Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
169 views

Building Web Applications Using Servlets - Java30

Web / HTTP Overview JavaTM Education and Technology Services Copyright(c) Information Technology institute. Servlets Technology is used to build Web Applications Using servlets Technology. The following are examples of request headers: Accept: text / plain ;text / html (note : type /, / ) Accept-language: en-ar Accept-Encoding: gzip connection : keep-alive Host : www.iti.gov.eg or localhost

Uploaded by

Rawia Youssef
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
169 views

Building Web Applications Using Servlets - Java30

Web / HTTP Overview JavaTM Education and Technology Services Copyright(c) Information Technology institute. Servlets Technology is used to build Web Applications Using servlets Technology. The following are examples of request headers: Accept: text / plain ;text / html (note : type /, / ) Accept-language: en-ar Accept-Encoding: gzip connection : keep-alive Host : www.iti.gov.eg or localhost

Uploaded by

Rawia Youssef
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 132

JavaTM Education & Technology Services

Building Web Applications Using Servlets Technology


JavaTM Education & Technology Services
Copyright Information Technology Institute 1

Table of Contents Chapter 1: Web/HTTP Overview Chapter 2: Servlets Technology Chapter 3: How to write servlets code? Chapter 4: Accessing Databases with JDBC Chapter 5: Getting Familiar with HTTP package Chapter 6: Session Management

JavaTM Education & Technology Services


Copyright Information Technology Institute 2

Chapter 1
Web/HTTP Overview

JavaTM Education & Technology Services


Copyright Information Technology Institute 3

Chapter 1 Outline
Overview of HTTP Protocol Request and Response System Architectures Developing Web Applications in Java

Different Web Technologies


JavaTM Education & Technology Services
Copyright Information Technology Institute 4

HTTP
What is HTTP?
Hyper Text Transfer Protocol. Stateless Protocol. Basic Scenario.

HTTP components:
HTTP Request. HTTP Response.

Request or Response consists of three main parts:


Response or Request Line. Header information. The Body.

JavaTM Education & Technology Services


Copyright Information Technology Institute 5

HTTP
1.Establishes Tcp/Ip connection.

Server

Client

2.Sends Request.
3.Receives Response.

Web Server

Client Browser

4.Closes connection.

URL

http://163.121.12.2/webindex
Protocol Actual Path URI

JavaTM Education & Technology Services


Copyright Information Technology Institute 6

HTTP Request HTTP Request consists of 3 components:


1.Method-URI-Protocol/Version
Methods could be : Get ,Post, Head,Put,Trace, Options

Example:
Get /servlet /default.jsp HTTP/1.1 Post / servlet /index.jsp HTTP/1.1

JavaTM Education & Technology Services


Copyright Information Technology Institute 7

HTTP Request contd


2.Request Headers :
Indirectly set by the browser and sent immediately after the request line. The following are examples of request headers:
Accept: text/plain ;text/html (Note : type/* , */*) Accept-language: en-ar Accept-Encoding : gzip Connection : keep- Alive Host : www.iti.gov.eg or localhost:8080 Referer : http://www.mcit.gov.eg/main.htm User-agent : Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Content-length : 33 (in case of POST) If-Modified-Since: specified date If-Unmodified-Since : Sat, 29 Oct 1994 19:43:31 GMT Cookie: userID=id456578

JavaTM Education & Technology Services


Copyright Information Technology Institute 8

HTTP Request contd


3. Entity Body (in case of POST method): UserName=ITI & Password =iti
Username Password ITI *** Sign in

Note: If the GET method was used:


There will be no entity body. URL in the address bar of the browser will look something like: www.sitename.com/MyServlet? userName=ITI&password=iti

JavaTM Education & Technology Services


Copyright Information Technology Institute 9

HTTP Response
HTTP Response consists of 3 components: 1. Response Line (Protocol/Version Status Code Description):
Examples:
HTTP/1.1 200 HTTP/1.1 404 OK error

Status Code Ranges: 100-199 informational, the client must respond with an action 200-299 : request is successful 300-399 : for Redirection , it includes a Location header indicating the new address 400-499 :indicates an error by the client 500-599 : indicates an error by the server
JavaTM Education & Technology Services
Copyright Information Technology Institute 10

HTTP Response (contd) 2.Response Headers


Server: Tomcat/5.5 Date: Mon, 3 Jan 2006 13:13:33 GMT Content-Type: text/html Last-Modified: Mon, 11 Jan 2005 13:23:42 GMT Content-Length: 112 Content-Encoding = gzip

JavaTM Education & Technology Services


Copyright Information Technology Institute 11

HTTP Response (contd) 3.Entity Body


<HTML> <HEAD> <TITLE>HTTP Response Example </TITLE> </HEAD> <BODY> Welcome to servlets and jsp course </BODY> </HTML>

JavaTM Education & Technology Services


Copyright Information Technology Institute 12

System Architecture
Typically we got 3 logical layers between client browser and web server :
Handle UI & User Interaction Presentation Programming logic Business logic Data Base Acess The data layer

JavaTM Education & Technology Services


Copyright Information Technology Institute 13

Types of Architecture Two- Tier Architecture: Three-Tier Architecture:


Fat client (Presentation & Business logic). Disadvantages. Presentation layer. Business logic layer. Data layer.

JavaTM Education & Technology Services


Copyright Information Technology Institute 14

System Architectures contd


N-Tier Architecture:
Provides more flexibility in modules development. The business logic layer is divided by function instead of being physically divided. It is divided into:
User interface. Presentation logic. Business logic. Infrastructure services. Data layer.

JavaTM Education & Technology Services


Copyright Information Technology Institute 15

Developing Web Applications in java Web Server architecture:

Web Server

ASP
Web container

JavaTM Education & Technology Services


Copyright Information Technology Institute 16

Developing Web Applications in java


Browser J2EE

Mobile

HTTP XML

Web Tier

Business
Desktop RMI

DB

COBOL
Legacy SOAP

EJB Container

SOAP

Application Server
JavaTM Education & Technology Services

Copyright Information Technology Institute

17

Web Technologies

CGI (Common Gateway Interface) Cold Fusion Server Side Java Script (SSJS) PHP Servlet JSP ASP ASP.NET
JavaTM Education & Technology Services

Copyright Information Technology Institute

18

Chapter 2
Servlets Technology

JavaTM Education & Technology Services


Copyright Information Technology Institute 19

Chapter 2 Outline
Advantages of Servlets

Servlet Container
Servlet Life Cycle Building and Deploying a Web Application

The Deployment Descriptor


Tomcat Web Server Structure First Servlet Example
JavaTM Education & Technology Services
Copyright Information Technology Institute 20

What is a Servlet?

Browser

Servlet

Client info (host name, form data)

Request

Process results (access database) Format results and produce HTML Send page back to client

Success or failure

Response

JavaTM Education & Technology Services


Copyright Information Technology Institute 21

What is a Servlet? (contd)

A Servlet is a Java program that runs on a server, that produces dynamic pages typically in response to client requests. Servlet main jobs:
It reads and process implicit and explicit data sent by the client Send the implicit / explicit data to the client with a proper format

Its not restricted to HTTP requests

JavaTM Education & Technology Services


Copyright Information Technology Institute 22

Advantages of Servlets
Performance
Portability (supported by many web servers) Rapid development cycle (rich library , high-level utilities)

Secure
Inexpensive

JavaTM Education & Technology Services


Copyright Information Technology Institute 23

Servlet Container What is a Servlet container ? Its actually the interface between the servlet class and the client requests. Is a container that is responsible for
loading , processing and unloading the servlets. Managing servlets.

JavaTM Education & Technology Services


Copyright Information Technology Institute 24

Servlet Container (contd)


Servlet Container
Request
Request HTTP Response

Servlet

Web Server

Response

JavaTM Education & Technology Services


Copyright Information Technology Institute 25

Servlet Container contd


Well known servlet containers:
Tomcat JRun WebSphere Glassfish OC4J (Oracle) StarNine WebStar

JavaTM Education & Technology Services


Copyright Information Technology Institute 26

How Servlets works?

JavaTM Education & Technology Services


Copyright Information Technology Institute 27

Servlets Life Cycle

1 Load

2 Initialize init()

3 Execute service()

4
Destroy destroy()

JavaTM Education & Technology Services


Copyright Information Technology Institute 28

Building & Deploying a Web Application


A servlet or JSP application must have a folder named WEB-INF. The WEB-INF folder must contain the following:
classes folder: it holds the servlets after compilation (i.e. the .class file of each servlet), and any helper classes or beans. lib folder: it holds helper classes that are packaged inside a jar file. web.xml file: which is the deployment descriptor of the whole web application.

The web application may also contain html pages, jsp pages, tld files (tag library descriptors), images or any other resource files.
JavaTM Education & Technology Services
29

Copyright Information Technology Institute

What is the deployment descriptor ? Contains meta-data for a Web Application and that is used by the container when loading a Web Application.
It identifies all the elements contained in the web application for the servlet container to be able to know them It maps them into URL patterns to be able to call them as clients It contains configuration settings specific to that application.

JavaTM Education & Technology Services


Copyright Information Technology Institute 30

Deployment Descriptor - Example


<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <servlet> <servlet-name>Testing</servlet-name> <servlet-class>TestingServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Testing</servlet-name> <url-pattern>/MyURL</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
JavaTM Education & Technology Services
Copyright Information Technology Institute 31

Tomcat Web Server Structure

JavaTM Education & Technology Services


Copyright Information Technology Institute 32

First Servlet Example


To develop the first servlet application, you have to go through the following 6 steps:
1. Create the necessary directory structure under tomcats webapps folder. 2. Write your servlet code (.java). 3. Compile your servlet (produce .class). Remember that we have to include the servlets and jsp libraries in the class path. This is done by doing either of the following:
javac -classpath C:\tomcat\common\lib\servlet-api.jar TestingServlet.java Or permanently referring to the jar files in the classpath environment variable of the operating system. Or put the two jar files in the JDK Installation folder, under ../jre/lib/ext. Or include the two jar files to your project (if you are using an IDE).

JavaTM Education & Technology Services


Copyright Information Technology Institute 33

First Servlet Example contd


4. Create the deployment descriptor (web.xml) file:
<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <servlet> <servlet-name>MyServletName</servlet-name> <servlet-class>myPkg.MyServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>MyServletName </servlet-name> <url-pattern>/MyServletURL</url-pattern> </servlet-mapping> </web-app>

5. Run Tomcat. 6. Open your browser (e.g. Internet Explorer) and invoke the servlet using its specific URL (http://domain-name/virtual-directory/servlet-url) Example: http://localhost:8080/iti/MyServletURL
JavaTM Education & Technology Services
Copyright Information Technology Institute 34

Chapter 3
How to write servlets code?

JavaTM Education & Technology Services


Copyright Information Technology Institute 35

Chapter 3 Outline
Servlets package structure

javax.servlet package
Servlet Interface ServletConfig Interface The ServletContext Interface The ServletRequest Interface The ServletResponse interface The GenericServlet Wrapper class

JavaTM Education & Technology Services


Copyright Information Technology Institute 36

Servlet Package Structure

javax.servlet

http

JSP

el

tagext

JavaTM Education & Technology Services


Copyright Information Technology Institute 37

javax.servlet.*

Some basic interfaces :


Servlet ServletConfig ServletContext ServletRequest ServletResponse SingleThreadModel Request Dispatcher

JavaTM Education & Technology Services


Copyright Information Technology Institute 38

javax.servlet.* (contd)

Some basic classes :


GenericServlet ServletInputStream ServletOutputStream

The Exception Classes are:


ServletException UnavailableException

JavaTM Education & Technology Services


Copyright Information Technology Institute 39

Servlet Interface

Servlet : its the basic interface , any servlet must implements it directly or indirectly It consists of 5 main methods :
init (ServletConfig config) service( ServletRequest , ServletResponse) destroy() getServletConfig() getServletInfo()

JavaTM Education & Technology Services


Copyright Information Technology Institute 40

Servlet Example
The following code is a typical implementation of the interface:
import javax.servlet.*; import java.io.*; public class MyServlet implements Servlet { public void init(ServletConfig config) throws ServletException { System.out.println("I am inside the init method"); } public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); Write to the response PrintWriter out = response.getWriter(); out.println(<br>Welcome to Servlets and JSP Course"); System.out.println("I am inside the service method"); }
JavaTM Education & Technology Services
Copyright Information Technology Institute 41

Servlet Example contd


public void destroy() { System.out.println(I am inside the destroy method"); } public String getServletInfo() { return null; } public ServletConfig getServletConfig() { return null; } }
JavaTM Education & Technology Services
Copyright Information Technology Institute 42

SingleThreadModel Interface
The SingleThreadModel interface is used to prevent simultaneous access to instance variables by multiple threads. Only one request thread accesses a single instance of the servlet at a time. The server queues the requests and passes them one at a time to a single servlet instance. Or the server creates a pool of multiple instances, each handles one request at a time.(however, unsafe).
JavaTM Education & Technology Services
Copyright Information Technology Institute 43

SingleThreadModel Interface contd


It became deprecated starting servlet 2.4 It caused latency and bad performance in case of high traffic servlets. Instead, the better approach is to synchronize the part of the code that manipulates the shared data:
synchronized(this) { String id = "User-ID-" + nextID; out.println(id); nextID = nextID + 1; }
JavaTM Education & Technology Services
Copyright Information Technology Institute 44

ServletConfig Interface
The ServletConfig interface is used by a servlet to obtain any configuration information written specifically for it in the deployment descriptor file (web.xml). It is passed by the servlet container to the init(..) method as parameter. Such configuration information is better written in the xml file instead of hard coding it inside the servlets code. Such approach makes it easy to alter such information after the servlets source code has been compiled. Each servlet is passed its own set of configuration parameters.
JavaTM Education & Technology Services
Copyright Information Technology Institute 45

ServletConfig Interface contd


Configuration parameters (init params) can be written inside the web.xml file as follows:
<servlet> <servlet-name>MyServlet</servlet-name> <servlet-class>ServletConfigTest</servlet-class> <init-param> <param-name>AdminEmail</param-name> <param-value>admin@iti.gov</param-value> </init-param> </servlet>

The whole <init-param> tag is repeated for each parameter.


JavaTM Education & Technology Services
Copyright Information Technology Institute 46

ServletConfig Interface contd


The ServletConfig interface has 4 methods:
Enumeration getInitParmeterNames() String getInitParameter(String paramName) String getServletName() ServletContext getServletContext()

JavaTM Education & Technology Services


Copyright Information Technology Institute 47

ServletConfig Example
The following code demonstrates the use of the config:
public class ServletConfigTest implements Servlet { ServletConfig myConfig; public void init(ServletConfig config) throws ServletException { myConfig = config; } public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException { String str = myConfig.getInitParameter(AdminEmail); PrintWriter out = response.getWriter(); out.println (The administrator email is: + str); } }
JavaTM Education & Technology Services
Copyright Information Technology Institute 48

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 49

Assignment

Use servletConfig to pass variables from web.xml to the servlet and display it in the response.
Like DB connection Statement. DB user name and password.
<init-param> <param-name> DatabaseAddress </param-name> <param-value> 163.121.12.25 </param-value> </init-param>

<init-param> <param-name> userName </param-name> <param-value> iTi </param-value> </init-param> <init-param> <param-name> password </param-name> <param-value> iTi </param-value> </init-param> JavaTM Education & Technology Services
Copyright Information Technology Institute 50

ServletContext Interface
The context is the environment in which the servlets of a web application run. There is only one context per web application (i.e. all the servlets of a web application have references to the same context). The deployment descriptor (web.xml) can include tags (context params) that are general for the whole web application. The ServletContext interface defines a set of methods that a servlet uses in order to obtain such context parameters.
JavaTM Education & Technology Services
Copyright Information Technology Institute 51

ServletContext Interface contd


Moreover, a servlet can also bind an object attribute to the context (a pair: name and object value), which will be available to any other servlet that is part of the same web application.

In order to obtain a reference to the context, the following method of the ServletConfig interface is used: ServletContext getServletContext()

JavaTM Education & Technology Services


Copyright Information Technology Institute 52

ServletContext Interface contd


Context parameters of a web application (context params) can be written inside the web.xml file as follows:
<web-app> <context-param> <param-name>DollarExchangeRate</param-name> <param-value>5.6</param-value> </context-param> . . . . </web-app>

The whole <context-param> tag is repeated for each parameter. It should be placed at the beginning of the file.
JavaTM Education & Technology Services
Copyright Information Technology Institute 53

ServletContext Interface contd


Commonly used methods:
Enumeration getInitParameterNames() String getInitParameter(String paramName) Enumeration getAttributeNames() Object getAttribute(String attName) void setAttribute(String attName, Object value) void removeAttribute(String attName) void log(String msg)

JavaTM Education & Technology Services


Copyright Information Technology Institute 54

Example
public class servletContext implements Servlet { ServletConfig sConf; public void init(ServletConfig config) throws ServletException { sConf = config; } public void service(HttpServletRequest request,HttpServletResponse response)throws ServletException, IOException { ServletContext servletContext = sConf.getServletContext(); PrintWriter out = response.getWriter(); String str= servletContext. getInitParameter(AdminEmail); out.println(AdminEmail is: " + str); } ..}
JavaTM Education & Technology Services
Copyright Information Technology Institute 55

Example
public class servletContext implements Servlet { ServletConfig sConf; public void init(ServletConfig config) throws ServletException { sConf = config; } public void service(ServletRequest request,ServletResponse response)throws ServletException, IOException { ServletContext servletContext = sConf.getServletContext(); PrintWriter out = response.getWriter(); servletContext.setAttribute(MyPassword,iti); } ..}
JavaTM Education & Technology Services
Copyright Information Technology Institute 56

Setter Servlet

Example
public class servletContext implements Servlet { ServletConfig sConf; public void init(ServletConfig config) throws ServletException { sConf = config; } public void service(ServletRequest request,HttpServletResponse response)throws ServletException, IOException { ServletContext servletContext = sConf.getServletContext(); PrintWriter out = response.getWriter(); String str= servletContext.getAttribute(MyPassword); out.println(MyPassword is: " + str); } ..}

Getter Servlet

JavaTM Education & Technology Services


Copyright Information Technology Institute 57

Config & Context


The Servlet Container
ServletContext ServletContext

Servlet1

Servlet2

Servlet1

Servlet2

ServletConfig1

ServletConfig1
ServletConfig2

ServletConfig2

Web Application 2
Copyright Information Technology Institute

Web Application 1
JavaTM Education & Technology Services
58

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 59

Assignment

Sharing info between servlets: A servlet will assign a username and password attributes , and another servlet will display it Your servlets should read the initialized parameters given to them by <context-param> tag in web.xml
<context-param> <param-name>Country</param-name> <param-value>Egypt</param-value> </context-param>

JavaTM Education & Technology Services


Copyright Information Technology Institute 60

ServletRequest Interface
The ServletRequest defines an object that is used to hold information coming from the user's request, including parameter name-value pairs, attributes, and an input stream. Commonly used methods:
Enumeration getParameterNames() String getParameter(String paramName) String[] getParameterValues(String paramName) String getRemoteHost()

JavaTM Education & Technology Services


Copyright Information Technology Institute 61

Sending Request Parameters to a Servlet


The <form> tag in HTML is used as follows:
<html> <head> <title> Sending parameters in the request </title> </head> <body> <form ACTION=MyFirstServletURL METHOD=Get"> Author : <Input TYPE=text" NAME=MyName"> < Input TYPE="SUBMIT" VALUE="Submit"> < Input TYPE="RESET" VALUE="Reset"> </form > </body > </html > GET /MyFirstServlet HTTP/1.1 ? MyName=ITIStudent
JavaTM Education & Technology Services
Copyright Information Technology Institute 62

Sending Request Parameters to a Servlet contd

In order for the servlet to get the parameters from the request, the following code is written in the service(..) method:
public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); String str = request.getParameter(MyName"); out.println(The user input is: + str); }

JavaTM Education & Technology Services


Copyright Information Technology Institute 63

ServletResponse Interface
The ServletResponse interface defines an object that carries the servers response to the user (i.e. back to the clients browser). Commonly used methods:
PrintWriter getWriter() setContentType(String mimeType) setContentLength(int len)

JavaTM Education & Technology Services


Copyright Information Technology Institute 64

ServletResponse Example
Sending response in Excel Sheet Format:
public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException { response.setContentType("application/vnd.ms-excel"); PrintWriter out = response.getWriter(); out.println("\t jan \t feb \t march \t total"); out.println("salary \t100 \t200 \t300 \t=sum(B2:D2)"); }

JavaTM Education & Technology Services


Copyright Information Technology Institute 65

GenericServlet Wrapper Class


The GenericServlet class is a convenient class that implements the Servlet interface. It overrides the required 5 methods, and hence makes your code simpler (i.e. you extend the class and only override the necessary methods).

JavaTM Education & Technology Services


Copyright Information Technology Institute 66

Chapter 4
Accessing Databases with JDBC

JavaTM Education & Technology Services


Copyright Information Technology Institute 67

Chapter 4 Outline
Review on JDBC Steps to Work with a Database Sample Applications of Database Operations Online SQL Tool

JavaTM Education & Technology Services


Copyright Information Technology Institute 68

Review on JDBC
JDBC API: set of Java interfaces for connecting to any DBMS and executing SQL statements. Packages are:
java.sql package: basic functionalities. javax.sql package: advanced functionalities.

JDBC Driver: Vendor-specific implementation of JDBC interfaces. Every DBMS has JDBC driver(s). Connection String: A special DBMS-specific string that is used to connect to the database, for example:
MS Access: jdbc:odbc:DataSourceName Oracle (thin): jdbc:oracle:thin:@host:port:sid

JavaTM Education & Technology Services


Copyright Information Technology Institute 69

Steps to Work with a Database


1. 2. 3. 4. Load (register) the JDBC driver. Obtain a connection. Execute query statements. Process results if any (ResultSet).

JavaTM Education & Technology Services


Copyright Information Technology Institute 70

Steps to Work with a Database contd First Step:


Put the driver (if jar file) in WEB-INF/lib for deploying (and in CLASSPATH environment variable for development). The driver could also be put in the common/lib folder (will be common among all web applications). Register an object of the driver, for example: DriverManager.registerDriver( new sun.jdbc.odbc.JdbcOdbcDriver());

Second Step:
Obtain the connection through the Connection interface, for example: Connection con = DriverManager.getConnection( "jdbc:odbc:mydsn",userName",password");

JavaTM Education & Technology Services


Copyright Information Technology Institute 71

Steps to Work with a Database contd


Third Step:
Create a statement and execute queries using either executeUpdate(..) or executeQuery(..), for example: Statement s = connection.createStatement(); ResultSet rs= s.executeQuery(select * from Emp);

Fourth Step:
After obtaining the ResultSet, extract data through the getter methods, for example:
while(rs.next()) { out.println(rs.getInt(1) + : + rs.getString( FNAME )); }

Note: You can get information about the retrieved ResultSet by using the method: getMetaData()
JavaTM Education & Technology Services
Copyright Information Technology Institute 72

Steps to Work with a Database contd


Do not forget to close the connection.

By default, only one ResultSet object per Statement object can be open at the same time. If the default ResultSet object is obtained, then columns within each row should be read in left-to-right order, and each column should be read only once.

JavaTM Education & Technology Services


Copyright Information Technology Institute 73

Inserting Records into the Database


You can insert records using the following SQL statement:
insert into Users (FirstName, LastName, UserName, Password) values(JETS, ITI, jets, iti)

JavaTM Education & Technology Services


Copyright Information Technology Institute 74

Searching for Records in a Database


You can write an SQL statement that searches for a certain name in the database:
select FirstName, LastName, UserName, Password FROM Users WHERE FirstName LIKE '%keyword% OR LastName LIKE '%keyword%'

JavaTM Education & Technology Services


Copyright Information Technology Institute 75

Online SQL Tool


You can now create an online SQL tool that executes any query on the database and display the result in a text area.

JavaTM Education & Technology Services


Copyright Information Technology Institute 76

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 77

Submit User Details to a Servlet


Registration : ( add a user to the database)
Write an HTML page that has text input fields for the users data (e.g. name, phone, email, etc), along with a submit button. Upon pressing the submit button, the page should send the data to a servlet. The servlet should then get the parameters from the request and add them to the data base(i.e. show that it were add or not in the response that is returned back to the user).

Login :
Write an HTML page that has two text input fields for the users name and mail, along with a submit button. Upon pressing the submit button, the page should send the data to a servlet. Checking the username and password against the database.
JavaTM Education & Technology Services
Copyright Information Technology Institute 78

Submit User Details to a Servlet


Display: Bonus
develop a servlet that views data of the products from the database (id, in a well formatted HTML table.

Search: Bonus
develop a search servlet for products.

JavaTM Education & Technology Services


Copyright Information Technology Institute 79

Response in Different Formats


Develop different servlets that send response in different mime types (e.g. excel sheet, word document, etc). Hint: Search on tshe internet for names of famous mime types.

JavaTM Education & Technology Services


Copyright Information Technology Institute 80

Chapter 5
Getting Familiar with HTTP Package

JavaTM Education & Technology Services


Copyright Information Technology Institute 81

javax.servlet.http.*

HTTPServlet GenericServlet HTTPServletRequest ServletRequest HTTPServletResponse ServletResponse

JavaTM Education & Technology Services


Copyright Information Technology Institute 82

javax.servlet.http.* (contd)

Some basic interfaces


HttpServletRequest HttpServletResponse HttpSession

Classes
Cookie HttpServlet

JavaTM Education & Technology Services


Copyright Information Technology Institute 83

The HTTPServlet Class It extends from javax.servlet.GenericServlet It contains extra methods like :
doPost() doGet () doOptions() doPut() doDelete() doTrace()

JavaTM Education & Technology Services


Copyright Information Technology Institute 84

The HTTPServlet Class (contd)


Server
Request

HttpServlet
doGet()

service()

Response

doPost()

JavaTM Education & Technology Services


Copyright Information Technology Institute 85

HttpServlet Example
The following code demonstrates the use of the doGet(..) method:
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType(text/html); PrintWriter out = response.getWriter(); out.println("<HTML>"); out.println("<BODY>"); out.println("The servlet has received a GET request." + "Now, click on the button below."); out.println("<BR>"); out.println("<FORM METHOD=POST>"); out.println("<INPUT TYPE=SUBMIT VALUE=Submit>"); out.println("</FORM>"); out.println("</BODY>"); out.println("</HTML>"); }
JavaTM Education & Technology Services
Copyright Information Technology Institute 86

HttpServlet Example contd


The following code demonstrates the use of the doPost(..) method:
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<HTML>"); out.println("<HEAD>"); out.println("<TITLE>The POST method</TITLE>"); out.println("</HEAD>"); out.println("<BODY>"); out.println("The servlet has received a POST request. Thank you."); out.println("</BODY>"); out.println("</HTML>"); }
JavaTM Education & Technology Services
Copyright Information Technology Institute 87

HttpServletRequest Interface
Common methods:
Enumeration getHeaderNames() String getHeader(String headerName) Enumeration getHeaders(String headerNames) String getQueryString() HttpSession getSession(boolean create) Cookie[] getCookies()

Remember, methods inherited from ServletRequest:


Enumeration getParameterNames() String getParameter(String paramName) String[] getParameterValues(String paramName)

JavaTM Education & Technology Services


Copyright Information Technology Institute 88

HttpServletResponse Interface
Common methods:
setStatus(int statusCode) sendRedirect(String newLocation) sendError(int statusCode, String msg) addCookie(Cookie cookie) setHeader(String headerName, String value) setIntHeader(String headerName, int value) setDateHeader(String headerName, long milliseconds)

Remember, methods inherited from ServletResponse:


PrintWriter getWriter() setContentType(String mimeType) setContentLength(int len)
JavaTM Education & Technology Services
Copyright Information Technology Institute 89

Status Code
You have to set the status code and response headers before writing any document content to the response that will be sent back to the client. For the parameter of setStatus(..) method, you can either use explicit numbers of your own, or use the static constant values defined in the HttpServletResponse interface (e.g. for status code 404 use SC_NOT_FOUND).

JavaTM Education & Technology Services


Copyright Information Technology Institute 90

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 91

Assignment

Display Headers of the request sent to your servlet

JavaTM Education & Technology Services


Copyright Information Technology Institute 92

Assignment

Registration : add a user the database. Continue the login assignment of the last chapter by checking the username and password against the database instead of hard coding the check inside the servlet.
User the request dispatchers forward method to direct the user to a success page or failure page. Display :develop a servlet that views data employees data from the database (id, name, email, salary, etc) in a well formatted HTML table:
Provide the ability to add a new employee, edit, or delete an existing one.

Search: develop a search servlet ( Bouns )


JavaTM Education & Technology Services
Copyright Information Technology Institute 93

The sendRedirect Method


The sendRedirect(..) method is used to redirect the browsers client to go to another page other than the one originally requested. This is useful in several situations, for example:
If the requested page has been migrated to another server or url. Deciding which page the user will be transferred to after successful login. Checking if the browser enables the use of cookies.

The location parameter can either be the relative URL of a page or its fully qualified URL.

JavaTM Education & Technology Services


Copyright Information Technology Institute 94

The sendRedirect Method contd


The sendRedirect(..) method makes a round trip to the client and then back to the server. A brand new request object is created, and the previous one is lost. Any data written to the response before calling it will be lost. If the calling servlet wishes to maintain some information from the old request and propagate it to the new request, then you can pass the information as a query string appended to the destination URL:
response.sendRedirect("MySecondServlet?userName=" + userName + "&password=" + password);
JavaTM Education & Technology Services
Copyright Information Technology Institute 95

sendRedirect Example
The following code demonstrates the use of sendRedirect(..) method:
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { . . out.println(<FORM method= POST>); out.println("<BR> Username: <INPUT TYPE=TEXT NAME=userName>"); out.println("<BR> Password: <INPUT TYPE=PASSWORD NAME=password>"); out.println("<BR> <INPUT TYPE=SUBMIT VALUE=Submit>"); out.println("</FORM>"); . . }
JavaTM Education & Technology Services
Copyright Information Technology Institute 96

sendRedirect Example contd


public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { . . String userName = request.getParameter("userName"); String password = request.getParameter("password"); if(userName!=null && password!=null && userName.equals(user") && password.equals(iti")) { response.sendRedirect("WelcomeServletURL"); } else { out.println(Login Failed, please try again.); } . . }
JavaTM Education & Technology Services
Copyright Information Technology Institute 97

Sending Special Characters


Some characters have special meanings to HTML, for example < and >. To be able to display such characters in your response, you have to encode them as follows:
< is replaced by: &lt > is replaced by: &gt White spaces are replaced by: &nbsp & is replaced by: &amp is replaced by: &quot

JavaTM Education & Technology Services


Copyright Information Technology Institute 98

Populating HTML Elements with Values


<INPUT TYPE=TEXT NAME=userName VALUE=ITI >

Explicit values example:


out.println("<INPUT TYPE=TEXT NAME=userName VALUE=ITI >"); OR out.println("<INPUT TYPE=TEXT NAME=userName VALUE=\ ITI \ >");

Using variables example:


out.println("<INPUT TYPE=TEXT NAME=userName VALUE= " + userName + " >");

JavaTM Education & Technology Services


Copyright Information Technology Institute 99

Response Buffer
For committing a response, a servlet sends the string output only once when it finishes processing or when the buffer is full. Enabling/Increasing the size of the response buffer is useful in enhancing the servlets performance in case of large response content. It is ON by default and the default size is 8192 characters You can can specify the buffer size of the response, using the method: response.setBufferSize(..)

Note: Call this method before writing any output to the response.
JavaTM Education & Technology Services
Copyright Information Technology Institute 100

RequestDispatcher Interface
The RequestDispatcher interface has 2 methods only:

include(ServletRequest request, ServletResponse response) forward(ServletRequest request, ServletResponse response)

JavaTM Education & Technology Services


Copyright Information Technology Institute 101

RequestDispatcher - include
The include(..) method is used to include the output of another servlet or the content of another page (html, JSP, etc) to the current servlet. This technique is famously used in websites to include a certain header or footer to all the pages of the website. It may also be used to include some common JavaScript functions to many web pages. The original servlet can write to the response before and after the included servlet or page writes to the response.
JavaTM Education & Technology Services
Copyright Information Technology Institute 102

RequestDispatcher - forward
The forward(..) method passes the processing of an HTTP request from the current servlet to another servlet or JSP (i.e. gives up the control for another servlet or jsp). It is up to the new servlet or JSP to write to the response object and then commit it to the client. Any output written to the response object by the original servlet will be lost (i.e. dont write to the response before forwarding to another servlet). The original servlet can perform some initial tasks on the request object before forwarding it (e.g. put additional attributes on it, which will be used by the new servlet or jsp).
JavaTM Education & Technology Services
Copyright Information Technology Institute 103

Using RequestDispatcher
There are two ways to get a dispatcher for the desired destination servlet or page. Either from the request, or from the context. From the ServletRequest:
getRequestDispatcher(String path)
//relative path or fully qualified path

From the ServletContext:


getRequestDispatcher(String fullPath)
// fully qualified path within the context, beginning with /

getNamedDispatcher(String servletName)
// the servlet name in the web.xml file
JavaTM Education & Technology Services
Copyright Information Technology Institute 104

Using RequestDispatcher - Example


The following code demonstrates the use of the RequestDispather: RequestDispatcher rd = request.getRequestDispatcher("SecondServletURL"); rd.include(request, response);

OR:
rd.forward(request, response); Note: If you use include or forward from a doPost method, then the doPost method of the second servlet will be invoked. If you use them from a doGet method, then the doGet method of the second servlet will be invoked. Therefore, it is advisable to implement both doGet and doPost in the destination servlet (write the code in one of the two methods, and call it from the other method).
JavaTM Education & Technology Services
Copyright Information Technology Institute 105

Page Transfer through RequestDispatcher

Include headers and footers to your page


PrintWriter out = response.getWriter(); // add Header out.println(This the Header"); // real processing request.setAttribute("username",ITI"); RequestDispatcher rd = request.getRequestDispatcher("DispatcherServlet2"); rd.include(request, response); // back to add footer out.println(This the Footer");

JavaTM Education & Technology Services


Copyright Information Technology Institute 106

sendRedirect VS forward
sendRedirect(..):
goes through a round trip to the client side then back to the server. The clients original request will be lost. To pass information, append a query string to the new locations URL.

forward(..):
Redirects the request internally inside the server. Both the request and the response are passed to the new resource.

JavaTM Education & Technology Services


Copyright Information Technology Institute 107

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 108

Login and Error Servlets


Update a login page (either an html page or a dynamic page generated by the doGet(..) method of a servlet). Upon submitting the login form, the user should be redirected to a welcome servlet (in case of successful login). If the login data is incorrect,display a colored error message on the login page.

JavaTM Education & Technology Services


Copyright Information Technology Institute 109

Including Header and Footer


Create header page and a footer page and then include them in your servlet (at the beginning and end). Bonus

JavaTM Education & Technology Services


Copyright Information Technology Institute 110

Forwarding to Another Servlet


Create a servlet that forwards to another servlet. Try to make the first servlet write to the response before forwarding it to the second servlet, and then see what happens.

JavaTM Education & Technology Services


Copyright Information Technology Institute 111

Chapter 6
Session Management

JavaTM Education & Technology Services


Copyright Information Technology Institute 112

Chapter 6 Outline
Session Management Techniques URL Rewriting

Hidden Fields Cookies


Session Objects
JavaTM Education & Technology Services
Copyright Information Technology Institute 113

Session Management
Session management is the ability to keep track of (maintain) the users state through several web pages. Remember: the problem with the HTTP protocol is that it is a stateless protocol. Session management is very useful for the following:
Identifying (remembering) the user during ecommerce sessions. Remembering usernames and passwords throughout multiple pages. Customizing websites view according to users preferences. Focused advertising.

The main idea of maintaining a session is to send a certain token (identifier) with the response.
JavaTM Education & Technology Services
Copyright Information Technology Institute 114

Session Management Techniques


The following techniques can be used separately or cooperatively in order to maintain the clients information throughout the entire session:
URL rewriting. Hidden fields. Cookies. Session objects.

JavaTM Education & Technology Services


Copyright Information Technology Institute 115

URL Rewriting
URL rewriting is simply appending token(s) to the URL of the next page or servlet. It starts by a question mark Tokens are strings in the form of parameter=value Tokens are separated by an ampersand (&) It is an easy way but has the following concerns:
Supports up to 2000 characters only. The parameters are exposed in the URL. You will need to encode special characters (e.g. spaces to + and special characters to %XX).

Example:
http://www.site.com/mySerevlet?param1=value1&param2=value2
JavaTM Education & Technology Services
Copyright Information Technology Institute 116

Hidden Fields
Forms can include hidden fields among the normal input fields.

Therefore, information can be stored in hidden fields and then retrieved from the request in the next page or servlet. The concern is that the user can view the values of the hidden fields by viewing the html source of the page from within the browser.
Example:
out.print("<INPUT TYPE=HIDDEN Name=id VALUE= +myId+ ">");

JavaTM Education & Technology Services


Copyright Information Technology Institute 117

Cookies
A cookie is a small piece of information (name and value) that is passed back and forth in the HTTP request and response. The cookie sent by a servlet to the client will be passed back to the server when the client requests another page from the same application. Cookies are represented as a class in the HTTP package.

To create a cookie you write such code:


Cookie c1 = new Cookie("myCookieName", myValue");

Niether the name nor the value can contain commas, semicolons, white space, nor begin with a $ character.
JavaTM Education & Technology Services
Copyright Information Technology Institute 118

Cookies contd
To add a cookie to the response:
response.addCookie(c1);

To retrieve a cookie from the request:


Cookie[] cookies = request.getCookies(); if(cookies != null) { for (int i=0; i<cookies.length; i++) { Cookie cookie = cookies[i]; out.println("<B>Cookie Name:</B> " + cookie.getName() + "<BR>"); out.println("<B>Cookie Value:</B> " + cookie.getValue() + "<BR>"); } }
JavaTM Education & Technology Services
Copyright Information Technology Institute 119

Cookies contd
Cookies must be added to the response before writing any other response elements. Advantages of cookies:
The values of the cookies are not directly visible. You don't need to use a form tag. Cookies are not a serious security threat.

Concerns about cookies:


The user has the choice to set the browser to refuse cookies. Privacy: if another user has access to the PC, then he may be able to view the values of stored cookies on the hard disk. Therefore, make sure not to write critical information in the cookie. (Anyway, theres no security without physical security).
JavaTM Education & Technology Services
Copyright Information Technology Institute 120

Cookies contd
You can detect whether a browser enables cookies or not, and display a message that asks the user to enable cookies. To detect this, you can do the scenario of adding a cookie to the response of the first servlet, then redirecting to a second servlet that checks the existence of the cookie in the request. To redirect the clients browser to another page you can use either of the following:
response.sendRedirect(..) <META HTTP-EQUIV=Refresh CONTENT=time to wait ;URL=url>

Note: in both cases you have to use a relative URL, not a fully qualified one.
JavaTM Education & Technology Services
Copyright Information Technology Institute 121

Cookies contd
A cookie can either be stored on session level or on persistence level. A session level cookie is a cookie that is stored in the browsers memory and deleted when the user quits the browser. A persistent cookie is stored on the clients hard disk. To make your cookie persistent, use the method setMaxAge(int seconds) before adding it to the response. Example: c1.setMaxAge(60*60*24*7); // One week
JavaTM Education & Technology Services
Copyright Information Technology Institute 122

Session Objects
The best and most powerful was is to use session objects (defined by the HTTPSession interface). For each user, the servlet container can create an HttpSession object that is associated with that user only. A session object acts like a Hashtable into which you can store any number of key/object pairs. It is accessible from other servlets or jsp pages in the same application (per user).

JavaTM Education & Technology Services


Copyright Information Technology Institute 123

Session Objects Basic Scenario

Servlet1

1
1234

Servlet2 3 Browser

JavaTM Education & Technology Services


Copyright Information Technology Institute 124

Session Objects Basic Scenario contd


The basic scenario of creating and then using a session object is as follows:
1. A session object is created by Servlet1 (using the getSession(..) method), where a unique session identifier is generated for it (e.g. jsessionid=1234). 2. Servlet1 implicitly sends the session identifier to the client browser.
3. When the client browser requests another resource from the same application, such as Servlet2, the session identifier is implicitly sent back to the server and passed to Servlet2 in the request object. 4. For Servlet2 to access the session object of this particular client, it uses the getSession(..) method which automatically retrieves the session identifier from the request and gains access to the specific session object associated with that session identifier.
JavaTM Education & Technology Services
Copyright Information Technology Institute 125

Session Objects - Example


In doPost(..) method of the LoginServlet:
// After user enters correct login information HttpSession session = request.getSession(true); session.setAttribute("loggedIn", new String("true")); response.sendRedirect("ContentServletURL");

In doGet(..) method of the ContentServlet:


HttpSession session = request.getSession(false); if (session == null) response.sendRedirect(LoginServletUrl); else { String loggedIn = (String) session.getAttribute("loggedIn"); if (!loggedIn.equals("true")) response.sendRedirect (loginServletUrl); }
JavaTM Education & Technology Services
Copyright Information Technology Institute 126

HttpSession
Common methods:
Enumeration getAttributeNames() Object getAttribute(String key) void setAttribute(String key, Object value) void removeAttribute (String key) // e.g. log out long getCreationTime() String getId() long getLastAccessedTime() void setMaxInactiveInterval(int seconds) int getMaxInactiveInterval() ServletContext getServletContext() void invalidate() boolean isNew()

JavaTM Education & Technology Services


Copyright Information Technology Institute 127

Invalidating a Session
A session can become invalid in 3 cases:
The default session timeout has elapsed (configured in the servlet container for all web applications). The maximum inactive interval time of the session has elapsed (specified by calling the method setMaxInactiveInterval(..)). The programmer decides to invalidate a session (by calling the invalidate() method).

JavaTM Education & Technology Services


Copyright Information Technology Institute 128

Lab Exercise

JavaTM Education & Technology Services


Copyright Information Technology Institute 129

1. Testing if browser enables cookies


Implement the cookie testing scenario by developing a servlet that adds a cookie to a response and then redirecting to another servlet that attempts to retrieve the cookie.

If the user has disabled the use of cookies, send him an error message asking him to enable cookies. Bonus

JavaTM Education & Technology Services


Copyright Information Technology Institute 130

2. User login
Keep user s login information on the session and access it in another page

JavaTM Education & Technology Services


Copyright Information Technology Institute 131

References & Recommended Reading Core Servlets and JSP. Java for the Web with Servlets, JSP, and EJB. Manning JSTL in Action. Sun presentations. Oracle presentations. SCJWD study guide.

JavaTM Education & Technology Services


Copyright Information Technology Institute 132

You might also like