Presentatie_LabSession

clangpotatoSoftware and s/w Development

Oct 28, 2013 (3 years and 8 months ago)

94 views

Vakgroep Informatietechnologie


Onderzoeksgroep (naam)



Web Centric

Design of Distributed Software

Objectives

After this lab session you should be able to


Write
dynamic

web applications


Using the following technologies:
Servlets
, JSP and AJAX


Server side plug
-
ins (
Servlets
)


Separate thread per request


Shares resources with other
servlets


Java Server Pages


Plain HTML used for static information


Java
-
scriptlets

to code the dynamic parts


Jsp
-
file is compiled in single
Servlet




ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
2

Objectives

Asynchronous
Javascript

and XML (AJAX)


Javascript

technology to retrieve data from the server in the
background


No page refreshes





ODS


Introduction to CORBA & RMI

Vakgroep Informatietechnologie

p.
3

Online Address Book

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
4

Outline

1.
Database

2.
Database Access

3.
Authentication

4.
Showing the contacts

5.
Viewing/adding/deleting contacts



ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
5

1. Database

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
6

1. Database

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
7

Outline

1.
Database

2.
Database Access

3.
Authentication

4.
Showing the contacts

5.
Viewing/adding/deleting contacts



ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
8

2. Database Access


Class to access the database


Loads the correct driver


Contains the connection url


ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
9

// Driver for the Derby database

String driver = "org.apache.derby.jdbc.ClientDriver";

// Connection settings

String dbName = "contacts";

String user = "nbuser";

String password = "nbuser";

String connectionURL = "jdbc:derby://localhost:1527/" + dbName;



public DatabaseAccess() {


try {


Class.forName(driver);


} catch(java.lang.ClassNotFoundException e) {





}

}


2. Database Access


Data retrieval


ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
10

public ResultSet executeQuery(String query) {


ResultSet results;


try {


// connect to the database


Connection conn = DriverManager.getConnection(connectionURL,




user, password);


s = conn.createStatement();


results = s.executeQuery(query);


return results;


} catch (Exception e) {


e.printStackTrace();


return null;


}

}


2. Database Access


Data update


ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
11

public void executeUpdate(String query) {


try {


// connect to the database


Connection conn = DriverManager.getConnection(connectionURL,




user, password);


s = conn.createStatement();


s.executeUpdate(query);


} catch (Exception e) {


e.printStackTrace();


}

}

Outline

1.
Database

2.
Database Access

3.
Authentication

4.
Showing the contacts

5.
Viewing/adding/deleting contacts



ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
12

3. Authentication


Login form in index.jsp

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
13

<form name="loginform" method="get"
action="<%=request.getContextPath()%>/LoginServlet">


User name: <input type="text" name="username" size="20" />


<br />


Password: <input type="password" name="password" size="20" />


<br />


<input type="submit" value="submit" />

</form>

Using the
<%= java expression %>
syntax we can generate
dynamic output in a JSP

3. Authentication


Login Servlet

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
14

protected void processRequest(HttpServletRequest request,

HttpServletResponse response) throws ServletException, IOException {


// Get the username and password from the request


String user = request.getParameter("username");


String pass = request.getParameter("password");


//Create the database object


DatabaseAccess dbAccess = new DatabaseAccess();


ResultSet users;




}

With
request.getParameter()
the encoded parameters of the
form can be retrieved

3. Authentication


Login Servlet

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
15

// Get all users from the database

users = dbAccess.executeQuery("select * from USERS");

try {


while (users.next()) {


String username = users.getString("username");


String password = users.getString("password");


if (username.equals(user) && password.equals(pass)) {


// A match is found, access is allowed


allowed = true;


break;


}


}


// Close the resultSet


users.close();

} catch (Exception e) {


e.printStackTrace();

}


3. Authentication


Login Servlet

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
16

if (allowed) {


// Add the username and database object to the session object


HttpSession session = request.getSession(true);


session.setAttribute("dbAccess", dbAccess);


session.setAttribute("username", user);


// Forward to the ContactsServlet


RequestDispatcher dispatcher =


request.getRequestDispatcher("ContactsServlet");


dispatcher.forward(request, response);

}


-
The
HttpSession

object is used to bind a client to a servlet over multiple
requests (session tracking)

-

The
RequestDispatcher

object is used to forward requests to other
resources or to include the contents of another servlet to the response of
this servlet

3. Authentication


Login Servlet

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
17

else {


response.setContentType("text/html;charset=UTF
-
8");


PrintWriter out = response.getWriter();


out.println("<html>");


out.println("<head>");


out.println("<title>LoginServlet</title>");


out.println("</head>");


out.println("<body>");


out.println("You failed to supply valid credentials.");


out.println("</body>");


out.println("</html>");


out.close();

}


Outline

1.
Database

2.
Database Access

3.
Authentication

4.
Showing the contacts

5.
Viewing/adding/deleting contacts



ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
18

4. Showing the contacts


We need to check if the user has logged in properly


User could go directly to url of
ContactsServlet


Check is needed throughout whole application


Implemented in separated servlet (
CheckCredentialsServlet
)


Included in other servlets via
RequestDispatcher

object


ContactsServlet:

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
19



// Check if the user is logged in

RequestDispatcher dispatcher =


request.getRequestDispatcher("CheckCredentialsServlet");

dispatcher.include(request, response);




4. Showing the contacts


CheckCredentialsServlet

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
20

PrintWriter out = response.getWriter();

// Get the username from the session

HttpSession session = request.getSession();

String username = (String) session.getAttribute("username");

if (username == null) {

// The user is not logged in


out.println("<html>");


out.println("<head>");


out.println("<title>CheckCredentialsServlet</title>");


out.println("</head>");


out.println("<body>");


out.println("You are not logged in. Click <a href=
\
"index.jsp
\
"> here </a> to login.");


out.println("</body>");


out.println("</html>");


// close the output


out.close();

}


4. Showing the contacts

ContactsServlet:

ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
21



// Get the username and database object from the session

HttpSession session = request.getSession();

String username = (String) session.getAttribute("username");

DatabaseAccess databaseAccess = (DatabaseAccess)
session.getAttribute("dbAccess");



// Get all the contacts of the user

String query = "select
\
"CONTACTNAME
\
" from USERCONTACTS where


\
"USERNAME
\
" = '" + username + "'";

ResultSet results = databaseAccess.executeQuery(query);

try {


while (results.next()) {


String contactname = results.getString("contactname");


out.println("<li>" + contactname +


"<a href=
\
"ViewContactServlet?contactname=" + contactname +



\
">View</a>


<a href=
\
"RemoveContactServlet?contactname=" + contactname +


"&username=" + username + "
\
">Remove</a> </li>");


}




Outline

1.
Database

2.
Database Access

3.
Authentication

4.
Showing the contacts

5.
Viewing/adding/deleting contacts



ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
22

5. Viewing/adding/deleting contacts



3 extra servlets


All information they need is sent via the urls or via the
request body


Each servlet includes
CheckCredentialsServlet


AddContactServlet:


ODS


Introduction to Web Centric technologies

Vakgroep Informatietechnologie

p.
23



// Update the CONTACTS table

String query = "insert into CONTACTS Values('" + contactname + "','" +


telephone + "','" + address + "')";

databaseAccess.executeUpdate(query);

// Update the USERCONTACTS table

String query2 = "insert into USERCONTACTS Values('" + username + "','"


+ contactname + "')";

databaseAccess.executeUpdate(query2);

// Go back to ContactsServlet

response.sendRedirect("ContactsServlet");