the presentation tier of the java ee architecture - uc3m · the presentation tier of the java ee...

1

1

CommunicationSoftware

2009-2010

© The Authors

The Presentation Tierof the Java EE Architecture

Authors: Simon PickinNatividad Martínez MadridFlorina Almenárez Mendoza

Address: Departamento de Ingeniería TelemáticaUniversidad Carlos III de MadridSpain

Version: 1.0

Acknowledgements: Marty Hall

2


2009-2010

© The Authors

Contents

1. Java Servlets

2. Java Server Pages (JSPs)

3. Integration of servlets and JSPs

Bibliography:• Core Servlets and JavaServer Pages, vol 1, 2nd editi on .

Marty Hall and Larry Brown. Prentice Hall 2003

• Core Servlets and JavaServer Pages, vol 2, 2nd edition . Marty Hall, Larry Brown, Yaakov Chaikin. Prentice Hall 2007

• Java for the Web with Servlets, JSP, and EJB . Budi Kurniawan. New Riders 2002. Part I, chapters 1-5, 8-11, 17

2

3


2009-2010

© The Authors

Presentation+

Business logic

Web application architectureServlets/JSPs

ClientClientServlets

JSP pagesServlets

JSP pages

Web Container

Application conforming to a “three-tier” architecture(small-scale application with no business tier)

4


2009-2010

© The Authors

Presentation tier:Java Servlets

3

5


2009-2010

© The Authors

Contents: Java Servlets

• Generalities– introduction

– advantages– servlet life-cycle

• Servlet API– interfaces, classes and methods– HTTP servlets

– forwarding / including

– session tracking / session management

6


2009-2010

© The Authors

Introduction to Servlets (1/2)

• A servlet is a Java class used to extend the capabilities of the servers that host applications accessed via a client-server programming model– normally used to extend the capabilities of web servers

• Comparable to a CGI (Common Gateway Interface) program– but with a different architecture

• Managed by a servlet container or engine– JVM + implementation of the servlet API

4

7


2009-2010

© The Authors

Introduction to Servlets (2/2)

• Interfaces and classes– Packages javax.servletjavax.servlet y javax.servlet.httpjavax.servlet.http

• All servlets must implement the ServletServlet interface, which defines the life-cycle methods, or extend one of the classes:

– GenericServlet : handles generic services.

– HttpServlet : handles HTTP services– extends GenericServlet

ServletServlet

Client

Web browser

Server

Container(JRE)

Servlet

request

response

Source: Web Component Development Wth Servlet and JSP TechnologiesSun Microsystems (course SL-314-EE5)

8


2009-2010

© The Authors

Advantages of using servlets (1/2)

• Efficiency– one thread per request but single instance of each servlet

• time economy: no process creation delay on each request• space economy: lower memory usage• scalability

– servlet maintains its state between requests• database connections, network connections, etc.

– requests handled via method execution

• Utilities for performing typical server tasks– logging, error management, session management etc.

• Communication– standardised way of communicating with the server

– servlets can share data• enables database connection pooling etc.

5

9


2009-2010

© The Authors

Advantages of using servlets (2/2)

• Advantages of Java– large number of APIs: JDBC, threads, RMI, networks, etc.

– portability between platforms and servers

– security• virtual machine, type-checking, memory management,

exception handling, etc. • security manager

– object-oriented

– large community of developers

– external code easily used

10


2009-2010

© The Authors

Servlet Life-Cycle

• Instantiation & initialisation (on first request):– if no instance of servlet exists, the web container:

• loads the servlet class• creates an instance • initialises the instance by calling the servlet’s init method

• Handling of subsequent requests– container creates new thread that calls the service

method of the instance– the service method determines what type of request has

arrived and calls the appropriate method.

• Destruction– when the container decides to remove a servlet, it first calls

its destroy method

6

11


2009-2010

© The Authors

Servlet Lifecycle Consequences (1/2)

• Single virtual machine:– data sharing between servlets

• Persistence (in memory) of instances– reduced memory consumption

– elimination of instantiation and initialisation time

– persistence (in memory) of state, data and resources• persistent attributes of the servlet• permanent database connections, etc

– persistence (in memory) of threads

12


2009-2010

© The Authors

Servlet Lifecycle Consequences (2/2)

• Concurrent requests– need for synchronisation to manage concurrent access

• class or instance attributes, databases, etc.

– if servlet implements SingleThreadModel interface• no concurrent access to instance attributes

(may be concurrent access to class attributes) • can lead to significantly-reduced performance• deprecated since version 2.4

7

13


2009-2010

© The Authors

Contents: Java Servlets

• Generalities– introduction

– advantages– servlet tasks

– life-cycle

• API de Servlets– interfaces, classes y methods

– HTTP servlets

– forwarding / including

– session tracking / session management

14


2009-2010

© The Authors

Servlet API

• Packages– javax.servlet

• 6 interfaces– Servlet

– ServletConfig

– ServletContext

– ServletRequest

– ServletResponse

– RequestDispatcher

• 3 classes– GenericServlet

– ServletInputStream

– ServletOutputStream

• 2 exception classes– ServletException

– UnavailableException

8

15


2009-2010

© The Authors

Servlet Interface Methods (1/2)

• void init(ServletConfig config)

– called exactly once after servlet is instantiated

– servlet can be instantiated (depending on how registered) • either when the first user accesses the servlet URL• or when the web server is started

– without arguments: server-independent initialisation• variable initialisation, connection to databases etc.

– with arguments: server-dependent initialisation• info obtained from deployment descriptor web.xml (from servlet 2.3)

and placed in ServletConfig object• configuration of databases and password files, setting of server-

efficiency parameters, etc.

• void service(ServletRequest req,ServletResponse res)

– invoked by container to enable servlet to respond to request

16


2009-2010

© The Authors

Servlet Interface Methods (2/2)

• void destroy()

– container may decide to remove a previously-loaded servlet instance, e.g.

• system administrator decision• timeout: idle for too long

– before doing so, calls the destroy method to cleanup• close database connections• stop threads• write cookie lists or hit counts to disk• …

– if Web server crashes, destroy method not called!• conclusion: maintain state in a proactive manner

(“housekeeping” at regular intervals)

9

17


2009-2010

© The Authors

ServletConfig Interface (1/3)

• Configuration object used by servlet container to pass information to the servlet during its initialisation– config info obtained from the deployment descriptor web.xml

– for each servlet registered, a set of initial parameters (name-value) can be specified,e.g.

<web-app>

<servlet><servlet-name>ConfigExample</servlet-name>

<servlet-class>ConfigExampleServlet</servlet-class>

<init-param><param-name>adminEmail</param-name>

<param-value>[email protected]</param-value></init-param>

<init-param> . . . </init-param></servlet>

. . .</web-app>

18


2009-2010

© The Authors


public void init(ServletConfig config) throws Servl etException

{

Enumeration parameters = config.getInitParameterNam es();

while (parameters.hasMoreElements()) {

String parameter = (String) parameters.nextElement( );

System.out.println("Parameter name : " + parameter) ;

System.out.println("Parameter value : " +

config.getInitParameter(parameter));

}

}

public void init(ServletConfig config) throws Servl etException

{

Enumeration parameters = config.getInitParameterNam es();

while (parameters.hasMoreElements()) {

String parameter = (String) parameters.nextElement( );

System.out.println("Parameter name : " + parameter) ;

System.out.println("Parameter value : " +

config.getInitParameter(parameter));

}

}

• Example: overwrite the init method in order to print the information contained in the ServletConfigobject

10

19


2009-2010

© The Authors


• N.B. if the init method (with parameters) of the Servletinterface (implemented in the GenericServlet class) is redefined, the ServletConfig object will not be saved and will not then be available after initialisation.

• Solution: either call Servlet.init (super.init if extending the GenericServlet or HttpServlet class) from inside the redefined init or explicitly save it, e.g.

ServletConfig servlet_config;public void init(ServletConfig config) throws

ServletException {servlet_config = config;

}

The advantage of the former solution is that in this case the ServletConfig object will still be obtainable via the getServletConfig method whereas with the second solution it will not.

20


2009-2010

© The Authors

ServletContext Interface

• Defines a set of methods used by the servlet to communicate:– with its container (to obtain MIME type of a file, a dispatcher etc.)

– with other servlets

• A context is defined– per Web application– per virtual machine

• Web application

– collection of servlets and contents installed in a specific subset (subdirectory) of the server namespace

• The information about the Web application of which a servlet forms a part is stored in the ServletConfig object

11

21


2009-2010

© The Authors

ServletContext Attributes

• The context is obtained from the configurationServletContext sc =

Servlet.getServletConfig().getServletContext();

• Objects can be stored as attributes, identified by namesc.setAttribute( “ myObject ” , anObject);

If the name exists, the context is updated with the content of the new object

• Any servlet in the same context can recover the object that has been stored

MyClass mc = (MyClass)sc.getAttribute( “ myObject ” );

• The names of all the stored attributes can be obtainedEnumeration att = sc.getAttributeNames();

22


2009-2010

© The Authors

ServletRequest and ServletResponse Interfaces

• Objects created by the container and passed as arguments to the methods handling the request

• ServletRequest encapsulates request information

– includes parameters, attributes and an input stream

– methods: getParamaterNames() , getParameter() , getAttributeNames() , getRemoteAddr() , getRemoteHost() , getProtocol() , getContentType() , …

• ServletResponse encapsulates response info– methods: getWriter() , reset() , getBufferSize() ,

getLocale() , getOutputStream() , isCommitted() , …

12

23


2009-2010

© The Authors

HTTP Servlets ( javax.servlet.http )

• Inherits from javax.servlet.HttpServlet

• The HttpServlet.service() method invokes the doXXXmethod according to the HTTP-method of incoming request

void doGet (HttpServletRequest req,HttpServletResponse res)

void doPost(HttpServletRequest req,HttpServletResponse res)

void do....(HttpServletRequest req,HttpServletResponse res)

• Overriding service() method not recommended

• Main work of the servlet usually done in doXXX method:– example: to process GET requests redefine doGet

24


2009-2010

© The Authors

The doGet , doPost , doXXX Methods

• 99% of servlets override doGet or doPost method

• Also: doDelete , doPut , doOptions , doTrace

• No doHead method– the service method simply calls doGet but omits the

body, returning only headers and status code

• In general, not necessary to define doOptions– supported automatically by the service method (along with

HEAD& TRACE)

– if doGet method exists, the service method answers OPTIONSrequests by returning an Allow header, indicating that GET, HEAD, OPTIONSy TRACEare supported

13

25


2009-2010

© The Authors

HttpServlet

service()

request

response

doGet() doGet()

doPost() doPost()

Implemented by the subclass

Implemented byHttpServlet

class Hello extends HttpServlet

GET

POST

26


2009-2010

© The Authors

HTTP Servlet Tasks (1/2)

1. Read data sent by the user• typically sent via a web page form

• may also originate in an applet or HTTP client app.

2. Retrieve user information in HTTP request headers• browser capabilities

• cookies

• details of the client host etc.

3. Generate results• directly calculating the response

• calling another (possibly remote) server (possibly accessed via RMI or CORBA)

• accessing a database, etc.

14

27


2009-2010

© The Authors

HTTP Servlet Tasks (2/2)

4. Format the results• normally inside an HTML web page

5. Set the required HTTP response headers• type of document returned (e.g. HTML)

• cookies

• cache parameters, etc

6. Return the document to the client• in the form of a text document (e.g. HTML)

• binary format (e.g. GIF)

• compressed (e.g. gzip)…

28


2009-2010

© The Authors

Basic HTTP Servlet Template

import java.io.*;

import javax.servlet.*;import javax.servlet.http.*;

public class ServletTemplate extends HttpServlet {

// Use "request" to read incoming HTTP headers (e.g. c ookies)// and HTML form data (e.g. data user entered and subm itted).

// Use "response" to specify the HTTP response status code// and headers (e.g. the content type, cookies).

public void doGet(HttpServletRequest request ,HttpServletResponse response )

throws ServletException, IOException {

// Use "out" to send content to browser.PrintWriter out = response.getWriter();

}}

15

29


2009-2010

© The Authors

Example 1: Text Generation (1/2)

import java.io.*;

import javax.servlet.*;import javax.servlet.http.*;

public class HelloWorld extends HttpServlet {

public void doGet(HttpServletRequest request,HttpServletResponse response)

throws ServletException, IOException {PrintWriter out = response.getWriter();

out.println("Hello World");}

}

30


2009-2010

© The Authors

Example 1: Text Generation (2/2)

16

31


2009-2010

© The Authors

Example 2: HTML Generation (1/2)

import java.io.*;

import javax.servlet.*;

import javax.servlet.http.*;

public class HelloWWW extends HttpServlet {


throws ServletException, IOExceptio {

response.setContentType("text/html");

PrintWriter out = response.getWriter();

String docType =

"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Tran sitional//EN\" "

+ "\"http://www.w3.org/TR/1999/REC-html401-19991224 /loose.dtd\" >\n";

out.println(docType +

"<html>\n" +

"<head><title>Hello WWW</title></head>\n" +

"<body>\n" +

"<h1>Hello WWW</h1>\n" +

"</body></html>");

}

}

32


2009-2010

© The Authors

Example 2: HTML Generation (2/2)

17

33


2009-2010

© The Authors

HTTPServletRequest interfaceReading HTML Form Data from Servlets

http://host/path?user=Marty+Hall&origin=bwi&dest=la x

form data / query data (GET)

public String getParameter(String name)

• method of HttpServletRequest inherited from ServletRequest

• applies in case of data sent by GET or by POST (server knows which)

• name: name of parameter whose value is required (case sensitive)

• return value: – url-decoded value of first occurrence of parameter name

– empty string if parameter exists but has no value– null if parameter does not exist

• for parameters that potentially have several values:– getParameterValues (returns an array of Strings)

• to obtain a complete list of parameters (debugging):– getParameterNames (returns an enumeration whose elements

can be cast to Strings and used ingetParameter calls)

34


2009-2010

© The Authors

http://host/path?user=Marty+Hall&origin=bwi&dest=la x

form data / query data (GET)

CGI:• Different methods for GETand POST

• Parse the “query string” to extract names and values:1. read data from QUERY_STRING environment variable (GET) or

standard input (POST)

2. chop pairs at “&” (parameter separator) then separate parameter names (l.h.s of “=”) from values (r.h.s. of “=”)

3. URL-decode the parameter values

• Take into account that there may be parameters– whose values are omitted– for which multiple values are sent (separately)

Reading Form Data from a CGI Progam(for Comparison Purposes)

18

35


2009-2010

© The Authors

Example 3: Reading three explicit parameters

package coreservlets // source: “Core Servlets…”, Marty Hall et al

import java.io.*;import javax.servlet.*;import javax.servlet.http.*;

public class ThreeParams extends HttpServlet {public void doGet(HttpServletRequest req, HttpServl etResponse res)

throws ServletException, IOException {res.setContenttype("text/html");PrintWriter out = res.getWriter();String title = "Reading Three Request Parameters";out.println(ServletUtilities.headWithTitle(title) +

"<body bgcolor=\"#FDF5E6\">\n" +"<h1 align="center">" + title + "</h1>\n <ul>\n" +" <li><b>param1</b>: " +req.getParameter("param1") + "</li>\n" +" <li><b>param2</b>: " +req.getParameter("param2") + "</li>\n" +" <li><b>param3</b>: " +req.getParameter("param3") + "</li>\n" +"</ul>\n</body></html>");

}}

36


2009-2010

© The Authors

Example 3: ServletUtilities Class

public class ServletUtilities {

public static final String DOCtype =

"<!DOCtype HTML PUBLIC \"-//W3C//DTD HTML 4.01 Tran sitional//EN\"" +

" \"http://www.w3.org/TR/1999/REC-html401-19991224/ loose.dtd\">";

public static String headWithTitle (String title)

return(DOCtype + "\n" + "<html>\ n" + "<head><title>" + title +

"</title></head>\n");

}

}

19

37


2009-2010

© The Authors

Example 3: HTML Form

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transi tional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loo se.dtd">

<html><head>

<title>Collecting Three Parameters</title></head><body bgcolor="#FDF5E6">

<h1 align="center">Collecting Three Parameters</h1>

<form action="/servlet/coreservlets.ThreeParams">First Parameter: <input type="text" name="param1" ><br />Second Parameter: <input type="text" name="param2" ><br />Third Parameter: <input type="text" name="param3" ><br /><center><input type="submit" value="Enviar consulta "></center>

</form>

</body></html>

38


2009-2010

© The Authors

Example 3: HTML Form Appearance

20

39


2009-2010

© The Authors

Example 3: Servlet Response

40


2009-2010

© The Authors

Example 4: Reading All Parameters (1/3)

package coreservlets // source: “Core Servlets…”, Marty Hall et al

import java.io.*;import javax.servlet.*;import javax.servlet.http.*;import java.util.*;

public class ShowParameters extends HttpServlet {

public void doGet(HttpServletRequest req, HttpServl etResponse res)

throws ServletException, IOException {res.setContenttype("text/html");PrintWriter out = res.getWriter();String title = "Reading All Request Parameters";out.println(ServletUtilities.headWithTitle(title) +

"<body bgcolor=\"#FDF5E6\">\n" +"<h1 align="center">" + title + "</h1>\n" +"<table border="1" align="center">\n" +"<tr bgcolor=\"#FFAD00\">\n" +"<th>Parameter name</th><th>Parameter value(s)</th> </tr>");

Enumeration paramnames = req.getParameternames();

21

41


2009-2010

© The Authors


while (paramnames.hasMoreElements()) {String paramname = (String)paramnames.nextElement() ;out.print("<tr><td>" + paramname + "</td>\n<td>");String[] paramvalues = req.getParametervalues(param name);

if (paramvalues.length == 1) {String paramvalue = paramvalues[0];if (paramvalue.length() == 0)

out.println("<i>No value</i>");else

out.println(paramvalue);} else {

out.println("<ul>");for(int i=0; i<paramvalues.length; i++)

out.println("<li>" + paramvalues[i] + "</li>");out.println("</ul>");

} // ifout.println("</td></tr>");

} // while

out.println("</table>\n</body></html>");

}

42


2009-2010

© The Authors


// Since servlet is for debugging, handle GET and POST identically.public void doPost(HttpServletRequest req, HttpServ letResponse res)


doGet(req, res);

}

}

22

43


2009-2010

© The Authors

Example 4: HTML Form

<form action="/servlet/coreservlets.ShowParameters" method="POST">

Item Number: <input type="text" name="itemNum"><br />Quantity: <input type="text" name="quantity"><br />Price Each: <input type="text" name="price" value=" $"><br /><hr />First name: <input type="text" name="firstname"><br />Last name: <input type="text" name="lastname"><br / >Credit Card:<br />

  <input type="radio" name="cardType"value="Visa">Visa<br />

  <input type="radio" name="cardType"value="Master Card">Master Card<br />

  <input type="radio" name="cardType"value="Amex">American Express<br />

Credit Card Number: <input type="password" name="ca rdNum"><br />Repeat Credit Card Number:

<input type="password" name="cardNum"><br />

<center><input type="SUBMIT" value="Submit Order">< /center>

</form>

44


2009-2010

© The Authors

Example 4: HTML Form Appearance

23

45


2009-2010

© The Authors


46


2009-2010

© The Authors

HTTPServletRequest interfaceHandling Request Headers (1/2)

• String getHeader(String name)

– accepts header name as string (not case sensitive)

– returns header as string, or null if no header was found

• Cookie[] getCookies()

– returns contents of Cookie header as array of Cookie objects

• String getAuthType() y String getRemoteUser()

– return the elements of the Authorization header

• int getContentLength()

– returns value of ContentLength header or -1 if length unknown(length, in bytes, of request body for POST requests)

• String getContentType()

– returns the value of the Content-Type header

24

47


2009-2010

© The Authors

HTTPServletRequest interfaceHandling Request Headers (2/2)

• long getDateHeader(String name)int getIntHeader(String name)

– returns the value of the specified header as a long or an int

– former returns value in milliseconds from Jan 1st 1970

• Enumeration getHeaderNames()

– returns enumeration with names of all request headers received

• Enumeration getHeaders(String name)

– returns enumeration with all values of all occurrences of the specified header (e.g. Accept-Language can appear several times)

48


2009-2010

© The Authors

HTTPServletRequest interfaceHandling the First Line of the Request

• String getMethod()

– returns the method of the request (GET, POST, etc.)

• String getRequestURI()

– returns path, i.e. part of the URI of the request between host:portand query string (recall: scheme://host:port/path?query_string)

e.g. returns /a/b.html for HTTP request commencing as follows:

GET /a/b.html?name=simon HTTP/1.1Host: www.it.uc3m.es

• String getProtocol()

– returns the name and version of the protocol in the form: protocol/majorVersion.minorVersion

– example: “HTTP/1.1”

25

49


2009-2010

© The Authors

Example 5: Showing Request Headers (1/2)

// source: “Core Servlets…”, Marty Hall et al

public class ShowHeadersServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletExceptio n, IOException {



out.println("Request Method: " + request.getMethod() + "<br/>");

out.println("Request URI: " + request.getRequestURI() + "<br/>");

out.println("Protocol: " + request.getProtocol() + "<br/>");

out.println("<hr /><br />");

Enumeration enumeration = request.getHeaderNames();

while (enumeration.hasMoreElements()) {

String header = (String) enumeration.nextElement();

out.println(header + ": " + request.getHeader(header) + "<br/>");

}

}

50


2009-2010

© The Authors


26

51


2009-2010

© The Authors

HTTPServletResponse InterfaceSetting Response HTTP Status Codes

• void setStatus(int sc)

– important:• status code and headers can be set in any order (servlet orders them) • but must always be set before using the PrintWriter .• from version 2.2, some output buffering is permitted

(headers and status codes can be modified until buffer full)

– accepts one of the constants defined as status codes

• void sendError(int status-code, String msg)

void sendError(int status-code)

– sends a status code along with a short message that will be formatted inside HTML document and sent to client

• void sendRedirect(String location)

– sends temporary redirect to client with new URL as parameter.• from version 2.2, URL may be relative to servlet root (begins with “/”) or

current directory: conversion to full URL performed by web container.

– generates both status code and header

52


2009-2010

© The Authors

HTTPServletResponse InterfaceSetting Response Headers

• void setHeader(String name, String value)

– sets header with identifier “name” to the value “value ”

• void setDateHeader(String name, long date)

– value in milliseconds since 1970 (System.currentTimeMillis )

– sets header “name” to value as GMT time string

• void setIntHeader(String name, int value)

– accepts value as integer– sets header “name” to value as string

• From version 2.2– above methods re-set headers if called more than once.

– to add a header more than once use:• addHeader• addDateHeader

• addIntHeader

27

53


2009-2010

© The Authors

HTTPServletResponse InterfaceSetting Some Common Response Headers

• void setContentType(String type)

– generates the Content-Type header (MIME type of the contents).

– used by nearly all servlets

• void setContentLength(int len)

– generates the Content-Length header

• void addCookie(Cookie cookie)

– inserts a cookie in the Set-Cookie header

• void sendRedirect(String location)

– mentioned previously

54


2009-2010

© The Authors

Example 6a: Authentication (1/3)

public class LoginServlet extends HttpServlet {

private void sendLoginForm(HttpServletResponse resp onse,

boolean withErrorMessage )




out.println("<html>");

out.println("<head><title>Login</title></head>");

out.println("<body>");

if ( withErrorMessage )

out.println("Login failed. Please try again.<br />" );

out.println("<br />");

out.println("<br/>Please enter your user name and p assword.");

28

55


2009-2010

© The Authors


out.println("<br /><form action=\"\" method=\"POST\ ">");

out.println("<br />User Name: <input type=\"text\"

name=\"userName\">");

out.println("<br />Password: <input type=\"password \"

name=\"password\">");

out.println("<br /><input type=\"submit\"

name=\"Submit\">");

out.println("</form>");

out.println("</body>");

out.println("</html>");

}

public void doGet(HttpServletRequest request,

HttpServletResponse response)


sendLoginForm(response, false );

}

56


2009-2010

© The Authors


public void doPost(HttpServletRequest request,



String userName = request.getParameter("userName");

String password = request.getParameter("password");

if (userName!=null && password!=null &&

userName.equals("swc") && password.equals("it")) {

response.sendRedirect("http://domain/WelcomePage");

} else {

sendLoginForm(response, true );

}

}

} response.sendError(response.SC_FORBIDDEN, "Login Failed ");response.sendError(response.SC_FORBIDDEN, "Login Failed ");

29

57


2009-2010

© The Authors

Example 6a: Servlet Response on Failure

sendError

58


2009-2010

© The Authors

Example 6a: Servlet Response on Success

String userName = request.getParameter("userName");. . .out.println("<p>Your user name is: " + userName + " </p>") ;

• The request object is not the same one after redirection

30

59


2009-2010

© The Authors

Forwarding / Including Requests

Use a RequestDispatcher

• Obtained by calling method getRequestDispatcher of– ServletContext

• supplying URL relative to the server root as argument

– ServletRequest• supplying URL relative to the HTTP request as argument

• Pass control to resource located at URL: forward

– arguments: request and response objects

– origin servlet cannot set output body

– origin servlet can set response headers but not commit them– changes path to be relative to target not origin

• Include output generated by resource located at URL: include

– arguments: request and response objects

– target resource cannot modify response headers

60


2009-2010

© The Authors

Example 6b: Authentication (3/3)

public void doPost(HttpServletRequest request,



String userName = request.getParameter("userName");

String password = request.getParameter("password");

if (userName!=null && password!=null &&

userName.equals("swc") && password.equals("it")) {

response.sendRedirect("http://domain/WelcomePage");

} else {

sendLoginForm(response, true);

}

}

RequestDispatcher rd = request.getRequestDispatcher ( "WelcomePage");

rd.forward(request, response);

RequestDispatcher rd = request.getRequestDispatcher ( "WelcomePage");


31

61


2009-2010

© The Authors

Example 6b: Servlet Response on Success

String userName = request.getParameter("userName");. . .out.println("<p>Your user name is: " + userName + " </p>");

• The request object is the same one after forwarding

62


2009-2010

© The Authors

Cookies

• HTTP is a stateless protocol

• Cookies are small pieces of information– sent from server to client in an HTTP response

– returned from client to server in subsequent HTTP requests

• A cookie is therefore a means for the server to store information on the client

• A cookie has– a name and an identifier

– optionally, attributes such as path, comment, domain, maximum lifespan, version number

32

63


2009-2010

© The Authors

Use of Cookies

• State of an e-commerce session (session tracking) – example: shopping cart

• Registering without login and password– only for low-security sites

– site can remember user data

• Customising a site– site can remember user interests

• Focusing advertising– site can focus advertising in function of user activity profile

64


2009-2010

© The Authors

Problems with Cookies

• Not so much a security problem– not executable or interpretable– size and number (per site and total) is limited (4KB, 20, 300)

• Privacy problem– servers can remember your previous actions

– cookies can be shared between servers• e.g. both loading an image with associated cookie from third

site; such images may even be received in an HTML e-mail!

– secret information (credit card no. etc.) should not be stored in a cookie but on the server

• cookie only stores user ID; as a user, how can we be sure?

• Many users deactivate cookies– servlets can use cookies but are not dependent on them

33

65


2009-2010

© The Authors

Creating and Populating Cookies in Servlets

Methods of the Cookie class

• Cookie(String name, String value)

– constructor receives the name and value of the cookie

– forbidden characters: [ ] ( ) = , “ / ? @ : ;

• getXxx() y setXxx()

– where Xxx is the name of the attribute

– attributes:• type String : Comment, Domain , Name, Path , Value

• type int : MaxAge, Version• type boolean : Secure

66


2009-2010

© The Authors

Reading and Writing Cookies in Servlets

• To read cookies from the request object

Cookie[] HttpServletRequest.getCookies()

• To write cookies to the response object

void HttpServletResponse.addCookie(Cookie cookie)

• To reuse a cookie from the request:– must still use addCookie (just using setValue is not enough)

– must reset all attributes (values not transmitted in the request)

• See also method getCookieValue

34

67


2009-2010

© The Authors

Session Tracking

• Client at on-line shop adds item to their shopping cart:– how does server know what’s already in the cart

• Client at on-line shop proceeds to check-out– how does server know which shopping cart is theirs?

• Implementing session tracking with cookies– complicated: generate unique session ID, associate sessionID and

session info in hash table, set cookie expiration time,…

• Implementing session tracking with URL-rewriting– must encode all URLs that refer to you own site

– all pages must be dynamically generated

• Implementing session tracking with hidden form fields– tedious

– all pages must be the result of form submissions

68


2009-2010

© The Authors

Interfaz HttpSession : Session Object

• Creates a session between the HTTP client and the HTTP server that persists through different requests.

• Allows servlets to:– see and manipulate session information such as session identifier,

session creation time, last access time,…– link session objects, allowing user information to persist through

different connections

• To obtain the session associated to a request– use getSession() or getSession(boolean create) of

HttpServletRequest

– if there is no session already associated to the request• getSession() / getSession(true) creates a new one• getSession(false) returns null

35

69


2009-2010

© The Authors

Storing Information in Session Object

• Arbitrary objects can be stored inside a session– uses hashtable-like mechanism– store and retrieve with setAttribute and getAttribute

• To support– distributed Web applications

– persistent sessions

session data must implement java.io.Serializable

70


2009-2010

© The Authors

Session Tracking: HttpSession (1/2)

• Associating information with a session– void setAttribute(String name, Object value)

– void setMaxInactiveInterval(int interval)

– void removeAttribute(String name)

• Terminating completed or abandoned sessions– automatically, after MaxInactiveInterval time has

elapsed– via the method void invalidate()

36

71


2009-2010

© The Authors

Session Tracking: HttpSession (2/2)

• Looking up information associated with a session– Object getAttribute(String name)

– Enumeration getAttributeNames()

– String getId()

– long getCreationTime()

– long getLastAccessedTime()

– ServletContext getServletContext()

– int getMaxInactiveInterval()

– boolean isNew()

72


2009-2010

© The Authors

Session Tracking With Cookies Disabled

• Servlet session tracking mechanism uses– cookies, if they are enabled,

– URL-rewriting, otherwise

• To ensure URL-rewriting works: encode URLs– server uses cookies: no effect

– server uses URL-rewriting: session ID appended to URLhttp://host/path/file.html?jsession=1234

• For any hypertext links back to same site in code– use response.encodeURL

• For any use of sendRedirect in code– use response.encodeRedirectURL

37

73


2009-2010

© The Authors

Executing Servlets

• Suppose this configuration of Tomcat Web server ( in web.xml file):<servlet>

<servlet-name>FirstServlet</servlet-name>

<description>My first HTTP Servlet</description>

<servlet-class>FirstServlet</servlet-class>

</servlet>

<servlet-mapping>

<servlet-name>FirstServlet</servlet-name>

<url-pattern>/servlets/myFirstServlet</url-pattern>

</servlet-mapping>

1. Introduce URL of servlet in a browser, e.g.– http://host/app/servlets/myFirstServlet

2. Call it from inside an HTML Web page– link, form action or reloading specified in METAtag, e.g.

<a href= “ servlets/myFirstServlet ” >My first servlet</a>

3. Transfer control from another servlet, e.g.– SendRedirect , RequestDispatcher

74


2009-2010

© The Authors

Presentation tier:JavaServer Pages

38

75


2009-2010

© The Authors

Contents: Java Server Pages

• Introduction

• Predefined variables

• JSP Instructions– script– directive

– action

• JavaBeans

• JSP Standard Tag Library (JSTL) – Expression Language (EL)

76


2009-2010

© The Authors

Introducción

• Response HTML: servlets always generate all the page:– in many cases only small part of HTML page is dynamic

• Solution: JavaServer Pages (JSP)– technology enabling mixture of

• static HTML• dynamic content generated by servlets

• Advantages of JSP:– widely supported by web platforms and servers

– full access for dynamic part to servlet & Java technology (JavaBeans etc.)

• JSPs are compiled to servlets– on first use or on deployment

39

77


2009-2010

© The Authors

JSP Processing

Web server

Container

http://host/app/hello.jsp

<%

%>

hello.jsp

hello_jsp

hello_jsp.java

hello_jsp.class«create»jspInit

_jspService

jspDestroy

Source: Web Component Development Wth Servlet and JSP Technologies.Sun Microsystems (course SL-314-EE5)

78


2009-2010

© The Authors

Predefined Variables / Implicit Objects (1/2)

• request– the HttpServletRequest object

• response– the HttpServletResponse object

• session– the HttpSession object associated with the request

• out– the PrintWriter object used to send output to the client

(this is a buffered PrintWriter called a JspWriter )

• page– synonym of this (little used)

40

79


2009-2010

© The Authors

Predefined Variables / Implicit Objects (2/2)

• exception

– error pages

• application ,– the ServletContext object

– data can be stored in ServletContext using getAttribute y setAttribute

– recall: data stored in ServletContext shared by all servlets (of the same Web application)

• config

– the ServletConfig object for this page

• pageContext

– object of JSP-specific class: PageContext ,

– point of access to page attributes

– corresponds to the context of the servlet instance

80


2009-2010

© The Authors

JSP Instructions

• Three types of embedded instructions:– script elements

• specify Java code that will become part of servlet

– directives• control overall structure of servlet

– actions• actions that take place when the page is requested • control behaviour of JSP engine

• Comments:– <%-- this is a comment --%>

41

81


2009-2010

© The Authors

Script Elements

• Expressions: <%= expression %>

– expressions to be evaluated; result included in output– e.g. <%= new java.util.Date() %>

• Scriptlets: <% code %>– blocks of java code inserted into method _jspService

(called by service )

– e.g. <% try{... } catch(){... } %>

• Declarations: <%! code %>

– declarations inserted into servlet class body, outside of existing methods

– e.g. <%! int i=0; %>

82


2009-2010

© The Authors

Expressions: <%= expression %>

• Java expressions

• Output converted to a string

• Evaluated at run-time, when page requested– access to information about request

• Final semi-colon “; ” not needed

• Examples– <%= java.util.Calendar.getInstance().getTime() %>

– <p>Your session Id: <%= session.getId() %>

– request:http://host/confirmation.jsp?title=core+web

response:Thanks for ordering <%= request.getParameter("title ") %>

42

83


2009-2010

© The Authors

Example 1: Expressions

// Source: “Core Servlets…”, Marty Hall et al<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transit ional//EN"><html>

<head><title>JSP Expressions</title><meta name="keywords"

content="JSP,expressions,JavaServer Pages,servlets" /><meta name="description"

content="A quick example of JSP expressions" /><link rel="stylesheet" href="JSP-Styles.css" type=" text/css"/>

</head><body>

<h1>JSP Expressions</h1><ul>

<li>Current time: <%= new java.util.Date() %> </li><li>Server: <%= application.getServerInfo() %> </li><li>Session ID: <%= session.getId() %> </li><li>The <code>testParam</code> form parameter:

<%= request.getParameter("testParam") %> </li></ul>

</body></html>

84


2009-2010

© The Authors

Example 1: Server Response

43

85


2009-2010

© The Authors

Scriptlets: <% code %>

• Tasks that cannot be carried out using expressions– setting response headers

– writing to the server log

– updating a database

– executing code that contains loops, conditionals, etc

• Examples:– setting response headers

<% response.setContentType(“text/plain”); %>

– conditional code<% if (Math.random() < 0.5) { %>

<p>Have a <b>nice</b> day!</p><% } else { %>

<p>Have a <b>lousy</b> day!</p><% } %>

86


2009-2010

© The Authors

Example 2: Scriptlets


<head><title>Color Testing</title></head><% String bgColor = request.getParameter("bgColor") ;

if ((bgColor == null) || (bgColor.trim().equals("") )) { bgColor = "WHITE";

} %><body bgcolor="<%= bgColor %>">

<h1 align="center">Testing a Background of "<%= bgC olor %>"</h1>

</body></html>

44

87


2009-2010

© The Authors

Declarations: <%! declaration %>

• Definition of methods and fields– inserted into servlet outside of existing methods

• Produces no output– usually used in conjunction with expressions and scriptlets

• Examples– <%! String getSystemTime() {

return Calendar.getInstance().getTime.toString();} %>

– <%! private int accessCount = 0; %>

<h2>Accesses to page since server reboot:<%= ++accessCount %></h2>

88


2009-2010

© The Authors

Example 3: Declarations


<head><title>JSP Declarations</title><link rel="stylesheet" href="JSP-Styles.css" type=" text/css" />

</head><body>

<h1>JSP Declarations</h1><%! private int accessCount = 0; %><h2>Accesses to page since server reboot: <%= ++acc essCount %></h2>

</body></html>

45

89


2009-2010

© The Authors

Example 3: Some Observations

• Multiple client requests to same servlet:– do not result in the creation of multiple servlet instances

– multiple threads call the service method of same instance• though careful with use of SingleThreadModel

• Therefore:– instance variables are shared by multiple requests– accessCount does not need to be declared as static

90


2009-2010

© The Authors

Directives: <%@ directive attibutes %>

• Affect global structure of servlet generated from JSP

• Syntax: <%@ directive attribute="value" %><%@ directive attribute1="value1“

...attribute N="value N" %>

• Three types of directives: – page :

allows servlet structure to be controlled through class imports,customising of servlet superclass, setting content type, etc.

– include :allows a file to be included in servlet class at time of translation from JSP to servlet

– taglib :allows custom markup tags to be defined, extending the functionality of JSP

46

91


2009-2010

© The Authors

Attributes of the page Directive

• import

• contentType

• isThreadSafe

• session

• buffer

• autoflush

• extends

• info

• errorPage

• isErrorPage

• language

92


2009-2010

© The Authors

page Directive: import Attribute

• Specify the packages imported by the servlet

• By default, the generated servlet will import:– java.lang.*

– javax.servlet.*

– javax.servlet.jsp.*

– javax.servlet.http.*

and possibly others (server specific)

• Example:<%@ page import="java.util.*, java.io.*" %>

47

93


2009-2010

© The Authors

page Directive: contentType Attribute

• Sets the Content-Type response header

<%@ page contentType=" MIME-Type" %>

<%@ page contentType=" MIME-Type;charset= Character-Set" %>

• Example<%@ page contentType="text/html;

charset=ISO-8859-1" %>

94


2009-2010

© The Authors

The include Directive

• Use:<%@ include file=“ relative URL” %>

• Adds content of specified file before translating to servlet– included files may contain JSP constructs

• Code re-use

• Problem:– not all servers detect when included file has changed

– to force re-compilation: change modification date of main file• Unix touch command• by explicitly modifying comment in main file such as:

<%-- Navbar.jsp modified 03/01/03 --%><%@ include file="Navbar.jsp" %>

• See also jsp:include element

48

95


2009-2010

© The Authors

The taglib Directive

• Allows developers to define their own JSP tags

• Developer defines interpretation of:– tag

– its attributes

– its body

• Custom tags can be grouped into tag libraries

• Components needed for using a custom tag library– tag handler classes (java) or tag files (JSP)

• defines the behaviour associated to the tags– tag library descriptor file (XML; file has .tld extension)

• info about the library and about each of its tags

– JSP files• that use the tag library

96


2009-2010

© The Authors

Actions < jsp: action attributes >

• Tags interpreted at execution time

– jsp:include

– jsp:forward

– jsp:param

– jsp:useBean

– jsp:setProperty

– jsp:getProperty

– jsp:plugin

– jsp:params

– jsp:fallback

JavaBeans tags

HTML <object> tags

49

97


2009-2010

© The Authors

The jsp:include Action

• Adds content of specified file when request treated– therefore, after translation to servlet

• Required attributes of include :– page : a relative URL (JSP expressions can be used)

– flush :• value is " true " : any buffered content flushed to browser• JSP 1.1: value " true " was mandatory

• Included files– normally text or HTML files

– cannot contain JSP constructs

– may be result of resources that use JSP to generate output• thus, URL may point to JSP or servlets

98


2009-2010

© The Authors

The jsp:forward Action

• Contents generated by the indicated JSP or servlet– added to the response

• Control does not come back to original page– stays with the forward page

• Attributes:– page : a relative URL

• Interaction with output buffering (c.f. page directive, buffer attr.):– forwarding leads to output buffer being cleared

– forwarding after output has been sent to browser: exception• e.g. no buffer and some output sent• e.g. buffer size exceeded and buffer defined as autoflush

• Example:<jsp:forward page="list.jsp" />

50

99


2009-2010

© The Authors

The jsp:param Action

• For specifying parameters of passed-on request– temporarily add new, or override existing, request param.– retrieved with request.getParameter

• Attributes– name: name of the parameter– value : parameter value (JSP expressions can be used)

• Examples:<jsp:include page=“header.jsp” flush=“true”>

<jsp:param name=“title” value=“Welcome” /></jsp:include>

<jsp:forward page=“list.jsp”><jsp:param name=“order” value=“A380” />

</jsp:forward>

100


2009-2010

© The Authors

JSP XML Syntax

• Script elements

– expressions<jsp:expression> Expression </jsp:expression>

– scriptlets<jsp:scriptlet> scriptlet code </jsp:scriptlet>

– declarations<jsp:declaration> declarations </jsp:declaration>

• Directives<jsp:directive:directiveName attribute_list />

• Template Data<jsp:text> text </jsp:text>

51

101


2009-2010

© The Authors

Example 4: Simple JSP

<%@ page language= “ java ”contentType= “ text/html;charset=iso-8859-1 ” %>

<%@ page import= “ java.util.Date ” %>

<html><head>

<title>Hola Mundo</title></head><body>

<%! private int accessCount = 0; %>

<p>Hello, this is a JSP.</p><p>The time on the server is <%= new Date() %>.</p><p>This page has been accessed <%= ++accessCount %>

times since server start-up.</p>

</body></html>

102


2009-2010

© The Authors

Example 4: Simple JSP Compiled to Servlet(Tomcat 5.x)

import java.util.Date;

public class hello_jsp extends HttpJspBase {

private int accessCount = 0;

public void _jspService(HttpServletRequest request,HttpServletResponse response)


. . .response.setContentType("text/html;charset=iso-8859 -1");pageContext = _jspxFactory.getPageContext(this, req uest,

response, null, true, 8192, true);out = pageContext.getOut();out.write("\r\n");out.write("<html><head><title>Hola Mundo</title></he ad>\r\n");out.write(" <body>\r\n");out.write(" <p>Hello, this is a JSP.</p>\r\n");out.write(" <p>The time on the server is " + new D ate() + ".</p>\r\n");out.write(" <p>This page has been accessed " + ++a ccessCount );out.write(" times since server start-up.</p>\r\n ");out.write("</body></html>\r\n");. . .

}}

52

103


2009-2010

© The Authors

Ejemplo 4: Server Response

Hello, this is a JSP

The time on the server is Tue Oct 16 21:58:11 CEST 2007

This page has been accessed 3 times since server start-up

104


2009-2010

© The Authors

Java Beans

• All data fields private: called properties

• Reading/writing bean data– getXxx method (accessor)

– setXxx method (mutator)

• Events– beans can send notifications of property changes

• Introspection– self-knowledge

• Serializability

• Customisation– property editors

53

105


2009-2010

© The Authors

Why Use JavaBeans?

• Reusability and modularity– seperate java classes

• easier to write, compile, test, debug and reuse

– instead of large quantities of code embedded in JSP pages

• Clear separation between content and presentation – java objects manipulated using XML-compatible syntax

• Easier to share objects between JSPs and servlets

• Can be used to simplify the process of reading request parameters

106


2009-2010

© The Authors

The jsp:useBean Action

<jsp:useBean id="name" class="package.Class" />

• Meaning:– instantiate an object of the class indicated in the class attribute

– bind it to a variable whose name is indicated in the id attribute

• Alternative– use the beanName attribute instead of the class attribute

– the beanName attribute can refer to a file containing a serialized Bean

• Accessing properties:<jsp:getProperty name="book1" property="title" />

is equivalent to:<%= book1.getTitle() %>

• Assigning to properties:<jsp:setProperty name="book1" property="title"

value="Bible" />

is equivalent to:<%= book1.setTitle("Bible") %>

54

107


2009-2010

© The Authors

The jsp:setProperty Action (1/2)

• Usually, attribute values must be strings– JSP expressions can be used in the attributes: name, value

• Example:– setting a property to the value of a request parameter:

<jsp:setProperty name="entry"property="itemID"value='<%= request.getParameter("itemID") %>' />

• Problem: what happens if the property is not of type String ?– explicit type conversion (inside try-catch ), but…

… see next slide

108


2009-2010

© The Authors

The jsp:setProperty Action (2/2)

• Associating value of property to that of request parameter

– parameter and property have different names:<jsp:setProperty name="customer" property="email"

param="new_email" />

is equivalent to customer.setEmail(request.getParameter("new_email")

– parameter and property have identical names:<jsp:setProperty name="customer" property="email" / >

is equivalent tocustomer.setEmail(request.getParameter("email")

• Associating values of all properties with identically-named request parameters:

– <jsp:setProperty name="customer" property="*" />

• In these cases, type conversion is automatic

55

109


2009-2010

© The Authors

Example 5: Simple Bean

// Source: “Core Servlets…”, Marty Hall et al

package coreservlets;

public class StringBean {private String message = "No message specified";

public String getMessage() {return(message);

}

public void setMessage(String message) {this.message = message;

}}

110


2009-2010

© The Authors

Example 5: JSP Including Simple Bean

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transit ional//EN"><html>

<head><title>Using JavaBeans with JSP</title>

<link rel="stylesheet" href="JSP-Styles.css" type=" text/css" />

</head>

<body>

<table border="5" align="center">

<tr><th class="title">Using JavaBeans with JSP</th> </tr></table>

<jsp:useBean id="messageBean" class="coreservlets.M essageBean" />

<ol>

<li>Initial value (print with getProperty):

<i> <jsp:getProperty name="messageBean" property="messa ge" /> </i></li>

<li>Initial value (print with JSP expression):

<i> <%= messageBean.getMessage() %> </i></li>

<li> <jsp:setProperty name="messageBean" property="messa ge" value="Best

message bean: Fortex" />

Value after setting property with setProperty (print with getProperty):

<i> <jsp:getProperty name="messageBean" property="messa ge" /> </i></li>

<li> <% messageBean.setMessage("My favorite: Kentucky Wo nder"); %>

Value after setting property with scriptlet (print w ith JSP expression):

<i> <%= messageBean.getMessage() %> </i></li>

</ol>

</body>

</html>

56

111


2009-2010

© The Authors

Example 5: Server Response

112


2009-2010

© The Authors

Bean Scope

• In the JSP context– beans created with jsp:useBean

– bound to a local variable

– four possibilities regarding their storage location• scope attribute

57

113


2009-2010

© The Authors

Bean Scope

Attribute scope of action jsp:useBean takes one of values:

• page (default value).– placed in pageContext object for duration of current request

– accessible through predefined variable pageContext

• request

– stored in the ServletRequest object

– accessible through predefined variable request

• session

– stored in the HttpSession

– accessible through predefined variable session

• application

– stored in the ServletContext object

– accessible through predefined variable application

114


2009-2010

© The Authors

Bean Scope

58

115


2009-2010

© The Authors

Conditional Creation of Beans

• The jsp:useBean action– instantiates new bean if no bean with same id & scope found

– otherwise, existing bean associated to variable referenced by id

• If, instead of:<jsp:useBean … />

we write:<jsp:useBean … >

sentences</jsp:useBean>

then sentences are executed only when new bean created– convenient for setting initial bean properties for shared beans

– all pages that share the bean have the initialisation code

116


2009-2010

© The Authors

Expression Language (EL)

• First introduced with JSTL (Java Standard Tag Library)

– later extended for use anywhere (outside JSTL tags): JSP 2.0 EL

• Facilitates writing scriptlets in JSP pages

• Syntax: ${expression}

– an EL expression may be escaped (& not evaluated) with \

• EL expressions may be used– as values of attributes in actions, e.g.

<jsp:include page= " ${location} " >

– inside the text of a template, such as HTML, e.g.<h1>Welcome ${name}</h1>

• Example– set attribute (in this case in a servlet)

request.setAttribute("endMessage","That's all Folks !");

– use attribute in JSP (four scopes searched for attribute):<h2>${endMessage}</h2>

59

117


2009-2010

© The Authors

JSP Standard Tag Library (JSTL)

• JSTL is a standardised set of tag libraries – encapsulates JSP functionality common to many applications

• Syntax<prefix:tagName (attributeName= “ attributeValue ” )* />

<prefix:tagName>body</prefix:tagName>

• Functional areas:

fnhttp://java.sun.com/jsp/jstl/functionsFunctions

sqlhttp://java.sun.com/jsp/jstl/sqlRelational database access

fmthttp://java.sun.com/jsp/jstl/fmtFormatting / internationalisation

xhttp://java.sun.com/jsp/jstl/xmlXML processing

chttp://java.sun.com/jsp/jstl/coreCore

PrefixURIArea

118


2009-2010

© The Authors

Some of the JSTL Core Tags (1/2)

• set

– creates an EL variable

– updates value of existing EL variable or of JavaBean property<c:set [var="varName“] [value="value"]

[scope="{page|request|session|application}"]

[target="variable.bean"][property="bean.property"] />

• remove

– deletes an EL variable<c:remove var="varName"

[scope="{page|request|session|application}"] />

• url

– provides an encoded (relative) URL, if cookies are disabled (forsession management purposes)<c:url [value="value"] [var="varName" ] [context= "some"]

[scope="{page|request|session|application}"] />

60

119


2009-2010

© The Authors

Some of the JSTL Core Tags (2/2)

• if (see also tags choose / when / otherwise )<c:if test= " expression " [var= " varName “]

[scope= " {page|request|session|application} " ] >

body if expression is true</c:if>

• forEach

– iteration over the content of the tag<c:forEach items= " collection " [var= " varName " ] [ … ]>

body content</c:forEach>

• out

– evaluates an expression and writes results in current JSPWriter<c:out value= " value " [default= " defaultValue " ]

[escapeXml= " {true|false} " ] />


2009-2010

© The Authors

Example 6: JSTL and EL

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>

<c:if test="${not empty errorMsgs}" ><p>Please correct the following errors:

<ul><c:forEach var="message" items="${errorMsgs}">

<li>${message}</li></c:forEach>

</ul></p>

<p>Accessing messageBean properties: ${messageBean.message}</p>

</c:if>

previously stored in one of the objects: pageContext , request , session , or application

previously stored in one of the objects: pageContext , request , session , or application

61

121


2009-2010

© The Authors

Presentation tier:Integration of Servlets and JSPs

122


2009-2010

© The Authors

Contents: Integration of Servlets and JSPs

• Integration de servlets and JSPs

• Handling a single request

• Forwarding in servlets and JSPs

• The MVC design pattern

62

123


2009-2010

© The Authors

Integration of Servlets and JSP

• Advantage of JSP over servlets– easier to generate the static part of the HTML

• Problem– JSP document provides a single overall presentation

• Solution– combine servlets and JSP

– servlet:• handles initial request• partially processes data• configures the beans• passes results to one of a number of different JSP pages

depending on circumstance

124


2009-2010

© The Authors

Handling a Single Request

• Servlet-only solution suitable when– output is a binary type or there is no output

– format/layout of the page is highly variable

• JSP-only solution suitable when– output is mostly character data

– format/layout mostly fixed

• Servlet & JSP combination solution suitable when– single request has several possible responses, each with

different layout

– business logic and Web presentation not developed by same people

– application performs complicated data processing but has relatively fixed layout

63

125


2009-2010

© The Authors

Forwarding in Servlets and JSPs

• From a JSP (unusual)<jsp:forward page='login.jsp'><jsp:param name='login' value='pepe' /></jsp:forward>

• From a ServletRequestDispatcher rd =

getServletContext().getRequestDispatcher("login.jsp?login=pepe");


LoginServletLoginServlet

LoginServlet?login=pepeLoginServlet?login=pepe

126


2009-2010

© The Authors

Example 1: Request Forwarding


throws ServletException IOException {

String operation = request.getParameter("operation" );if (operation == null) {

operation = "unknown";}

String address;if (operation.equals("order")) {

address = "/WEB-INF/Order.jsp";else if (operation.equals("cancel")) {

address = "/WEB-INF/Cancel.jsp";else

address = "/WEB-INF/UnknownOperation.jsp";}

RequestDispatcher dispatcher =

request.getRequestDispatcher(address);dispatcher.forward(request, response);

}

64

127


2009-2010

© The Authors

Model-View-Controller (MVC) Pattern

• Design Pattern (such as MVC) – repeatable solution to commonly-occurring software problem

• MVC pattern well suited when– single request can result in responses with different format– several pages have substantial common processing

• Model– the data to be manipulated and displayed

• View– the actual display

• Controller– handles the request– decides what logic to invoke– decides which view applies

128


2009-2010

© The Authors

MVC Pattern: More Detail

Source: Java BluePrints, Model-View-Controller. Available at:http://java.sun.com/blueprints/patterns/MVC-detaile d.html

65

129


2009-2010

© The Authors

MVC is an Architectural Pattern

Database

Also denoted “Model 2”

Client

Browser

Web server

Container

Controller

HTTP request

HTTP response view

HTTP<%

%>

Source: Web Component Development Wth Servlet and JSP TechnologiesSun Microsystems (course SL-314-EE5)

130


2009-2010

© The Authors

Implementing MVC with Request Dispatcher

1. Define beans to represent the data

2. Servlet handles requests– reads request params & checks for missing/malformed data

3. Servlet populates beans– servlet invokes business logic / data-access code (simple cases:

may be bean methods); obtains results– results stored in beans (only servlet creates and modifies beans)

4. Servlet stores beans– invokes setAttribute on request, session or context

5. Servlet forwards request to appropriate JSP page– uses forward method of request dispatcher

6. JSP extracts data from beans– uses jsp:usebean and jsp:getProperty

– or uses JSP 2.0 EL: more powerful, concise, readable

66

131


2009-2010

© The Authors

Implementing MVC

2

3

4

5

6

Source: IBM Labs. JSP – Dynamic Content Generation Made Simple

132


2009-2010

© The Authors

Example: Web Application with JSP

• Using only JSP

• For larger web applications, use MVC:– JSP for the presentation

– servlets for the logic

login.jsp validate_login.jsp welcome.jsp

POST(login,password) forward()

if (login,failed) then forward()

67

133


2009-2010

© The Authors

Example: Web Application using MVC

login.jsp

list.jsp welcome.jsp

loginservlet

productservlet

if (login failed) then forward(login)

POST(login,password)

if (not logged) then forward()

forward(ListBean)

GET(productId) GET()

forward(ProductBean)

DB

session.setAttribute(UserInfoBean)

134


2009-2010

© The Authors

Handling Beans in Servlets and JSPs

• JSP:<!–- instantiate/use bean --><jsp:useBean id='user' class='UserInfoBean' scope=' session'>

<jsp:setProperty name='user' property='lastName' va lue='Perez' /></jsp:useBean><!–- set property --><jsp:setProperty name='user' property='firstName' v alue='Pepe'><!–- get property --><jsp:getProperty name='user' property='firstName' / >

• Servlet:// instantiate/use bean

UserInfoBean user = (UserInfoBean) session.getAttri bute("user");if (user == null) {

user = new UserInfoBean();user.setLastName("Perez");session.setAttribute("user", user);

}// set propertyuser.setFirstName = "Pepe";// get propertyout.println(user.getFirstName());

68

135


2009-2010

© The Authors

MVC: Handling Beans in JSPs

• MVC: bean is initialised in servlet and used in JSP

– using bean in JSP without the EL:<!–- use bean --><jsp:useBean id='user' class='UserInfoBean' scope='s ession' /><!–- get property --><jsp:getProperty name='user' property='firstName' />

– using bean in JSP with JSTL EL<!–- use bean and get property -->

<c:out value="${user.firstname}" />

– using bean in JSP with JSP 2.0 EL:<!–- use bean and get property -->${user.firstname}

136


2009-2010

© The Authors

MVC: Passing Data on Forward

• Destination obtains unprocessed info from request object, but – programming easier in origin servlet than destination JSP

– multiple JSPs may require the same data

• Simple value: pass as attribute of request object, e.g.– at origin

request.setAttribute(“key1”, value1);

– at targetType1 value1 = (Type1) request.getAttribute(“key1”) ;

or as parameter of forward action

• Complex value: represent as shared bean– scope = application : stored in servletContext object– scope = session : stored in session object

– scope = request : stored in request object

69

137


2009-2010

© The Authors

Other Topics of Interest

• Lifecycle listeners: – monitor and react to events in a servlet's life cycle

• Filtering API: Filter , FilterChain , FilterConfig

– filter: an object that can transform the header and content (or both) of a request or response (from servlet 2.3)

– authentication, logging, image conversion, data compression, encryption, tokenizing streams, XML transformations,…

• Java Server Faces– Java/JSP-based Web application framework that simplifies the

development of user interfaces for Java EE applications

• Jakarta Struts– open-source framework that extends the Java Servlet API to

facilitate development of Web applications conforming to the MVC pattern.

138


2009-2010

© The Authors

On-line Bibliography

• Sun's servlet pages / JSP pages / JSTL pageshttp://java.sun.com/products/servlet/

http://java.sun.com/products/jsp/

http://java.sun.com/products/jsp/jstl/

• Marty Hall's book Core Servlets and JavaServer Pages, vol. 1, 2nd editionhttp://pdf.coreservlets.com/

• Marty Hall's book More Servlets and JavaServer Pages, 1st edition(including information on filters and lifecycle listeners)http://pdf.moreservlets.com/

• Marty Hall's slides Beginning and Intermediate-Level Servlet, JSP and JDBC Tutorialshttp://courses.coreservlets.com/Course-Materials/cs ajsp2.html

• Apache Tomcat home page / Marty Hall's Apache Tomcat tutorialhttp://tomcat.apache.org/

http://www.coreservlets.com/Apache-Tomcat-Tutorial/

• Sun's Java Server Faces Technology pageshttp://java.sun.com/javaee/javaserverfaces/

• Jakarta Strutshttp://struts.apache.org/

the presentation tier of the java ee architecture - uc3m · the presentation tier of the java ee...

Documents