Servlets, Cookies, Sessions
Servlets, Cookies, Sessions
In this worksheet, you will learn the basic mechanisms for receiving
information from users via HTML forms and tracking users of a website.
There is not a lot of code to write, but the concepts will be strange
at first and you will have to look at the API documentation a great
deal (see, for example, javax.servlets.http.HttpSession,
javax.servlets.http.Cookie, javax.servlets.http.HttpServlet). Use
the web as your resource, but remember that you must clearly indicate
from what source you borrow code snippets; particularly in this
worksheet as the servlets will be very small.
This worksheet should be started in class and then completed by the
start of the next class period Tuesday, October 1st, 2002. You
will need to turn in a print out (stapled together and nicely
formatted) for every servlet and HTML page you write below.
- Using the /home/submit/cs601/start.resin script demonstrate that
you can execute the /home/submit/cs601/HelloHttp.java servlet. You
will first need to copy the /home/submit/cs601/resin/conf/resin.conf
file and HelloHttp.java file to your work area then modify the
config so that its servlet path points to where you put the
HelloHttp.java file. I suggest using ~/resin/conf/resin.conf and
~/resin/servlet/HelloHttp.java. Try modifying the servlet and then
hitting "refresh" on the browser to see how the server will recompile
your servlet for you. Note also what goes in the logs
~/resin/log/stdout and ~/resin/log/stdout. The access logs are in
~/resin/logs/access*. The start.resin script above should be
modified to put the stdout log etc... in the right spot.
- Write a simple HTML page containing a <form> with fields for
collecting name, email, and age. The <form> should POST to a
servlet that responds to the POST HTTP requests by displaying the
values of your <form> variables.
- Write a servlet answering HTTP GET that stores a cookie called
ID on the user's computer. The ID value should be obtained as an
argument to the servlet. In other words, someone will invoke your
In this case, you would add a cookie ID=6234 to the response for
this servlet request. Verify that the file (assuming you use netscape
on linux) ~/.netscape/cookies contains a cookie for localhost.
Check the first column to see what the hostname is. For example, here
is a jGuru cookie called auto_login_mchale set to true.
www.jguru.com FALSE / FALSE 1040685378 auto_login_mchale true
Either you or some friends should hit your server from different
machines using different ID values.
- Write a servlet that displays to standard out the value of the
cookie ID you set in the previous exercise and then deletes the
cookie. Verify that the cookie has disappeared from the browser's
- Write a servlet answering HTTP GET that simulates a server
detecting repeat visitors. Your servlet will look for a cookie called
visitor_id to see if that person has visited your site. If your
servlet cannot find a cookie called visitor_id, the person is new to
your site. Add cookie visitor_id=n where n indicates this
person is the nth visitor to your site during this run. You must
track n as an instance variable, but increment it in a thread-safe
manner. Increment its value upon each new visitor. If you have not
seen this person, print "I do not know you. You are visitor n" to
the user's browser. If your servlet has seen that person before (you
find a value for visitor_id), print "You are visitor n and have
viewed p pages." to the user's browser. Value p is the number of
pages viewed by that user this session (a session normally times
out after 30 minutes of inactivity and all associated session data
disappears). A person whose session times out will still be known to
your server because of the cookie, but their page view count will be 0
again since the session data disappears. You
will have to store an HttpSession variable for each user of your
server that tracks their page view count so you can display it.
Hit your server from multiple machines and/or browsers to see that
cookies are unique to browser and machine. Also make sure the page
count goes up when you keep refreshing that servlet in the browser.
Make sure that all users have their own page view count not just one
global page view count for all users.