Books
in black and white
Main menu
Share a book About us Home
Books
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics
Ads

More Java Pitfalls Share Reactor - Daconta M,C.

Daconta M,C. More Java Pitfalls Share Reactor - Wiley publishing, 2003. - 476 p.
ISBN: 0-471-23751-5
Download (direct link): morejavapitfallssharereactor2003.pdf
Previous << 1 .. 111 112 113 114 115 116 < 117 > 118 119 120 121 122 123 .. 166 >> Next

Lines 28 and 29, while commented out, are shown as an example of something not to do. On first glance, forward seems to be a better solution to our problem because it does not cause a round-trip to the browser and back. However, forward comes at a price: The new session ID is not attached to the URL. Using forward in Listing 36.3 would cause the servlet to be called over and over in a loop and ultimately kill the application server.
The JavaScript/servlet implementation described above is okay for many situations, but I've been on several programs that wanted to limit the amount of JavaScript used on their deployments, so I thought it would beneficial to include an example that satisfies that requirement. In the example below, a controller servlet will be used to prohibit multiple user form requests using the Front Controller pattern.
01: package org.javapitfalls.item3 6; 02:
03: import java.io.*;
WARNING
Listing 36.4 ControllerServletjava (continued)
322 Item 36
04 import java.util.*;
05 import javax.servlet.*;
06 import javax.servlet.http.*;
07 import org.javapitfalls.item36.*;
08
09 public class ControllerServlet extends HttpServlet {
10
11 private static String SESSION_ID;
12
13 public void destroy() {}
Listing 36.4 (continued)
Our application reads an id tag and its initial value from the deployment descriptor embedded in the param-name and param-value tags in Listing 36.5 on lines 29 and 30. This read operation takes place in the init() method on line 17 of the controller servlet in Listing 36.4 and will be used to identify the user session. The controller application uses three parameters: numTickets, stadiumTier, and ticketPrice, as data items to process from the ticketForm application shown in Listing 36.4. The getNamedDispatcher forwards all requests by the name mappings specified in the deployment descriptor. The form request associates the ticketForm.jsp with the "form" label on line 44 of the web.xml in Listing 36.5. This method is preferred over dispatching requests by application path descriptions because this exposes the path information to the client, which could present a safety concern. Additionally, it is a good practice to migrate applications and their dependencies to the deployment descriptor so that modifications can be made more easily.
14
15 public void init() throws ServletException {
16
17 SESSION_ID = getInitParameter("id");
18
19 }
20
21 protected void doGet(HttpServletRequest req, HttpServletResponse
res) throws ServletException, IOException {
22
23 process(req, res);
24
25 }
26
27 protected void process(HttpServletRequest req,
28 HttpServletResponse res)
29 throws ServletException, IOException {
30
Listing 36.4 (continued)
Too Many Submits 323
31 HttpSession session = req.getSession(false);
32 String numTickets = req.getParameter("numTickets");
33 String stadiumTier = req.getParameter("stadiumTier");
34 String ticketPrice = req.getParameter("ticketPrice");
35 if(session == null) {
36 if( (numTickets == null) || (stadiumTier == null) ||
37 (ticketPrice == null) ) {
38
39 getServletConfig().getServletContext().
40 getNamedDispatcher("form").forward(req, res);
41
42 } else {
43 throw new ServletException("[form] Page Not Found")
44 }
45
46 } else {
47
48 if ( (InumTickets .equals("Please enter a Ticket #")) &&
49 (IstadiumTier. equals("Please enter a Stadium Tier )) &&
50 (IticketPrice. equals("Please enter a Ticket Price )) ) {
51
Listing 36.4 (continued)
The session.getAttribute operation on line 52 reads the ID name captured in the init method on line 17 during the initialization of the controller servlet. This ID, SESSION_ID, will serve as the session identifier for the submit page. If the user has entered all the proper form information on the ticketForm page, and the session ID is not null, then the controller will remove the ID and forward the application to the successful completion page. When the form has been properly completed and the session ID is equal to null, then the user will be forwarded to the error page that indicates that the ticketForm has already been completed satisfactorily and cannot be resubmitted.
52 String sessionValidatorlD =
53 (String)session.getAttribute(SESSION_ID);
54 if(sessionValidatorID I= null ) {
55
56 session.removeAttribute(SESSION_ID);
57 getServletConfig().getServletContext().
58 getNamedDispatcher("success").forward(req, res);
59
60 } else {
61 getServletConfig().getServletContext().
62 getNamedDispatcher("resubmit").forward(req, res);
63 }
64
Listing 36.4 (continued)
324 Item 36
65 } else {
66
67 getServletConfig().getServletContext().
68 getNamedDispatcher("form").forward(req, res);
69 }
70
71 }
72 }
73
74 }
75
Listing 36.4 (continued)
Lastly, the deployment descriptor exhibits the application's mappings that allow requests to be forwarded and processed by the controller. As mentioned earlier, the session ID token is read from the parameter tags on lines 25 and 26 of Listing 35.5. The JavaServer Pages that are used for presentation are shown on lines 42 to 55. When the controller uses the getNamedDispatcher method, a label is passed that is associated with a JSP script. When a user attempts to resubmit the ticketForm page, the resubmit label is passed through controller, which forwards control to the resubmit error page (resubmitError.jsp).
Previous << 1 .. 111 112 113 114 115 116 < 117 > 118 119 120 121 122 123 .. 166 >> Next