WEEK 2<br />SERVLET<br />Dio Yudhista-1301026565<br />Yogi Iswantelly Suryadinata-1301025833<br />04PAC<br />Introduction to SERVLET<br />A HYPERLINK "http://java.sun.com/javaee/6/docs/api/javax/servlet/Servlet.html" Servlet is an object that receives a request and generates a response based on that request. (wikipedia)<br />In my opinion servlet is a container for java so that we can implement java in the web.<br />See below<br />Do you understand what the picture mean?<br />It means that the interface that is the browser will send request and the servlet will give response to the browser,<br />It is like when you request food in the food stall then you will get the response from the waiter, servlet basically works like that too.<br />How the request and response work it’s just like what the book pictured,<br />Then, why choose servlet instead of other traditional CGI (common gateway interface)?<br />First, efficient: because java servlet is a lightweight thread <br />Second, convenient: hey, you already know java. Why bother learning other when java is used in almost every where<br />Third, powerful: java servlet let you do several things that difficult or impossible with regular CGI, example can talk directly to the web server<br />Fourth, portable: servlet is written in java and follow a well-standardized API <br />Last but not least, inexpensive: basically free and cheap that what people likes right.<br />JSP<br />When you working with servlet, you basically working with JSP too. What is JSP?<br />JSP is Java Server Page; it’s a combination of html page with java servlet, so basically we write our html code in JSP.<br />First SERVLET<br />Why don’t we just started by creating a simple servlet that printing hello world.<br />(Note: you must setting up the tomcat first if this is your first time playing with java servlet)<br /><ul><li>Select file -> new project
Choose Apache Tomcat server and java EE 5, then click finish
Right click on your newly created project and choose new -> servlet ,
then automatically it creates servlet under source package, in my case I name my servlet as firstServlet
after this open the index.jsp and try to create a simple form that contain a submit button that using method get and action yourServletName.java</li></ul>Something like:<br />If you confused then use:<br />To create a simple submit button.<br />Java servlet have two methods, get and post, here we use get, we will discuss this later, action is like redirecting your page, here after we press submit, then our page will be redirected to firstServlet.java<br /><ul><li>then open your servlet.java file and do this
Then run the project and try to click the submit button, you will get something like
That hello world actually is your servlet page that you created in step 8</li></ul>See the title<br />And you have done your first servlet!!<br />Handling Form Data/Parameter<br />In here we will try to learn how to pass and get the parameter form JSP page to servlet, this is useful for example for passing username and password value.<br />We pass parameter by giving name to the correspondent text field that we create then pass it to the servlet, and in the servlet gw get the parameter and processing it.<br />First, let’s start by creating new Project and adding form and submit button like this<br />Do you know how to creating text field in html?<br />(Lets the student answer)<br />By adding another input inside the form <br />It means that anything type inside the text box in the name will be passed to the servlet with parameter name as paramName.<br />Second, open your servlet.java and try to get the parameter name that already passed by doing this<br />In here we use string because we pass text value in our JSP file, and request.getParameter(“paramName”)<br />is how we get the passed parameter.<br />For proof we add another code that print the String name value to the servlet<br />Then you can run the project.<br />In here I put name “test” to the text box<br />Then I clicked submit button, and what I get is<br />Text “test” form the previous page.<br />EXERCISE<br />To test your understanding let’s do an exercise based on what we have learn.<br /><ul><li>Try to create something looks like a login page that when you fill the Name parameter as admin you will redirect to the servlet and showing the “admin” word in the servlet page, otherwise go to the login page. Use the method above.
Try to create a simple sum program, for example you have 2 parameter A and B, you put the value for example A = 1 and B = 2, then you click submit button, then in the servlet page, you sum the Value A and B and show the result.</li></ul>Answer:<br /><ul><li>Index.jsp</li></ul>Servlet.java<br />If correct, then it will show<br />If wrong, it will go directly to the index.jsp page again<br />2.<br />Index.jsp<br />Servlet.java<br />Run the project,<br />Index.jsp<br />Servlet.jsp<br />POST & GET<br />In the exercise we still use method get in the form in index.jsp, the different is not much but crucial, why crucial?<br />Because when you use GET method, the parameter value that you past will be shown in the url,<br />It’s dangerous when you creating a login page that contain username and password, because your username and password will be visible to others.<br />But when you use POST method,<br />See that the parameter value is not visible so others, so it’s more secure.<br />The way the parameter passed and executed is the same though.<br />In web application, there are two processes that will always occur. These two processes are request and response. Request means that web browser ask to the server to get something or permission for the next process. After that, server will response it and return it as an acknowledge.<br />There are many programs which could check how to see the process of request and response from the web browser. One of the examples in this case is by using Burp Suite.<br />It uses a proxy access so that every the configured web browser wants to go out it must go through the gate (proxy) first.<br />First of all, configure the web browser proxy access:<br />After that set the Burp Suit in this option, set the proxy for the exact number:<br />This is the example of login page web:<br />After login to the web, Burp Suite captures the request process:<br />This is the response from login page :<br />It capture capture every single parameters from its process :<br />It also has an example of another login page:<br />