Web application framework

A web application framework is a type of framework, or foundation, specifically designed to help developers build web applications. These frameworks typically provide core functionality common to most web applications, such as user session management, data persistence, and templating systems. By using an appropriate framework, a developer can often save a significant amount of time building a web site.

See Framework for a list of advantages and disadvantages of frameworks in general.

[edit] Features

Each framework is different, but many provide a variety of useful features. By using a framework, a developer avoids having to re-implement these same features for each web application they create.

[edit] Data Persistence

A core feature of all web applications is their need to store information and build web pages based on stored information. Unlike a set of static pages, most web application pages are dynamically generated from persistent data. (One notable exception is the caching of dynamic pages to improve performance.) For example, in a basic content management system a publisher will type an article on an administrative web page, with multiple fields for article body, title, author, etc. That page will later be dynamically generated when a user requests the article from the web application. This allows each article to be templated the same and lets a publisher edit content without knowing HTML or having to edit files directly on a server.

Obviously each web application has its own needs for the exact data structures to persist. A framework can assist in data persistence with a variety of features:

• A consistent API to access multiple data storage systems
• Automatic or simplified storage and retrieval of data objects, such as with ORM
• Core business object structure, so all data, even across multiple systems, will have a consistent basic interface
• Performance enhancements, such as caching above the database layer
• Data integrity checks, such as validating relationships or confirming required fields are filled
• SQL building

[edit] Session Management and User Authentication

Static public websites can typically treat each visitor as completely anonymous. Web applications, however, often require user accounts and persistence of information across page views. Some web server and runtime configurations provide basic session persistence, but user account management and application specific logic need to be built on top of it. Frameworks can provide generic user accounts, sometimes extendible, so people can register, login, and reset passwords. They can also provide user management for administrators.

[edit] Security

Sometimes web application pages are only to be made visible to authenticated users. Frameworks can automatically check and require authentication before generating a page. For example, they may assist the developer in building and processing a login form or connect to an LDAP server.

Once an end user is authenticated, a framework can check the specific permissions for that user. These permissions may be managed in a variety of ways. A framework might provide role-based access control, or any of a variety of other security features. These are typically managed by a developer in code or a site administrator through an administrative interface.

See Web application/Security for a complete discussion of best practices. That helps explain what should be expected from a good web application framework.

[edit] Caching

To improve web application performance, web developers will often cache certain content so it does not need to be regenerated on each page request. Frameworks can offer a common interface to disk or database storage of cached content.

[edit] Templating

Web page templates help keep business logic separate from display logic, which is commonly considered good practice. A framework may provide one or more templating systems or engines with consistent interfaces for developers. Most often the framework will make available developer-defined fields or data structures available within templates (i.e. push). Conversely a templating system may request data back through the framework (i.e. pull).

The templating system may be something as simple as keyword replacement or may be robust enough to automatically generate content such as form fields from parameters.

[edit] Administrative Interface

It's very common for dynamic web sites to need a section specifically built for site administrators. Here the site can be configured and data can be altered. Administrators might create user accounts, manage permissions, change page content, generate reports, or anything else as required.

Web application frameworks can assist in building administrative interfaces by:

• Generating a navigation structure
• Providing common interface elements to form fields, such as a date field with a calendar
• Automatically generating edit and list pages from persistent data structures; developers will often define the basic fields or desired interfaces and these will be built into a page by the framework.

[edit] Implementation

All web applications take individual HTTP requests and build appropriate responses. This can be handled in a variety of ways, somewhat dependent on the server platform.

Probably the most popular overall design pattern of web application frameworks is Model-View-Controller (MVC). The initial code of the framework, or the platform itself, evaluates the URL and passes responsibility to the appropriate application controller. The controller then performs any necessary actions with the application's data model and then lets the view build the final response content to be rendered by the browser.

Another consideration of the design of a framework is its flow of execution. Often, all requests to a web application are passed through a single set of code provided by a framework, such as index.php at the root of a PHP application. This code is responsible for initializing user sessions, database connectivity, and anything else required on every page load. Control is then passed along to the application-specific code responsible for generating the particular content requested. Python's web.py, for example, takes a list of URLs and the class names which are provided by the application to handle them.

The act of designing and implementing a complete web application framework can be a complex task. Without a few clear goals, development can easily get get bogged down with inconsistencies and code bloat. Questions to ask at the onset of framework design include:

• What specific domain of problems can web applications built with this framework target? If the answer is "all" then often a lightweight, unobtrusive framework is probably best. However, if a domain of problems can be targeted then the framework can include more functionality specific to those applications.
• What level of modularity will the framework provide and support?
• What development rules will the framework enforce? For example, will application developers be required to follow a certain file structure? Will any particular design patterns be strictly followed?
• What will the learning curve be for application developers to learn the framework? The more elaborate the APIs, the better skilled the developers who use it will need to be.

[edit] Notable Web Application Frameworks

There are many notable web application frameworks:

• For Java
  • Apache Struts
  • JavaServer Faces
  • Jt Design Pattern Framework
  • Apache Wicket
• For PHP
  • CakePHP
  • Laravel
  • CodeIgniter
  • Symfony
  • Yii
  • Zend Framework
• For Python
  • Django
  • Flask
  • Pyjamas
  • web2py
  • Pylons - Aims to be similar like Ruby on Rails
  • Turbogears - Similar to Django
  • Twisted - More of a lower-level networking framework
  • Web.py - Simple and Pythonic
  • Zope - Very powerful and baroque framework designed for large content management systems. It includes an embedded object database (ZDB), HTTP and FTP servers. It is coded in, and employs Python to build applications and extend the functionality of the website.
  • Pyroxide - Full MVC framework atop mod_python with a truly object oriented ORM (Object Relational Mapping) layer built in.
• For Ruby
  • Ruby on Rails
  • Ramaze
• Other
  • .NET

[edit] See Also

• Framework
• Web application
  • Web application/Security