in the heap, the general object and its properties, methods are a whole, but if the property and method is static, is declared with the static keyword, then the properties and side of the class The law always exists in memory only.

See: http://wenwen.soso.com/z/q252323203.htm?sp=4000

13, talk about the understanding of hibernate, the role of level and two cache, in the project hibernate are how to use the cache.

A: Hibernate is a developed object-relational mapping Framework (ORM). It has a very object-oriented encapsulation of JDBC, and hibernate allows programmers to manipulate relational databases in an object-oriented manner.

Advantages of Hibernate:

1, the program more object-oriented

2. Increase productivity

3, easy to transplant

4, no intrusion.

Disadvantages:

1, efficiency is slightly worse than JDBC

2, not suitable for bulk operation

3. Only one association relationship can be configured

Hibernate has four ways of querying:

1, get, load method, according to the ID number of the query object.

2, Hibernate Query Language

3. Standard Query Language

4, through the SQL query

Hibernage Working principle:

1, configure the Hibernate Object Relational mapping file, start the server

2, the server through the instantiation of the configuration object, read the configuration of hibernate.cfg.xml files, and according to the relevant needs of the table and the mapping between the table.

3, the Seesionfactory instance is established through the instantiated configuration object, and the session object is created by Sessionfactory instance.

4, through the Seesion object to complete the database additions and deletions to check operations.

State transitions in the hibernate

Temporary status (transient)

1, not in the session cache

2, there is no object record in the database

How Java enters a temporary state: 1, when an object is created from the new statement. 2, when you just call the session's Delete method, when an object is deleted from the seesion cache.

Persistence State (persisted)