Using HttpServletRequest getPathInfo() with <a href=""> - java

In my Java web application I am using the HttpServletRequest getPathInfo() method to get the path sent by a request to the Servlet.
My Servlet: Controller contains the following the following code:
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String action = request.getPathInfo();
RequestDispatcher dispatcher = null;
if(action.equals("/viewDetails"))
{
dispatcher = this.getServletContext().getRequestDispatcher("/viewDetails.jspx");
}
}
Here I am checking the what the action of the request is so that I can direct the user to the appropriate view.
Now in my loginForm.jspx I have a login form like this:
<form method="POST" action="http://localhost:8080/do/viewDetails">
This proceeds to the controller with the action: /viewDetails that the controller recognizes.
In my web.xml I have mapped the /do pattern to link to the Controller servlet. So whenever the /do path is found, the request gets sent to the Controller which determines where to go (as seen in the processRequest method).
Now the problem I am having is that when I try to link to the controller the same way in a HTML a tag, it doesn't work, for example:
View all details
Is there a way I can perform the same action with a href as I did with <form action...?
EDIT:
Screenshot of the browser when I click the View All Details link:

Related

Servlet forwarding

I'm using in my project the embebed jetty and came up with a few problems. I have these two pages:
índex.jsp
result.jsp
And these two servlets:
upload
search
In the índex.jsp there is a form to upload a file and the upload process in handle by the upload servlet but then I should return a message to the índex.jsp to tell if the upload was done.
request.setAttribute("message", "Upload Sucedded!");
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.jsp");
rd.forward(request, response);
This will forward the message to the índex page but the url will be /upload and I would like to be the índex. So there is some other way of struct my files and maybe make my welcome file some servlet instead of the índex.jsp?
This has nothing to do with Jetty. That's default behavior of forwarding.
Ugly solution:
If you want to rewrite your URL, use a redirect instead and pass the parameter by session. After displaying the message, remove it from session.
Better solution:
Change the name of your upload servlet by IndexServlet. This servlet will handle GET and POST requests for your index.jsp page. In the end of the processing, you will forward to your JSP page. By doing this, you can directly post the form to your current page:
<form action="index.jsp" method="POST" enctype="multipart/form-data">
<!-- your fields ... -->
</form>
Then your servlet:
#WebServlet("index.jsp")
public class IndexServlet extends HttpServlet {
//using ... to avoid parameters and exceptions to be thrown
#Override
public void doGet(...) throws ... {
//this method should only forward to your view
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.jsp");
rd.forward(request, response);
}
//using ... to avoid parameters and exceptions to be thrown
#Override
public void doPost(...) throws ... {
//current implementation...
//in the end, forward to the same view
request.setAttribute("message", "Upload Sucedded!");
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.jsp");
rd.forward(request, response);
}
}
More info:
Difference between JSP forward and redirect
The simplest solution would be to change upload servlet to use redirect and use request parameter instead of attribute like this:
// upload servlet
response.sendRedirect("index.jsp?message=YourMessage");
Then in index.jsp use request.getParameter("message") or EL to display your message.

How to reuse the code in servlet when mapping servlet from the jsp page

I have 2 links from jsp page which maps the same servlet (ViewEmployee.java) .I want to use the same doget method to fetch the employeee data but only the difference will be redirecting to different jsp pages
jsp code which maps the servlet
MODIFY EMPLOYEE
VIEW EMPLOYEE
The servlet code where i want to put an if condition
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
user=new UserDAO();
HttpSession session=request.getSession(true);
int empid=(int)session.getAttribute("EMPID");
employeeBean=user.fetchEmployeeDetails(empid);
request.setAttribute("employeebean", employeeBean);
//I want to put the if condition and want to redirect to different jsp page according to the link clicked by the user
request.getRequestDispatcher("com_viewuser.jsp").forward(request, response);
}
What should be my if condition to distinguish between the two
Pass a hidden variable from JSP to Servlet. Variable value should be unique for each page
In Servlet check that variable value like:
if(val==1) {
redirect to page 1;
}
if(val==2) {
redirect to page 2;
}

Send parameters from JSP to Servlet using POST

I am building a simple web app and attempting to create a login page. The page consists of a JSP with a form which loads a Servlet.
I have got the form working using the GET method:
JSP looks like this:
<form method="get" action="Login">
Email:<input name="email"/>
Password:<input name="password"/>
<input type="Submit" value="Log in"/>
And in the Servlet:
#WebServlet(name = "Login", urlPatterns = {"/Login"})
public class Login extends HttpServlet {
/**
* Processes requests for both HTTP
* <code>GET</code> and
* <code>POST</code> methods.
*
* #param request servlet request
* #param response servlet response
* #throws ServletException if a servlet-specific error occurs
* #throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
//Assign variables from the request parameters
String loginFormEmail = request.getParameter("email");
String loginFormPassword = request.getParameter("password");
This code works but it includes the username and password in the URL string, so it's obviously not good practice. I have attempted to do this using POST instead but I've been getting an error. (HTTP Status 405 - HTTP method POST is not supported by this URL)
I need to know how to send parameters from the JSP to the Servlet using POST. I think this may involve using RequestDispatcher object, but all the tutorials I've found explain using RequestDispatcher to send data from the Servlet to the JSP, not the other way around. Can you/should you use Request Dispatcher to send POST data from the JSP to the Servlet? And how to you access these parameters from the Servlet? (Is there an equivalent of request.getParameter() for POST?)
I understand that using POST still won't be secure, but it is a lot better practice than including the password in the query string, and I will think about security later.
Apologies for the basic question, I have found lots of tutorials online but none of them seem to answer this specific question. Thank you.
Try
<form method="POST" action="Login>
Note: method instead of type for specifying GET/POST.
But it's not really any more "secure" than using GET. They are still available in clear text in the post body. If you want it to be secure, make sure you use HTTPS.
Edit
You have edited your question now, and it appears that you are using method, not type. So if you still have errors after changing it to POST, specify what error you are getting.
Edit2
You specify that you are getting a HTTP method POST is not supported by this URL error. This means that your servlet does not accept the POST method. Which most likely means that you are inheriting some base servlet that only accepts GET. Seeing all of the code for the servlet would be helpful.
<form type="get" action="Login" method="POST">
Email:<input name="email"/>
Password:<input name="password"/>
<input type="Submit" value="Log in"/>
I suggest you instead of processRequest(), use doPost() method.
Use method="POST" attribute in your element
Override the HttpServlet#doPost() method in your Login class
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException {
String loginFormEmail = request.getParameter("email");
String loginFormPassword = request.getParameter("password");
// do something to produce a response
}
This might require you to change the service() method that might be overridden to call your processRequest() method regardless of the HTTP method. This depends on the rest of your Login class implementation which you haven't shown.
Then change your <form> to make a POST request.
Try to override the HttpServlet methods doPost() and doGet():
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException,IOException {
processRequest(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException,IOException {
processRequest(request,response);
}

How to forward the request to another JSP page upon click of a link in a JSP page?

I have a link in the jsp page, upon the link click, how can I forward the request to another jsp page.
If you just want to GET a new jsp then simply
Click Here
Note: the path to jsp will start from / the public web space the same dir where WEB-INF resides
if you mean forward then
Upon click you will perform GET operation , So lets say
you click
Click Here
make a Servlet entry in web.xml and map it to /ForwardServlet to ForwardServlet and in Servlet perform
public class ForwardServlet extends HttpServlet{
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String destination = "/WEB-INF/pages/result.jsp";
RequestDispatcher rd = getServletContext().getRequestDispatcher(destination);
rd.forward(request, response);
}
}
Refer :
Servlet

doGet and doPost in Servlets

I've developed an HTML page that sends information to a Servlet. In the Servlet, I am using the methods doGet() and doPost():
public void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
String id = req.getParameter("realname");
String password = req.getParameter("mypassword");
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
String id = req.getParameter("realname");
String password = req.getParameter("mypassword");
}
In the html page code that calls the Servlet is:
<form action="identification" method="post" enctype="multipart/form-data">
User Name: <input type="text" name="realname">
Password: <input type="password" name="mypassword">
<input type="submit" value="Identification">
</form>
When I use method = "get" in the Servlet, I get the value of id and password, however when using method = "post", id and password are set to null. Why don't I get the values in this case?
Another thing I'd like to know is how to use the data generated or validated by the Servlet. For example, if the Servlet shown above authenticates the user, I'd like to print the user id in my HTML page. I should be able to send the string 'id' as a response and use this info in my HTML page. Is it possible?
Introduction
You should use doGet() when you want to intercept on HTTP GET requests. You should use doPost() when you want to intercept on HTTP POST requests. That's all. Do not port the one to the other or vice versa (such as in Netbeans' unfortunate auto-generated processRequest() method). This makes no utter sense.
GET
Usually, HTTP GET requests are idempotent. I.e. you get exactly the same result everytime you execute the request (leaving authorization/authentication and the time-sensitive nature of the page —search results, last news, etc— outside consideration). We can talk about a bookmarkable request. Clicking a link, clicking a bookmark, entering raw URL in browser address bar, etcetera will all fire a HTTP GET request. If a Servlet is listening on the URL in question, then its doGet() method will be called. It's usually used to preprocess a request. I.e. doing some business stuff before presenting the HTML output from a JSP, such as gathering data for display in a table.
#WebServlet("/products")
public class ProductsServlet extends HttpServlet {
#EJB
private ProductService productService;
#Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
List<Product> products = productService.list();
request.setAttribute("products", products); // Will be available as ${products} in JSP
request.getRequestDispatcher("/WEB-INF/products.jsp").forward(request, response);
}
}
Note that the JSP file is explicitly placed in /WEB-INF folder in order to prevent endusers being able to access it directly without invoking the preprocessing servlet (and thus end up getting confused by seeing an empty table).
<table>
<c:forEach items="${products}" var="product">
<tr>
<td>${product.name}</td>
<td>detail</td>
</tr>
</c:forEach>
</table>
Also view/edit detail links as shown in last column above are usually idempotent.
#WebServlet("/product")
public class ProductServlet extends HttpServlet {
#EJB
private ProductService productService;
#Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Product product = productService.find(request.getParameter("id"));
request.setAttribute("product", product); // Will be available as ${product} in JSP
request.getRequestDispatcher("/WEB-INF/product.jsp").forward(request, response);
}
}
<dl>
<dt>ID</dt>
<dd>${product.id}</dd>
<dt>Name</dt>
<dd>${product.name}</dd>
<dt>Description</dt>
<dd>${product.description}</dd>
<dt>Price</dt>
<dd>${product.price}</dd>
<dt>Image</dt>
<dd><img src="productImage?id=${product.id}" /></dd>
</dl>
POST
HTTP POST requests are not idempotent. If the enduser has submitted a POST form on an URL beforehand, which hasn't performed a redirect, then the URL is not necessarily bookmarkable. The submitted form data is not reflected in the URL. Copypasting the URL into a new browser window/tab may not necessarily yield exactly the same result as after the form submit. Such an URL is then not bookmarkable. If a Servlet is listening on the URL in question, then its doPost() will be called. It's usually used to postprocess a request. I.e. gathering data from a submitted HTML form and doing some business stuff with it (conversion, validation, saving in DB, etcetera). Finally usually the result is presented as HTML from the forwarded JSP page.
<form action="login" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="login">
<span class="error">${error}</span>
</form>
...which can be used in combination with this piece of Servlet:
#WebServlet("/login")
public class LoginServlet extends HttpServlet {
#EJB
private UserService userService;
#Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
User user = userService.find(username, password);
if (user != null) {
request.getSession().setAttribute("user", user);
response.sendRedirect("home");
}
else {
request.setAttribute("error", "Unknown user, please try again");
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
}
}
You see, if the User is found in DB (i.e. username and password are valid), then the User will be put in session scope (i.e. "logged in") and the servlet will redirect to some main page (this example goes to http://example.com/contextname/home), else it will set an error message and forward the request back to the same JSP page so that the message get displayed by ${error}.
You can if necessary also "hide" the login.jsp in /WEB-INF/login.jsp so that the users can only access it by the servlet. This keeps the URL clean http://example.com/contextname/login. All you need to do is to add a doGet() to the servlet like this:
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/login.jsp").forward(request, response);
}
(and update the same line in doPost() accordingly)
That said, I am not sure if it is just playing around and shooting in the dark, but the code which you posted doesn't look good (such as using compareTo() instead of equals() and digging in the parameternames instead of just using getParameter() and the id and password seems to be declared as servlet instance variables — which is NOT threadsafe). So I would strongly recommend to learn a bit more about basic Java SE API using the Oracle tutorials (check the chapter "Trails Covering the Basics") and how to use JSP/Servlets the right way using those tutorials.
See also:
Our servlets wiki page
Java EE web development, where do I start and what skills do I need?
Servlet returns "HTTP Status 404 The requested resource (/servlet) is not available"
Show JDBC ResultSet in HTML in JSP page using MVC and DAO pattern
Update: as per the update of your question (which is pretty major, you should not remove parts of your original question, this would make the answers worthless .. rather add the information in a new block) , it turns out that you're unnecessarily setting form's encoding type to multipart/form-data. This will send the request parameters in a different composition than the (default) application/x-www-form-urlencoded which sends the request parameters as a query string (e.g. name1=value1&name2=value2&name3=value3). You only need multipart/form-data whenever you have a <input type="file"> element in the form to upload files which may be non-character data (binary data). This is not the case in your case, so just remove it and it will work as expected. If you ever need to upload files, then you'll have to set the encoding type so and parse the request body yourself. Usually you use the Apache Commons FileUpload there for, but if you're already on fresh new Servlet 3.0 API, then you can just use builtin facilities starting with HttpServletRequest#getPart(). See also this answer for a concrete example: How to upload files to server using JSP/Servlet?
Both GET and POST are used by the browser to request a single resource from the server. Each resource requires a separate GET or POST request.
The GET method is most commonly (and is the default method) used by browsers to retrieve information from servers. When using the GET method the 3rd section of the request packet, which is the request body, remains empty.
The GET method is used in one of two ways:
When no method is specified, that is when you or the browser is requesting a simple resource such as an HTML page, an image, etc.
When a form is submitted, and you choose method=GET on the HTML tag. If the GET method is used with an HTML form, then the data collected through the form is sent to the server by appending a "?" to the end of the URL, and then adding all name=value pairs (name of the html form field and value entered in that field) separated by an "&"
Example:
GET /sultans/shop//form1.jsp?name=Sam%20Sultan&iceCream=vanilla HTTP/1.0 optional headeroptional header<< empty line >>>
The name=value form data will be stored in an environment variable called QUERY_STRING.
This variable will be sent to a processing program (such as JSP, Java servlet, PHP etc.)
The POST method is used when you create an HTML form, and request method=POST as part of the tag. The POST method allows the client to send form data to the server in the request body section of the request (as discussed earlier). The data is encoded and is formatted similar to the GET method, except that the data is sent to the program through the standard input.
Example:
POST /sultans/shop//form1.jsp HTTP/1.0 optional headeroptional header<< empty line >>> name=Sam%20Sultan&iceCream=vanilla
When using the post method, the QUERY_STRING environment variable will be empty.
Advantages/Disadvantages of GET vs. POST
Advantages of the GET method:
Slightly faster
Parameters can be entered via a form or by appending them after the URL
Page can be bookmarked with its parameters
Disadvantages of the GET method:
Can only send 4K worth of data. (You should not use it when using a textarea field)
Parameters are visible at the end of the URL
Advantages of the POST method:
Parameters are not visible at the end of the URL. (Use for sensitive data)
Can send more that 4K worth of data to server
Disadvantages of the POST method:
Can cannot be bookmarked with its data
The servlet container's implementation of HttpServlet.service() method will automatically forward to doGet() or doPost() as necessary, so you shouldn't need to override the service method.
Could it be that you are passing the data through get, not post?
<form method="get" ..>
..
</form>
If you do <form action="identification" > for your html form, data will be passed using 'Get' by default and hence you can catch this using doGet function in your java servlet code. This way data will be passed under the HTML header and hence will be visible in the URL when submitted.
On the other hand if you want to pass data in HTML body, then USE Post: <form action="identification" method="post"> and catch this data in doPost function. This was, data will be passed under the html body and not the html header, and you will not see the data in the URL after submitting the form.
Examples from my html:
<body>
<form action="StartProcessUrl" method="post">
.....
.....
Examples from my java servlet code:
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
PrintWriter out = response.getWriter();
String surname = request.getParameter("txtSurname");
String firstname = request.getParameter("txtForename");
String rqNo = request.getParameter("txtRQ6");
String nhsNo = request.getParameter("txtNHSNo");
String attachment1 = request.getParameter("base64textarea1");
String attachment2 = request.getParameter("base64textarea2");
.........
.........

Categories

Resources