One of the most frequent causes of poor Web server performance is data management or data-related transactions. Web servers and HTML in particular were not designed for large-scale data handling. Web developers have long used various techniques and add-ons to get around the data problems — with varying degrees of success. Consequently, if your web applications must deal with a lot of data, or the data is complex in some way — then you may find an application server not only more efficient but also provides more control.
Application servers shine at managing data. XML translation, communication with database servers, validating data, and applying business rules are all functions for which application servers were originally designed. A key element may be the business rules. These are validations of data and user input (requests as well as data) according to the rules of a company (“an order over 50 is too big to be processed”). Some applications employ a lot of business rules. Although they can in some ways be implemented at the Web server, many application servers provide special business rules development and management tools that make the job much easier.
Application servers usually provide a battery of tools — pooled data connections, data caches, session persistence, and failover protection — to name a few, that go far beyond the data management capability of Web servers. Some also include various forms of transaction management linked to external database server connections.
A similar situation exists for security. While Web servers can manage a certain amount of security processing, the more there is or the more complicated it becomes (for example the need to pole corporate security servers for user verification), the better suited an application server is for the job.