SlideShare a Scribd company logo

Hands-On Java web passando por Servlets, JSP, JSTL, JDBC, Hibernate, DAO, MVC, etc

Mario Jorge Pereira
Mario Jorge Pereira

Material sobre Java WEB super mão na massa. Vou construindo e alterando uma aplicação durante a apresentação os assuntos cobertos são: Java Servlet Java Server Pages - JSP JavaServer Pages Standard Tag Library - JSTL Expression Language - EL Java Database Connectivity - JDBC Data Access Object - DAO Model View Controller - MVC Hibernate ... Apresento também formas de fugir do sqlinjection

EducationTechnology
1 of 47
Download to read offline
MVC/DAO JSP/JSTL/EL JDBC/ORM
java web Mario Jorge Pereira
14 20 13 20 12 20 11 20 10 20 09 20 08 20 07 20 06 20 05 20 04 20 03 20 02 20
Agenda • Java Servlet • Java Server Pages - JSP • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL • Java Database Connectivity - JDBC • Data Access Object - DAO • Model View Controller - MVC • Hibernate
JSP
i g lo p js . n versão 1.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“home.jsp"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> </body> </html>
p js . e versão 1.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("login")%> </body> </html>
Servlet
Autenticador.java versão 2.0 package br.com.mariojp; ! import import import import ! java.io.*; javax.servlet.*; javax.servlet.annotation.*; javax.servlet.http.*; Regra: 
 Se o login igual a senha esta ok! @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String login = request.getParameter("login"); String senha = request.getParameter("senha"); if(login!=null && senha!=null && login.equalsIgnoreCase(senha)){ response.sendRedirect("home.jsp?user="+login); }else{ String erro = "Usuario ou Senha Invalidos!"; response.sendRedirect("login.jsp?erro="+erro); } }
i g lo p js . n versão 2.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = request.getParameter("erro"); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html> Aciona o servlet Apresenta o erro de login
p js . e versão 2.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("user")%> </body> </html>
MVC
U .j io r a u s a v a package br.com.mariojp; ! versão 3.0 public class Usuario { private Integer id; private String login; private String senha; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getLogin() { return login; } public void setNome(String login) { this.login = login; } public String getSenha() { return senha; } public void setSenha(String senha) { this.senha = senha; } }
Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } private boolean autenticar(Usuario user) {...} ! }
Autenticador.java versão 3.0 ! private boolean autenticar(Usuario user) { boolean autenticado = false; if(user.getLogin()!=null && user.getSenha()!=null && user.getLogin().equals(user.getSenha())){ autenticado = true; } return autenticado; }
i g lo p js . n versão 3.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = (String) request.getAttribute(“erro”); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html>
m o h p js . e versão 3.0 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <html> <head> <title>HOME</title> </head> <body> <% Usuario user = (Usuario) session.getAttribute("user");%> Bem vindo, <%=user.getLogin() %> </body> </html>
Revisão Rapida • Java Servlet • Java Server Pages - JSP • Model View Controller - MVC
E agora? • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL
WEB-INFlib • javax-1.servlet.jsp.jstl-1.2.1.jar • javax-1.servlet.jsp.jstl-api-1.2.1.jar
i g lo p js . n versão 3.1 <!DOCTYPE html> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <c:out value="${erro}"/> </body> </html>
m o h p js . e versão 3.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
JDBC
HSQLDB java -cp hsqldb.jar org.hsqldb.server.Server -database.0 file:mydb --dbname.0 banco
HSQL Database Manager ! Type: HSQL Database Engine Server Driver: org.hsqldb.jdbcDriver URL: jdbc:hsqldb:hsql://localhost/banco User: SA
HSQLDB CREATE TABLE USUARIOS ( USUARIO_ID INTEGER IDENTITY, LOGIN varchar(100) NOT NULL , SENHA varchar(100) NOT NULL ) ; ! INSERT INTO USUARIOS ( "LOGIN", "SENHA" ) VALUES ('user', ‘1234’); ! SELECT * FROM USUARIOS;
WEB-INFlib • hsqldb.jar
BancoUtil.java package br.com.mariojp; versão 4.0 ! import java.sql.Connection; import java.sql.DriverManager; ! public class BancoUtil { private static Connection connection; static { try { Class.forName("org.hsqldb.jdbc.JDBCDriver" ); connection = DriverManager.getConnection( "jdbc:hsqldb:hsql://localhost/banco", "SA", ""); } catch (Exception e) { e.printStackTrace(); } } public static Connection getConnection() { return connection; } }
Autenticador.java versão 4.0 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { Statement stmt = con.createStatement(); ResultSet resultSet = stmt.executeQuery( "select * from usuarios where "+ "login='"+user.getLogin().trim()+"' and "+ "senha='"+user.getSenha().trim()+"';" ); if(resultSet.next()){ autenticado = true; } resultSet.close(); stmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
Segurança • Voce consegue acessar o home.jsp? • Pela url • Sql Injection
m o h p js . e versão 4.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> <c:if test="${user.login == null}"> <c:redirect url=“login.jsp" /> </c:if> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
Teste? • Use Login = 123 e Senha = ' or '1' = ‘1 • Use Login = ' OR 1=1 --
Autenticador.java versão 4.1 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where " + "login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
DAO
package br.com.mariojp; versão 5.0 ! import import import import java.sql.Connection; java.sql.PreparedStatement; java.sql.ResultSet; java.sql.SQLException; ! public class UsuarioDAO { ! } public boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; } UsuarioDAO.java
Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { private UsuarioDAO usuarioDAO = new UsuarioDAO(); protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(usuarioDAO.autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } }
Hibernate • Framework de mapeamento objeto relacional
WEB-INFlib • hibernate-core-4.3.0.Final.jar • antlr-2.7.7.jar • dom4j-1.6.1.jar • hibernate-commons-annotations-4.0.4.Final.jar • hibernate-jpa-2.1-api-1.0.0.Final.jar • jandex-1.1.0.Final.jar • javassist-3.18.1-GA.jar • jboss-logging-3.1.3.GA.jar • jboss-logging-annotations-1.2.0.Beta1.jar • jboss-transaction-api_1.2_spec-1.0.0.Final.jar
package br.com.mariojp; versão 6.0 ! import java.io.Serializable; Usuario.java ! import import import import javax.persistence.Entity; javax.persistence.GeneratedValue; javax.persistence.Id; javax.persistence.Table; ! @Entity @Table(name="usuarios") public class Usuario implements Serializable{ private static final long serialVersionUID = 1L; ! @Id @GeneratedValue private Integer id; ! } private String login; private String senha; //get’s e set's
package br.com.mariojp; versão 6.0 ! import import import import org.hibernate.SessionFactory; org.hibernate.boot.registry.StandardServiceRegistryBuilder; org.hibernate.cfg.Configuration; org.hibernate.service.ServiceRegistry; ! public class BancoUtil { private static SessionFactory factory; ! static { Configuration configuration = new Configuration().configure(); StandardServiceRegistryBuilder serviceRegistryBuilder; serviceRegistryBuilder = new StandardServiceRegistryBuilder(); serviceRegistryBuilder.applySettings(configuration.getProperties()); ServiceRegistry serviceRegistry = serviceRegistryBuilder.build(); factory = configuration.buildSessionFactory(serviceRegistry); ! } ! ! } public static SessionFactory getFactory() { return factory; } BancoUtil.java
package br.com.mariojp; versão 6.0 ! import org.hibernate.Session; ! public class UsuarioDAO { ! public boolean autenticar(Usuario user) { ! String query = "select u from Usuario as u where " + "u.login=:login and u.senha=:senha"; Session session = BancoUtil.getFactory().openSession(); session.beginTransaction(); Usuario usuario = (Usuario) session .createQuery(query) .setString("login", user.getLogin()) .setString("senha", user.getSenha()).uniqueResult(); session.getTransaction().commit(); session.close(); return usuario != null; ! } ! } UsuarioDAO.java
versão 6.0 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> <hibernate-configuration > <session-factory> <property name="hibernate.connection.driver_class">org.hsqldb.jdbc.JDBCDriver</property> <property name="hibernate.connection.url">jdbc:hsqldb:hsql://localhost/ banco</property> <property name="hibernate.connection.username">SA</property> <property name="hibernate.connection.password"></property> <property name="hibernate.connection.pool_size">1</property> <property name="hibernate.dialect">org.hibernate.dialect.HSQLDialect</ property> <property name="hibernate.current_session_context_class">thread</property> <property name="hibernate.cache.provider_class">org.hibernate.cache.internal.NoCacheProv ider</property> <!-- Echo all executed SQL to stdout --> <property name="hibernate.show_sql">true</property> <!-- Drop and re-create the database schema on startup --> <property name="hibernate.hbm2ddl.auto">create</property> <mapping class="br.com.mariojp.Usuario"/> </session-factory> </hibernate-configuration> hibernate.cfg.xml
Esta obra está licenciada sob a licença Creative Commons Atribuição-CompartilhaIgual 3.0 Não Adaptada. Para ver uma cópia desta licença, visite http://creativecommons.org/licenses/by-sa/3.0/.
Java web Mario Jorge Pereira Como me encontrar? http://www.mariojp.com.br twitter.com/@mariojp mariojp@gmail.com

Recommended

Fundamentos de JDBC
Fundamentos de JDBCFundamentos de JDBC
Fundamentos de JDBCMario Jorge Pereira
 
Spring boot Introduction
Spring boot IntroductionSpring boot Introduction
Spring boot Introduction
Jeevesh Pandey
 
Java Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepJava Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepGuo Albert
 
PUC SE Day 2019 - SpringBoot
PUC SE Day 2019 - SpringBootPUC SE Day 2019 - SpringBoot
PUC SE Day 2019 - SpringBoot
Josué Neis
 
Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )
Daniel Rene FOUOMENE PEWO
 
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
ENSET, Université Hassan II Casablanca
 
Spring Boot
Spring BootSpring Boot
Spring Boot
Jaran Flaath
 
REST APIs with Spring
REST APIs with SpringREST APIs with Spring
REST APIs with Spring
Joshua Long
 

Recommended

Fundamentos de JDBC
Fundamentos de JDBCFundamentos de JDBC
Fundamentos de JDBCMario Jorge Pereira
 
Spring boot Introduction
Spring boot IntroductionSpring boot Introduction
Spring boot Introduction
Jeevesh Pandey
 
Java Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepJava Persistence API (JPA) Step By Step
Java Persistence API (JPA) Step By StepGuo Albert
 
PUC SE Day 2019 - SpringBoot
PUC SE Day 2019 - SpringBootPUC SE Day 2019 - SpringBoot
PUC SE Day 2019 - SpringBoot
Josué Neis
 
Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )
Daniel Rene FOUOMENE PEWO
 
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
Développement d'un site web jee de e commerce basé sur spring (m.youssfi)
ENSET, Université Hassan II Casablanca
 
Spring Boot
Spring BootSpring Boot
Spring Boot
Jaran Flaath
 
REST APIs with Spring
REST APIs with SpringREST APIs with Spring
REST APIs with Spring
Joshua Long
 
Spring Data JPA
Spring Data JPASpring Data JPA
Spring Data JPACheng Ta Yeh
 
Introduction to Spring Boot!
Introduction to Spring Boot!Introduction to Spring Boot!
Introduction to Spring Boot!Jakub Kubrynski
 
Reactjs
Reactjs Reactjs
Reactjs
Neha Sharma
 
Spring Boot
Spring BootSpring Boot
Spring Boot
Pei-Tang Huang
 
Spring boot
Spring bootSpring boot
Spring boot
sdeeg
 
Java11 New Features
Java11 New FeaturesJava11 New Features
Java11 New Features
Haim Michael
 
Introduction to React JS for beginners
Introduction to React JS for beginners Introduction to React JS for beginners
Introduction to React JS for beginners
Varun Raj
 
Spring AOP
Spring AOPSpring AOP
Spring AOP
AnushaNaidu
 
Spring annotation
Spring annotationSpring annotation
Spring annotationRajiv Srivastava
 
Use Node.js to create a REST API
Use Node.js to create a REST APIUse Node.js to create a REST API
Use Node.js to create a REST API
Fabien Vauchelles
 
Springboot introduction
Springboot introductionSpringboot introduction
Springboot introduction
Sagar Verma
 
React + Redux Introduction
React + Redux IntroductionReact + Redux Introduction
React + Redux Introduction
Nikolaus Graf
 
Spring Core
Spring CoreSpring Core
Spring Core
Pushan Bhattacharya
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring boot
Antoine Rey
 
Servlets
ServletsServlets
Servlets
Sasidhar Kothuru
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introduction
Rasheed Waraich
 
Spring boot
Spring bootSpring boot
Spring boot
Pradeep Shanmugam
 
Java 8 Lambda and Streams
Java 8 Lambda and StreamsJava 8 Lambda and Streams
Java 8 Lambda and Streams
Venkata Naga Ravi
 
Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기
경원 이
 
Spring data jpa
Spring data jpaSpring data jpa
Spring data jpa
Jeevesh Pandey
 
Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial Generativa
Mario Jorge Pereira
 
Labs Jogos Java
Labs Jogos JavaLabs Jogos Java
Labs Jogos Java
Mario Jorge Pereira
 

More Related Content

What's hot

Introduction to Spring Boot!
Introduction to Spring Boot!Introduction to Spring Boot!
Introduction to Spring Boot!Jakub Kubrynski
 
Reactjs
Reactjs Reactjs
Reactjs
Neha Sharma
 
Spring Boot
Spring BootSpring Boot
Spring Boot
Pei-Tang Huang
 
Spring boot
Spring bootSpring boot
Spring boot
sdeeg
 
Java11 New Features
Java11 New FeaturesJava11 New Features
Java11 New Features
Haim Michael
 
Introduction to React JS for beginners
Introduction to React JS for beginners Introduction to React JS for beginners
Introduction to React JS for beginners
Varun Raj
 
Spring AOP
Spring AOPSpring AOP
Spring AOP
AnushaNaidu
 
Use Node.js to create a REST API
Use Node.js to create a REST APIUse Node.js to create a REST API
Use Node.js to create a REST API
Fabien Vauchelles
 
Springboot introduction
Springboot introductionSpringboot introduction
Springboot introduction
Sagar Verma
 
React + Redux Introduction
React + Redux IntroductionReact + Redux Introduction
React + Redux Introduction
Nikolaus Graf
 
Spring Core
Spring CoreSpring Core
Spring Core
Pushan Bhattacharya
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring boot
Antoine Rey
 
Servlets
ServletsServlets
Servlets
Sasidhar Kothuru
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introduction
Rasheed Waraich
 
Spring boot
Spring bootSpring boot
Spring boot
Pradeep Shanmugam
 
Java 8 Lambda and Streams
Java 8 Lambda and StreamsJava 8 Lambda and Streams
Java 8 Lambda and Streams
Venkata Naga Ravi
 
Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기
경원 이
 
Spring data jpa
Spring data jpaSpring data jpa
Spring data jpa
Jeevesh Pandey
 

What's hot (20)

Spring Data JPA
Spring Data JPASpring Data JPA
Spring Data JPA
 
Introduction to Spring Boot!
Introduction to Spring Boot!Introduction to Spring Boot!
Introduction to Spring Boot!
 
Reactjs
Reactjs Reactjs
Reactjs
 
Spring Boot
Spring BootSpring Boot
Spring Boot
 
Spring boot
Spring bootSpring boot
Spring boot
 
Java11 New Features
Java11 New FeaturesJava11 New Features
Java11 New Features
 
Introduction to React JS for beginners
Introduction to React JS for beginners Introduction to React JS for beginners
Introduction to React JS for beginners
 
Spring AOP
Spring AOPSpring AOP
Spring AOP
 
Spring annotation
Spring annotationSpring annotation
Spring annotation
 
Use Node.js to create a REST API
Use Node.js to create a REST APIUse Node.js to create a REST API
Use Node.js to create a REST API
 
Springboot introduction
Springboot introductionSpringboot introduction
Springboot introduction
 
React + Redux Introduction
React + Redux IntroductionReact + Redux Introduction
React + Redux Introduction
 
Spring Core
Spring CoreSpring Core
Spring Core
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring boot
 
Servlets
ServletsServlets
Servlets
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introduction
 
Spring boot
Spring bootSpring boot
Spring boot
 
Java 8 Lambda and Streams
Java 8 Lambda and StreamsJava 8 Lambda and Streams
Java 8 Lambda and Streams
 
Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기Jpa 잘 (하는 척) 하기
Jpa 잘 (하는 척) 하기
 
Spring data jpa
Spring data jpaSpring data jpa
Spring data jpa
 

More from Mario Jorge Pereira

Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial Generativa
Mario Jorge Pereira
 
Labs Jogos Java
Labs Jogos JavaLabs Jogos Java
Labs Jogos Java
Mario Jorge Pereira
 
Java www
Java wwwJava www
Java www
Mario Jorge Pereira
 
Html
HtmlHtml
Html
Mario Jorge Pereira
 
HTTP
HTTPHTTP
HTTP
Mario Jorge Pereira
 
Lógica de Programação e Algoritmos
Lógica de Programação e AlgoritmosLógica de Programação e Algoritmos
Lógica de Programação e Algoritmos
Mario Jorge Pereira
 
Guia rapido java v2
Guia rapido java v2Guia rapido java v2
Guia rapido java v2
Mario Jorge Pereira
 
Guia Rápido de Referência Java
Guia Rápido de Referência JavaGuia Rápido de Referência Java
Guia Rápido de Referência Java
Mario Jorge Pereira
 
Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015 Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015
Mario Jorge Pereira
 
Java Nuvem Appengine
Java Nuvem AppengineJava Nuvem Appengine
Java Nuvem Appengine
Mario Jorge Pereira
 
Mini curso Android
Mini curso AndroidMini curso Android
Mini curso Android
Mario Jorge Pereira
 
Java Server Faces
Java Server FacesJava Server Faces
Java Server Faces
Mario Jorge Pereira
 
Minicurso Android
Minicurso AndroidMinicurso Android
Minicurso Android
Mario Jorge Pereira
 
Android, por onde começar?
Android, por onde começar?Android, por onde começar?
Android, por onde começar?
Mario Jorge Pereira
 
Android e Cloud Computing
Android e Cloud ComputingAndroid e Cloud Computing
Android e Cloud Computing
Mario Jorge Pereira
 
Threads
ThreadsThreads
Threads
Mario Jorge Pereira
 
RMI (Remote Method Invocation)
RMI (Remote Method Invocation) RMI (Remote Method Invocation)
RMI (Remote Method Invocation)
Mario Jorge Pereira
 
Socket
SocketSocket
Socket
Mario Jorge Pereira
 
Java e Cloud Computing
Java e Cloud ComputingJava e Cloud Computing
Java e Cloud Computing
Mario Jorge Pereira
 
GUI - Eventos
GUI - EventosGUI - Eventos
GUI - Eventos
Mario Jorge Pereira
 

More from Mario Jorge Pereira (20)

Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial Generativa
 
Labs Jogos Java
Labs Jogos JavaLabs Jogos Java
Labs Jogos Java
 
Java www
Java wwwJava www
Java www
 
Html
HtmlHtml
Html
 
HTTP
HTTPHTTP
HTTP
 
Lógica de Programação e Algoritmos
Lógica de Programação e AlgoritmosLógica de Programação e Algoritmos
Lógica de Programação e Algoritmos
 
Guia rapido java v2
Guia rapido java v2Guia rapido java v2
Guia rapido java v2
 
Guia Rápido de Referência Java
Guia Rápido de Referência JavaGuia Rápido de Referência Java
Guia Rápido de Referência Java
 
Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015 Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015
 
Java Nuvem Appengine
Java Nuvem AppengineJava Nuvem Appengine
Java Nuvem Appengine
 
Mini curso Android
Mini curso AndroidMini curso Android
Mini curso Android
 
Java Server Faces
Java Server FacesJava Server Faces
Java Server Faces
 
Minicurso Android
Minicurso AndroidMinicurso Android
Minicurso Android
 
Android, por onde começar?
Android, por onde começar?Android, por onde começar?
Android, por onde começar?
 
Android e Cloud Computing
Android e Cloud ComputingAndroid e Cloud Computing
Android e Cloud Computing
 
Threads
ThreadsThreads
Threads
 
RMI (Remote Method Invocation)
RMI (Remote Method Invocation) RMI (Remote Method Invocation)
RMI (Remote Method Invocation)
 
Socket
SocketSocket
Socket
 
Java e Cloud Computing
Java e Cloud ComputingJava e Cloud Computing
Java e Cloud Computing
 
GUI - Eventos
GUI - EventosGUI - Eventos
GUI - Eventos
 

Hands-On Java web passando por Servlets, JSP, JSTL, JDBC, Hibernate, DAO, MVC, etc

  • 2.
  • 5. Agenda • Java Servlet • Java Server Pages - JSP • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL • Java Database Connectivity - JDBC • Data Access Object - DAO • Model View Controller - MVC • Hibernate
  • 6. JSP
  • 7. i g lo p js . n versão 1.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“home.jsp"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> </body> </html>
  • 8. p js . e versão 1.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("login")%> </body> </html>
  • 10. Autenticador.java versão 2.0 package br.com.mariojp; ! import import import import ! java.io.*; javax.servlet.*; javax.servlet.annotation.*; javax.servlet.http.*; Regra: 
 Se o login igual a senha esta ok! @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String login = request.getParameter("login"); String senha = request.getParameter("senha"); if(login!=null && senha!=null && login.equalsIgnoreCase(senha)){ response.sendRedirect("home.jsp?user="+login); }else{ String erro = "Usuario ou Senha Invalidos!"; response.sendRedirect("login.jsp?erro="+erro); } }
  • 11. i g lo p js . n versão 2.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = request.getParameter("erro"); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html> Aciona o servlet Apresenta o erro de login
  • 12. p js . e versão 2.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("user")%> </body> </html>
  • 13. MVC
  • 14. U .j io r a u s a v a package br.com.mariojp; ! versão 3.0 public class Usuario { private Integer id; private String login; private String senha; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getLogin() { return login; } public void setNome(String login) { this.login = login; } public String getSenha() { return senha; } public void setSenha(String senha) { this.senha = senha; } }
  • 15. Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } private boolean autenticar(Usuario user) {...} ! }
  • 16. Autenticador.java versão 3.0 ! private boolean autenticar(Usuario user) { boolean autenticado = false; if(user.getLogin()!=null && user.getSenha()!=null && user.getLogin().equals(user.getSenha())){ autenticado = true; } return autenticado; }
  • 17. i g lo p js . n versão 3.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = (String) request.getAttribute(“erro”); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html>
  • 18. m o h p js . e versão 3.0 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <html> <head> <title>HOME</title> </head> <body> <% Usuario user = (Usuario) session.getAttribute("user");%> Bem vindo, <%=user.getLogin() %> </body> </html>
  • 19. Revisão Rapida • Java Servlet • Java Server Pages - JSP • Model View Controller - MVC
  • 20. E agora? • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL
  • 22. i g lo p js . n versão 3.1 <!DOCTYPE html> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <c:out value="${erro}"/> </body> </html>
  • 23. m o h p js . e versão 3.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
  • 24. JDBC
  • 25. HSQLDB java -cp hsqldb.jar org.hsqldb.server.Server -database.0 file:mydb --dbname.0 banco
  • 26. HSQL Database Manager ! Type: HSQL Database Engine Server Driver: org.hsqldb.jdbcDriver URL: jdbc:hsqldb:hsql://localhost/banco User: SA
  • 27. HSQLDB CREATE TABLE USUARIOS ( USUARIO_ID INTEGER IDENTITY, LOGIN varchar(100) NOT NULL , SENHA varchar(100) NOT NULL ) ; ! INSERT INTO USUARIOS ( "LOGIN", "SENHA" ) VALUES ('user', ‘1234’); ! SELECT * FROM USUARIOS;
  • 29. BancoUtil.java package br.com.mariojp; versão 4.0 ! import java.sql.Connection; import java.sql.DriverManager; ! public class BancoUtil { private static Connection connection; static { try { Class.forName("org.hsqldb.jdbc.JDBCDriver" ); connection = DriverManager.getConnection( "jdbc:hsqldb:hsql://localhost/banco", "SA", ""); } catch (Exception e) { e.printStackTrace(); } } public static Connection getConnection() { return connection; } }
  • 30. Autenticador.java versão 4.0 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { Statement stmt = con.createStatement(); ResultSet resultSet = stmt.executeQuery( "select * from usuarios where "+ "login='"+user.getLogin().trim()+"' and "+ "senha='"+user.getSenha().trim()+"';" ); if(resultSet.next()){ autenticado = true; } resultSet.close(); stmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
  • 31. Segurança • Voce consegue acessar o home.jsp? • Pela url • Sql Injection
  • 32. m o h p js . e versão 4.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> <c:if test="${user.login == null}"> <c:redirect url=“login.jsp" /> </c:if> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
  • 33. Teste? • Use Login = 123 e Senha = ' or '1' = ‘1 • Use Login = ' OR 1=1 --
  • 34. Autenticador.java versão 4.1 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where " + "login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
  • 35. DAO
  • 36. package br.com.mariojp; versão 5.0 ! import import import import java.sql.Connection; java.sql.PreparedStatement; java.sql.ResultSet; java.sql.SQLException; ! public class UsuarioDAO { ! } public boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; } UsuarioDAO.java
  • 37. Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { private UsuarioDAO usuarioDAO = new UsuarioDAO(); protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(usuarioDAO.autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } }
  • 38.
  • 39. Hibernate • Framework de mapeamento objeto relacional
  • 40. WEB-INFlib • hibernate-core-4.3.0.Final.jar • antlr-2.7.7.jar • dom4j-1.6.1.jar • hibernate-commons-annotations-4.0.4.Final.jar • hibernate-jpa-2.1-api-1.0.0.Final.jar • jandex-1.1.0.Final.jar • javassist-3.18.1-GA.jar • jboss-logging-3.1.3.GA.jar • jboss-logging-annotations-1.2.0.Beta1.jar • jboss-transaction-api_1.2_spec-1.0.0.Final.jar
  • 41. package br.com.mariojp; versão 6.0 ! import java.io.Serializable; Usuario.java ! import import import import javax.persistence.Entity; javax.persistence.GeneratedValue; javax.persistence.Id; javax.persistence.Table; ! @Entity @Table(name="usuarios") public class Usuario implements Serializable{ private static final long serialVersionUID = 1L; ! @Id @GeneratedValue private Integer id; ! } private String login; private String senha; //get’s e set's
  • 42. package br.com.mariojp; versão 6.0 ! import import import import org.hibernate.SessionFactory; org.hibernate.boot.registry.StandardServiceRegistryBuilder; org.hibernate.cfg.Configuration; org.hibernate.service.ServiceRegistry; ! public class BancoUtil { private static SessionFactory factory; ! static { Configuration configuration = new Configuration().configure(); StandardServiceRegistryBuilder serviceRegistryBuilder; serviceRegistryBuilder = new StandardServiceRegistryBuilder(); serviceRegistryBuilder.applySettings(configuration.getProperties()); ServiceRegistry serviceRegistry = serviceRegistryBuilder.build(); factory = configuration.buildSessionFactory(serviceRegistry); ! } ! ! } public static SessionFactory getFactory() { return factory; } BancoUtil.java
  • 43. package br.com.mariojp; versão 6.0 ! import org.hibernate.Session; ! public class UsuarioDAO { ! public boolean autenticar(Usuario user) { ! String query = "select u from Usuario as u where " + "u.login=:login and u.senha=:senha"; Session session = BancoUtil.getFactory().openSession(); session.beginTransaction(); Usuario usuario = (Usuario) session .createQuery(query) .setString("login", user.getLogin()) .setString("senha", user.getSenha()).uniqueResult(); session.getTransaction().commit(); session.close(); return usuario != null; ! } ! } UsuarioDAO.java
  • 44. versão 6.0 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> <hibernate-configuration > <session-factory> <property name="hibernate.connection.driver_class">org.hsqldb.jdbc.JDBCDriver</property> <property name="hibernate.connection.url">jdbc:hsqldb:hsql://localhost/ banco</property> <property name="hibernate.connection.username">SA</property> <property name="hibernate.connection.password"></property> <property name="hibernate.connection.pool_size">1</property> <property name="hibernate.dialect">org.hibernate.dialect.HSQLDialect</ property> <property name="hibernate.current_session_context_class">thread</property> <property name="hibernate.cache.provider_class">org.hibernate.cache.internal.NoCacheProv ider</property> <!-- Echo all executed SQL to stdout --> <property name="hibernate.show_sql">true</property> <!-- Drop and re-create the database schema on startup --> <property name="hibernate.hbm2ddl.auto">create</property> <mapping class="br.com.mariojp.Usuario"/> </session-factory> </hibernate-configuration> hibernate.cfg.xml
  • 45.
  • 46. Esta obra está licenciada sob a licença Creative Commons Atribuição-CompartilhaIgual 3.0 Não Adaptada. Para ver uma cópia desta licença, visite http://creativecommons.org/licenses/by-sa/3.0/.
  • 47. Java web Mario Jorge Pereira Como me encontrar? http://www.mariojp.com.br twitter.com/@mariojp mariojp@gmail.com