Solved

Servlet to Servlet Data Flow

Posted on 2006-06-23
11
412 Views
Last Modified: 2010-04-01
Hello,
This may be a common question. But I am not clear in several solutions.

First I gave up jsp's. That's really creating problems for me. So now I work only with Servlets and fun.

Any how.

I start a session from a login Servlet. There I maintain the current login user information in an array of loginInfor objects.
each loginInfor object do have the session ID, userId, pwd...etc etc....

Now after the login is completed (Authenticated) , I popup a Menu servlet. I want to pass the loginInfor array that was
created or updated in the login Servlet to the menu servlet.

How woud I do this?.

0
Comment
Question by:prain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 27

Expert Comment

by:rrz
ID: 16970824
The easy way to share data objects is put it into a scope. I am not sure what you want here. But you could use either
session.setAttrribute("loginInfor", loginInfor);
getServletContext().setAttrribute("loginInforArray", loginInforArray);  
>maintain the current login user information in an array of loginInfor objects.
Does this array hold info from  one user or all of them ?
0
 

Author Comment

by:prain
ID: 16973007
All of them.
0
 

Author Comment

by:prain
ID: 16973012
rrz,

I am sorry I am tring to understand this....

So, in your comment, where should I do those steps.
Where should I do the session.setAttrribute("loginInfor", loginInfor); is it in the doGet() or doPost()?
and where shoud I do the getServletContext().setAttrribute("loginInforArray", loginInforArray);  
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 27

Expert Comment

by:rrz
ID: 16973320
You can do this many ways. I don't know your requirements. You may want to change this design. In the doPost method, in your login Servlet, you could use something like  

ServletContext context = getServletContext();
ArrayList  userArray = (ArrayList)context.getAttribute("loginInforArray");
if(userArray == null) userArray= new ArrayList();
LoginInfor loginInfor = new LoginInfor(userId, and whatever parameters the constructor expects);
userArray.add(loginInfor);  

I don't where to go from here. Explain your web app more. Why are gonig to password and session Id into  user info array ?  Do we have to remove the user from the array if he  logs out or just quits ?  Look at  
http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20514811.html   
You would not need the Filter, Just the Listener.  But, tell us more of your requirements, so I don't go the wrong way here.   rrz
0
 

Author Comment

by:prain
ID: 16974994
rrz,
Thank. Yes I understand what you say inthat first part.
The user array is created with LoginInfor objects in the Login Servlet, every time a new user start
using the webapp. There(LoginInfor object per user) I will store the session ID, user ID, pwd and many more infor.

But then, how do I pass the userArray reference to another Servlet?

This is required, because otherwise someone could bypass the login servlet and make use of the other
resoures of the system. So if I pass the userArray that was created in Login to other Servlets, I could check for the userInfor objects within the userArray for the legitimacy of the user if he/she tries to "Cut In" bypassing the Login servlet.

>> Do we have to remove the user from the array if he  logs out or just quits ?  Look at  
Yes I will be.

0
 
LVL 27

Expert Comment

by:rrz
ID: 16975237
>But then, how do I pass the userArray reference to another Servlet?  
You don't have to pass it.  Objects in the application scope are shared by all users of the application. We can just use  
ServletContext context = getServletContext();
ArrayList  userArray = (ArrayList)context.getAttribute("loginInforArray");  
in all Servlets in the application.
>I could check for the userInfor objects within the userArray for the legitimacy of the user  
How are you going to do that ? Are you going to search through the whole array ?  What about when he quits ?  You will have to search again ?
If you look at the link I posted, then you will see that we used a Hashtable in the application scope. As the key we used the user's session id.  That way we can use key to find user and use a HttpSessionListener to listen for the end of a session.    
But maybe you don't need to do all that.   If all you want to do is  check that the user is logged in, then why not just make the userInfor objects session scoped objects ?  In each servlet you could check for a session and then check for legitimacy in a userInfor object. If you don't find both then redirect user to the Login servlet.   Why do you need an array   ?       rrz
0
 

Author Comment

by:prain
ID: 16976636
Yes. I think I get the concept here now. Also I like the Hashtable than an array. I will get back with you soon.

Thanks for the hints.
0
 
LVL 27

Expert Comment

by:rrz
ID: 16976675
>Also I like the Hashtable than an array  
You have to decide what key to use depending on your requirements. Maybe using the user login name would work for you.  
0
 

Author Comment

by:prain
ID: 16984463
rrz,

Sorry I am asking this again...
I think I am not getting something right here. I have not gone into big details. But testing a very trivial data pass to another servelet from the login server.

This is what I have in my login servelet's doPost();

public void doPost (HttpServletRequest req, HttpServletResponse res)
   throws ServletException, IOException
{
   userID   = req.getParameter("UserID");
   
   toServlet  = req.getParameter ("servletTo");

 
   HttpSession session = req.getSession (true);

   if (at.isExistsUserId(userID) && at.isExistsPassword(passWord))
   {  // successful
      System.out.println("User ID Successful");
      session.setAttribute ("UserID", userID);
     
      // OKAY ... forward to SERVLET "toServlet"
      res.sendRedirect (ServletLoc + toServlet);
   }
   else
   {  // unsuccessful
      System.out.println("USer ID Unsuccessful");
      session.setAttribute ("isDemoLogin", "No");
      session.setAttribute ("UserID", "");
      invalidID = true;
      doGet (req, res);
   }
} // end of doPost() m

I can see the "User ID Successgul printed on the catalina.out. So I assume that the attribute "UserID" was sert within the context.

Then in the next Serrvlet in the session (the one that is directed in the doPost() of login), in the doGet() this is what I have


public void doGet (HttpServletRequest req, HttpServletResponse res)
   throws ServletException, IOException
{

  ServletContext  context = getServletContext();
  System.out.println("Getting UserID Attribute : " + (String) context.getAttribute("UserID"));

  //and the rest of teh code.
}

I see null for
System.out.println("Getting UserID Attribute : " + (String) context.getAttribute("UserID"));

What Am I missing here.

Thanks
prain
0
 
LVL 27

Accepted Solution

by:
rrz earned 100 total points
ID: 16984721
In  your login servlet
>   session.setAttribute ("UserID", userID);    
and in your next servlet you have  
>(String) context.getAttribute("UserID"));      
This won't work because session scope is different from context scope. They are two different scopes. There are four scopes; page , request, session, and ServletContext(called application scope in a JSP).    So change  
>(String) context.getAttribute("UserID"));  
to    
(String) session.getAttribute("UserID"));       rrz
0
 

Author Comment

by:prain
ID: 16984858
rrz,
Thanks so much. Works great. I think I have gotten the idea now. But I am sure there could be many questions.

Thanks
prain.
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question