introduction to servlet
DESCRIPTION
gw ganteng gg tq.TRANSCRIPT
WEEK 2
SERVLET
Dio Yudhista-1301026565
Yogi Iswantelly Suryadinata-1301025833
04PAC
Introduction to SERVLET
A Servlet is an object that receives a request and generates a response based on that request. (wikipedia)
In my opinion servlet is a container for java so that we can implement java in the web.
See below
Do you understand what the picture mean?
It means that the interface that is the browser will send request and the servlet will give response to the browser,
It is like when you request food in the food stall then you will get the response from the waiter, servlet basically works like that too.
How the request and response work it’s just like what the book pictured,
Then, why choose servlet instead of other traditional CGI (common gateway interface)?
First, efficient: because java servlet is a lightweight thread
Second, convenient: hey, you already know java. Why bother learning other when java is used in almost every where
Third, powerful: java servlet let you do several things that difficult or impossible with regular CGI, example can talk directly to the web server
Fourth, portable: servlet is written in java and follow a well-standardized API
Last but not least, inexpensive: basically free and cheap that what people likes right.
JSP
When you working with servlet, you basically working with JSP too. What is JSP?
JSP is Java Server Page; it’s a combination of html page with java servlet, so basically we write our html code in JSP.
First SERVLET
Why don’t we just started by creating a simple servlet that printing hello world.
(Note: you must setting up the tomcat first if this is your first time playing with java servlet)
1. Select file -> new project
2. Choose Java Web project -> web application
3. Give whatever name, click next
4. Choose Apache Tomcat server and java EE 5, then click finish
5. Right click on your newly created project and choose new -> servlet ,
6. then automatically it creates servlet under source package, in my case I name my servlet as firstServlet
7. after this open the index.jsp and try to create a simple form that contain a submit button that using method get and action yourServletName.java
Something like:
If you confused then use:
To create a simple submit button.
Java servlet have two methods, get and post, here we use get, we will discuss this later, action is like redirecting your page, here after we press submit, then our page will be redirected to firstServlet.java
8. then open your servlet.java file and do this
9. Then run the project and try to click the submit button, you will get something like
That hello world actually is your servlet page that you created in step 8
See the title
And you have done your first servlet!!
Handling Form Data/Parameter
In here we will try to learn how to pass and get the parameter form JSP page to servlet, this is useful for example for passing username and password value.
We pass parameter by giving name to the correspondent text field that we create then pass it to the servlet, and in the servlet gw get the parameter and processing it.
First, let’s start by creating new Project and adding form and submit button like this
Do you know how to creating text field in html?
(Lets the student answer)
By adding another input inside the form
It means that anything type inside the text box in the name will be passed to the servlet with parameter name as paramName.
Second, open your servlet.java and try to get the parameter name that already passed by doing this
In here we use string because we pass text value in our JSP file, and request.getParameter(“paramName”)
is how we get the passed parameter.
For proof we add another code that print the String name value to the servlet
Then you can run the project.
In here I put name “test” to the text box
Then I clicked submit button, and what I get is
Text “test” form the previous page.
EXERCISE
To test your understanding let’s do an exercise based on what we have learn.
1. Try to create something looks like a login page that when you fill the Name parameter as admin you will redirect to the servlet and showing the “admin” word in the servlet page, otherwise go to the login page. Use the method above.
2. Try to create a simple sum program, for example you have 2 parameter A and B, you put the value for example A = 1 and B = 2, then you click submit button, then in the servlet page, you sum the Value A and B and show the result.
Answer:
1. Index.jsp
Servlet.java
If correct, then it will show
If wrong, it will go directly to the index.jsp page again
2.
Index.jsp
Servlet.java
Run the project,
Index.jsp
Servlet.jsp
POST & GET
In the exercise we still use method get in the form in index.jsp, the different is not much but crucial, why crucial?
Because when you use GET method, the parameter value that you past will be shown in the url,
It’s dangerous when you creating a login page that contain username and password, because your username and password will be visible to others.
But when you use POST method,
See that the parameter value is not visible so others, so it’s more secure.
The way the parameter passed and executed is the same though.
In web application, there are two processes that will always occur. These two processes are request and response. Request means that web browser ask to the server to get something or permission for the next process. After that, server will response it and return it as an acknowledge.
There are many programs which could check how to see the process of request and response from the web browser. One of the examples in this case is by using Burp Suite.
It uses a proxy access so that every the configured web browser wants to go out it must go through the gate (proxy) first.
First of all, configure the web browser proxy access:
After that set the Burp Suit in this option, set the proxy for the exact number:
This is the example of login page web:
After login to the web, Burp Suite captures the request process:
This is the response from login page :
It capture capture every single parameters from its process :
It also has an example of another login page: