Vakgroep Informatietechnologie – Onderzoeksgroep (naam) Web Centric Design of Distributed Software

Vakgroep Informatietechnologie – Onderzoeksgroep (naam)

Web CentricDesign of Distributed Software

Objectives

After this lab session you should be able to Write dynamic web applications Using the following technologies: Servlets, JSP and AJAX

Server side plug-ins (Servlets) Separate thread per request Shares resources with other servlets

Java Server Pages Plain HTML used for static information Java-scriptlets to code the dynamic parts Jsp-file is compiled in single Servlet

ODS – Introduction to Web Centric technologiesVakgroep Informatietechnologie

p. 2

Objectives

Asynchronous Javascript and XML (AJAX) Javascript technology to retrieve data from the server in the

background No page refreshes

ODS – Introduction to CORBA & RMIVakgroep Informatietechnologie

p. 3

Online Address Book


p. 4

Outline

1. Database2. Database Access3. Authentication4. Showing the contacts5. Viewing/adding/deleting contacts


p. 5

1. Database


p. 6

1. Database


p. 7

Outline



p. 8

2. Database Access

Class to access the database Loads the correct driver Contains the connection url


p. 9

// Driver for the Derby databaseString driver = "org.apache.derby.jdbc.ClientDriver";// Connection settingsString dbName = "contacts";String user = "nbuser";String password = "nbuser";String connectionURL = "jdbc:derby://localhost:1527/" + dbName; public DatabaseAccess() { try { Class.forName(driver); } catch(java.lang.ClassNotFoundException e) { … }}

2. Database Access

Data retrieval


p. 10

public ResultSet executeQuery(String query) { ResultSet results; try { // connect to the database Connection conn = DriverManager.getConnection(connectionURL,

user, password); s = conn.createStatement(); results = s.executeQuery(query); return results; } catch (Exception e) { e.printStackTrace(); return null; }}

2. Database Access

Data update


p. 11

public void executeUpdate(String query) { try { // connect to the database Connection conn = DriverManager.getConnection(connectionURL,

user, password); s = conn.createStatement(); s.executeUpdate(query); } catch (Exception e) { e.printStackTrace(); }}

Outline



p. 12

3. Authentication

Login form in index.jsp


p. 13

<form name="loginform" method="get" action="<%=request.getContextPath()%>/LoginServlet"> User name: <input type="text" name="username" size="20" /> <br /> Password: <input type="password" name="password" size="20" /> <br /> <input type="submit" value="submit" /></form>

Using the <%= java expression %> syntax we can generate dynamic output in a JSP

3. Authentication

Login Servlet


p. 14

protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // Get the username and password from the request String user = request.getParameter("username"); String pass = request.getParameter("password"); //Create the database object DatabaseAccess dbAccess = new DatabaseAccess(); ResultSet users; …}

With request.getParameter() the encoded parameters of the form can be retrieved

3. Authentication

Login Servlet


p. 15

// Get all users from the databaseusers = dbAccess.executeQuery("select * from USERS");try { while (users.next()) { String username = users.getString("username"); String password = users.getString("password"); if (username.equals(user) && password.equals(pass)) { // A match is found, access is allowed allowed = true; break; } } // Close the resultSet users.close();} catch (Exception e) { e.printStackTrace();}

3. Authentication

Login Servlet


p. 16

if (allowed) { // Add the username and database object to the session object HttpSession session = request.getSession(true); session.setAttribute("dbAccess", dbAccess); session.setAttribute("username", user); // Forward to the ContactsServlet RequestDispatcher dispatcher = request.getRequestDispatcher("ContactsServlet"); dispatcher.forward(request, response);}

-The HttpSession object is used to bind a client to a servlet over multiple requests (session tracking)- The RequestDispatcher object is used to forward requests to other resources or to include the contents of another servlet to the response of this servlet

3. Authentication

Login Servlet


p. 17

else { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); out.println("<html>"); out.println("<head>"); out.println("<title>LoginServlet</title>"); out.println("</head>"); out.println("<body>"); out.println("You failed to supply valid credentials."); out.println("</body>"); out.println("</html>"); out.close();}

Outline



p. 18

4. Showing the contacts We need to check if the user has logged in properly

User could go directly to url of ContactsServlet Check is needed throughout whole application Implemented in separated servlet (CheckCredentialsServlet) Included in other servlets via RequestDispatcher object

ContactsServlet:


p. 19

…// Check if the user is logged inRequestDispatcher dispatcher = request.getRequestDispatcher("CheckCredentialsServlet");dispatcher.include(request, response);…

4. Showing the contacts

CheckCredentialsServlet


p. 20

PrintWriter out = response.getWriter(); // Get the username from the sessionHttpSession session = request.getSession();String username = (String) session.getAttribute("username");if (username == null) {// The user is not logged in out.println("<html>"); out.println("<head>"); out.println("<title>CheckCredentialsServlet</title>"); out.println("</head>"); out.println("<body>"); out.println("You are not logged in. Click <a href=\"index.jsp\"> here </a> to login."); out.println("</body>"); out.println("</html>"); // close the output out.close();}

4. Showing the contacts

ContactsServlet:


p. 21

…// Get the username and database object from the sessionHttpSession session = request.getSession();String username = (String) session.getAttribute("username");DatabaseAccess databaseAccess = (DatabaseAccess) session.getAttribute("dbAccess");… // Get all the contacts of the userString query = "select \"CONTACTNAME\" from USERCONTACTS where \"USERNAME\" = '" + username + "'";ResultSet results = databaseAccess.executeQuery(query); try { while (results.next()) { String contactname = results.getString("contactname"); out.println("<li>" + contactname + "<a href=\"ViewContactServlet?contactname=" + contactname + “\">View</a> <a href=\"RemoveContactServlet?contactname=" + contactname + "&username=" + username + "\">Remove</a> </li>"); }…

Outline



p. 22

5. Viewing/adding/deleting contacts 3 extra servlets All information they need is sent via the urls or via the

request body Each servlet includes CheckCredentialsServlet

AddContactServlet:


p. 23

…// Update the CONTACTS tableString query = "insert into CONTACTS Values('" + contactname + "','" + telephone + "','" + address + "')";databaseAccess.executeUpdate(query);// Update the USERCONTACTS tableString query2 = "insert into USERCONTACTS Values('" + username + "','" + contactname + "')";databaseAccess.executeUpdate(query2);// Go back to ContactsServletresponse.sendRedirect("ContactsServlet");

Documents

Vakgroep Informatietechnologie – Onderzoeksgroep (naam) Web Centric Design of Distributed Software