secure chatting report

8/9/2019 Secure Chatting report

http://slidepdf.com/reader/full/secure-chatting-report 1/51

SECURE INTERACTIVE COMMUNICATION

1. INTRODUCTION

With the advent of online chatting, the communication over internet has been

revolutionized. Online chatting is a way of communication through internet, where text

messages are transferred from one desktop to another. It can also be defined as a form of real

time communication between two or more people based on typed text. A text based chat is

also known as synchronous conferencing. The term synchronous is use here as the message

creation and transfer are instant and all users are online while chatting.

The chat system needs to be a simple model so that it is easy to operate without

much need for learning. We also should have the objective to utilize minimum system

resources as possible

An online chat based on the concept of sockets is a form of synchronous

conferencing in which a number of users can enter and discuss any issue. Here, we will

design a chat application to take place through text messages between people in the same org.

1.1 Overview

There are numerous products available that allow for real time “chatting” over the

Internet. The purpose of this project is to implement a Java based chat application that

will allow users with an internet connection to engage in private and public conversations.

The development of this project centered on the development of a message protocol that

would allow the application to properly log in users, send messages, and perform system

maintenance.

DEPT OF CSE, CIT, GUBBI 1 By Syed Ilyas Ahamed




1.2 Problem Statement

We are providing an easy to use and a rich graphical user interface.

It is basically a server-client model in which server side program is used to save the

details of the users.

The user can send instant messages to other clients that are online at that instant using

the “send” option.

Users can also choose to chat in private with any one on the list.

To end the session the user has to exit the network by using the “disconnect” option.

1.3 Objectives

The Java Chat Application was developed iteratively. Development initially centered

on a simple echo server that would allow communication between a single client and a

central server. Next, functionality was added that allowed for multiple clients. At this

point, there was a single public chat room where all users could communicate to each

other.

The next stage of development centered on the creation of private chat rooms. This

allowed multiple users to communicate in individual chat rooms. Finally, functionality

was added for the creation of public topic chat rooms. These rooms allowed any user to

join to discuss a certain topic.





1.4 Methodology

The system is developed with evolutionary development model. The application is

developed in JAVA on the windows platform on the basic concept of Client – server

Communication. The server socket is used to listen for a client and client will get

connected to the server socket.

The application provides various features such as client authentication, maintaining

user links, count of number of users in a chat, blocking users, private chat, sending of

text message, transferring of audio, emoticons, switching between chat rooms and

multicast communication. The application will also utilize different packages present in

java, which provide set of classes to perform different tasks. The application software

has been validated through various testing process.

Further we are also using the program language JAVA which a simple, safe and

architecturally neutral and object oriented language. Further Java is an interpreted and high

performance, interactive, robust and multi threaded language amenable for quick

implementation.

1.5 Scope

We in this project are proposing to design and develop a textual chat communication in

an intranet system.

The project is planned for implementation with a server and two clients to provide a text

communication through several chat rooms as well as a private chat facility. It is also planned

to have a facility of ignoring the user if so desired.





As the scope of such a communication system is vast and several of the features are likely

to surface as we progress, an evolutionary model of development is to be followed. The

development will follow by testing as per software methodology. Further the development

needs to adhere to modular approach so as to provide scope for enhancements for future

work.

2. LITERATURE SURVEY

2.1 Java (object–oriented programming language).

The name Java is applied to a variety of technologies created by Sun Microsystems.

While the reader will instantly associate Java with a programming language (which it mostcertainly is), in actuality Java is also much more.

There are three main components of Java:

The Java programming language— a programming language used to write software

for the Java platform.

The Java platform— a range of runtime environments that support execution of

software written in Java.

The Java API— a rich, fully featured class library that provides graphical user interface,

data storage, data processing, I/O, and networking support. Each of these parts is equally

important, and is discussed individually below,

Simple

Secure

Portable

Robust

Multithreaded

Platform-independent

Automatic Garbage Collection

Internet Awareness





Simple: Java was designed to be easy for the programmer to learn and use effectively. If you

already understand the basic concepts of object –oriented programming, learning java will be

even be easier

Secure: Java providing a “firewall” between a networked application and your computer.

When we use java compatible Web browser, we can safely download Java applets without

Fear of viral infection. Java achieves this protection by confining a Java program to the Java

execution environment.

Portable: Many types of computers and operating systems are in use throughout the world

and many are connected to the Internet. For programs to be dynamically downloaded to all

the various types of platforms connected to the Internet, some means of generating portable

executable code is needed.

Robust: To better understand how java is robust; consider main reasons for program failure:

memory management mistakes. Memory management can be difficult, tedious task in

traditional programming environments. For example, in c/c++ the programmer must

manually allocate and free all dynamic memory. This sometimes leads some problems,

because programmers will either forget to free memory that has been previously allocated or,

worse, try to free some memory that another part of their code is still using. Java virtually

eliminates these problems by managing memory allocation deal location for you.

Multithreaded: Java was designed to meet the real world requirements of creating

interactive, networked programs. To accomplish this Java supports multithreaded

programming which allows you to write programs that do many things simultaneously

Platform-Independent: Java enables the creation of cross-platform programs by compiling

into an intermediate representation called Java byte code. This code can be interpreted on any

system that provides a Java Virtual Machine. Java bytecode was carefully designed so that it





would be easy to translate directly into native machine code for very high performance by

using just-in-time compiler

Encapsulation: Encapsulation is the mechanism that binds together code and the data it

manipulates, and keeps both safe from outside interference and misuse. One way to think about encapsulation is as a protective wrapper that prevents the code and data from being

arbitrarily accessed by other code defined outside the wrapper. Access to the code and data

inside the wrapper is tightly controlled through a well-defined interface

Inheritance: Inheritance is the process by which one object acquires the properties of

another object. This is important because it supports the concept of hierarchical

classification. As mentioned earlier, most knowledge is made manageable by hierarchical

(top-down) classifications

Inheritance interacts with encapsulation as well. If a given class encapsulates some

attributes, then any subclass will have the same attributes plus any attributes that it adds as

part of its specialization. This is a key concept that lets object-oriented programs grow in

complexity linearly rather than geometrically. A new subclass inherits all of the attributes of

all of its ancestors. It does not have unpredictable interactions with the majority of the rest of

the code in the system.





Polymorphism: Polymorphism (from the Greek, meaning “many forms”) is a

feature that allows one interface to be used for a general class of actions. The

specific action is determined by the exact nature of the situation. Consider a

stack (last-in, first-out list). You might have a program that requires three types

of stack. One stack is used for integer values, one for floating-point values, and

one for characters. The algorithm that implements each stack is the same, even

though the data being stored differs. In a non-object-oriented language, you

would be required to create three difference sets of stack routines, with each set

using different names. However, because of polymorphism, in Java you can

specify a general set of stack routines that all share the same names.

Automatic Garbage Collection: Java, however, takes a different approach. When a newinstance of an object is declared, the Java Virtual Machine (JVM) allocates the appropriate

amount of memory for it automatically. When the object is no longer needed, a null value can

be assigned to the object reference, and the automatic garbage collection thread will silently

reclaim the memory for later use, without the programmer having to worry about how or

when this occurs (such as when the application is idle and waiting for input). If a reference to

an object is not maintained, and not explicitly assigned a null value, the garbage collector

will still reclaim the memory (for example, if a temporary object is created by a method, and

the method terminates).

This has two big advantages:

(1) Less work for programmers

(2) Elimination of memory leaks.





Internet Awareness: There are many advantages to network programming

of a language being Internet aware. The Java language provides a rich, fully

featured networking API that offers a consistent interface for Java

developers no matter what platform they are running. The networking API is

also well designed, and is certainly easier to pick up than those of other

languages. The combination that Java offers of networking classes and

input/output streams makes it easy to use and efficient to program in.

In particular, Java offers classes for the following network resources:

• IP addresses

• User Datagram Protocol packets

• Transmission Control Protocol streams

• HyperText Transfer Protocol requests

• Multicasting of data packets

2.2 Swings

Swing is a set of classes that provides more powerful and flexible components

than are possible with the AWT. In addition to the familiar components, such as buttons,

check boxes, and labels, Swing supplies several exciting additions, including tabbed panes,

scroll panes, trees, and tables. Even familiar components such as buttons have more

capabilities in Swing. For example, a button may have both an image and a text string

associated with it. Also, the image can be changed as the state of the button changes.

Unlike AWT components, Swing components are not implemented by platform-

specific code. Instead, they are written entirely in java and, therefore, are platform-

independent. This means that they don’t depend on the native windows implementation to

support them. It also means the swing components are available and consistent across all

platforms; the term lightweight is used to describe such elements.

Swing Features

Pluggable look-and feels





Lightweight components

• Do not depend on native peers to render them.

• Simplified graphics to paint on screen

•

Similar behavior across all platforms• Portable look and feel

• Only a few top level containers not lightweight.

New components—tress tables, sliders progress bars, frames, text components.

Tool tips—textual popup to give additional help

Arbitrary keyboard event binding

Debugging support

Components of Swings

JPanel is Swing's version of the AWT class Panel and uses the same default layout,

FlowLayout. JPanel is descended directly from JComponent.

JFrame is Swing's version of Frame and is descended directly from that class. The

components added to the frame are referred to as its contents; these are managed by thecontentPane. To add a component to a JFrame, we must use its contentPane instead.

JInternalFrame is confined to a visible area of a container it is placed in. It can be

iconified , maximized and layered.

JWindow is Swing's version of Window and is descended directly from that class. Like

Window, it uses BorderLayout by default.


http://www.javabeginner.com/jframe.htm

http://www.javabeginner.com/jinternalframe.htm

http://www.javabeginner.com/jwindow.htm

http://www.javabeginner.com/jframe.htm

http://www.javabeginner.com/jinternalframe.htm

http://www.javabeginner.com/jwindow.htm




JDialog is Swing's version of Dialog and is descended directly from that class. Like

Dialog, it uses BorderLayout by default. Like JFrame and JWindow, JDialog contains a

rootPane hierarchy including a contentPane, and it allows layered and glass panes. All

dialogs are modal, which means the current thread is blocked until user interaction with it

has been completed. JDialog class is intended as the basis for creating custom dialogs;

however, some of the most common dialogs are provided through static methods in the

class JOptionPane.

JLabel descended from JComponent, is used to create text labels.

Jbutton The abstract class AbstractButton extends class JComponent and provides a

foundation for a family of button classes.

JButton is a component the user clicks to trigger a specific action.

JTextField allows editing of a single line of text. New features include the ability to

justify the text left, right, or center, and to set the text's font.

JPasswordField (a direct subclass of JTextField) you can suppress the display of input.

Each character entered can be replaced by an echo character. This allows confidential

input for passwords, for example. By default, the echo character is the asterisk, *.

JTextArea allows editing of multiple lines of text. JTextArea can be used in conjunction

with class JScrollPane to achieve scrolling. The underlying JScrollPane can be forced to

always or never have either the vertical or horizontal scrollbar;

JRadioButton is similar to JCheckbox, except for the default icon for each class. A set of

radio buttons can be associated as a group in which only one button at a time can be

selected.

JCheckBox is not a member of a checkbox group. A checkbox can be selected and

deselected, and it also displays its current state.


http://www.javabeginner.com/jlabel.htm

http://www.javabeginner.com/jtextfield.htm

http://www.javabeginner.com/jpasswordfield.htm

http://www.javabeginner.com/jtextarea.htm

http://www.javabeginner.com/jradiobutton.htm

http://www.javabeginner.com/jcheckbox.htm

http://www.javabeginner.com/jlabel.htm

http://www.javabeginner.com/jtextfield.htm

http://www.javabeginner.com/jpasswordfield.htm

http://www.javabeginner.com/jtextarea.htm

http://www.javabeginner.com/jradiobutton.htm

http://www.javabeginner.com/jcheckbox.htm




JComboBox is like a drop down box. You can click a drop-down arrow and select an

option from a list. For example, when the component has focus, pressing a key that

corresponds to the first character in some entry's name selects that entry. A vertical

scrollbar is used for longer lists.

JList provides a scrollable set of items from which one or more may be selected. JList

can be populated from an Array or Vector. JList does not support scrolling directly,

instead, the list must be associated with a scrollpane. The view port used by the scroll

pane can also have a user-defined border. JList actions are handled using

ListSelectionListener.

JTabbedPane contains a tab that can have a tool tip and a mnemonic, and it can display

both text and an image.

JToolbar contains a number of components whose type is usually some kind of button

which can also include separators to group related components within the toolbar.

FlowLayout when used arranges swing components from left to right until there's no

more space available. Then it begins a new row below it and moves from left to right

again. Each component in a FlowLayout gets as much space as it needs and no more.

BorderLayout places swing components in the North, South, East, West and center of a

container. You can add horizontal and vertical gaps between the areas.

GridLayout is a layout manager that lays out a container's components in a rectangular

grid. The container is divided into equal-sized rectangles, and one component is placed in

each rectangle.

GridBagLayout is a layout manager that lays out a container's components in a grid of

cells with each component occupying one or more cells, called its display area. The

display area aligns components vertically and horizontally, without requiring that the

components be of the same size.


http://www.javabeginner.com/jcombobox.htm

http://www.javabeginner.com/jlist.htm

http://www.javabeginner.com/jtabbedpane.htm

http://www.javabeginner.com/jtoolbar.htm

http://www.javabeginner.com/flowlayout.htm

http://www.javabeginner.com/borderlayout.htm

http://www.javabeginner.com/gridlayout.htm

http://www.javabeginner.com/gridbaglayout.htm

http://www.javabeginner.com/jcombobox.htm

http://www.javabeginner.com/jlist.htm

http://www.javabeginner.com/jtabbedpane.htm

http://www.javabeginner.com/jtoolbar.htm

http://www.javabeginner.com/flowlayout.htm

http://www.javabeginner.com/borderlayout.htm

http://www.javabeginner.com/gridlayout.htm

http://www.javabeginner.com/gridbaglayout.htm




JMenubar can contain several JMenu's. Each of the JMenu's can contain a series of

JMenuItem 's that you can select. Swing provides support for pull-down and popup

menus.

Scrollable JPopupMenu is a scrollable popup menu that can be used whenever we have

so many items in a popup menu that exceeds the screen visible height.

2.3 Sockets

A socket is one end-point of a two-way communication link between two programs

running on the network. Socket classes are used to represent the connection between a client

program and a server program. The java.net package provides two classes. --Socket and

Server Socket--that implement the client side of the connection and the server side of the

connection, respectively. Socket is an abstraction of an IP Port. Sockets are a concept that has

been around in programming languages for some time. They first appeared in early Unix

systems in the 1970s and are now the 'standard' low-level communication primitive.

TCP Sockets and Java

Java offers good support for TCP sockets, in the form of two socket classes,

java.net.Socket and java.net.ServerSocket. When writing client software that connects to an

existing service, the Socket class should be used. When writing server software that binds to

a local port in order to provide a service, the ServerSocket class should be employed. This is

different from the way a DatagramSocket works with UDP—the function of connecting to

servers, and the function of accepting data from clients, is split into a separate class under

TCP.


http://www.javabeginner.com/jmenubar.htm

http://www.javabeginner.com/scrollable-jpopupmenu.htm

http://www.javabeginner.com/jmenubar.htm

http://www.javabeginner.com/scrollable-jpopupmenu.htm




Socket Class

The Socket class represents client sockets, and is a communication channel between

two TCP communications ports belonging to one or two machines. A socket may connect to

a port on the local system, avoiding the need for a second machine, but most network

software will usually involve two machines. TCP sockets can't communicate with more than

two machines, however. If this functionality is required, a client application should establish

multiple socket connections, one for each machine. However, a wide range of constructors is

available, for different situations.

All constructors are public.• protected Socket () — creates an unconnected socket using the default implementation

provided by the current socket factory. Developers should not normally use this method, as

it does not allow a hostname or port to be specified.

• Socket (InetAddress address int port) throws java.io.IOException,

java.lang.SecurityException — creates a socket connected to the specified IP address and

port. If a connection cannot be established, or if connecting to that host violates a security

restriction (such as when an applet tries to connect to a machine other than the machine

from which it was loaded), an exception is thrown.

• Socket (InetAddress address, int port, InetAddress localAddress int localPort) throws

java.io.IOException, java.lang.SecurityException — creates a socket connected to the

specified address and port, and is bound to the specified local address and local port.

By default, a free port is used, but this method allows you to specify a specific port number,

as well as a specific address, in the case of multihomed hosts (i.e., a machine where the

localhost is known by two or more IP addresses).





• protected Socket (SocketImpl implementation) — creates an unconnected socket using the

specified socket implementation. Developers should not normally use this method, as it does

not allow a hostname or port to be specified.

•Socket(String host, int port) throws java.net.UnknownHostException, java.io.IOException,

java.lang.SecurityException — creates a socket connected to the specified host and port. This

method allows a string to be specified, rather than an InetAddress. If the hostname could not

be resolved, a connection could not be established, or a security restriction is violated, an

exception is thrown.

• Socket (String host, int port, InetAddress localAddress, int localPort) throws

java.net.UnknownHostException, java.io.IOException, java.lang.SecurityException —

creates a socket connected to the specified host and port, and bound to the specified local

port and address. This allows a hostname to be specified as a string, and not an InetAddress

instance, as well as allowing a specific local address and port to be bound to. These local

parameters are useful for multihomed hosts (i.e., a machine where the localhost is known by

two or more IP addresses). If the hostname can't be resolved, a connection cannot be

established, or a security restriction is violated, an exception is thrown.

Creating a Socket

Under normal circumstances, a socket is connected to a machine and port when it is

created. Although there is a blank constructor that does not require a hostname or port, it is

protected and can't be called from normal applications. Furthermore, there isn't a connect()

method that allows you to specify these details at a later point in time, so under normal

circumstances the socket will be connected when created. If the network is fine, the call to a

socket constructor will return as soon as a connection is established, but if the remote

machine is not responding, the constructor method may block for an indefinite amount of

time.





This varies from system to system, depending on a variety of factors such as the

operating system being used and the default network timeout (some machines on a local

intranet, for example, seem to respond faster than some Internet machines, depending on

network settings).

You can't ever guarantee how long a socket may block for, but this is abnormal

behavior and won't happen frequently. Nonetheless, in mission-critical systems it may be

appropriate to place such calls in a second thread, to prevent an application from stalling.

Using a Socket

Sockets can perform a variety of tasks, such as reading information, sending data,

closing a connection, and setting socket options. In addition, the following methods are

provided to obtain information about a socket, such as address and port locations:

Methods

• void close() throws java.io.IOException — closes the socket connection.

Closing a connect may or may not allow remaining data to be sent, depending on the

value of the SO_LINGER socket option. Developers are advised to flush any output

streams before closing a socket connection.

• InetAddress getInetAddress() — returns the address of the remote machine that is

connected to the socket.

• InputStream getInputStream() throws java.io.IOException — returns an

input stream, which reads from the application this socket is connected to.

• OutputStream getOutputStream() throws java.io.IOException — returns

an output stream, which writes to the application that this socket is connected to.

• boolean getKeepAlive() throws java.net.SocketException — returns the

state of the SO_KEEPALIVE socket option.





• InetAddress getLocalAddress() — returns the local address associated with the socket

(useful in the case of multihomed machines).

• int getLocalPort() — returns the port number that the socket is bound to on the local

machine.

• int getPort() — returns the port number of the remote service to which the socket is

connected.

• int getReceiveBufferSize() throws java.net.SocketException — returns the receive buffer

size used by the socket, determined by the value of the SO_RCVBUF socket option.

• int getSendBufferSize() throws java.net.SocketException — returns the send buffer size

used by the socket, determined by the value of the SO_SNDBUF socket option.

• int getSoLinger() throws java.net.SocketException — returns the value of the SO_LINGER

socket option, which controls how long unsent data will be queued when a connection is

terminated.

• int getSoTimeout() throws java.net.SocketException — returns the value of the

SO_TIMEOUT socket option, which controls how many milliseconds a read operation will

block for. If a value of 0 is returned, the timer is disabled and a thread will block

indefinitely (until data is available or the stream is terminated).

• void setSendBufferSize(int size) throws java.net.SocketException — modifies the value of

the SO_SNDBUF socket option, which recommends a buffer size for the operating system's

network code to use for sending incoming data. Not every system will support this

functionality or allows absolute control over this feature. If you want to buffer incoming data,

you're advised to instead use a BufferedOutputStream or a BufferedWriter.





•static void setSocketImplFactory (SocketImplFactoryfactory) throws java.net.Socket

Exception , java.io.IOException, java. lang.SecurityException — assigns a socket

implementation factory for the JVM, which may already exist, or may violate security

restrictions, either of which causes an exception to be thrown. Only one factory can be

specified, and this factory will be used whenever a socket is created.

• void setSoTimeout(int duration) throws java.net.SocketException —modifies the value of

the SO_TIMEOUT socket option, which controls how long (in milliseconds) a read

operation will block. A value of zero disables timeouts, and blocks indefinitely. If a timeout

does occur, a java.io.IOInterruptedException is thrown whenever a read operation occurs on

the socket's input stream. This is distinct from the internal TCP timer, which triggers a resend

of unacknowledged datagram packets.

• void shutdownInput() throws java.io.IOException — closes the input stream associated with

this socket and discards any further information that is sent. Further reads to the input stream

will encounter the end of the stream marker.

• void shutdownOutput() throws java.io.IOException — closes the output stream associatedwith this socket. Any data previously written, but not yet sent, will be flushed, followed by a

TCP connection-termination sequence, which notifies the application that no more data will

be available (and in the case of a Java application, that the end of the stream has been

reached). Further writes to the socket will cause an IOException to be thrown.

ServerSocket Class

A special type of socket, the server socket, is used to provide TCP services. Client

sockets bind to any free port on the local machine, and connect to a specific server port and

host. The difference with server sockets is that they bind to a specific port on the local

machine, so that remote clients may locate a service. Client socket connections will connect

to only one machine, whereas server sockets are capable of fulfilling the requests of multiple

clients.





The way it works is simple—clients are aware of a service running on a particular

port (usually the port number is well known, and used for particular protocols, but servers

may run on nonstandard port numbers as well). They establish a connection, and within the

server, the connection is accepted. Multiple connections can be accepted at the same time, or

a server may choose to accept only one connection at any given moment.

Once accepted, the connection is represented as a normal socket, in the form of a

Socket object—once you have mastered the Socket class, it becomes almost as simple to

write servers as it does clients. The only difference between a server and a client is that the

server binds to a specific port, using a ServerSocket object. This ServerSocket object acts as

a factory for client connections—you don't need to create instances of the Socket class

yourself. These connections are modeled as a normal socket, so you can connect input and

output filter streams (or even a reader and writer) to the connection.

Constructors

ServerSocket(int port) throws java.io.IOException, java.lang.SecurityException binds

the server socket to the specified port number, so that remote clients may locate the TCP

service. If a value of zero is passed, any free port will be used—however, clients will beunable to access the service unless notified somehow of the port number. By default, the

queue size is set to 50, but an alternate constructor is provided that allows modification of

this setting. If the port is already bound, or security restrictions (such as security polices or

operating system restrictions on well-known ports) prevent access, an exception is thrown.





Methods

• Socket accept() throws java.io.IOException, java.lang.SecurityException — waits for a

client to request a connection to the server socket, and accepts it. This is a blocking I/O

operation, and will not return until a connection is made (unless the timeout socket option is

set). When a connection is established, it will be returned as a Socket object. When accepting

connections, each client request will be verified by the default security manager, which

makes it possible to accept certain IP addresses and block others, causing an exception to be

thrown. However, servers do not need to rely on the security manager to block or terminate

connections—the identity of a client can be determined by calling the getInetAddress()

method of the client socket.

• void close() throws java.io.IOException — closes the server socket, which unbinds the TCP

port and allows other services to use it.

• InetAddress getInetAddress() — returns the address of the server socket, which may be

different from the local address in the case of a multihomed machine (i.e., a machine whose

localhost is known by two or more IP addresses).

• int getLocalPort() — returns the port number to which the server socket is bound.

Socket Exceptions

The java.net.SocketException represents a generic socket error, which can represent a

range of specific error conditions. For finer-grained control, applications should catch the

subclasses.

• BindException

• ConnectException

• NoRouteToHostException

• InterruptedIOException





2.4 MYSQL

MySQL is a software package that enables the creation, maintenance and

management of database. MySQL is a Structured Query Language SQL) based, client/server relational database. Each of these terms describes a fundamental part of the architecture of

MySQL Server. MySQL’s specific design goals were speed, robustness and ease of use. To

improve the performance, MySQL was made as a multithreaded database engine. A

multithreaded application performs many tasks at the same time as if multiple instances of

that application were running simultaneously. Multithreaded applications have a lower

overhead cost, when compared with multi-processed databases.

In being multithreaded, MySQL has many advantages. A separate thread handles

each incoming connection with an extra thread that is always running to manage the

connections. Multiple clients can perform read operations simultaneously, but while writing,

only the clients that need access to the data being updated are held. Even though the threads

share the same process space, they execute individually. Because of this separation,

multiprocessor machines can spread the thread across many CPUs as long as the host

operating system supports multiple CPUs. Multithreading is the key feature to support

MySQL’s performance design goals and this is the core feature around which MySQL is

built. MySQL has other features but the most attracting features are cost and performance.

MySql has many advantages in comparison to Oracle.

1 - MySql is Open source, which can be available any time

2 - MySql has no cost of development purpose.

3 - MySql has most of features, which oracle provides

4 - MySql day by day updating with new facilities.

5 - Good for small application.

6 - easy to learn and to become master.





3 REQUIREMENT ANALYSIS

3.1 Hardware Requirements

1. Normal PC Configuration.

Any Processor, 128 MB RAM or higher, Hard disk 40 GB or above

2. Networking Components.

1. NIC Card.

2. Cables.

3. Switch.

3.2 Software Requirements

1. Front end Java, Java runtime version1.3 or higher,

Jdk toolkit version1.3 or higher.

2. Database Mysql.

3. Operating Windows xp , windows 7.

3.3 Functional Requirements

The functional requirements specify the services that are provided to the user. This

will also specify how the system should react to particular inputs and how system should

behave in particular situation. It may also explicitly state what the system should not do.

Accordingly the functional requirements of our system can be specified as follows.





Software to be used as a standalone program or as a component of another program as

several components are embedded into it.

The user interface consists of a single window, from where all functionalities are

available. Mouse control to be used

Help document to be provided to assist user when deemed necessary.

3.4 Non-Functional requirements

These requirements specify the services that are not directly linked to the working of

application but specify the environment and the way the software is expected to function.

Accordingly the non-functional requirements of system are as follows

Performance should be reliable, If any error occurs or data is missing the user should be

informed.

Easy to use User Interface.

Reusability of independent modules





4 DESIGN

4.1 Data and Flow Diagram

Figure 1- shows the data flow of the application between the clients and server.

Each client will have a two-way communication link (send and receive) with the

server. The server is responsible for relaying any messages between clients. The server may

also log any events and data to a local file on the server computer.

4.2 Structure of the Server Application

The server application creates an instance of a menu thread class, a listen thread class

monitoring new connections and a list of clients running in their own threads tracking


CLIENT

CLIENT

CLIENT

SERVER LogFile




incoming data from individual clients. Figure shows the structure of the server application

classes.

Figure 2 – Server Class Structure

JMessengerServer is the main application class that creates an instance of the text menu,

listen thread and stores the client threads. Each sub class uses action events to return data and

user responses to the main class ready for processing.

CTextMenuThread displays the server menu options and reads the user response via the

keyboard. This class calls the following action events defined in CMenuListener that are

implemented in JMessengerServer:

OnServerRunning

Used to start or stop the server from listening to new connections and relaying

messages from connected users.

OnShutdown

Shuts down the server application and exits back to the operating system.


JMessengerServer

CMenuThread

CListenThread

CClientListenThread

CCommandParser




OnLogging

Used to enable or disable server logging.

OnLogFileClear

Used when the user requests to clear the log file.

OnViewLogFile

Used when the user requests to view the log file.

OnShowConnectedUsers

Used when the user requests to view all connected users.

CListenThread listens for incoming connections from remote clients. The class listens for a

connection for a 10th of a second and then loops. The timeout is set to a 100 milliseconds to

enable the application to stop listening if required. This class calls the following action

events defined in CListenListener that are implemented in JMessengerServer:

OnListen:

Used to inform the application that the server socket is listening on the

specified port.

OnClose

Used to inform the application that the server socked was closed.

OnNewConnection

Used to inform the application that a new client connection has been made.

OnListenError

Used to inform the application that there was an error relating to the server

socket listen thread.

CClientListenThread handles all the individual operations relating to a particular client

connection. This class will deal with incoming data from the client and will also send data to

the client. This class calls the following action events defined in CClientListenListener and

are implemented in JMessengerServer:





OnUserAuthenticate

Used when a user has requested to authenticate a particular username.

OnUserLeave

Used when a user has disconnected from the server.

OnUserSendMessage

Used when a user has sent a message to another particular user.

OnUserSendMessageToAll

Used when a user has sent a message to all connected users.

CCommandParser (shared by the server and client applications) is used to extract the data

from a command send to or from the server. The commands follow the following

specification.

Character Description

0 This is a response code. It can relate to + for success or – for failure.

1-2 01 states the user is requesting authentication.

02 states that a user has joined the chat room.

03 states that a user has left the chat room.

04 states that a private message has been received.

05 states that a public message has been received.

06 states that the server is shutting down.

3.. N The remaining characters are the data character. This can either be a user name, message on its own or combination of both username and message.





4.3 Structure of the Client Application

The client application creates instances of window classes (JLogin, JChat and

JPrivateMessage) and relays information from the Graphical User Interface (GUI) and the

network connection through CTransport. Figure shows the class structure of the client

application.

4.2.1

Figure 3 – Client Class Structure

JMessenger is the main application that controls the visual windows and the network

connection and processes data to send and data received from the server.


JMessenger

JLogin

JChat

JPrivateMessage

Ctransport ext CCommandParser

CListenThread




JLogin is the window where the user enters their desired username and specifies the server

address and port. This class calls the following action events that are defined in

CLoginListener and are implemented in JMessenger:

OnConnectRequestCalled when the user presses the login button to connect to the remote

server.

OnLoginCancel

Called when the user presses the cancel button on the login screen.

Ultimately this will close the application.

JChat is the window that displays the public conversation, displays the list of connected users

and allows a user to send a message to all other users. This class calls the following action

events that are defined in CChatListener and are implemented in JMessenger:

OnSendMessageToAll

Used when a user wishes to send a message to all other users.

OnInitiatePrivateMessage

Used when a user wishes to establish a private message with a remote user.

Ultimately this will display a private message window if one is not already

open.

JPrivateMessage is the window that displays the private conversation. This window is similar

to the chat window except it does not contain a list of connected users. This class calls the

following action events that are defined in CPrivateMessageListener and are implemented in

JMessenger:

OnSendMessage

Used when the user wishes to send a message to the remote user.

OnClosePrivateMessage





Used when a user closes the window. This is required to ensure the main

application is aware that the window no longer exists.

CTransport is used to handle the two-way communications with the client application and the

remote server. This class implements the CommandParser, which has been described earlier

in this documentation. This class calls the following action events defined in

CTransportListener and are implemented in JMessenger:

OnConnect

Called when a connection to the remote server has been established.

OnConnectionError

Called when there was an error with the connection.

OnUserValidated

Called when the server accepted the username.

OnUserRejected

Called when the server rejected the username.

OnUserJoin

Called when a new user has joined the chat room.

OnUserLeave

Called when a user has left the chat room.

OnMessageReceived

Called when a private message has been received from the server.

OnMessageReceivedFromAll

Called when a public message has been received from the server.

OnSendMessageError

Called when there was an error sending the message to a remote user.

OnLostConnection

Called when the connection to the remote server was lost.





5.2 Other Modules

Text chat

Text chat: this enables in sending group messages to all users present in the room and

also private chat between two users.

Exchange of Control Messages, which are a means of establishing a communication between client and server.

Private chat between clients: an exclusive chat facility between two clients wherethey exchange direct messages between them.

Support for emoticons tray that selects an image from the group of images present inthe tray.

Ignoring chat with a specific user, which disables a user to communicate with aspecific user present in the room.

Switching between Chat rooms: user is free to switch between the different availablechat rooms to chat with the users who present in that room.

Working of text chat

The server is started. The user name and the IP address are given initially for the setup.

If the user name does not exist previously then a socket is created and a thread is started for

the exchange of messages between the clients.In case the user name is already present then an error message is given requesting for another user name.

Once a thread is created the exchange of messages takes place between the clients.

When the client clicks the exit chat button the thread is stopped and the socket is closed andhence no exchange of messages takes place between the clients.

Packages used in text chat

Java.net.* package contains functions and system calls that help build networkingcapabilities into an application.

Further java.net.socket performs all fundamental socket operations while java.net.inetaddress provides methods to resolve the host name to their IP address and vice versa. It also containsmany other functions.





Java.io.* package contains functions concerned with input and output of messages from /toclient / server.

Java.io.datainputstream and java.io.dataoutputstream enables input and output activity with astream.

java.util.* contains classes that provide utility functions for parsing incoming message atserver and displaying back at client

Further it contains java.util.stringtokenizer that splits string to tokens, the caller can set adelimiter on which the string should be split and if the delimiter should be returned.

Java.awt.* is used for all the GUI designs. Contains classes that deal with windowing andmanagement of windows. These classes draw windows. Manage them, redraw when they are

over lapping and perform many other functions.Further they also contain functions for eventmanagement such as mouse click etc.

Control messages

A set of control messages have been implemented in order to establish acommunication path between client and server

The control messages have a 4-letter keyword of the form $$$$.

The list of control messages exchanged between the client and ser and their functions are:

CHRO: change room. The client intimates the server for changing the user to the specifiedroom.

HELO: this is used initializes connection to the server.

MESS: client intimates the server to send the message to everyone present in the room.

PRIV: client intimates the server for a private chat session to send direct messages withanother client.

QUIT: client intimates the server that it wants to quit from the chat system.

ROCO: A client requests the server for the number of users present in the room.





Private chat

A private chat provides a facility for the client to send a message to only a selected

recipient

To chat with the user the user double clicks the name of the recipient and a separate chat

window opens up for the communication between the two clients.

Emoticons

Emoticons are the image files that are loaded on to the chat system.In the textual chat

if an image in the emoticon tray is selected then it is transmitted and the same id drawn on

the receiver canvas.

Alternatively any text creation of emoticon is sent on a text form for display at the receiver

Chat rooms

4 chat rooms are created for the clients for interactions. The clients are providedfacility to switch among chat rooms.

The status of the user for his entry/ exit is displayed is indicated.

The clients are logged onto the default chat rooms that is meant for multicast chat.

5.3 Client Application

The application will consist of two programs. The first program will be the server that

will administer all connected users, log activity and relay messages to the clients. The send

application will be the client messenger application that will connect to the remote server.





When a user loads the client application, they will be required to log into the remote

server. Above figure demonstrates the appearance of the login window. This will involve

assigning a desired username to the session. This username will be used by the server to

distinguish between different connections and therefore is important they remain unique. For

example, two users cannot have the same username.

Once the user has connected and been validated with the remote server, they will

enter the main chat room. Figure demonstrates the appearance of the chat room. Immediately

the server will inform the client of all members currently in the chat room. These values will

populate a list of connected users in the main application window. The user will see two text

fields; the first will display the entire conversation and system messages (for example, a user

joins or leaves) for the session of the user. The user will also have a text window where they

can type their own messages to the conversation window.

The user will also have the option to create a private message with individual

members. To initiate a private message they will select a user from the user list and ‘double-click’ the item in the list. This will open a new chat window just for a conversation with that

particular user. The user cannot open a private message window with him or her self. If a

remote user establishes a private message and sends it to the user, the message will

automatically be populated in the associated private message window. If there is currently no

private message window open with that remote user, the application automatically opens it

and displays the message.

5.4 What is Client Server

Two prominent systems in existence are client server and file server systems. It is

essential to distinguish between client servers and file server systems. Both provide shared

network access to data but the comparison dens there! The file server simply provides a





remote disk drive that can be accessed by LAN applications on a file by file basis. The client

server offers full relational database services such as SQL-Access, Record modifying, Insert,

Delete with full relational integrity backup/ restore performance for high volume of

transactions, etc. the client server middleware provides a flexible interface between client and

server, who does what, when and to whom.

5.5 Why Client Server

Client server has evolved to solve a problem that has been around since the earliest

days of computing: how best to distribute your computing, data generation and data storage

resources in order to obtain efficient, cost effective departmental an enterprise wide data

processing. During mainframe era choices were quite limited. A central machine housed both

the CPU and DATA (cards, tapes, drums and later disks). Access to these resources was

initially confined to batched runs that produced departmental reports at the appropriate

intervals. A strong central information service department ruled the corporation.

The role of the rest of the corporation limited to requesting new or more frequent

reports and to provide hand written forms from which the central data banks were created

and updated. The earliest client server solutions therefore could best be characterized as

“SLAVE-MASTER”.

Time-sharing changed the picture. Remote terminal could view and even change the

central data, subject to access permissions. And, as the central data banks evolved in to

sophisticated relational database with non-programmer query languages, online users could

formulate adhoc queries and produce local reports with out adding to the MIS applications

software backlog. However remote access was through dumb terminals, and the client server

remained subordinate to the Slave\Master.

5.6 Secure Chat Systems





For the programming project, your goal is to increase the security of the provided

Chat system. Nowadays, the Chat system is insecure. For example, you're talking to

somebody on the chat server today. Tomorrow, you get an e-mail from somebody claiming

they're the same person. Therefore, you are able to build a way for people who don't know

each other to be able to identify each other later with some kind of cryptographically strong

authentication.

They require security features are:

1. Secure storage (password protected) of passwords corresponding to each client on the

server.

2. Encryption of all chat messages with a block cipher in CBC mode.3. Integrity check for all chat messages using Message Authentication Codes (MACs).

4. Resistance to replay attacks by eavesdroppers.

These four features will be described below:

1. Security storage of client passwords

The server maintains a list of clients which can join the chat room. A client is

identified by username. The server has a mapping from user name to the user

password. This information is pre-generated (before running the Chat system) and can

be read in by the server during initialization. The server stores the username to user

password mapping in an encrypted file. The key to this file is generated using an

admin password. In code, the server consists of two modules: a normal chat server

program which accepts connections and serves clients, and an administrator program

which pre-generates an encrypted file consisting of username and the user passwords.





When a client joins the chat server, the username is passed to the server. The server

looks up username and gets the password for that client. Now the server and client

can start sending encrypted messages to each other using key derived from the

password. Effectively, the user password becomes the shared secret between the

client and the server. Note that the client’s password is never sent on the network.

2. Message Encryption

Each message transmitted either by the client or the server must be encrypted using a

block cipher. You may use any standard block cipher you like, but all the messages

must be encrypted using CBC mode. The cipher key should be generated from the

password which the client and the server have. The CBC IV is generated at random

for each message and sent along with the Ciphertext.

3. Integrity Check using MACs

Every message going over the network should have a MAC, to enable detection of a

malicious attacker tampering with message en route. Again the key for the MAC you

decide to use should be derived from the password.

4. Resistance to Replay Attacks

Even after you secure all the transmitted messages with encryption and MACs, there

is still an obvious reply attack possible. An eavesdropper can capture a message en

route to either the server or a particular client. He/she can then repeatedly send the

messages—which still a valid encrypted and MAC’d chat message—flooding the

intended recipient and making the chat room unusable for other participants. Your

solution should prevent the attacker from replaying a message on the server or the

clients.

5.7 Project Development





The Java Chat Application was developed iteratively. Development initially centered

on a simple echo server that would allow communication between a single client and a

central server. Next, functionality was added that allowed for multiple clients. At this point,

there was a single public chat room where all users could communicate to each other. The

next stage of development centered on the creation of private chat rooms. This allowed

multiple users to communicate in individual chat rooms. Finally, functionality was added for

the creation of public topic chat rooms. These rooms allowed any user to join to discuss a

certain topic.

The Chat Server is responsible for opening a socket connection with the client,

confirming connections, and maintaining the Chat Handler. The Chat Handler is responsible

for handling the interactions between the various clients and the server. The handler

broadcasts messages to all the clients in a specific room, handles invitations to private rooms,

creation of public rooms, and the state of the user list.

The Chat Messages are a very important component of the application. The protocol

was developed to be as concise as possible in order to keep the size of messages as small as

possible. For every message sent, the first byte is the message type which can be one of the

following.

• BROADCAST_MESSAGE = 0 – used to send messages from the client to server to

the individual chat rooms.

• USERLIST_MESSAGE = 1 – used to update the user list.

• CHATINVITE_MESSAGE = 2 – used to send an invitation from the client to

another client, via the server, to a join a chat room.

• OPENCHAT_MESSAGE = 3 – a message sent from server to client to open a chat

room.

• NEWROOM_MESSAGE = 4 – a message sent from client to server to create a new

public chat room.





• JOINROOM_MESSAGE = 5 – a message sent from client to server to join a chat

room.

• EXIT_MESSAGE = 6 – a message sent from client to server when the client exits

the application.

• LEAVEROOM_MESSAGE = 7 – a message sent from client to server when the

client leaves a room.

The second byte of the message is the chat room ID. Since this is only one byte, there

can only be 256 chat rooms at the same time. This could easily be expanded in the future but

for this demonstration, the limits of the number of chat rooms will not come close to being

reached. The EXIT_MESSAGE and LEAVEROOM_MESSAGE messages are used to close

chat rooms when there are no longer active users in the chat room. After the first two bytes,

the rest of the message will be the actual message body. This message body will contain a

user list or message text depending on the type of message.

Below, in Figure 4, is an example message flow between the server and two clients…





Figure 4 - Example Message Flow

1. Client 1 connects to the server.





2. The server sends a USERLIST_MESSAGE message to Client 1 (The user list

window is populated with all online users and all available public chat rooms)

3. Client 2 connects to the server.

4. The server sends a USERLIST_MESSAGE message to Client 2 (The user list

window is populated with all online users and all available public chat rooms)

5. Client 1 sends a CHATINVITE_MESSAGE for Client 2 to the server

6. The server sends an OPENCHAT_MESSAGE to Client 2 (A private chat window is

opened on Client 2)

7. Client 2 sends a BROADCAST_MESSAGE to the server for the private chat room

that Client 1 and 2 are now in.

8. The server sends a BROADCAST_MESSAGE to all clients in the specified chat

room. (The message is printed in the chat window on both clients)

9. Client 1 sends a LEAVEROOM_MESSAGE to the server. (The server removes

Client 1 from the chat room)

10. Client 2 sends a LEAVEROOM_MESSAGE to the server. (The server removes

Client 2 from the chat room. Since there are no longer any clients in the chat room,

the server closes the room and makes the chat room ID available for future use)

11. Client 1 sends an EXIT_MESSAGE to the server. (The client’s connection is

terminated and the client is removed from the online users.)12. The server sends a USERLIST_MESSAGE to Client 2 (This message will no longer

contain Client 1)

The messages from steps 9, 10, and 11 turn out to be very important. They are used

to maintain the state of the online users and public chat rooms. These messages are triggered

when a chat room window is closed or the application is exited. Since the number of chat

rooms is currently limited to 256, it is very important that the chat room IDs are released

when there are no longer any clients present in the chat rooms.

6 Snapshot (modules):





Main Server Application and Client Login Menu:

Client Chat Window:





Private Message Conversation Window:





7. TESTING

Testing is a process, which reveals errors in the program. It is the major quality

measure employed during software development. During testing, the program is executed

with a set of conditions known as test cases and the

output is evaluated to determine whether the program is performing as expected.

In order to make sure that the system does not have errors, the different levels of

testing strategies that are applied at differing phases of software development are:

7.1 Unit Testing

Unit Testing is done on individual modules as they are completed and become

executable. It is confined only to the designer’s requirements.

Each module can be tested using the following two strategies:

Black Box Testing:

In this strategy some test cases are generated as input conditions that fully execute all

functional requirements for the program. This testing has been uses to find errors in the

following categories:

a) Incorrect or missing functions

b) Interface errors

c) Errors in data structure or external database access

d) Performance errors

e) Initialization and termination errors.

In this testing only the output is checked for correctness. The logical flow of the data

is not checked.





White Box testing

In this the test cases are generated on the logic of each module by drawing flow

graphs of that module and logical decisions are tested on all the cases.

It has been uses to generate the test cases in the following cases:

a. Guarantee that all independent paths have been executed.

b. Execute all logical decisions on their true and false sides.

c. Execute all loops at their boundaries and within their

operational bounds.

d. Execute internal data structures to ensure their validity.

Integrating Testing

Integration testing ensures that software and subsystems work together as a

whole. It tests the interface of all the modules to make sure that the modules

behave properly when integrated together.

System Testing

Involves in-house testing of the entire system before delivery to the user. Its aim

is to satisfy the user the system meets all requirements of the client’s

specifications.

Acceptance Testing

It is a pre-delivery testing in which entire system is tested at client’s site on real

world data to find errors.





7.2 Validation

The system has been tested and implemented successfully and thus ensured

that all the requirements as listed in the software requirements specification arecompletely fulfilled. In case of erroneous input corresponding error messages are

displayed.

7.3 Compiling test

It was a good idea to do our stress testing early on, because it gave us time to fix

some of the unexpected deadlocks and stability problems that only occurred whencomponents were exposed to very high transaction volumes.

7.4 Execution test

This program was successfully loaded and executed. Because of good programming

there were no execution error.





8. ADVANTAGES

The students, who have used CHAT as part of their online learning process, feel it is

effective?

Students on online courses feel their participation would be enhanced by the use of

live, inter-active learning amongst themselves, other students and the tutor?

Live chat unique features help operators respond faster and more accurately.

CHAT system will pull down your cost by cutting down the monthly toll fee and

telephone cost.

With instant online support one agent can handle multiple chats and thus assist

several online visitors simultaneously which reduces customer hold times.





10. FUTURE ENHANCEMENT

Login session information: We can include a feature in this application that will

keep a record of the user’s login session. The profile information of every user can be

stored at the server.

Offline messages: User can send messages to friends even when they are offline.

File transferring and sharing: User can transfer one or more files to other users. A

file can also be shared between two or more users.

Login Timeout: This feature allows the user to be logged in only for a specific time.

After this time span ends, the user is automatically logged out.

Voice chat: This feature allows the users for voice communications by voice over

internet protocol.





11. BIBILOGRAPHY

Books

1. Java complete reference by Herbert.Schildt

2. Java hand book by Patrick Naughton

3. Java server programming by Subramanyam Allamaraju, CedricBuest.

4. Java swing 2nd edition by Marc Loy, Robert Eckstein.

5. Accessibility and the Swing Set, Mark Andrews, The Swing Connection,

Sun Microsystems, 1999.

Sites

1. http://java.sun.com/docs/books/tutorial/uiswing/

2. http://java.sun.com/products/jfc/tsc/special_report/accessibility/accessi

bility.html3. http://java.sun.com/docs/books/tutorial/

if you need source code of project or any other information, pls contact

me at [email protected]


http://java.sun.com/docs/books/tutorial/uiswing/

http://java.sun.com/products/jfc/tsc/special_report/accessibility/accessibility.html


http://java.sun.com/docs/books/tutorial/

http://java.sun.com/docs/books/tutorial/uiswing/



http://java.sun.com/docs/books/tutorial/

secure chatting report

Documents