This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Please Login
" + "
"); if (showError == true) { out.println( "<strong>Could not log in!" + " Please try again.
"); }
Source 15.1 LoginServlet.java (continues).
Go back to the first page for a quick link to buy this book online!
457
458
MASTER I NG ENTER PR ISE JAVABEANS
out.println(""); out.close(); } /** * The servlet engine calls this method when the user's * desktop browser sends an HTTP GET request. */ public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { /* * Set up the user's HttpSession */ HttpSession session = request.getSession(true); /* * Retrieve the login name / password from the * URL string. */ String loginName = request.getParameter("Login"); String password = request.getParameter("Password"); /* * If user has not tried to log in yet, present * him with the login screen. */ if ( (loginName == null) || (password == null) ) { writeForm(response, false); } /* * Otherwise, the user has been to this screen * already and has entered some information. * Verify that information. */ else { /* * Find all Customer Entity Beans which * match the loginname */ Enumeration customers = null; try { customers = customerHome.findByName(loginName); } catch (Exception e) { log(e); throw new ServletException(e.toString()); }
Source 15.1 LoginServlet.java (continues).
Go back to the first page for a quick link to buy this book online!
J2EE in the Real World: Combining Servlets with Enterprise JavaBeans
459
/* * For each customer, check if the passwords * match. */ while (customers.hasMoreElements()) { Customer c = (Customer) customers.nextElement(); /* * Do a little sanity check to make * sure the customer has a password. */ String verifiedPassword = c.getPassword(); if (verifiedPassword == null) { System.err.println("Error: Customer " + c.getName() + " does not have a password registered."); break; } /* * If the passwords match, make a new * Quote session bean and add it to * the user's HttpSession object. When * the user navigates to other servlets, * the other servlets can access the * HttpSession to get the user's Quote. */ if (verifiedPassword.equals(password)) { try { Quote quote = quoteHome.create(c); session.putValue("quote", quote); /* * Call the welcome screen servlet */ response.sendRedirect(response.encodeUrl("/servlet/wsf")); return; } catch (ClassCastException e) { log(e); throw new ServletException(e.toString()); } catch (Exception e) { log(e); throw new ServletException(e.toString()); } } }
Source 15.1 LoginServlet.java (continues).
Go back to the first page for a quick link to buy this book online!
MASTER I NG ENTER PR ISE JAVABEANS
460
/* * If there was no match, the user is * not authenticated. Present another * login screen to the user, with an error * message indicating that he or she is not * authenticated. */ writeForm(response, true); } } private void log(Exception e) { getServletConfig().getServletContext().log(e, ""); } public String getServletInfo() { return "The Login servlet verifies a user."; } }
Source 15.1 LoginServlet.java (continued).
we simply print the form out. This is what the writeForm() method does. The writeForm() method prints out some HTML to the client, along with a couple of input tags. The input tags will look like text input boxes to the end user, as shown in Figure 15.1. When the user enters data into the input boxes and submits them, our doGet() method will be called again, only this time, we’ll have a username and password parameter passed back to us from the client. We extract the parameters from the request and then perform an EJB find() on the Customer home object, which we saved from init(). The finder method will return all Customers whose names match the input text. We then query the password on each of the returned EJB objects. If the passwords match, the user is authenticated. Otherwise, we print out the form again, only this time indicating an error message as well. If the client is authenticated, we use the Quote home object to create a new Quote EJB object for this user. We then store the Quote in the user’s servlet session. This is a per-client presentation tier stateful cache that we can exploit to store the current Quote. When the user connects again later, no matter which servlet he or she hits, we can extract the current Quote from the servlet session. Thus, all of our servlets will be nonclient-specific, being able to service any client. They’ll figure out which client browser is connecting to the Web server by querying the Quote stateful session bean, stored in the servlet session.
Go back to the first page for a quick link to buy this book online!
J2EE in the Real World: Combining Servlets with Enterprise JavaBeans
461
Figure 15.1 The login screen.
Once the user has been authenticated and his or her Quote has been created, we direct the user to the next servlet—the Web Storefront. For clarity, this chapter’s servlets perform a great deal of string concatenation when writing HTML. Each concatenation results in an expensive method call. In a performance-intensive deployment, you’d want to use a StringBuffer instead, as follows: StringBuffer buf = new StringBuffer(); buf.append(""); buf.append("
| " + " Catalog Shopping Cart | " + "
| " + " <strong>" + prod.getName() + " " + " | " + "" + "$" + prod.getBasePrice() + " " + " | " + "" + " Add to Quote " + " | " + "
