Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 419
  • Last Modified:

Servlet to Servlet Data Flow

Hello,
This may be a common question. But I am not clear in several solutions.

First I gave up jsp's. That's really creating problems for me. So now I work only with Servlets and fun.

Any how.

I start a session from a login Servlet. There I maintain the current login user information in an array of loginInfor objects.
each loginInfor object do have the session ID, userId, pwd...etc etc....

Now after the login is completed (Authenticated) , I popup a Menu servlet. I want to pass the loginInfor array that was
created or updated in the login Servlet to the menu servlet.

How woud I do this?.

0
prain
Asked:
prain
  • 6
  • 5
1 Solution
 
rrzCommented:
The easy way to share data objects is put it into a scope. I am not sure what you want here. But you could use either
session.setAttrribute("loginInfor", loginInfor);
getServletContext().setAttrribute("loginInforArray", loginInforArray);  
>maintain the current login user information in an array of loginInfor objects.
Does this array hold info from  one user or all of them ?
0
 
prainAuthor Commented:
All of them.
0
 
prainAuthor Commented:
rrz,

I am sorry I am tring to understand this....

So, in your comment, where should I do those steps.
Where should I do the session.setAttrribute("loginInfor", loginInfor); is it in the doGet() or doPost()?
and where shoud I do the getServletContext().setAttrribute("loginInforArray", loginInforArray);  
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
rrzCommented:
You can do this many ways. I don't know your requirements. You may want to change this design. In the doPost method, in your login Servlet, you could use something like  

ServletContext context = getServletContext();
ArrayList  userArray = (ArrayList)context.getAttribute("loginInforArray");
if(userArray == null) userArray= new ArrayList();
LoginInfor loginInfor = new LoginInfor(userId, and whatever parameters the constructor expects);
userArray.add(loginInfor);  

I don't where to go from here. Explain your web app more. Why are gonig to password and session Id into  user info array ?  Do we have to remove the user from the array if he  logs out or just quits ?  Look at  
http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20514811.html   
You would not need the Filter, Just the Listener.  But, tell us more of your requirements, so I don't go the wrong way here.   rrz
0
 
prainAuthor Commented:
rrz,
Thank. Yes I understand what you say inthat first part.
The user array is created with LoginInfor objects in the Login Servlet, every time a new user start
using the webapp. There(LoginInfor object per user) I will store the session ID, user ID, pwd and many more infor.

But then, how do I pass the userArray reference to another Servlet?

This is required, because otherwise someone could bypass the login servlet and make use of the other
resoures of the system. So if I pass the userArray that was created in Login to other Servlets, I could check for the userInfor objects within the userArray for the legitimacy of the user if he/she tries to "Cut In" bypassing the Login servlet.

>> Do we have to remove the user from the array if he  logs out or just quits ?  Look at  
Yes I will be.

0
 
rrzCommented:
>But then, how do I pass the userArray reference to another Servlet?  
You don't have to pass it.  Objects in the application scope are shared by all users of the application. We can just use  
ServletContext context = getServletContext();
ArrayList  userArray = (ArrayList)context.getAttribute("loginInforArray");  
in all Servlets in the application.
>I could check for the userInfor objects within the userArray for the legitimacy of the user  
How are you going to do that ? Are you going to search through the whole array ?  What about when he quits ?  You will have to search again ?
If you look at the link I posted, then you will see that we used a Hashtable in the application scope. As the key we used the user's session id.  That way we can use key to find user and use a HttpSessionListener to listen for the end of a session.    
But maybe you don't need to do all that.   If all you want to do is  check that the user is logged in, then why not just make the userInfor objects session scoped objects ?  In each servlet you could check for a session and then check for legitimacy in a userInfor object. If you don't find both then redirect user to the Login servlet.   Why do you need an array   ?       rrz
0
 
prainAuthor Commented:
Yes. I think I get the concept here now. Also I like the Hashtable than an array. I will get back with you soon.

Thanks for the hints.
0
 
rrzCommented:
>Also I like the Hashtable than an array  
You have to decide what key to use depending on your requirements. Maybe using the user login name would work for you.  
0
 
prainAuthor Commented:
rrz,

Sorry I am asking this again...
I think I am not getting something right here. I have not gone into big details. But testing a very trivial data pass to another servelet from the login server.

This is what I have in my login servelet's doPost();

public void doPost (HttpServletRequest req, HttpServletResponse res)
   throws ServletException, IOException
{
   userID   = req.getParameter("UserID");
   
   toServlet  = req.getParameter ("servletTo");

 
   HttpSession session = req.getSession (true);

   if (at.isExistsUserId(userID) && at.isExistsPassword(passWord))
   {  // successful
      System.out.println("User ID Successful");
      session.setAttribute ("UserID", userID);
     
      // OKAY ... forward to SERVLET "toServlet"
      res.sendRedirect (ServletLoc + toServlet);
   }
   else
   {  // unsuccessful
      System.out.println("USer ID Unsuccessful");
      session.setAttribute ("isDemoLogin", "No");
      session.setAttribute ("UserID", "");
      invalidID = true;
      doGet (req, res);
   }
} // end of doPost() m

I can see the "User ID Successgul printed on the catalina.out. So I assume that the attribute "UserID" was sert within the context.

Then in the next Serrvlet in the session (the one that is directed in the doPost() of login), in the doGet() this is what I have


public void doGet (HttpServletRequest req, HttpServletResponse res)
   throws ServletException, IOException
{

  ServletContext  context = getServletContext();
  System.out.println("Getting UserID Attribute : " + (String) context.getAttribute("UserID"));

  //and the rest of teh code.
}

I see null for
System.out.println("Getting UserID Attribute : " + (String) context.getAttribute("UserID"));

What Am I missing here.

Thanks
prain
0
 
rrzCommented:
In  your login servlet
>   session.setAttribute ("UserID", userID);    
and in your next servlet you have  
>(String) context.getAttribute("UserID"));      
This won't work because session scope is different from context scope. They are two different scopes. There are four scopes; page , request, session, and ServletContext(called application scope in a JSP).    So change  
>(String) context.getAttribute("UserID"));  
to    
(String) session.getAttribute("UserID"));       rrz
0
 
prainAuthor Commented:
rrz,
Thanks so much. Works great. I think I have gotten the idea now. But I am sure there could be many questions.

Thanks
prain.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now