Docstoc

servlets

Document Sample
servlets Powered By Docstoc
					         Servlets

  DBI - Representation and
Management of Data on the Web
          Java and Web Pages
• Java was introduced to embed greater interactivity
  into Web pages
• Java has accomplished this through the use of
  applets
• Applets add functionality to Web pages
• For example,
   – Adding games to Web pages
   – Adding graphics
   – etc.
         About Java Applets
• Java applets are programs that are
  embedded directly into Web pages
• We add the <applet code=“…”> tag to
  the HTML page
• When a browser loads a Web page, the
  applet byte-code is downloaded to the client
  box and executed by the browser
       Problems with Applets
• Three main problems are
  – Accessing files and databases (security
    restrictions)
  – Compatibility
  – Bandwidth
• The bandwidth problem:
  – as your applets grow in size, the download time
    becomes unacceptable
      Compatibility Problems
• Applets are also faced with compatibility
  problems
• In order to run an applet, you need to have a
  compatible browser
• If a customer doesn't have a compatible
  browser, she will not be presented with
  proper content
• Thin clients do not support the all Java API
    We Tried So Far


Running applications
   on the client
   Instead, We …



Move to the server
                  The Solution
• Server-side Java solves some of the problems that
  applets face:
   – There are no compatibility problems with code
     execution
   – There are no issues with long download time
   – Server Java only sends the client small packets of
     information that it can understand (mainly HTML)
• Java servlets are one of the options for server-side
  Java
                         Servlets
• Servlets most common usages:
   – 1. Used to extend Web servers
   – 2. Used as replacement for CGI that is
      • secure, portable, and easy-to-use
• A servlet is a dynamically loaded module that
  services requests from a Web server
• A servlet runs entirely inside the Java Virtual
  Machine
• Servlet does not depend on browser compatibility
        Execution of a Java Servlet

 Sending a
request and
receiving a
  response
    Example of Using Servlets
Developing e-commerce store fronts:
  a. A Servlet can build an on-line catalog from
     database
  b. The Servlets can present the catalog using
     dynamic HTML
  c. A customer fills out order and submits it to
     the servlet
  d. The Servlet processes the order and submits
     the result to the database
       Alternatives to Java Servlets
I.     CGI
II.    Proprietary server APIs
III.   Server side JavaScript
IV.    Microsoft Active Server Pages

•      All above are viable solutions, but each
       has their own set of problems
                  CGI
• Common Gateway Interface (CGI): Scripts
  generate Web pages or other files
  dynamically by processing form data and
  returning documents based on form values
  or other data
          Servlets Versus CGI
• Platform                 • Not platform
                                                CGI
  Independence –             independent
  servlets work on any     • Work order: get
  servlet-enabled server     request, open process,
                             shut down
• Single process that
  handles many requests    • Not persistent –
                             reestablish resources
• Written in Java            each time
• Faster to Run            • Each request requires
                             new CGI process
        Servlet
              Servlets Give
• Portability
• The power of Java
• Efficiency since using a single process
• Safety – strong typing differently from
  scripts
• “Clean”, object oriented code
• Integration with the server
            HTML Forms
• Interactive HTML
• Composed of input elements (buttons, text
  fields, check boxes) with <form> tag
• On Submission, browser packages user
  input and sends to server
• Server passes information to supporting
  application that formats reply (HTML page)
            The <input> Tag
• Inside a form, INPUT tags define fields for data
  entry

• Standard input types include: buttons, checkboxes,
  password field, radio buttons, text fields, image-
  buttons, text areas, pull-down menus,
• They all associate a single (string) value with a
  named parameter
           The <form> Tag
• <form> …</form> comprise single form
• Two Special Attributes:
  – action – the name of the processing server
  – method – the method to pass parameters to
    server
              Form Parameters
• action attribute give URL of application that
  receives and processes form’s data (cgi-bin)
  <form action=“http://www.cs.huji.ac.il/~dbi/cgi-
  bin/update”>
  …
  </form>
• enctype attribute to change encryption
• method attribute sets the method by which
  data sent to server (HTTP methods)
               HTTP Methods
• POST:
  – Data sent in two steps
  – Designed for Posting information
     • Browser contacts server
     • Sends data
• GET:
  – Contacts server and sends data in single step
  – Appends data to action URL separated by question
    mark
  – Designed to get information
            Other Methods
• HEAD: Client sees only header of response
  to determine size, etc…
• PUT: Place documents directly on server
• DELETE: Opposite of PUT
• TRACE: Debugging aid returns to client
  contents of its request
• OPTIONS: what options available on server
                       Example
<HTML>
…
<form method=GET
      action=“http://www.cs.huji.ac.il/~dbi/cgi-bin/update”>
      …
</form>
…
</HTML>



    http://www.cs.huji.ac.il/~dbi/cgi-bin/update?x=19&y=104
A Book Review Example
<html>
  <head>
    <title>Book Review</title>
  </head>

  <body>
    <H1>Book Review</H1>
    <form action=/cgi-bin/bookreview.pl method=POST>
      What is your first name?
      <input type=text name=fname>

      <BR><BR>Check if you are planning to write a servlet
      <input type=checkbox name=writeservlet>

      <BR><BR>What was your favorite chapter so far?<BR>
        <BR>Chp. 1<input type=radio name=favchap value=1>
        <BR>Chp. 2<input type=radio name=favchap value=2>
        <BR>Chp. 3<input type=radio name=favchap value=3>
        <BR>Chp. 4<input type=radio name=favchap value=4>
        <BR>Chp. 5<input type=radio name=favchap value=5>
        <BR>Chp. 6<input type=radio name=favchap value=6>
      <BR><BR><input type=submit><input type=reset>
    </form>
  </body>
</html>
#!/usr/bin/perl

require "cgilib.pl";

print "Content-type: text/html\n\n";

%dataDict = ();

&readData(*data);
&parseData(*data,*dataDict);

$fName = $dataDict{"fname"};
$chp = $dataDict{"favchap"};
$writeServlet = $dataDict{"writeservlet"};

print   "<HTML>";
print   "<TITLE>Book Review Response</TITLE>";
print   $fName;
print   ", thank you for your feedback.<BR>";
print   "Your favorite chapter so far is chapter ";
print   $chp;
print   ".<BR>";
print   "<HR>";
print   "You are ";

($writeServlet ne "") || print "not ";

print "planning to write a servlet.";

print "</HTML>";
               Instead, We Write


<form
        action=http://localhost:8080/servlet/BookReviewServlet
        method=POST>

for calling a servlet
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class BookReviewServlet extends HttpServlet
{
    // Write a response to the client.
    public void doPost(HttpServletRequest req, HttpServletResponse res)
           throws ServletException, IOException
    {
        /*
                Set the "content type" header of the response so that
                the browser knows we are sending HTML and not just raw text.
                If you don't do this then the HTML tags will not be interpreted.
                Try commenting out this line to see what happens.
             */
             res.setContentType("text/html");

            //Get the response's PrintWriter to return text to the client.
            PrintWriter toClient = res.getWriter();

            String fName = req.getParameter("fname");
            String chp = req.getParameter("favchap");
            String writeServlet = req.getParameter("writeservlet");

            // Respond to client with a thank you
doPost for handling a POST request
BookReviewServlet extends HttpServlet
            toClient.println("<HTML>");
            toClient.println("<TITLE>Book Review Response</TITLE>");
            toClient.print(fName);
            toClient.println(", thank you for your feedback.<BR>");
            toClient.print("Your favorite chapter so far is chapter ");
            toClient.println(chp + ".<BR>");
            toClient.println("<HR>");
            toClient.println("You are ");
            if(writeServlet == null)
                  toClient.print("not ");
            toClient.println("planning to write a servlet.");

            toClient.println("</HTML>");


        // Close the writer; the response is done.
            toClient.close();
    }
}
           More on Server-side
             Technologies
• Server-side Includes:
   – Extension to HTML
   – Server-side scripting
   – Embedding code in HTML documents
• Java Server Pages:
   – JavaServer Pages technology uses XML-like tags and
     scriptlets written in the Java programming language to
     encapsulate the logic that generates the content for the
     page
   – Dynamic data in web page
   – JSP compiled to Servlet
           Servlet Package
• javax.servlet
• Servlet interface defines methods that
  manage servlet and its communication with
  clients
• Client Interaction: When it accepts call,
  receives two objects
  – ServletRequest
  – ServletResponse
Architecture
                   Hello World Example
import   java.io.*;
import   java.util.*;
import   javax.servlet.*;
import   javax.servlet.http.*;

public class HelloWorldServlet extends GenericServlet
{
    public void service(ServletRequest    request,
                                    ServletResponse   response)
                                    throws ServletException, IOException
    {
            PrintWriter out;

              response.setContentType("text/html");

              out = response.getWriter();

              out.println("<HTML><HEAD><TITLE>");
              out.println("Hello World");
              out.println("</TITLE></HEAD><BODY>");
              out.println("<H1>Hello World</H1>");
              out.println("</BODY></HTML>");

              out.close();
    }
}
            Hello World Example
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class HelloWorld extends HttpServlet
{
   public void doGet(HttpServletRequest req, HttpServletResponse res)
   throws ServletException, IOException
   {
         res.setContentType("text/html");
         PrintWriter out = res.getWriter();

        out.println("<HTML>");
        out.println("<HEAD><TITLE>Hello World</TITLE></HEAD>");
        out.println("<BODY>");
        out.println("<BIG>Hello World</BIG>");
        out.println("</BODY></HTML>");
    }
}
         The Servlet Interface
• All servlets must implement the Servlet interface
   – void init(ServletConfig config)
      • called every time the servlet is instantiated
   – void service(ServletRequest req,
     ServletResponse res)
      • ServletRequest: parameters from the client
      • ServletResponse: contains an output stream used to return
        information to the client
      • needs to be thread-safe since multiple requests can be handled
        concurrently
      • not called until init() has finished execution
     The Servlet Interface
– void destroy()
   • called by the servlet engine when it removes the
     servlet
   • should free any resources (i.e. files or database
     connections) held by the servlet
– String getServletInfo()
   • Returns version and copyright information
   The HttpServlet Interface
• Implements Servlet
• Receives requests and sends responses to a web
  browser
• Methods to handle different types of HTTP
  requests:
   – doGet() handles GET requests
   – doPost() handles POST requests
   – doPut() handles PUT requests
   – doDelete() handles DELETE requests
      Handling HttpServlet
             Requests
• service() method not usually overridden
   – doXXX() methods handle the different request
     types
• Needs to be thread-safe or must run on a
  STM (SingleThreadModel) Servlet Engine
   – multiple requests can be handled at the same
     time
HttpServlet Request Handling
              Web       HttpServlet subclass
  GET request Server
                                     doGet()
     response
                       service()
 POST request
                                     doPost()
    response
    ServletRequest Interface
• Encapsulates communication from client to
  server
   – parameters passed by client,
   – protocol used by client,
   – names of remote host, and server
• ServletInputStream for data transfer from client
  to server using HTTP POST and PUT
• HttpServletRequest access HTTP header info
    ServletRequest Interface
public abstract int getContentLength()
public abstract String getContentType()

public abstract String getProtocol()
public abstract String getScheme()

public   abstract   String getServerName()
public   abstract   int getServerPort()
public   abstract   String getRemoteAddr()
public   abstract   String getRemoteHost()

public   abstract   String getParameter(String name)
public   abstract   String[] getParameterValues(String name)
public   abstract   Enumeration getParameterNames()
public   abstract   Object getAttribute(String name)
         HttpServletRequest
                     Interface
public String getMethod()
public String getRequestURI()

public   Enumeration getHeaderNames()
public   String getHeader(String name)
public   int getIntHeader(String name)
public   long getDateHeader(String name)

public   Cookie[] getCookies()
public   HttpSession getSession(boolean create)
public   String getRequestedSessionId()
public   boolean isRequestedSessionIdValid()
public   boolean isRequestedSessionIdFromCookie()
public   boolean isRequestedSessionIdFromUrl()
  ServletResponse Interface

• Methods for replying to client
• Set content length and MIME type of reply
• ServletOutputStream and a Writer to send
  data
• HttpServletResponse protocol specific
 ServletResponse Interface

public void setContentLength(int len)
public void setContentType(String type)

public ServletOutputStream getOutputStream()
            throws IOException
public PrintWriter getWriter() throws IOException
public String getCharacterEncoding()
           HttpServletResponse
                       Interface msg) throws IOException
public void sendError(int sc, String
public void sendError(int sc) throws IOException
public void setStatus(int sc, String sm)
public void setStatus(int sc)


public   boolean containsHeader(String name)
public   void setHeader(String name,String value)
public   void setIntHeader(String name, int value)
public   void setDateHeader(String name, long date)


public void sendRedirect(String location) throws IOException


public void addCookie(Cookie cookie)
public String encodeUrl(String url)
public String encodeRedirectUrl(String url)
          HTTP Specifics
• MIME: Multipurpose Internet Mail
  Extension to identify file type
• GET/POST/PUT: Ways that browser sends
  form data to the server
• Persistent Sessions
• Cookies
public class SimpleServlet extends HttpServlet {
/** * Handle the HTTP GET method by building a simple web page. */
public void doGet (HttpServletRequest request,
                   HttpServletResponse response)
                   throws ServletException, IOException {
         PrintWriter out;
         String title = "Simple Servlet Output";
// set content type and other response header fields first
           response.setContentType("text/html");
// then write the data of the response
           out = response.getWriter();
out.println("<HTML><HEAD><TITLE>");
out.println(title); out.println("</TITLE></HEAD><BODY>");
out.println("<H1>" + title + "</H1>");
out.println("<P>This is output from SimpleServlet.");
out.println("</BODY></HTML>");
out.close(); }
}
      You Do The Following
• Subclass HttpServlet
• Override doGet()
• User Request encapsulated in
  HttpServletRequest object
• Response encapsulated in
  HttpServletResponse object
• Use output stream from
 HttpServletResponse
        Interacting with Clients
•   Requests and Responses
•   Header Data
•   Get Requests
•   Post Requests
•   Threading
•   Servlet Descriptions
• Handle requests through service method
  (calls doGet())
• HttpServletRequest Objects
  – getParameter returns value of named
    parameter
  – getParameterValues if more than one value
  – getParameterNames for names of parameters
  – getQueryString for HTTP GET returns string
    of raw data from client. Must parse.
  – HTTP POST, PUT, DELETE Requests
     • Text: getReader returns BufferedReader
     • Binary: getInputStream returns
       ServletInputStream
• HttpServletResponse Object
  – getWriter returns a Writer for text
  – getOutputStream returns
    ServletOutputStream for binary
  – Set header data before above IO set
  – setContentType in header
             Response Type
• Response type does not have to be a text
• You can, for example,
        setContent(“image/gif”)
  and send a stream of bits of an image
• You can also return an HTML form that
  calls your servlet again as a response to a
  user action
               An Example
<HTML>
<HEAD>
<TITLE>Introductions</TITLE>
</HEAD>
<BODY>
<FORM METHOD=GET ACTION="/servlet/Hello">
  If you don't mind me asking, what is your name?
<INPUT TYPE=TEXT NAME="name"><P>
<INPUT TYPE=SUBMIT>
</FORM>
</BODY>
</HTML>
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class Hello extends HttpServlet {

  public void doPost(HttpServletRequest req,
                     HttpServletResponse res)
              throws ServletException, IOException {

      doGet(req, res);
  }
public void doGet(HttpServletRequest req,
                  HttpServletResponse res)
            throws ServletException, IOException {

        // Set the Content-Type header
        res.setContentType("text/html");

        // Return early if this is a HEAD
        if (req.getMethod().equals("HEAD")) return;

        // Proceed otherwise
        PrintWriter out = res.getWriter();
        String name = req.getParameter("name");
        out.println("<HTML>");
        out.println("<HEAD><TITLE>Hello, " + name +
                    "</TITLE></HEAD>");
        out.println("<BODY>");
        out.println("Hello, " + name);
        out.println("</BODY></HTML>");
    }
}
    Using the <SERVLET> Tag
• It is a server-side tag that is written in the
  HTML document
• The web server is configured to replace the
  tag with the output from the invoked servlet
• Many times, for servlets to recognize such
  files, they are files that end with “.shtml”
<HTML>
<HEAD>
<title>Mountain View Public Access Bank Account Query
   Service
</title>
</HEAD>             The Servlet is not invoked directly
<BODY>
<h1>Bank Server</h1>
<hr>
<form action="/Bank/SecondPage.shtml" method="GET">
Which account do you want to find out about ?
<input type="text" name="Person">
<input type="submit" value="Send">
</form>
<hr>
<small>All information subject to change without notice
   and probably quite inaccurate.
</small>
</BODY>
</HTML>
<HTML>
<HEAD>
<title>Mountain View Public Access Bank Account
  Query Service
</title>
</HEAD>
<BODY>
<h1>Bank Server</h1>
<hr>
<SERVLET CODE = bank.servlets.AccountSummary>
<PARAM NAME = "DriverName" VALUE =
  "sun.jdbc.odbc.JdbcOdbcDriver">
<PARAM NAME = "DatabaseURL" VALUE =
  "jdbc:odbc:AccountsDatabase">
<PARAM NAME = "Account" VALUE = "SYSDBA" >
<PARAM NAME = "Password" VALUE = "masterkey">
Your server doesn't support the servlet tag.
</SERVLET>
<hr>
<SERVLET CODE = bank.servlets.AccountTransactions>
<PARAM NAME = "DriverName" VALUE =
   "sun.jdbc.odbc.JdbcOdbcDriver">
<PARAM NAME = "DatabaseURL" VALUE =
   "jdbc:odbc:AccountsDatabase">
<PARAM NAME = "Account" VALUE = "SYSDBA" >
<PARAM NAME = "Password" VALUE = "masterkey">
Your server doesn't support the servlet tag.
</SERVLET>
<form action="/Bank/SecondPage.shtml" method="GET">
Which account do you want to find out about ?
<input type="text" name="Person">
<input type="submit" value="Send">
</form> <hr>
<small>All information subject to change without notice
   and probably quite inaccurate.
</small>
</BODY>
</HTML>
                 SecondPage.shtml
public abstract class BankAccountSSIRoot extends HttpServlet {
 public void doPost(HttpServletRequest request,
                    HttpServletResponse response)
        throws ServletException, IOException {

     _driverName = request.getParameter("DriverName");
     _databaseURL = request.getParameter("DatabaseURL");
     _account = request.getParameter("Account");
     _password = request.getParameter("Password");
     PrintWriter output;
     try {
       output = new PrintWriter(response.getOutputStream(), true);
     }
     catch (Exception e){
       log("Couldn't get Printwriter for request");
       return;
Class.forName(_driverName);
     }
return DriverManager.getConnection(
     String person = request.getParameter("Person");
              Servlet can’t tell the difference
     if (null==person){

     }
             _databaseURL, tag
       logError(output, "Please enter a person's name");
              between SERVLET
     else{   _account,and form parameters
              parameters
       printAccountData(person, output);
     }
     return;
             _password);
 }
            Servlets Package in UML
                                                              ServletConfig


                                                                              1
                               GenericServlet                                             ServletContext
                                                                                     1
HttpUtils




                                                                                             HttpSessionContext
                          HttpServlet                        HttpSession
                                                                           1..*       1
                                       1
                               1                               0..*
                                                                       0..*

                                                                                               Object
                                                                                      0..*


                                                                    0..*
                   1                                         HttpSessionBindingListener
      HttpServletRequest
                                                1
                  1
                                       HttpServletResponse

                0..*
            Cookie                 1
                       0..*
Second Lecture
      A Search Engine Choice
             Example
• Taken from a tutorial by Marty Hall
• http://www.apl.jhu.edu/~hall/java/Servlet-
  Tutorial/
• SearchEngines.java
• SearchSpec.java
• SearchEngines.html
          Servlet Life Cycle
• No main() method!
• Server loads and initializes servlet
• servlet handles client requests
• server removes servlet
• Servlet can remain loaded to handle
  additional requests
• Incur startup costs only once
Life Cycle Schema
 Starting and Destroying Servlets
• Initialization:
   –   Servlet’s init(ServletConfig) method
   –   Create I/O to intensive resources (database)
   –   Initialization parameters are server specific
   –   Seen in servletrunner properties file
• Destroying:
   – destroy() method
   – make sure all service threads complete
           ServletConfig
• When a servlet is created, it can have a set
  of initialization parameters (just like applets
  or command line args to an application)
  – How these parameters are set is web-server
    specific (you need to configure the web server)
• ServletConfig lets the Servlet get at this
  initial configuration information
   public ServletContext getServletContext()
   public String getInitParameter(String name)
   public Enumeration getInitParameterNames()
package database;

import java.io.*;
import javax.servlet.*;


/**
 * This is a simple example of a Generic Servlet. Other servlets
 * call its public methods; it does not accept calls from clients.
 */
public class BookDBServlet extends GenericServlet {

    private BookstoreDB books;

    public void init(ServletConfig config) throws ServletException {
        // Store the ServletConfig object and log the initialization
        super.init(config);

        // Load the database to prepare for requests
        books = new BookstoreDB();
    }

    public void destroy() {
        // Allow the database to be garbage collected
        books = null;
    }

    public void service(ServletRequest req, ServletResponse res)
      throws ServletException, IOException {
            throw new UnavailableException(
                this,
                "This servlet does not accept client requests.");
    }

    public BookDetails getBookDetails(String bookId) {
        return books.getBookDetails(bookId);
    }

    public BookDetails[] getBooksSortedByTitle() {
        return books.getBooksSortedByTitle();
    }

    public int getNumberOfBooks() {
        return books.getNumberOfBooks();
    }

    public String getServletInfo() {
        return "The BookDB servlet manages the bookstore database. " +
               "It is called by other servlets, not directly by a user.";
    }
}
             Servlet Threads
• Applying a service method for each client request
• The server usually only calls destroy() after all
  service threads complete
• Need to keep track of threads currently running
• Wait for long-running threads to complete
• Have long-running threads poll for shutdown
      Example – Counting Threads
public ShutdownExample extends HttpServlet {
    private int serviceCounter = 0;
    ...
    //Access methods for serviceCounter
    protected synchronized void enteringServiceMethod()
    {
      serviceCounter++;
    }
    protected synchronized void leavingServiceMethod()
    {
      serviceCounter--;
    }
    protected synchronized int numServices() {
      return serviceCounter;
    }
}
        Maintaining the Count
protected void service(HttpServletRequest req,
                       HttpServletResponse resp)
          throws ServletException, IOException
{
      enteringServiceMethod();

      try {
            super.service(req, resp);
      } finally {
            leavingServiceMethod();
      }
}
         Notifying a Shutdown
public ShutdownExample extends HttpServlet {
    private boolean shuttingDown;
    ...
    //Access methods for shuttingDown
    protected setShuttingDown(boolean flag) {
       shuttingDown = flag;
    }
    protected boolean isShuttingDown() {
       return shuttingDown;
    }
}
           A Destroy Example
public void destroy() {

    /* Check to see whether there are still
     * service methods running,
     * and if there are, tell them to stop.
     */
    if (numServices() > 0) {
        setShuttingDown(true);
    }

     /* Wait for the service methods to stop. */
     while(numServices() > 0) {
            try {
                Thread.sleep(interval);
            } catch (InterruptedException e) {}
    }
}
   “Listening” to a Shutdown

public void doPost(...) {
       ...
     for(i = 0; ((i < numberOfThingsToDo)
           && !isShuttingDown()); i++) {
         try {
           partOfLongRunningOperation(i);
         } catch (InterruptedException e) {}
     }
}
            SingelThreadModel
• SingleThreadModel is a marker interface
   – No methods
   – Tells servlet engines about lifecycle expectations
• Ensure that no two threads will execute
  concurrently the service method of that servlet
• This is guaranteed by maintaining a pool of servlet
  instances for each such servlet, and dispatching
  each service call to a free servlet
           SingleThreadModel
• SingleThreadModel let you break servlet
  functionality into multiple methods
• Can rely on “instance state” being uncorrupted by
  other requests
• Can’t rely on singletons (static members) or
  persistent instance state between connections
   – The same client making the same request, can get
     different instances of your servlet
              Servlets Chaining
• Servlets cooperate to create content
• Multiple servlets in a chain
   – request parameters supplied to first servlet
   – output piped to successive servlets
   – last servlet in chain sends output to client
• Two ways to direct server to use chains:
   – configure server to handle certain URLs with explicitly-
     specified chains
   – configure server to direct certain content types to
     specific servlets before output
           Example – Removing
              blink Tags
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class Deblink extends HttpServlet
{
   public void doGet(HttpServletRequest req,
   HttpServletResponse res) throws ServletException,
   IOException
   {
        // get the incoming type
        String contentType = req.getContentType();
        // nothing incoming, nothing to do
        if (contentType == null) return;
        // set outgoing type to be incoming type
        res.setContentType(contentType);
    PrintWriter out = res.getWriter();
    BufferedReader in = req.getReader();
    String line = null;

     while ((line = in.readLine()) != null)
     {
            line = replace(line, ”<BLINK>", "");
            line = replace(line, ”</BLINK>", "");
            out.println(line);
     }
} // end doGet()

public void doPost(HttpServletRequest req,
HttpServletResponse res) throws ServletException,
IOException
{
     doGet(req, res);
} // end doPost()
  private String replace(String line, String oldString,
  String newString)
  {
       int index = 0;
       while ((index = line.indexOf(oldString, index)) = 0)
       {
               // Replace the old string with the new string
                      // (inefficiently)
               line = line.substring(0, index)
                      + newString
                      + line.substring(index
                              + oldString.length());
               index += newString.length();
       }
  return line;
  } // end replace()

} // end Deblink
Servlet Chaining Can be Used to
• Quickly change appearance of a page, group of
  pages, or type of content
   – suppress <BLINK> tags
   – translate into a different language
• Display section of page in special format
   – <SQL> tag - print results of query
• Support obscure data types
   – serve up unsupported image formats as GIF or JPEG
               Session Tracking
• HTTP is a stateless protocol
   – many web applications (i.e. shopping carts) are not
   – need to keep track of each user’s state (i.e. items in the
     shopping cart)
• Common techniques
   –   user authorization
   –   hidden form fields
   –   URL rewriting
   –   persistent cookies
         Hidden Form Fields
• Hidden fields are just another type of input
  tag for a form
• The receiving web server can’t tell the
  difference between a user entered value and
  a hidden form field value
  <INPUT TYPE = hidden
       NAME = “DefaultBGColor”
       VALUE = “Green” >
                URL Encoding
• Basically, a way to store lots of name value pairs
  as arguments after a URL
   – End result is a url that looks like a “GET” URL
• If you want to embed a link in a response, and
  want the link to reflect the session-id, use either
  (from HttpServletResponse)
      public String encodeUrl(String url)
      public String encodeRedirectUrl(String url)

• These encode the session id as ?name=value on
  the end of the url
   Tracking with HttpSession
• Servlets have built-in session tracking
• Every user has a HttpSession object
   – store and retrieve user information
       • i.e. shopping cart contents, database connections
• Retrieve the user’s session:
   public HttpSession HttpServletRequest.getSession (boolean create)

   – if the user has no valid session,
       • a new one is created if create is true;
       • null is returned if create is false
        Session Tracking API
• Add data to a session
  public void HttpSession.putValue(String name,
                                   Object value)
  – value must implement Serializable interface
  – replaces any object that is bound in the session
    with the same name
• Retrieve data from a session
  public Object HttpSession.getValue(String name)
  – returns null if no object is bound to the name
       More on Tracking API
• Retrieve the name of all session objects
  public String[] HttpSession.getValueNames()
  – returns an empty array if no bindings
• Remove a value from the session
  public void HttpSession.removeValue(String name)
  – does nothing if no object is bound
• These methods throw an
  IllegalStateException if the session is
  invalid
Hit Count using Session Tracking
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class SessionTracker extends HttpServlet
{
    public void doGet(HttpServletRequest req,
      HttpServletResponse res) throws ServletException,
      IOException
    {
        res.setContentType("text/html");
        PrintWriter out = res.getWriter();

       HttpSession session = req.getSession(true);

       Integer count =
         (Integer)session.getValue("tracker.count");

       if (count == null)
         count = new Integer(1);
       else
         count = new Integer(count.intValue() + 1);
Hit Count using Session Tracking
        session.putValue("tracker.count", count);
        out.println("<HTML><HEAD><TITLE>SessionTracker</TITLE>
          </HEAD>");
        out.println("<BODY><H1>Session Tracking Demo</H1>");

        out.println("You've visited this page " + count +
          ((count.intValue() == 1) ? " time." : " times."));
        out.println("<P>");

        out.println("<H2>Here is your session data:</H2>");
        String[] names = session.getValueNames();
        for (int i = 0; i < names.length; i++)
        {
          out.println(names[i] + ": " +
          session.getValue(names[i]) + "<BR>");
        }
        out.println("</BODY></HTML>");
    }
}
                  Cookies
• Usages:
  – Identifying a user during an e-commerce (or
    other) session
  – Avoiding user-name and password
  – Customizing a site
  – Focusing advartising
                              Cookies
   • Cookies are state information that gets passed
     back and forth between the web server and
     browser in HTTP headers
       – A response header
          Set-Cookie: NAME=VALUE; expires=DATE;
          path=PATH; domain=DOMAIN_NAME; secure
       – A request header
           Cookie: NAME=VALUE; NAME2=VALUE2; NAME3=VALUE3...
   • You create cookies and then add them to the
     HttpServletResponse (or get them from the
     HttpServletRequest)
public void addCookie(Cookie cookie)   public Cookie[] getCookies()
        Limitations on Cookies
• Must be set before any HMTL is generated.
   – Neither servlets embedded using the SERVLET tag,
     nor chained servlets, can set a cookie
   – They can still access cookie values
• Name isn’t unique
   – Uniqueness enforced on (Name, Domain, Path)
      • Most applicable cookie of each name (best match) is
        returned
• Only name, value, and version are returned
            More Limitations
•   Limited to 20 cookies per server/ domain
•   Limited to 300 cookies per user
•   A 4KB size limit per cooky
•   Cookies expire:
           A Lasting Cooky
import javax.servlet.http.*;
public class LongLivedCookie extends Cookie {
public static final int SECONDS_PER_YEAR =
  60*60*24*365;
public LongLivedCookie(String name, String
  value) {
  super(name, value);
      setMaxAge(SECONDS_PER_YEAR);
  }
}
                   javax.servlet.Http.Cookie
                                                                          Secure means, practically, “only
                                                                          send if SSL is being used”
                 public void setComment(String purpose)
                 public void setDomain(String pattern)
                 public void setMaxAge(int expiry)
                 public void setPath(String uri)
                 public void setSecure(boolean flag)
                 public void setValue(String newValue)
                 public void setVersion(int v)
Note that you    public String getValue()
can’t change a   public int getVersion()
cookies name     public String getName()


                 public String getComment()       Comment is used if client
                 public String getPath()          individually approves
                 public int getMaxAge()           cookies
                 public String getDomain()
                 public boolean getSecure()

                                                               Pointless to call
                                                               these because
                                                               browser doesn’t
                                                               send them
             Cookie Defaults
• Max Age – if not set, cookie will expire
  when browser is closed
• Domain/Path – together, they specify where
  the cookie is valid
  – A cookie created in response to the request
       http://www.cs.huji.ac.il/~dbi/home/index.html
                   defaults to
       domain: www.cs.huji.ac.il/
       path: ~dbi/home/
                Note that
• Cookies do not pose a security threat

• They do pose a privacy threat
       Servlet Communication
• To service a request, the servlet may need to
  get resources from:
  – databases
  – other servlets
  – HTML pages (or other files)
  – objects shared among servlets at the same
    server
  – and so on
          Getting a Resource
• There are two ways to get a resource:
  – With a HTTP request
  – Using a RequestDispatcher object
     Getting a Request Dispatcher
public class BookStoreServlet extends HttpServlet {
  public void service (HttpServletRequest request,

                     HttpServletResponse response)
    throws ServletException, IOException {

        // Get the dispatcher; it gets the main page to the
    user
        RequestDispatcher dispatcher =
            getServletContext().getRequestDispatcher(
                           "/bookstore/bookstore.html");
        ...
    }
}
 Resources that are not Available
• To deal with resources that are not available
  you should do:

if (dispatcher == null) {
 // No dispatcher means the html file can not be
    delivered
    response.sendError(response.SC_NO_CONTENT);
 }
            Forwarding Request
public class BookStoreServlet extends HttpServlet {

    public void service (HttpServletRequest request,

                        HttpServletResponse response)
    throws ServletException, IOException {
        ...
        // Get or start a new session for this user
        HttpSession session = request.getSession();
        // Send the user the bookstore's opening page
        dispatcher.forward(request, response);
        ...
    }
}
                Include
• Forwarding a request cannot be used to
  service requests partially
• We should use include() of resources
          ServletContext

• For sharing resources among servlets, we
  use ServletContext
  – Server-specific attributes (name-value pairs,
    much like System.properties) and server
    configuration information
  – Ability to find other servlets
public Servlet getServlet(String name)
                        throws ServletException
public Enumeration getServlets()
public Enumeration getServletNames()

public void log(String msg)
public void log(Exception exception, String msg)

public String getRealPath(String path)
public String getMimeType(String file)
public String getServerInfo()

public Object getAttribute(String name)
public void setAttribute(String name,
                          Object object)
public void removeAttribute(string name)
public Enumeration getAttributeNames();
public class CatalogServlet extends HttpServlet
  {
  public void init() throws ServletException {
      BookDBFrontEnd bookDBFrontEnd =
      ...
      if (bookDBFrontEnd == null) {
             getServletContext().setAttribute(

        "examples.bookstore.database.
          BookDBFrontEnd",
        BookDBFrontEnd.instance());
        }           With getAttribute() the values
    }                are taken and used by other
    ...             servlets
}
                      Servers
• JavaServer Web Development Kit (JSWDK)
  – By Sun
  – the official reference implementation of the servlet 2.1
    and JSP 1.0 specifications
• Tomcat
  – By Apache
  – Tomcat is the official reference implementation of the
    servlet 2.2 and JSP 1.1 specifications
                    Tomcat
• Configuring:
  – A file “web.xml” (called Web application
    deployment descriptor) holds the configuration
    information
  – There are
     • <servlet> and
     • <servlet-mapping>
    elements in the file
        The <servlet> Element
• The Servlet Element
  – establishes a mapping between a servlet name and the
    fully-qualified name of the servlet class:

<servlet>
  <servlet-name>catalog</servlet-name>
  <servlet-class>CatalogServlet</servlet-
  class>
</servlet>
      Determining the Servlet
• When a request is received by Tomcat it
  must determine which servlet should handle
  it
• You designate that certain paths (called
  aliases) map to a specific servlet with the
  servlet-mapping element
    The Mapping of URLs And
            Servlets
• A context root is a path that gets mapped to
  the document root of the servlet application
• If your application's context root is
  /bookstore, then a request URL such as
  http://hostname:8000/bookstore/catalog
  will send the request to the servlet named
  catalog within the bookstore context
             Example
<servlet-mapping>
  <servlet-name>
     catalog
  </servlet-name>
  <url-pattern>
     /catalog
  </url-pattern>
</servlet-mapping>
               Start-up File
• The server startup file is
  TOMCAT_HOME/conf/server.xml
• It holds configuration information
  – Server host (default localhost)
  – server port (default 8080)
  – etc
Calling Servlets From a Browser

• Context-root corresponds to the
  subdirectory of
  TOMCAT_HOME/webapps where you
  have installed your application
• Servlet-name corresponds to the name you
  have given your servlet

http://machine-name:port/Context-root/Servlet-
  name
Online Bookstore
package cart;

import java.util.*;
import database.BookDetails;

public class ShoppingCart {
    Hashtable items = null;
    int numberOfItems = 0;

    public ShoppingCart() {
        items = new Hashtable();
    }

    public void add(String bookId, BookDetails book) {
        if(items.containsKey(bookId)) {
            ShoppingCartItem scitem = (ShoppingCartItem)
items.get(bookId);
            scitem.incrementQuantity();
        } else {
            ShoppingCartItem newItem = new ShoppingCartItem(book);
            items.put(bookId, newItem);
        }

        numberOfItems++;
    }
    public void remove(String bookId) {
        if(items.containsKey(bookId)) {
            ShoppingCartItem scitem = (ShoppingCartItem)
items.get(bookId);
            scitem.decrementQuantity();

            if(scitem.getQuantity() <= 0)
                items.remove(bookId);

            numberOfItems--;
        }
    }

    public Enumeration getItems() {
        return items.elements();
    }

    protected void finalize() throws Throwable {
        items.clear();
    }

    public int getNumberOfItems() {
        return numberOfItems;
    }

    public void clear() {
        items.clear();
        numberOfItems = 0;
    }
}
package cart;

public class ShoppingCartItem {
    Object item;
    int quantity;

    public ShoppingCartItem(Object anItem) {
        item = anItem;
        quantity = 1;
    }

    public void incrementQuantity() {
        quantity++;
    }

    public void decrementQuantity() {
        quantity--;
    }

    public Object getItem() {
        return item;
    }

    public int getQuantity() {
        return quantity;
    }
}
package database;

public class BookDetails {
    private String bookId = null;
    private String title = null;
    private String firstName = null;
    private String surname = null;
    private float price = 0.0F;
    private int year = 0;
    private String description = null;

    public BookDetails(String bookId, String surname, String firstName,
                       String title, float price, int year,
                       String description) {
        this.bookId = bookId;
        this.title = title;
        this.firstName = firstName;
        this.surname = surname;
        this.price = price;
        this.year = year;
        this.description = description;
    }
    public String getTitle() {
        return title;
    }

    public float getPrice() {
        return price;
    }

    public int getYear() {
        return year;
    }

    public String getDescription() {
        return description;
    }

    public String getBookId() {
        return this.bookId;
    }

    public String getFirstName() {
        return this.firstName;
    }

    public String getSurname() {
        return this.surname;
    }
}
package database;

import java.util.*;

/**
 * Sets up the database with the appropriate things for our bookstore.
 */

class BookStoreDB {

    /* The database hashtable and dbByTitle vector are filled with
     * 10 objects of type BookDetails. The hashtable is pretending to
     * be a database; the vector is pretending to be a view of the
     * database.
     */
    private Hashtable database;
    private BookDetails[] dbByTitle;
    private final int numberOfBooks = 10;

    public BookStoreDB () {
        BookDetails book;
        database = new Hashtable();
        dbByTitle = new BookDetails[numberOfBooks];

        book = new BookDetails("201", "Duke", "",
                     "My Early Years: Growing up on *7",
                     (float)10.75, 1995, "What a cool book");
        database.put(new Integer(201), book);
        dbByTitle[5] = book;

        book = new BookDetails("202", "Jeeves", "",
                     "Web Servers for Fun and Profit", (float)10.75,
                     1996, "What a cool book");
        database.put(new Integer(202), book);
        dbByTitle[8] = book;

        book = new BookDetails("203", "Masterson", "Webster",
                     "Servlets: A Web Developers Dream Come True",
                     (float)17.75, 1995, "What a cool book");
        database.put(new Integer(203), book);
        dbByTitle[7] = book;
        book = new BookDetails("204", "RealGood", "Coad",
                     "Moving from C++ to the Java(tm) Programming
Language",
                     (float)10.75, 1996, "What a cool book");
        database.put(new Integer(204), book);
        dbByTitle[4] = book;

        book = new BookDetails("205", "Novation", "Kevin",
                     "From Oak to Java: The Revolution of a Language",
                     (float)10.75, 1998, "What a cool book");
        database.put(new Integer(205), book);
        dbByTitle[1] = book;

        book = new BookDetails("206", "Gosling", "James",
                     "Oak Intermediate Bytecodes", (float)10.75,
                     1998, "What a cool book");
        database.put(new Integer(206), book);
        dbByTitle[6] = book;

        book = new BookDetails("207", "Thrilled", "Ben",
                     "The Green Project: Programming for Consumer
Devices",
                     (float)10.75, 1998, "What a cool book");
        database.put(new Integer(207), book);
        dbByTitle[2] = book;

        book = new BookDetails("208", "Duke", "",
                     "100% Pure: Making Cross Platform Deployment a
Reality",
                     (float)10.75, 1998, "What a cool book");
        database.put(new Integer(208), book);
        dbByTitle[9] = book;

        book = new BookDetails("209", "Tru", "Itzal",
                     "Duke: A Biography of the Java Evangelist",
                     (float)10.75, 1998, "What a cool book");
        database.put(new Integer(209), book);
        dbByTitle[0] = book;

        book = new BookDetails("210", "Sidence", "Cohen",
                     "I Think Not: Duke's Likeness to the Federation
Insignia",
                     (float)10.75, 1998, "What a cool book");
        database.put(new Integer(210), book);
        dbByTitle[3] = book;
    }

    BookDetails getBookDetails(String bookId) {
        Integer key = new Integer(bookId);

        return (BookDetails)database.get(key);
    }

    BookDetails[] getBooksSortedByTitle() {
        return dbByTitle;
    }
package database;

import java.io.*;

/**
 * Object that gets information from the Duke's Bookstore database.
 */
public class BookDBFrontEnd {

  private BookStoreDB books;
  private static BookDBFrontEnd onlyInstance = null;

  /* Private no-args constructor */
  private BookDBFrontEnd() {
      init();
  }

  /** Static factory method that makes a single instance of this
   * class. */
  public static BookDBFrontEnd instance () {
    if (onlyInstance == null)
        onlyInstance = new BookDBFrontEnd();

      return onlyInstance;
  }
    /** Initialize the book database, and store it in this. */
    public void init() {
      // Load the database to prepare for requests
      books = new BookStoreDB();
    }

    /** Set the database to null so that it can be garbage collected. */
    public void destroy() {
      books = null;
    }

    /** Return information about the book associated with the given
      * book identifier. */
    public BookDetails getBookDetails(String bookId) {
       return books.getBookDetails(bookId);
    }

    /** Return information about all the books in the bookstore.
      * Sort the books into alphabetical order using their title
      * as the key. */
    public BookDetails[] getBooksSortedByTitle() {
       return books.getBooksSortedByTitle();
    }

    /** Return the number of books in the bookstore database. */
    public int getNumberOfBooks() {
      return books.getNumberOfBooks();
    }
}
Handling Get Requests
import   java.io.*;
import   javax.servlet.*;
import   javax.servlet.http.*;
import   database.*;
import   cart.*;

/**
 * This is a simple example of an HTTP Servlet. It responds to the GET
 * and HEAD methods of the HTTP protocol. This servlet calls other
 * servlets.
 */
public class BookDetailServlet extends HttpServlet {

//Get Servlet specific configuration information
    public void init() throws ServletException {
      //getServletContext() retrieves information about servlet engine
      //getAttribute() returns servlet engine attribute with given name
      BookDBFrontEnd bookDBFrontEnd =
            (BookDBFrontEnd)getServletContext().getAttribute(
                "examples.bookstore.database.BookDBFrontEnd");

          if (bookDBFrontEnd == null) {
              getServletContext().setAttribute(
                  "examples.bookstore.database.BookDBFrontEnd",
                  BookDBFrontEnd.instance());
          }
    }
public void doGet (HttpServletRequest request,
                   HttpServletResponse response)
    throws ServletException, IOException
{
    // Get the user's session and shopping cart
    HttpSession session = request.getSession(true);
    ShoppingCart cart =
        (ShoppingCart)session.getValue(session.getId());

    // If the user has no cart, create a new one
    if (cart == null) {
        cart = new ShoppingCart();
        session.putValue(session.getId(), cart);
    }

 // set content-type header before accessing the Writer
   response.setContentType("text/html");
   PrintWriter out = response.getWriter();
     // then write the response
       out.println("<html>" +
                   "<head><title>Book Description</title></head>" +

                    "<body bgcolor=\"#FFFFFF\">" +
                    "<center>" +
                    "<hr> <br> &nbsp;" +
                    "<h1>" +
                    "<font size=\"+3\" color=\"red\">Duke's </font>" +
                    "<font size=\"+3\"
color=\"purple\">Bookstore</font>" +
                    "</h1>" +
                    "</center>" +
                    "<br> &nbsp; <hr> <br> &nbsp;");
        //Get the identifier of the book to display
        String bookId = request.getParameter("bookId");
        if (bookId != null) {

            // and the information about the book
            BookDBFrontEnd frontEnd =
                (BookDBFrontEnd)getServletContext().getAttribute(
                    "examples.bookstore.database.BookDBFrontEnd");
            BookDetails bd = frontEnd.getBookDetails(bookId);

            //Print out the information obtained
            out.println("<h2>" + bd.getTitle() + "</h2>" +

                        "&nbsp; By <em>" + bd.getFirstName() + ", " +
                        bd.getSurname() + "</em> &nbsp; &nbsp; " +
                        "(" + bd.getYear() + ")<br> &nbsp; <br>" +

                        "<h4>Here's what the critics say: </h4>" +
                        "<blockquote>" + bd.getDescription() +
                        "</blockquote>" +

                        "<h4>Our price: $" + bd.getPrice() + "</h4>" +

                        "<center>" +
                        "<p><a href=\"" +
                        "/servlet/catalog?Buy=" + bookId +
                        "\"> Add this item to your shopping
cart.</a></p>" +
                        "</center>");
        }
        out.println("</body></html>");
        out.close();
    }

    public String getServletInfo() {
        return "The BookDetail servlet returns information about" +
               "any book that is available from the bookstore.";
    }
}
Handling Post Requests
import   java.io.*;
import   javax.servlet.*;
import   javax.servlet.http.*;
import   cart.ShoppingCart;

/**
 * An HTTP servlet that responds to the POST method of the HTTP
protocol.
 * It clears the shopping cart, thanks the user for the order,
 * and resets the page to the BookStore's main page.
 */

public class ReceiptServlet extends HttpServlet {

    public void doPost(HttpServletRequest request,
                       HttpServletResponse response)
      throws ServletException, IOException
    {
        // Get the user's session and shopping cart
        HttpSession session = request.getSession(true);
        ShoppingCart cart =
            (ShoppingCart)session.getValue(session.getId());

          // If the user has no cart, create a new one
          if (cart == null) {
              cart = new ShoppingCart();
              session.putValue(session.getId(), cart);
          }

          // Payment received -- invalidate the session
          session.invalidate();
        // set content type header before accessing the Writer
        response.setContentType("text/html");
        PrintWriter out = response.getWriter();

        // then write the response
        out.println("<html>" +
                    "<head><title> Receipt </title>" +
                    "<meta http-equiv=\"refresh\" content=\"4; url=" +
                    "http://" + request.getHeader("Host") +
                    "/servlet/bookstore;\">" +
                    "</head>" +

                    "<body bgcolor=\"#FFFFFF\">" +
                    "<center>" +
                    "<hr> <br> &nbsp;" +
                    "<h1>" +
                    "<font size=\"+3\" color=\"red\">Duke's </font>" +
                    "<font size=\"+3\"
color=\"purple\">Bookstore</font>" +
                    "</h1>" +
                    "</center>" +
                    "<br> &nbsp; <hr> <br> &nbsp;");

        out.println("<h3>Thank you for purchasing your books from us "
+
                       request.getParameter("cardname") +
                       "<p>Please shop with us again soon!</h3>" +

                       "<p><i>This page automatically resets.</i>" +

                       "</body></html>");
        out.close();
    }

    public String getServletInfo() {
        return "The Receipt servlet clears the shopping cart, " +
               "thanks the user for the order, and resets the " +
               "page to the BookStore's main page.";
    }
}
             Servlet Descriptions
• To allow server to display information
  about servlet
• getServletInfo
   public class BookStoreServlet extends HttpServlet {
             ...
             public String getServletInfo() {
                      return "The BookStore servlet returns the " +
                                "main web page for Duke's Bookstore.";
   }}

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:10/8/2012
language:English
pages:135