CISC474, Homework H09, Spring 2007
Logins, Sessions, Parameters, Attributes
Introduction
In this assignment, you'll redo the product servlet you did in H08, adding logins and sessions
In this version, you add a second SQL table—one for a user database. I've provided code for you for yet another version of the Beer Advisor—this one with usernames and passwords.
In the last assignment (H08), I indicated that there were a few things we were doing wrong. We've fixed one of those here, and left another unfixed, as a choice point opportunity.
- I indicated in H08 that we should be using parameters from the deployment descriptor (
web.xml) to set the JDBC URL, username, and password, instead of hard coding those inside the controller servlet. In this assignment, the code illustrates the correct technique—all those parameters are set in the web.xml file. This means that they can be changed without having to recompile the code. In a real world setting, that is pretty helpful.
- In indicated in H08 that we should be using Connection Pooling to avoid performance bottlenecks caused by opening and closing connections to the database. That still remains as "future work", and as a good choice point opportunity. (Research what good practice is here, write a version of the H09 code that implements connection pooling, and then document this on the wiki.)
An outline of how H09 is different from H08
- There is a second SQL table, with user, password, email, first name and last name.
- The application starts with a username/password prompt.
- If the login is successful, a session is started, and on each screen, the users actual first and last name is shown (to show that
the session is being maintained.)
- The code illustrates having multiple servlets within a single web app, and using servlet-context parameters to set values for the JDBC URL, the MySQL username, and the MySQL password.
- The code also illustrates some JSP techniques that weren't illustrated in the previous assignments.
Assignments that must be completed first
- H04 (to understand basics of servlets)
- H05 (to have selected a product)
- H06
(this is an elaboration of work you did in H06)
- H07 (this is an elaboration of work you did in H07)
- H08 (this is an elaboration of work you did in H08)
Overview
In this assignment, you will:
- Review still yet another version of the Beer Advisor application, focusing on the new code.
- Based on this Beer Advisor application, you'll write a new version of your H08"product" application that also uses login sessions.
There are also two choice point opportunities here:
- You may also decide, for up to 100 choice points, to implement password recovery. To earn these choice points you should document how you did it on your choice point plan wiki page, and it must be COMPLETED by the time you turn in your H08 submission, and your submission may be no more than 2 days late.
- For 100 choice points, you may decide to do a refactoring of the given code to improve its structure (particularly to avoid unnecessary multiple connections and queries of the user database.) To earn these choice points, you should document your approach on your choice point plan page, and in addition to turning in a .zip or .tgz file for your own product, you should ALSO turn in a refactored version of the H09 Beer Servlet code. To earn the 100 points, this must be COMPLETED by the time you turn in your H08 submission, and your submission may be no more than 2 days late.
Step-by-Step Instructions
Step 1: Reading
The following reading is recommended:
- HFSJ Chapters 4 through 7
Step 2: Unpack, Review, and deploy the beerAdvisorDB.tgz source
You can obtain the source either as:
You may also browse the source in the H09 directory.
Download this to your development directory. You can do this directly on porsche in the same way that you did it for H07 (see H07 for details).
Before you deploy it, follow the steps to add the BA_Users table to your own database, just as you did in H08
Step 3: Create your own product advisor web app that incorporates user sessions, following the same model
Now, create your own app, using the same product you used in H05,H06,H07 and H08.
Step 4: Prepare a static page (on copland) to document your work
You'll create a static HTML page http://copland.udel.edu/~jstudent/cisc474/H09 that contains
- a link to the running servlet (on porsche)
- a link to the Javadocs (which may be housed on http://www.ecl.udel.edu, i.e. on your ACAD account)
- a link for downloading the tarball or zip file containing your source code (you'll create that in Steps 5,6)
Step 5: Prepare a tarball (or zipfile) of your source distribution
Here is some advice from the wiki on creating a tarball and creating a zip file
Step 6: Upload the tarball (or zipfile) to your download directory, and submit to WebCT
Be sure that the link you created in Step 4 works properly for downloading your source distribution.
Be sure when you go into WebCT, that you both upload and submit.
(The reason to have you also submit on WebCT as well as putting the code on the web is that submitting on WebCT (a) creates a permanent archive, (b) establishes a submission time, and (c) enables the TA to give you a grade.)
Grading Rubric (200 pts total)
| Item |
Description |
Points |
| Operational Application |
The application does what it is supposed to do. (It is ok if password recovery is not implemented, unless you went for the 100 choice points, in which case, it should work!) |
30 |
| SQL |
You have an sql directory with an SQL file to create and populate both your product and user databases. |
10 |
| Java code |
Your Java code works and is well commented and structured |
40 |
| JSPs |
Your JSPs are well commented and well structured |
40 |
| Javadoc |
Your code has proper javadoc
(i.e. not the Javadoc that was in my code, still unmodified!) |
10 |
| Ant |
Your build.xml file looks reasonable |
10 |
| JUnit |
You have reasonable JUnit tests, and they are updated to reflect the database version of the Servlet (just like the BeerAdvisorDB example illustrates) |
10 |
| WAR file |
You used a WAR file |
10 |
| Scripting and Submitted |
You followed instructions for scripting and submitting |
10 |
| Reasonable package names |
No example.com type package names |
10 |
tarball or zip file of source distribution
works properly |
Top level directory is correct, you can unpack and do Ant, and get a menu. global.properties need to be changed only for classpath, and for deployment reasons. |
10 |
| HTML validates as HTML 4.0.1 strict, XHTML 1.0 strict, or XHTML 1.1 |
You should have a validation icon on your index.html, and your "result" HTML should validate when you copy and paste the view source of the resulting HTML (not the JSP source) into the "validate by direct input" box at http://validator.w3.org (the third one down). |
10 |
| TOTAL POINTS |
|
|
Due Date: Thu, May 03, 5:00pm
