What is a Servlet A servlet is a

What is a Servlet? • A servlet is a java class that extends an application hosted on a web server. • Handles the HTTP request-response process (for our purposes) • Often thought of as an applet that runs on a server. • Provides a component base architecture for web development, using the Java Platform • The foundation for Java Server Pages (JSP). • Alternative to CGI scripting and platform specific server side applications.

Common Uses • Processing and/or storing data submitted by an HTML form. • Providing dynamic content, e. g. returning the results of a database query to the client. • Managing state information on top of the stateless HTTP, e. g. for an online shopping cart system which manages shopping carts for many concurrent customers and maps every request to the right customer.

Architectural Roles • Servlets provide the middle tier in a three or multi-tier system. • Servlets provide logic and/or traffic control for requests/response to the server. • Servlets allow web developers to remove code from the client and place the logic on the server.

What is required? • Servlets are not run in the same sense as applets and applications. • Since they extend a web server, they require a servlet container to function. • A servlet container is a part of a web server or application server that provides the network services over which request and response are sent. • Contains and manages the servlets through there lifecycle. • The container provides other services as well.

Web Container/Servlet engine Java Classes Browser Web Server J 2 EE Container Deployment Descriptor is used to configure web applications that are hosted in the App Server. Deployment Descriptor web. xml Servlets

Servlet Life Cycle • Initialization – the servlet engine loads the servlet’s *. class file in the JVM memory space and initializes any objects • Execution – when a servlet request is made, • a Servlet. Request object is sent with all information about the request • a Servlet. Response object is used to return the response • Destruction – the servlet cleans up allocated resources and shuts down

Client Interaction • When a servlet accepts a call from a client, it receives two objects: – A Servlet. Request, which encapsulates the communication from the client to the server. – A Servlet. Response, which encapsulates the communication from the servlet back to the client. • Servlet. Request and Servlet. Response are interfaces defined by the javax. servlet package.

The Servlet. Request Interface • The Servlet. Request interface allows the servlet access to: – Information such as the names of the parameters passed in by the client, the protocol (scheme) being used by the client, and the names of the remote host that made the request and the server that received it. – The input stream, Servlet. Input. Stream. Servlets use the input stream to get data from clients that use application protocols such as the HTTP POST and PUT methods. • Interfaces that extend Servlet. Request interface allow the servlet to retrieve more protocol-specific data. For example, the Http. Servlet. Request interface contains methods for accessing HTTP-specific header information.

The Servlet. Response Interface • The Servlet. Response interface gives the servlet methods for replying to the client. It: – allows the servlet to set the content length and MIME type of the reply. – provides an output stream, Servlet. Output. Stream, and a Writer through which the servlet can send the reply data. • Interfaces that extend the Servlet. Response interface give the servlet more protocol-specific capabilities. – For example, the Http. Servlet. Response interface contains methods that allow the servlet to manipulate HTTP-specific header information.

Request Information Example Source Code-1/2 import java. io. *; import javax. servlet. http. *; public class Request. Info extends Http. Servlet { public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws IOException, Servlet. Exception { response. set. Content. Type("text/html"); Print. Writer out = response. get. Writer(); out. println("<html>"); out. println("<head>"); out. println("<title>Request Information Example out. println("</head>"); out. println("<body>"); </title>");

Request Information Example Source Code-2/2 out. println("<h 3>Request Information Example</h 3>"); out. println("Method: " + request. get. Method()); out. println("Request URI: " + request. get. Request. URI()); out. println("Protocol: " +request. get. Protocol()); out. println("Path. Info: " + request. get. Path. Info()); out. println("Remote Address: " + request. get. Remote. Addr()); out. println("</body>"); out. println("</html>"); } /* We are going to perform the same operations for POST requests as for GET methods, so this method just sends the request to the do. Get method. */ public void do. Post(Http. Servlet. Request request, Http. Servlet. Response response) throws IOException, Servlet. Exception { do. Get(request, response); }}

Request Header Example

Additional Capabilities of HTTP Servlets • Cookies are a mechanism that a servlet uses to have clients hold a small amount of state-information associated with the user. Servlets can use the information in a cookie as the user enters a site (as a low-security user sign-on, for example), as the user navigates around a site (as a repository of user preferences for example), or both. • HTTP servlets also have objects that provide cookies. The servlet writer uses the cookie API to save data with the client and to retrieve this data.

Cookies

Cookies Source Code – 1/2 import java. io. *; import javax. servlet. http. *; public class Cookie. Example extends Http. Servlet { public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws IOException, Servlet. Exception { response. set. Content. Type("text/html"); Print. Writer out = response. get. Writer(); // print out cookies Cookie[] cookies = request. get. Cookies(); for (int i = 0; i < cookies. length; i++) { Cookie c = cookies[i]; String name = c. get. Name(); String value = c. get. Value(); out. println(name + " = " + value); }

Cookies Source Code – 2/2 // set a cookie String name = request. get. Parameter ("cookie. Name"); if (name != null && name. length() > 0) { String value = request. get. Parameter("cookie. Value"); Cookie c = new Cookie(name, value); response. add. Cookie(c); }}}

Servlet Sessions • Since http protocol is stateless, Java API provides the following techniques for session tracking: – URL rewriting – Cookies – Hidden form fields Response with a Token Client Server Request with a Token

Servlet Sessions • URL Write – Facilitated through methods in the response interface – http: //bradsmachine. com? jsessionid=00988988 • Hidden fields - <input value=“ 00988988”> type=“hidden” name=“jsessionid” • Cookies • – – – Cookie c = new Cookie(“uid”, “brad”); c. set. Max. Age(60); c. set. Domain(“bradsmachine”); c. set. Path(“/”); response. add. Cookie(c); Servlet API requires that web containers implement session tracking using cookies.

Http. Session • Web containers provide an implementation of this interface to provide session tracking. • Session objects can be retrieved from the Http. Request object also provided by the container. Http. Session session = request. get. Session(); • If a session object does not exist for the client, one will be created. • The duration of this session object can be configured in the web. xml file or in a servlet, set. Max. Inactive. Interval( interval );

Session Capabilities • Session tracking is a mechanism that servlets use to maintain state about a series of requests from the same user(that is, requests originating from the same browser) across some period of time. • session-tracking capabilities. The servlet writer can use these APIs to maintain state between the servlet and the client that persists across multiple connections during some time period.

Sessions

Sessions Source Code – 1/2 import java. io. *; import java. util. *; import javax. servlet. http. *; public class Session. Example extends Http. Servlet { public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws IOException, Servlet. Exception { response. set. Content. Type("text/html"); Print. Writer out = response. get. Writer(); Http. Session session = request. get. Session(true); // print session info Date created = new Date( session. get. Creation. Time()); Date accessed = new Date(session. get. Last. Accessed. Time());

Sessions Source Code – 2/2 out. println("ID " + session. get. Id()); out. println("Created: " + created); out. println("Last Accessed: " + accessed); String data. Name = request. get. Parameter("data. Name"); if (data. Name != null && data. Name. length() > 0) {String data. Value = request. get. Parameter("data. Value"); session. set. Attribute(data. Name, data. Value); } // print session contents Enumeration e = session. get. Attribute. Names(); while (e. has. More. Elements()) { String name = String)e. next. Element(); value = session. get. Attribute(name). to. String(); out. println(name + " = " + value); }}}

Servlets database connectivity

Servlets and db • Messaging, storefronts and search engines all require databases. • Such sites may be complicated to build and have performance issues. • We will use SQL and JDBC. • The JDBC and servlet API are a good solution to db issues.

Platform independence • Servlets written for oracle can easily be modified for sybase, mysql or odbc. • Text does many connection types. I only do mysql.

Connectors • Connecting to mysql from java requires a connector. • Applications and servlets can connect to the db. • MYSQL listens on port 3306 • You’ll have to go to the mysql site to download mysql-connector-java. zip • Unzip, and put the jar file in your classpath.

Getting connections • Imports: import java. sql. *; • The first step in using a JDBC driver to get a db connection in your application involves loading the specific driver class into the application’s jvm. • One way to do it is to use the Class. for. Name() method: Class. for. Name(“sun. jdbc. odbc. Jdbc. Odbc. Driver”); • Once loaded, the driver registers itself with the java. sql. Driver. Manager class as an available db driver. • Next step is to ask the driver manager to open a connection to a given db specified in a URL. The method used is Driver. Manager. get. Connection(): Connection con= Driver. Manager. get. Connection(“jdbc etc”, ”user”, ”pw”);

MYSQL admin

administration • Some slides show the mysqlcc (control center) but since we already have apache/php it is easier to continue to use PHPMy. Admin. • You’ll need apache running to administer mysql using phpmyadmin. • If Apache and Tomcat run on the same port you’ll have a problem. • By default, apache is at 80 and tomcat is at 8080 but if you’ve changed those settings you might have trouble.

MYSQL admin and MYSQLcontrol center • Download and install mysql. • Run MYSQL from the admintool (icon): • A little traffic light icon with a red light will appear lower right monitor screen. • Rt-click this and select NT. (Selecting showme will open the mysql admin GUI) • First, shutdown the service, then start the service standalone. • The traffic light should be green indicating that mysql is running. • My. SQLMy. Admin is a good GUI for managing your db

My. SQLCC

Some remarks • Looking at user admin in the control center you can add users or set pws. (rt click user admin selection) • Security is less tight for the “test” db, so that is where my examples are.

Add user

New user bob

A new table: rt click tables selection in mysql control center

Saving table/viewing table fields

Open table/query/insert record • Under query type insert record to put some data in

The phonelookup servlet import java. io. *; import java. sql. *; import javax. servlet. http. *; public class DBPhone. Lookup extends Http. Servlet { public void do. Get(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException { Connection con = null; Statement stmt = null; Result. Set rs = null; res. set. Content. Type("text/html"); Print. Writer out = res. get. Writer(); try { // Load (and therefore register) the Oracle Driver Class. for. Name("org. gjt. mm. mysql. Driver"); // Get a Connection to the database con = Driver. Manager. get. Connection( "jdbc: mysql: //localhost/test", "bob", "justabob"); //or user= “root”, pw=”” // Create a Statement object stmt = con. create. Statement(); // Execute an SQL query, get a Result. Set rs = stmt. execute. Query("SELECT NAME, EMAIL FROM guestlist"); //added cmt and id to this // Display the result set as a list out. println("<HTML><HEAD><TITLE>Phonebook</TITLE></HEAD>"); out. println("<BODY>"); out. println("<UL>"); while(rs. next()) { out. println("<LI>" + rs. get. String("name") + " " + rs. get. String("email")); }//actually added more to get all columns out. println("</UL>"); out. println("</BODY></HTML>"); } catch(Class. Not. Found. Exception e) { out. println("Couldn't load database driver: " + e. get. Message()); } catch(SQLException e) { out. println("SQLException caught: " + e. get. Message()); } finally { // Always close the database connection. try { if (con != null) con. close(); } catch (SQLException ignored) { } } }}

Phone lookup (using guestbook table)

phonebook • This is about as simple as it could be. • It does not establish a pool of connections – it just opens one. • It does not get db driver and user/pw from servlet context or init params. These are hardcoded.

Html. SQL result class presents query result as an html table public class Html. SQLResult { private String sql; private Connection con; public Html. SQLResult(String sql, Connection con) { this. sql = sql; this. con = con; } public String to. String() { // can be called at most once String. Buffer out = new String. Buffer(); // Uncomment the following line to display the SQL command at start of table // out. append("Results of SQL Statement: " + sql + "<P>n"); try { Statement stmt = con. create. Statement(); if (stmt. execute(sql)) { // There's a Result. Set to be had Result. Set rs = stmt. get. Result. Set(); out. append("<TABLE>n"); Result. Set. Meta. Data rsmd = rs. get. Meta. Data(); int numcols = rsmd. get. Column. Count();

continued // Title the table with the result set's column labels out. append("<TR>"); for (int i = 1; i <= numcols; i++) out. append("<TH>" + rsmd. get. Column. Label(i)); out. append("</TR>n"); while(rs. next()) { out. append("<TR>"); // start a new row for(int i = 1; i <= numcols; i++) { out. append("<TD>"); // start a new data element Object obj = rs. get. Object(i); if (obj != null) out. append(obj. to. String()); else out. append("  "); } out. append("</TR>n"); } // End the table out. append("</TABLE>n"); } else { // There's a count to be had out. append("<B>Records Affected: </B> " + stmt. get. Update. Count()); } } catch (SQLException e) { out. append("</TABLE><H 1>ERROR: </H 1> " + e. get. Message()); } } } return out. to. String();

Reuse example • can reuse connection created in advance in init method

Here are just the parts that differ from previous phonebook example public void init() throws Servlet. Exception { try { // Load (and therefore register) the Oracle Driver Class. for. Name("org. gjt. mm. mysql. Driver"); // Get a Connection to the database con = Driver. Manager. get. Connection( "jdbc: mysql: //localhost/test", "bob", "justabob"); } catch (Class. Not. Found. Exception e) { throw new Unavailable. Exception("Couldn't load database driver"); } catch (SQLException e) { throw new Unavailable. Exception("Couldn't get db connection"); } } public void do. Get(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException { res. set. Content. Type("text/html"); Print. Writer out = res. get. Writer(); out. println("<HTML><HEAD><TITLE>Phonebook</TITLE></HEAD>"); out. println("<BODY>"); Html. SQLResult result = new Html. SQLResult("SELECT NAME, EMAIL, CMT, ID FROM guestlist", con);

Adding a guest to our guestlist: the get methods calls post… this mimicks text example “Order. Handler” • I didn’t change the message text servlet printed out • uses connection pool class

Phone lookup checks the table to verify guest added

add a guest servlet public class Add. AGuest. Pool extends Http. Servlet { private Connection. Pool pool; public void init() throws Servlet. Exception { try { pool = new Connection. Pool("org. gjt. mm. mysql. Driver", "jdbc: mysql: //localhost/test", "bob", "justabob", 5); }//get connections catch (Exception e) { throw new Unavailable. Exception("Couldn't create connection pool"); } } public void do. Get(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException {do. Post(req, res); } public void do. Post(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException { Connection con = null; res. set. Content. Type("text/plain"); Print. Writer out = res. get. Writer(); try { con = pool. get. Connection(); // Turn on transactions con. set. Auto. Commit(false); Statement stmt = con. create. Statement(); stmt. execute. Update("INSERT INTO guestlist(NAME, ID, EMAIL, CMT)values ('Xavier Poindexter III', '81234', 'Xavier@oneonta. edu', 'astounding salad bar')"); //this would be form data con. commit(); out. println("Order successful! Thanks for your business!"); } catch (Exception e) { // Any error is grounds for rollback try {con. rollback(); } catch (Exception ignored) { } out. println("Order failed. Please contact technical support. "); } finally { if (con != null) pool. return. Connection(con); } }}

Connectionpool servlet in slide notes. • Blackscreen output (server screen) provides some information

Guestbook servlet revisited: form posts data to db…entire servlet in slide notes

Guestbook servlet revisited after pressing button (code in notes)

Guestbook servlet: some notes • Init gets a pool of connections: public void init() throws Servlet. Exception { try { Servlet. Context context = get. Servlet. Context(); synchronized (context) { // A pool may already be saved as a context attribute pool = (Connection. Pool) context. get. Attribute("pool"); if (pool == null) { // Construct a pool using our context init parameters // connection. driver, connection. url, user, password, etc pool = new Connection. Pool(new Context. Properties(context), 3); context. set. Attribute("pool", pool); } } } catch (Exception e) { throw new Unavailable. Exception( "Failed to fetch a connection pool from the context: " + e. get. Message()); } }

Guestbook servlet: some notes • do. Get and do. Post are a series of method calls: public void do. Get(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException { res. set. Content. Type("text/html"); Print. Writer out = res. get. Writer(); } print. Header(out); print. Form(out); print. Messages(out); print. Footer(out); // Add a new entry, then dispatch back to do. Get() public void do. Post(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception, IOException { handle. Form(req, res); do. Get(req, res); }

Guestbook servlet: some notes • Printing a form: private void print. Form(Print. Writer out) { out. println("<FORM METHOD=POST>"); // posts to itself out. println("<B>Please submit your feedback: </B><BR>"); out. println("Your name: <INPUT TYPE=TEXT NAME=name><BR>"); out. println("Your email: <INPUT TYPE=TEXT NAME=email><BR>"); out. println("Comment: <INPUT TYPE=TEXT SIZE=50 NAME=comment><BR>"); out. println("<INPUT TYPE=SUBMIT VALUE="Send Feedback"><BR>"); out. println("</FORM>"); out. println("<HR>"); }

Handle. Form is insert record function private void handle. Form(Http. Servlet. Request req, Http. Servlet. Response res) throws Servlet. Exception { String name = req. get. Parameter("name"); String email = req. get. Parameter("email"); String comment = req. get. Parameter("comment"); Connection con = null; Prepared. Statement pstmt = null; try { con = pool. get. Connection(); // Use a prepared statement for automatic string escaping pstmt = con. prepare. Statement(INSERT); long time = System. current. Time. Millis(); pstmt. set. String(1, Long. to. String(time)); pstmt. set. String(2, name); pstmt. set. String(3, email); pstmt. set. String(4, comment); pstmt. execute. Update(); } catch (SQLException e) { throw new Servlet. Exception(e); } finally { try { if (pstmt != null) pstmt. close(); } catch (SQLException ignored) { } pool. return. Connection(con); } } // Make note we have a new last modified time last. Modified = System. current. Time. Millis();

print. Messages method provides Read functionality private void print. Messages(Print. Writer out) throws Servlet. Exception { String name, email, comment; Connection con = null; Statement stmt = null; Result. Set rs = null; try { con = pool. get. Connection(); stmt = con. create. Statement(); rs = stmt. execute. Query(SELECT_ALL); while (rs. next()) { name = rs. get. String(1); if (rs. was. Null() || name. length() == 0) name = "Unknown user"; email = rs. get. String(2); if (rs. was. Null() || email. length() == 0) name = "Unknown email"; comment = rs. get. String(3); if (rs. was. Null() || comment. length() == 0) name = "No comment"; out. println("<DL>"); out. println("<DT><B>" + name + "</B> (" + email + ") says"); out. println("<DD><PRE>" + comment + "</PRE>"); out. println("</DL>"); } } catch (SQLException e) { throw new Servlet. Exception(e); } finally { try { if (stmt != null) stmt. close(); } catch (SQLException ignored) { } pool. return. Connection(con); } }

do. Get/do. Post • Updates, inserts and delets should call do. Post method • Select (read) should call do. Get

Deleting a record… entire servlet in notes …omitted imports and init which makes connection //Process the HTTP Post request public void do. Post(Http. Servlet. Request request, Http. Servlet. Response response) throws Servlet. Exception, IOException { response. set. Content. Type("text/html"); Print. Writer out = new Print. Writer (response. get. Output. Stream()); Statement stmt=null; String query=""; out. println("<html>"); out. println("<head><title>Servlet</title></head>"); out. println("<body>"); try { stmt = con. create. Statement (); String name = request. get. Parameter("name"); query="DELETE from table 1 where name='" + name+"'"; out. println("Query: "+query+"<BR>"); int count=stmt. execute. Update( query ); out. println("modified records ="+count); } catch (SQLException e 2) { System. out. println("SQLException: "+e 2); } finally{ out. println("</body></html>"); out. close(); } }

Deleting a record…continued //Process the HTTP Get request public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws Servlet. Exception, IOException { Print. Writer out = new Print. Writer (response. get. Output. Stream()); out. println("<html>"); out. println("<head><title>Servlet</title></head>"); out. println("<body>"); out. println("servlet does not support get"); out. println("</body></html>"); out. close(); }}

Context parameters in web. xml for guestbook connection <!-- info to init db connection --> <context-param> <param-name> connection. driver </param-name> <param-value> org. gjt. mm. mysql. Driver </param-value> </context-param> <param-name> connection. url </param-name> <param-value> jdbc: mysql: //localhost/test </param-value> </context-param> <param-name> user </param-name> <param-value> bob </param-value> </context-param> <param-name> password </param-name> <param-value> justabob </param-value> </context-param>