Servlets, Cookies, Sessions

Servlets, Cookies, Sessions

In this worksheet, you will learn the basic mechanisms for receiving information from users via HTML forms and tracking users of a website. There is not a lot of code to write, but the concepts will be strange at first and you will have to look at the API documentation a great deal (see, for example, javax.servlets.http.HttpSession, javax.servlets.http.Cookie, javax.servlets.http.HttpServlet). Use the web as your resource, but remember that you must clearly indicate from what source you borrow code snippets; particularly in this worksheet as the servlets will be very small.

This worksheet should be started in class and then completed by the start of the next class period Tuesday, October 1st, 2002. You will need to turn in a print out (stapled together and nicely formatted) for every servlet and HTML page you write below.

  1. Using the /home/submit/cs601/start.resin script demonstrate that you can execute the /home/submit/cs601/ servlet. You will first need to copy the /home/submit/cs601/resin/conf/resin.conf file and file to your work area then modify the config so that its servlet path points to where you put the file. I suggest using ~/resin/conf/resin.conf and ~/resin/servlet/ Try modifying the servlet and then hitting "refresh" on the browser to see how the server will recompile your servlet for you. Note also what goes in the logs ~/resin/log/stdout and ~/resin/log/stdout. The access logs are in ~/resin/logs/access*. The start.resin script above should be modified to put the stdout log etc... in the right spot.

  2. Write a simple HTML page containing a <form> with fields for collecting name, email, and age. The <form> should POST to a servlet that responds to the POST HTTP requests by displaying the values of your <form> variables.

  3. Write a servlet answering HTTP GET that stores a cookie called ID on the user's computer. The ID value should be obtained as an argument to the servlet. In other words, someone will invoke your servlet with
    In this case, you would add a cookie ID=6234 to the response for this servlet request. Verify that the file (assuming you use netscape on linux) ~/.netscape/cookies contains a cookie for localhost. Check the first column to see what the hostname is. For example, here is a jGuru cookie called auto_login_mchale set to true. FALSE / FALSE 1040685378 auto_login_mchale true
    Either you or some friends should hit your server from different machines using different ID values.

  4. Write a servlet that displays to standard out the value of the cookie ID you set in the previous exercise and then deletes the cookie. Verify that the cookie has disappeared from the browser's cookie file.

  5. Write a servlet answering HTTP GET that simulates a server detecting repeat visitors. Your servlet will look for a cookie called visitor_id to see if that person has visited your site. If your servlet cannot find a cookie called visitor_id, the person is new to your site. Add cookie visitor_id=n where n indicates this person is the nth visitor to your site during this run. You must track n as an instance variable, but increment it in a thread-safe manner. Increment its value upon each new visitor. If you have not seen this person, print "I do not know you. You are visitor n" to the user's browser. If your servlet has seen that person before (you find a value for visitor_id), print "You are visitor n and have viewed p pages." to the user's browser. Value p is the number of pages viewed by that user this session (a session normally times out after 30 minutes of inactivity and all associated session data disappears). A person whose session times out will still be known to your server because of the cookie, but their page view count will be 0 again since the session data disappears. You will have to store an HttpSession variable for each user of your server that tracks their page view count so you can display it.

    Hit your server from multiple machines and/or browsers to see that cookies are unique to browser and machine. Also make sure the page count goes up when you keep refreshing that servlet in the browser. Make sure that all users have their own page view count not just one global page view count for all users.