Module 123

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 39

Module-1 Servlets 16MCA41

Servlet Structure, Servlet Packaging, HTML building utilities, Life cycle, Single Threaded Model
interface, Handling Client Request: Form Data, Handling Client Request: HTTP Request Headers.
Generating server Response: HTTP Status codes, Generating server Response: HTTP Response
Headers, Handling Cookies, Session Tracking.
Overview of JSP: JSP Technology, Need of JSP, Benefits of JSP, Advantages of JSP, Basic syntax

SERVLETS
• A servlet is a Java programming language class that is used to extend the
capabilities of servers that host applications accessed by means of a request-response
programming model.
• The javax.servlet and javax.servlet.http packages provide interfaces and classes
for writing servlets. All servlets must implement the Servlet interface, which
defines life- cycle methods
• The HttpServlet class provides methods, such as doGet and doPost, for handling
HTTP-specific services.

1.1 Servlet Structure


• Class should extend HttpServlet and override doGet or doPost, depending on
whether the data is being sent by GET or by POST. Both of these methods take
two arguments an HttpServletRequest and an HttpServletResponse.
• Syntax:
import java.io.*; import javax.servlet.*;
import javax.servlet.http.*;
public class ServletTemplate extends HttpServlet ( public void doGet(HttpSer
HttpServletResponse response)throws ServletException, IOException

// Use "request" to read incoming HTTP headers(eg.cookies) and HTML form da


submitted).

// Use "response" to specify the HTTP response status code and headers(eg.

PrintWriter out = response.getWriter();

// Use "out" to send content to browser

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT


Module-1 Servlets 16MCA41

• The HttpServletRequest has methods by which you can find out about
incoming information:
o such as form data,
o HTTP request headers,
o client's hostname.

• The HttpServletResponse lets you specify outgoing information:


o such as HTTP status codes (200, 404, etc.),
o response headers (Content-Type, Set-Cookie, etc.),
o PrintWriter used to send the document content back to the client.

• Examples Simple Servlet Generating (HelloWorld.java)

import java.iO. ; import javax.servlet.*;


import javax.servlet.http.*;

public class HelloWorld extends HttpServlet { public void doGet(Htt


HttpServletResponse response) throws ServletException, IOException

PrintWriter out = response.getWriter(); out.println("Hello World");

Output:

1.2 Servlet Packaging


• Placing all the servlets in the same directory results in massive, hard-to-manage
collection of classes and risks name conflicts when two developers choose same
name for a servlet or a utility class
• When you put your servlets in packages, perform the following two additional
steps. o Place the files in a subdirectory that makes the intended package
name:
• Example: all class files should go under directory called as
coreservlets
O Insert a package statement in the class
files: O The class files should in some
package.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 2


Module-1 Servlets 16MCA41

O Example: package coreservlets;

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 3


Module-1 Servlets 16MCA41

1.3 HTML building utilities


• An HTML document is structured as follows

<!DOCTYPE ...>
<HTML>
<HEAD><TITLE>...</TITLE>...</HEAD>
<BODY ...>

</BODY>
</HTML>

• Advantage of have line <! DOCTYPE>


o It tells HTML validators which version of HTML you are using
o These validators are valuable debugging services, such as syntax errors in
HTML
• The two most popular online validators are
o World Wide Web Consortium (http://validator.w3.org)
o The Web Design Group (http://www.htmlhe1p.com/tools/validator/)

• They let you submit a URL, then they retrieve the page, check the syntax against
the formal HTML specification, and report any errors to you. Since a servlet that
generates HTML looks like a regular Web Page to visitors
• To generate HTML with println statements, especially long tedious lines like the
DOCTYPE declaration. Some people address this problem by writing detailed
HTML generation utilities in Java, then use them throughout their servlets. Still,
have the problems listed below:
o Its inconvenience of generating HTML programmatically
o HTML generation routines can be cumbersome and tend not to support the
full range of HTML attributes (CLASS and ID for style sheets, JavaScript
event handlers, table cell background colors, and so forth).

1.4 Servlet Life cycle


• The life cycle of a servlet instance

1. Load Servlet class


2. Create servlet instance
3. Call to the init( ) method
4. Call to the service( ) method
5. Call to the destroy( ) method

S Load Servlet class:


o A Servlet class is loaded when first request for the servlet is received by
the Web Container.
S Create servlet instance

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 4


Module-1 Servlets 16MCA41

O After the Servlet class is loaded, Web Container creates the instance of it.
Servlet instance is created only once in the life cycle.
Call to the init( ) method
o init( ) method is called by the Web Container on servlet instance to
initialize the servlet.
O It is used for one-time initialization, just as in
applets O There are two init( ) methods
• init( )
• init(Sefv1etConfig config)

O init( )
• init simply creates or loads some data that will be used throughout
the life cycle.
• The first version is used when the servlet does not need to read
any settings that vary from server to server.
• Syntax:
public void init() throws ServletException {
// Initialization code...

• The second version of init( ) is used when the servlet needs to


read server-specific settings before it can complete the
initialization.

• Example: about database settings, password files, serialized cookies

public void init(ServletConfig config) throws ServletExcept


super.init(config);
// Initialization code...

• Notice two things about this code.


• First, the init method takes a ServletConfig as an argument.
:Sezv1e Con 51cj has a eye I 2r 1 E Pa same en method with
which you can look up initialization parameters associated with the
servlet.
• Second thing is that the first line of the method body is a call
t os oper. JnJ I (con51cj) . This method has a parameter
ServletConfig object and always call the init method of the
superclass registers it where the servlet can find it later.

Call to the service{} method


o Each time the server receives a request for a servlet, the server spawns a
new thread and calls service .
O The service method checks the HTTP request type (GET, POST,
DELETE, PUT) and calls doGet, doPost, doPut, doDelete etc,

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 5


Module-1 Servlets 16MCA41

o Syntax:
public void service(ServletRequest request, ServletResponse r
IOException {
//servlet code

o doGet method Syntaa:

public void doGet(HttpServletRequest request, HttpServletRespon


IOException

// Servlet Code

o doPost method Syntax:

public void doPost(HttpServletRequest request, HttpServletRespon


throws ServletException, IOException

// Servlet Code

S Call to the destroy( ) method


o The server calls a servlet's destroy() method when the servlet is about to be
unloaded.
o In the destroy( ) method, a servlet should free any resources it has acquired
that will not be garbage collected.
o The destroy( ) method also gives a servlet a chance to write out its unsaved
cached information or any persistent information that should be read during
the next call to init( ).
o Syntas:

public void destroy()

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 6


Module-1 Servlets 16MCA41

1.5 Single Threaded Model


• It is an interface from javas.servlet package used with Servlets. It is marker
interface having no methods. Few servlets may require this to implement.
• With multiple requests for the same servlet, in the Container multiple threads will
be active within the process.
• If the Programmer would like to have only one thread active at a time (other threads,
if exist, must be passivated or made inactive) then he
implements the SingleThreadModel interfaceand it being marker interface no
methods need to be overridden.
• The system makes single instance of your servlet and then creates a new thread for
each user request with multiple concurrent threads running, if a new request comes in
while a previous request still executing.
• This means that your doGet() and doPOst() methods must be careful to
synchronize access to fields and other shared data, since multiple thread may
access the data simultaneously
• General form:
public YourServlet extends HttpServlet implements SingleThreadModel

• If a servlet implements this interface, you are guaranteed that no two threads will
execute concurrently in the servlet's service method.
• It queue's all the request and passing them one at a time to a single servlet instances
• The server is permitted to create a pool of multiple instances, each of which
handles one request at a time.

Note: SingleThreadModel does not solve all thread safety issues


o For example, session attributes and static variables can still be accessed by
multiple requests on multiple threads at the same time, even when
SingleThreadModel servlets are used.
o It is recommended that a developer take other means to resolve those issues
instead of implementing this interface, such as avoiding the usage of an
instance variable or synchronizing the block of the code accessing those
resources.

1.6 Handling Client Request


• Whenever we want to send an input to a servlet that input must be passed through
html form.
• An html form is nothing but various controls are inherited to develop an application.
• Every form will accept client data end it must send to a servlet which resides in
server side.
• Since html is a static language which cannot validate the client data. Hence, in real
time applications client data will be accepted with the help of html tags by
developing form and every form must call a servlet.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 7


Module-1 Servlets 16MCA41

1.6.1 Form Data:

• URL's like

• The part after the question mark(i.e., user=Marty+Hall&origin=bwi&dest=lax) is


known asform data (or query data)
• Form data can be attached to the end of the URL after a question mark for GET
requests, or sent to the server on a separate line, for POST requests.
• Extracting the form data from CGI programming
o First, read data one way for GET request and different way for POST request.
o Second, you have to chop the pairs at the ampersands, then separate the
parameter names from parameter values
o Third, you have to URL-decode the values. Alphanumeric characters are
sent unchanged
o Fourth, reason that parsing form data is tedious is that values can be
omitted. (e.g., “paraml=val1&param2ma12&param1=val3”)

1.6.2 Reading form data from Servlets


• One of the nice features of servlets is that all of this form parsing is
handled automatically.
• Reading data from servlets:
o getParameter( )
o getParameterValues( )
o getParameterNames( )

H getParameter()
o qefi Parame b er exactly the same way when the data is sent by GET as
you do when it is sent by POST.
o An empty S Lr i riq is returned if the parameter exists but has no value,
and riul l is returned if there was no such parameter.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 8


Module-1 Servlets 16MCA41

<html>
<head>
<title>Collecting Three Parameters</title>
</head>
<body>
<form action="ParmeterServlet" method="Get">

First Parameter:<input type="text" name="param1"/><br>


Second Parameter:<input type="text"name="param2"/><br>
Third Parameter: <input type="text" name="param3"/><br>

<input type="submit" value="Click Here">


</form>
</body>
</html>
ParameterServIet.java

public class ParmeterServlet extends HttpServlet {

@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException {
PrintWriter out=response.getWriter();
String title = "Reading Three Request Parameters";

out.println("Parameterl:+reguest.getParameter(“param2”});
out.println("Parameterl:+reguest.getParameter}"paramf’Ç);
out.println("Parameterl:+reguest.getParameter}“paramS”j);

H getParameterValues( )
• If the parameter have more than one value, eg: checkbox
o which returns an array of strings
o The return value of qefi Parame fi e rVa l ue s is nul l , for nonexistent
parameter names and is a one-element array when the parameter has only a
single value.
• General form:
String[] values = getParameterValues(“Input Parameter”);

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 9


Module-1 Servlets 16MCA41

• Example:

Index.html
<form action="ongetParameterVlaues" method="post">
Habits
<input type="checkbox" name="habits" value="Reading">Reading
<input type="checkbox" name="habits" value=”Movies">Movies
<input type="checkbox" name="habits" value="Writing">Writing
<input type="checkbox" name="habits" value="Singing">Singing
<input type="submit" value="Submit">
</form>

OngetParameterValues.java
public class OngetParameterValues extends HttpServlet

protected void doPost(HttpServletRequest request, HttpServletResponse


response)throws ServletException,IOException

PrintWriter out=res.getWriter();
response.setContentType("text/html");

String[] values=request.getParameterWa2ues{"habits"j;
out.println("Selected Values. .");

for(int i=0;i<values.length;i++)

out.println("<li>"+values[i]+"</li>");

out.close();

H getParameterNames( )
• to get a full list
• to get this list in the form of an Enumeration, each entry of which can be cast to
a String and used in a getParameter or getParameterValues call.
• Example:

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 10


Module-1 Servlets 16MCA41

Index.html
<form action="onPM" method="post">
Name:<input type="text" name="name">
Country:<input type="text" name="country">
<input type="submit" value="Submit">
</form>

OngetParameterNames.java
public class OngetParameterNames extends HttpServlet

protected void doPost(HttpServletRequest request,


HttpServletResponse response)throws ServletException,IOException

PrintWriter out=response.getWriter():
response.setContentType("text/html");

Enumeration en=request.getParameterNames( ):

while(en.hasMoreElements())

String parameterName
=(String)en.nextElement();
out.println("Parameter "+parameterName);

out.close();

Note: Parameter names are case sensitive so, for example,


request.getParameter("Paraml") and
request.getParameter("paraml") arenorintechangeable.

1.7 Handling Client Request: HTTP Request Headers


• The HTTP information that is sent from the browser to the server in the form of
request headers.
• HTTP request headers are distinct from the form data.
• Form data results directly from user input and is sent as part of the URL for GET
requests and on a separate line for POST requests.
• Request headers, on the other hand, are indirectly set by the browser and are sent
immediately following the initial GET or POST request line.

1.7.1 Reading Request Headers from Servlets


• Header names are not case sensitive
• The list of headers that are generally used

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 11


Module-1 Servlets 16MCA41

Header names Description


getCookies
The getCookies method returns the contents of the Cookie
header, parsed and stored in an array of Cookie objects.
getAuthType() and break the Authorization header into its component pieces.
getRemoteUser()
getContentLength() returns int value of the Content-Length header
getContentType() Returns string value of the Content-Type header
getDateHeader() read the specified header and then convert them to Date and
getIntHeader() int values
getHeaderNames() to get an Enumeration of the values of all occurrences of the
header names received on this particular request.
getHeaders() If a header name is repeated in the request,
version 2.1 servlets cannot access: returns the value of the first occurrence of t
version 2.2, returns an Enumeration of the values of all occurrences of the hea

getMethod() returns the main request method(Get, Post.........)


getRequestURI() returns the part of the URL that comes after the host and port
but before the form data
getProtocol() returns the third part of the request line, [HTTP/1.0 or
HTTP/1.1]

1.7.2 Printing all headers

public class SfiowfieguestBeaderServíet extends BttpServ2et { @Override


public void doGet(HttpServletRequest req, HttpServletResponse res) throws Servl

res.setContentType("text/html"); PrintWriter out = response.getWriter();

String title = "Servlet Example: Showing Request Headers"; out.println(ServletUti


"<H1>" + title + "</H1>\n" +
"<B>Request Method: </B>"+request.getMethod() +"<BR>\n" +
"<B>Request URI: </B>"+request.getRequestURI()+"<BR>\n" + "<B>Request Protocol:

Enumeration <String> headerNames= request.getHeaderNames(): while(headerNames.ha


String headerName = headerNames.nextElement(); out.println(“Header Name: <em>”+
String headerValue = request.getHeader(headerName); out.print(“</em>, Header Va

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 12


Module-1 Servlets 16MCA41

1.7.2 HTTP 1.1 Request Headers


• Access to the request headers permits servlets to perform a number of optimizations and to
provide a number of features not otherwise possible.

Header Names Description


Accept specifies the MIME types that the browser or other client can handle.
Returns more than one format
Accept-Charset indicates the character sets (e.g., ISO-8859-1) the browser can use.
Accept-Encoding designates the types of encodings that the client knows how to
handle. If it receives this header, the server is free to encode the
page
by using the format, sending the Content-Encoding response header
to indicate that it has done so
Accept-Language specifies the client's preferred languages, in case the servlet can
produce results in more than one language. The value of the header
should be one of the standard language codes such as en, en-us, da,
etc.

Authorization is used by clients to identify themselves when accessing password-


protected Web pages.
Cache-Control used by the client to specify a number of options for how
pages should be cached by proxy servers.
Connection tells whether or not the client can handle persistent HTTP
Connections.
Content-Length only applicable to POST requests and gives the size of the POST
data in bytes. Simply use request.getContentLength().
Content-Type It is used in responses from the server, it can also be part of
client requests when the client attaches a document as the POST
data or when making PUT requests. You can access this header
with the
shorthand getContentType method of HttpServletRequest.

Cookie This header is used to return cookies to servers that previously sent
them to the browser.
Expect This rarely used header lets the client tell the server what kinds of
behaviors it expects.
From This header gives the e-mail address of the person responsible for
the HTTP request.
Host Browsers are required to specify this header, which indicates the
host and port as given in the original URL.
If-Match This rarely used header applies primarily to PUT requests. The client
can supply a list of entity tags as returned by the ETag response
header, and the operation is performed only if one of them matches.
If-Modified-Since This header indicates that the client wants the page only if it has
been changed after the specified date. This option is very useful
because it lets browsers cache documents and reload them over the
network only when they've changed.
Pragma A Pragma header with a value of no-cache indicates that a servlet
that is acting as a proxy should forward the request even if it has a
local copy.

Proxy- Authorization Range

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 13


Module-1 Servlets 16MCA41
This identify themselves to proxies that require it. Servlets typically ignore this
header lets header, using Authorization instead.
clients This rarely used header lets a client that has a partial copy of a
document ask for only the parts it is missing.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 14


Module-1 Servlets 16MCA41

Referer This header indicates the URL of the referring Web page. it is a
useful way of tracking where requests came from
Upgrade The Upgrade header lets the browser or other client specify
a communication protocol it prefers over HTTP 1.1
User-Agent This header identifies the browser or other client making the request.
Via This header is set by gateways and proxies to show the
intermediate sites the request passed through.
Warning This rarely used catchall header lets clients warn about caching or

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 15


Module-1 Servlets 16MCA41
content Transformation errors.

1.7.3 Sending Compressed Web pages


• Gzip is a text compression scheme that can dramatically reduce the size of HTML
pages.
• Several recent browsers know how to handle gzipped content, so the server can
compress the document and send the smaller document over the network, after
which the browser will automatically reverse the compression and treat the result in
the normal manner
• Sending such compressed content can be a real timesaver, since the time required
to compress the document on the server and then uncompress it on the client is
typically dwarfed by the savings in download time, especially when dialup
connections are used.
• To send compressed content, a servlet must send a Content-Encoding header to tell
the client scheme by which the content has to be encoded
o Browsers that support this feature indicate that they do so by setting the
Accept —Encoding request header.
• Implementing compression
o j ava . ut i l . z ip : package contains classes that support reading and
writing the GZIP and ZIP compression formats.
o The servlet first checks the Accept—Encoding header to see if it contains
an entry for gzip.
• If so, it uses a GZ I POufipufi Sfi ream to generate the page, specifying
qz ip as the value of the Content —Ex coding header.
• explicitly call clo s e when using a GZ I POutpuL SI re am.
• If gzip is not supported, the servlet uses the normal Pr i rifiWr i fi er
to send the page
o Compression could be suppressed by including ? encodinq=none at the end
of the URL.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 16


Module-1 Servlets 16MCA41

public class EncodedPage extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)


throws ServletException, IOException {
response.setContentType("text/html");

String encodings = request.getHeader("Accept-Encoding");


String encodeFlag = request.getParameter("encoding");

PrintWriter out;

String title;

if ((encodings != null) && (encodings.indexOf("gzip") != -1) &&


! "none" . equals (encodeFlag) ) (

title = "Page Encoded with GZip";


OutputStream outl = response.getOutputStream();
out = new PrintWriter(new GZIPOutputStream(outl), false);

response.setHeader("Content-Encoding", "gzip");
} else {
title = "Unencoded Page";
out = response.getWriter();

out.println(ServletUtilities.headWithTitle(title) +
"<BODY BGCOLOR=\"#FDF5E6\">\n" +
"<H1 ALIGN=CENTER>" + title + "</H1>\n");

String line = "Blah, blah, blah, blah, blah. "


+ "Yadda, yadda, yadda, yadda.";

for(int i=0; i<10000; i++)


{ out.println(line)
;

out.println("</BODY></HTML>");
out.close();

Output:

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 17


Module-1 Servlets 16MCA41

1.7.4 Restricting Access to Web


• Many Web servers support standard mechanisms for limiting access to designated
Web pages.
• These mechanisms can apply to static pages as well as those generated by servlets,
so many authors use their server-specific mechanisms for restricting access to
servlets.
• Once a servlet that uses form-based access grants initial access to a user, it would
use session tracking to give the user access to other pages that require the same
level of authorization.
• Form-based access control requires more effort on the part of the servlet developer,
and HTTP-based authorization is sufficient for many simple applications.
• The steps involved for “basic” authorization.
• Stepl:
O Check whether there is an Authorization header. If there is no such header,
go to Step 2.
O If there is, skip over the word “basic” and reverse the base64 encoding of
the remaining part.
O This results in a string of the form username:password. Check the
username and password against some stored set. If it matches, return the
page. If not, go to Step 2.
• Sep2:
O Return a 401 (Unauthorized) response code and a header of the following form:
o WWW-Authenticate: BASIC rea1m="some-name" This response instructs
the browser to pop up a dialog box telling the user to enter a name and
password for some-name, then to reconnect with that username and
password embedded in a single base64 string inside the Authorization
header.

1.8 Generating server Response: HTTP Status codes


• When a web server responds to a request from a browser or other wen client, the
response typically consists of a status line, some response headers, a blank line, and
the document
• Example:
HTTP/1.1 200 OK
Content-Type: text/plain

Hello World

1.8.1 Specifying Status codes


• The HTTP response status line consists of an HTTP version, a status code, and an
associated message.
• The message is directly associated with the status code and the HTTP version is
determined by the server, all the servlet needs to do is to set the status code.
• The way to do this is by the setstatus method of HttpServletResponse.
• If your response includes a special status code and a document, be sure to call
setstatus before actually returning any of the content via the PrintWriter.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 18


Module-1 Servlets 16MCA41

• The setstatus method takes an int (the status code) as an argument, but instead of
using explicit numbers, it is clearer and more reliable to use the constants defined in
HttpServletResponse.
• There are two common cases where a shortcut method in HLrpSe rvle tResponse
is provided. Just be aware that both of these methods throw I OExcepL i on, whereas
s e LSfiafiu s doesn't.

o public void sendError(int code, String message)


• The sendError method sends a status code (usually 404) along with
a short message that is automatically formatted inside an HTML
document and sent to the client.

o public void sendRedirect(String url)


• The s endRedi recfi method generates a 302 response along with a
Local i or header giving the URL of the new document. With
servlets version 2.1, this must be an absolute URL. In version 2.2,
either an absolute or a relative URL is permitted and the system
automatically translates relative URLs into absolute ones before
putting them in the Lo cat i on header.
• Setting a status code does not necessarily mean that you don't need to return a
document. For example, although most servers automatically generate a small “File
Not Found” message for 404 responses, a servlet might want to customize this
response. Remember that if you do send output, you have to call set S Nadu s or s
endEr ror first.

• The following sections describe each of the status codes available for use in
servlets talking to HTTP 1.1 clients, along with the standard message associated with
each code.

• These codes fall into five general categories:

Status Code Description


100-199 Codes in the 100s are informational, indicating that the client
should respond with some other action.
200-299 Values in the 200s signify that the request was successful
300-399 Values in the 300s are used for files that have moved and usually
include a Location header indicating the new address.
400-499 Values in the 400s indicate an error by the client.
500-599 Codes in the 500s signify an error by the server.

• You should only send the new codes to clients that support HTTP 1.1, as verified
by checking request.getRequestProtocol.

HTTP/1.1 status code

Status code & Constant Name Description


Message
100(ConGnue) SC_CONTINUE If the server receives an Expect request header
with a value of i 00—continue, it means that the

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 19


Module-1 Servlets 16MCA41

client is asking if it can send an attached document in a follow-up request.

101 (Switching SC_SWI TCH ING_PROTOCO status indicates that the server will comply with the
ProtocolS) LS Upgrade header and change to a different protocol.
This status code is new in HTTP 1.1.
200 (OK) SC_OK A value of 200 me s that eve h ng is me
201(Created) SC_CREATE D signifies that the server created a new document in
response to the request; the Local ion header
should
tells ive its
the client URL.
that the request is being acted upon, but processing
202 (Accepted) SC ACCE PTE D

203 (Non- SC NON AUTHOR I TAT IVE status signifies that the document is being returned
Authoritative _I NFORNAT I ON normally, but some of the response headers might
Information) be incorrect since a document copy is being used
204 (No SC_NO_CONTENT stipulates that the browser should continue to
Content) display the previous document because no new
document is available.
205 (Reset SC RESET CONTENT means that there is no new document, but the
Content) browser should reset the document view. status indicates bad syn
400 (Bad SC_BAD_REQUEST
Request)
401 SC UNAUTHORIZED signifies that the client tried to access a password-
(Unauthorized) protected page without proper identifying
information in the Aufihori z ad ion header. The
response must include a wu—AufihenfiieaLe
header.
403(Forbidden) SC_FORB I DDEN means that the server refuses to supply the
resource, regardless of authorization
404 (Not SC NOT FOUND status tells the client that no resource could be
Found) found at that address. This value is the standard “no
such page” response.
502 (Bad SC BAD GATEWAY used by servers that act as proxies or gateways; it
Gateway) indicates that the initial server got a bad response
from the remote server.
503 (Service SC_SERVI CE_UNAVAI LAB signifies that the server cannot respond because of
Unavailable) LE maintenance or overloading
504 (Gateway SC GATEWAY T IMEOUT is used by servers that act as proxies or gateways;
Timeout) it indicates that the initial server didn't get a timely
response from the remote server.

1.9 Generating server Response: HTTP Response Headers


• The most general way to specify headers is to use the setHeader method of
HttpServletResponse. This method takes two strings: the header name and the header
value.
• Syntax:

public void setHeader(string headername, int headervalue)

• setHeader method, HttpServletResponse also has two specialized methods to


set headers that contain dates and integers
o setDateHeader(String header, long milliseconds)
o setIntHeader(String header, int headerValue)

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 20


Module-1 Servlets 16MCA41

< HfiLpServle fiRe sponse also supplies a number of convenience methods


for specifying common headers. These methods are summarized as follows.

Methods Meaning
setContentType This method sets the Content-Type header and is used by the
majority of servlets.
setContentLength This method sets the Content-Length header, which is useful
if the browser supports persistent (keep-alive) HTTP
connections.
addCookie This method inserts a cookie into the Set-Cookie header.
There is no corresponding setCookie method, since it is
normal to have multiple
Set-Cookie lines.
sendRedirect The sendRedirect method sets the Location header as well as
setting the status code to 302.

1.9.1 HTTP 1.1 Response Headers and their Meaning


The possible HTTP1.1 response headers along with a brief summary of how servlets
can make use of them.
Header Name Meaning
Accept-Ranges tells the client whether or not you accept Range request headers.
Age is used by proxies to indicate how long ago the document was generated
by the original server.
Allow specifies the request methods (GET, POST, etc.)
Cache-Control • the circumstances in which the response document can safely
& Pragma be cached.
• It can have values public, private or no-cache.


Private means document is for a single user and can only be
stored in private caches
• no-cache means document should never be cached.
• response.setHeader("Cache-Control","no-
cache");
• response.setHeader("Pragma", "no-cache");
Connection instructs the browser whether to use persistent in HTTP connections or
not. Connec I ion : keep—al ive
Content-Encoding indicates the way in which the page was encoded during transmission.
Content- This header signifies the language in which the document is written.
Language Example: en, en-us, ru, etc.
Content-Length indicates the number of bytes in the response.
Content-Location supplies an alternative address for the requested
document. Content-Location is informational;
Content-Range is sent with partial-document responses and specifies how much of the
total document was sent
Content-Type • gives the MIME type of the response document.
• The default MIME type for servlets is text/plain

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 21


Module-1 Servlets 16MCA41

Example: application/zip:- Zip


archive image/gif:- GIF
image text/html:- HTML
document
video/mpeg:- MPEG video clip
Date specifies the current date in GMT format.
Example: re spon se . se U He ader ( "Date ", " ... ") ;
ETag gives names to returned documents so that they can be referred to by the
client later
Expires • The time at which document should be considered out-of-date
and thus should no longer be cached.
• Use setDateHeader() to set this header
Example:
long currentTime System.currentTimeMillis()
long tenMinutes = l0*60*1000; // In
milliseconds response.setDateHeader("Expires",
currentTime
+tenMinutes);
Last-Modified When time document was last changed.
Location should be included with all responses that have a status code in the 300s.
The URL to which browser should reconnect. Use sendRedirect instead of
setting this directly
Refresh The number of seconds until browser should reload page. Can also
include URL to connect to.
response.setIntHeader("Refresh", 30)
response.setHeader("Refresh","5; URL=http://host/path")
Set-Cookie This header specifies a cookie associated with the page.
Server, Retry —After, Trailer, Transfer- Encoding, WWW-Authenticate

1.10 Handling Cookies


• Cookies are small bits of textual information that a web server sends to a browser
and that browser returns unchanged when later visiting the same website or
domain.
• Cookies are text files stored on the client computer and they are kept for various
information tracking purpose.
• Java Servlets transparently supports HTTP cookies.

1.10.1 Benefits of cookies


• Four typical ways in which cookies can add the value

S Identifying a user during an e-commerce


O By default, each request is considered as a new request. In cookies
technique, we add cookie with response from the servlet. So cookie is stored
in the cache of the browser. After that if request is sent by the user, cookie
is added with request by default. Thus, we identify the user as the old user.

H Avoiding username and password


o Many large sites require you to register in order to use their services, but it
is inconvenient to remember and enter the username and password each time
you visit. Cookies are a good alternative for low-security sites. When a user
registers, a cookie containing a unique user ID is sent to him. When the
client reconnects at a later date, the user ID is returned, the server looks
Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 22
Module-1 Servlets 16MCA41
it up,

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 23


Module-1 Servlets 16MCA41

determines it belongs to a registered user, and permits access without an explicit


username and password.

H Customizing a site
o Many “portal” sites let you customize the look of the main page. They might
let you pick which weather report you want to see, what stock and sports
results you care about, how search results should be displayed, and so
forth. Since it would be inconvenient for you to have to set up your page
each time you visit their site, they use cookies to remember what you
wanted. For simple settings, this customization could be accomplished by
storing the page settings directly in the cookies.

S Focusing advertising
o Most advertiser-funded Web sites charge their advertisers much more for
displaying “directed” ads than “random” ads. Advertisers are generally
willing to pay much more to have their ads shown to people that are known
to have some interest in the general product category. For example, if you go
to a search engine and do a search on “Java Servlets,” the search site can
charge an advertiser much more for showing you an ad for a servlet
development environment than for an ad for an on-line travel agent
specializing in Indonesia.

1.10.2 Problems with cookies


• Cookies are not a serious security threat
o they can present a significant threat to privacy
• Cookies are never interpreted or executed in any way and thus cannot be used to
insert viruses or attack your system.
• Since browsers generally only accept 20 cookies per site and 300 cookies total and
since each cookie can be limited to 4 kilobytes, cookies cannot be used to fill up
someone's disk or launch other denial of service attacks.
• Problems•
o First, Some people don't like the fact that search engines can remember that
they're the user who usually does searches on certain topics. Example:
search for job openings or sensitive health data and don't want some banner
ad tipping off their coworkers next time they do a search.
o Second, privacy problem occurs when sites rely on cookies for overly
sensitive data. For example, some of the big on-line bookstores use cookies to
remember users and let you order without reentering much of your personal
information.

1.10.3 Cookie API

Creating Cookie
• Call the Cookie constructor with a cookie name and a cookie value, both of which are

• javax.servlet.http.Cookie class provides the functionality of using cookies.


• Constructor of cookie class
Constructors Description
Cookie( ) Construct cookie
Cookie(String name, String value) Constructs a cookie with a specified name
and value

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 24


Module-1 Servlets 16MCA41

• Syntax:
Cookie obj_name = new Cookie(“name”,
“value”);
• Neither the name nor the value should contain white space or any of the
following characters: [ ] ( ) = , " / ? @ : ;

Cookie Attribute
• Before adding the cookie to the outgoing headers, you can set various characteristics
of the cookie by using one of the following
o setXxr methods, where lxx is the name of the attribute you want to specify.
o getYxx method to retrieve the attribute value.

Methods NameDescription
public String getComment( ) These methods look up or specify a comment
associated with the cookie. The comment is
public void setComment(String used purely for informational purposes on the
comment) server; it
is not sent to the client
public String getDomain( ) These methods get or set the domain to which the
public void setDomain(String cookie applies. the browser only returns cookies
domainPattern) to the exact same hostname that sent them.
public int getMaxAge( ) These methods tell how much time (in
seconds) should elapse before the cookie
public void setMaxAge(int lifetime) expires.
A negative value, which is the default,
indicates that the cookie will last only for the
current session and will not be stored on disk.
Specifying a value of 0 instructs the browser to
delete the cookie.
public String getName( ) This pair of methods gets or sets the name of the
public void setName(String cookie. The name and the value are the two pieces
cookieName) you virtually always care about.
public String getPath( ) These methods get or set the path to which the
public void setPath(String path) cookie applies. If you don't specify a path, the
browser returns the cookie only to URLs in or
below the directory containing the page that sent
the cookie.
public boolean getsecure( ) This pair of methods gets or sets the Boolean
public void setSecure(boolean value indicating whether the cookie should
secureFIag) only be sent over encrypted (i.e., SSL)
connections. The default is false; the cookie
should apply to all
connections.
public String getValue( ) The getValue method looks up the value
public void setValue(String associated with the cookie; The setValue method
cookieVaIue) specifies it.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 25


Module-1 Servlets 16MCA41
public int getVersion( ) These methods get/set the cookie protocol version
public void setVersion(int version) the cookie complies with. Version 0, the default,

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 26


Module-1 Servlets 16MCA41

follows the original Netscape specification


Version 1, not yet widely supported

Creating cookie and placing in response headers

Cookie usercookie =new Cookie("user","1231");//creating cookie object


usercookie.setMaxAge(60*60*24*365); //setting for 1 year
response.addCookie(ck); Cladding cookie in the response

Reading cookies from the client


• getCookies used to read the cookies.
o This call returns an array of Cookie objects corresponding to the values
that came in on the Cookie HTTP request header
o Returns null if there are no cookies

Cookie[ ] cookies = request.getCookies();

• Now you can iterate through the array of cookies and find the cookies you need.
Unfortunately there is no way to obtain a cookie with a specific name. The only way
to find that cookie again is to iterate the Cookie[ ] array and check each cookie name.
Here is an example:

Cookie[ ] cookies = request.getCookies( );


for(int i=0,i<ck.length,i++){
out.print("<br>"+ck[i].getName()+" "+ck[i].getValue()),

Removing Cookies
• The simple code to delete cookie

.Cookie ck=new Cookie("user","");//deleting value of cookie


.ck.setMaxAge(0);//changing the maximum age to 0 seconds
response.addCookie(Ck);//adding cookie in the response

1.10. 4 Examples of setting and Reading Cookies


index.html
<form method="post" action="MyServlet"> Name:<input type="text" name="user"
Password:<input type="text" name="pass" ><br/>
<input type="submit" value="submit">
</form>

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 27


Module-1 Servlets 16MCA41

MyServIet.java

import java.io.*:
import javax.servlet.*:
import javax.servlet.http.*;

public class MyServlet extends HttpServlet {

protected void doPost(HttpServletRequest request,


HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String name = request.getParameter("user");
String pass =

request.getParameter("pass");

if(pass.equals("1234"))

Cookie ck = new Cookie("username",name):


response.addCookie(ck);
response.sendRedirect("First");

First.java
First.java

import java.io.*; import javax.servlet.*;


import javax.servlet.http.*;
public class First extends HttpServlet { protected void doGet(HttpServletReque
HttpServletResponse response)
throws ServletException, IOException { response.setContentType("text/html;char

Cookie[] cks = request.getCookies(); out.println("Welcome "+cks[0].getValue())

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 28


Module-1 Servlets 16MCA41

1.10.5 Basic Cookie Utilities

Finding Cookies with specified names


• Simplifies the retrieval of a cookie or cookie value, given a cookie name. The
getCookieValue method loops through the array of available Cookie objects,
returning the value of any Cookie whose name matches the input. If there is no
match, the designated default value is returned.

import javax.servlet.*; import javax.servlet.http.*;


public class ServletUtilities extends HttpServlet {

public static String getCookieValue(Cookie[] cookies,


String cookieName, String defaultValue) {
for(int i=0; i<cookies.length; i++) { Cookie cookie = cookies[i];
if (cookieName.equals(cookie.getName())) return(cookie.getValue());
return(defaultValue):

public static Cookie getCookie(Cookie[] cookies,


String cookieName) { for(int i=0; i<cookies.length: i++) {
Cookie cookie = cookies[i]r’
if (cookieName.equals(cookie.getName())) return(cookie);

return(null);

1.11 Session
• Session: interval of time
• Session Tracking is a way to maintain state (data) of an user
1.11.1 Session Tracking
• We all know that HTTP is a stateless protocol. All requests and responses are
independent. But sometimes you need to keep track of client's activity across
multiple requests. For eg. When a User logs into your website, not matter on which
web page he visits after logging in, his credentials will be with the server, until he
logs out. So this is managed by creating a session.
• Session Management is a mechanism used by the Web container to store session
information for a particular user.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 29


Module-1 Servlets 16MCA41

• There are four different techniques used by Servlet application for session
management. They are as follows:
1. Cookies
2. URL-rewriting
3. Hidden form fields
4. HttpSession
Cookies
• Cookies are small pieces of information that are sent in response from the web
server to the client.
• Cookies are stored on client's computer. They have a lifespan and are destroyed by
the client browser at the end of that lifespan.
• Advantage of cookie
o Simplest technique of maintaining the state
o Cookies are maintained at client side.
• Disadvantage
o It will not work if cookie is disabled from the browser.
o Only textual information can be set in Cookie object
URL-rewriting

• If the client has disabled cookies in the browser then session management using
cookie wont work. In that case URL Rewriting can be used as a backup. URL
rewriting will always work.
• In URL rewriting, a token(parameter) is added at the end of the URL. The token
consist of name/value pair separated by an equal(=) sign.

• When the User clicks on the URL having parameters, the request goes to the Web
Container with extra bit of information at the end of URL. The Web Container
will fetch the extra part of the requested URL and use it for session management.
• getParameter()

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 30


Module-1 Servlets 16MCA41

• Advantage of URL-Rewriting
O It will always work whether cookie is disabled or not (browser
independent). O Extra form submission is not required on each pages.
• Disadvantage of URL-Rewriting
O It will work only with links.
O It can send Only textual information.

URL ;jsessionid=1234567

Hidden form fields

• Hidden form field can also be used to store session information for a particular client.
• User information is stored in hidden field value and retrieved from another servlet.
<INPUT TYPE="HIDDEN" NAME="session" VALUE="...">

• Advantage
O Does not have to depend on browser whether the cookie is disabled or not.
O Inserting a simple HTML Input field of type hidden is required. Hence, its
easier to implement.
• Disadvantage
o Extra form submission is required on every page. This is a big overhead.

HttpSession
• Servlets provide an outstanding technical solution: the HttpSession API.
• This high-level interface is built on top of cookies or URL-rewriting

1.11.2 The Session Tracking API


• Using sessions in servlets is straightforward and involves looking up the session
object associated with the current request, creating a new session object when
necessary, looking up information associated with a session, storing information in a
session, and discarding completed or abandoned sessions.
• HttpSession object is used to store entire session with a specific client. We can
store, retrieve and remove attribute from HttpSession object.
servlet ave a ess to Htt Se on object throughout
getsession()

• Creating a new session

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 31


Module-1 Servlets 16MCA41

Creating a new session


HttpSession session =request.getSession();
// getsession() method returns a session. If the session already exists, it returns
the existing session else create a new session

HttpSession session = request.getSession(true);


// getsession(true) always returns new session

Getting a pre-esisting session


HttpSession session = request.getSession(false);
//getSession(faIse)will check existence of session.I * session exists, then it
returns the reference of that session object, if not, this methods will return null
Destroying a session
session.invalidate( ); //deshoyasesson

The methods available in HttpSession class

1 public Object getValue(String name)


public Object getAttribute(String name)

These methods extract a previously stored value from a session object. They return
null if there is no value associated with the given name. gerArt.ribut.e is preferred
and qetValue is deprecated.
2 public void putValue(String name, Object value)
public void setAttribute(String name, Object value)

These methods associate a value with a name. Use puLVal ue with servlets and either
s e CAT fri ibufie (preferred) or putVa lue (deprecated) with version 2.2 servlets.
3 public void removeVaIue(String name)
public void removeAttribute(String name)

These methods remove any values associated with the designated name. If the value
being removed implements HLLpSe s s i onBi ndi nqLi s tener, its value
Unbound method is called.
4 public String[] getValueNames()
public Enumeration getAttributeNames0

These methods return the names of all attributes in the session. Use qe tValueName s
in version 2.1 of the servlet specification. In version 2.2, qe LVa1ueName s is
supported but deprecated; use qeLAt Ir ibuteNames instead.
5 public String getId

This method returns the unique identifier generated for each session. It is sometimes
used as the key name when only a single value is associated with a session, or when
information about sessions is being logged.
public boolean isNew()

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 32


Module-1 Servlets 16MCA41

This method returns true if the client (browser) has never seen the session, usually
because it was just created rather than being referenced by an incoming client request.
It returns false for preexisting sessions.
7 public long getCreationTime0

This method returns the time in milliseconds since midnight, January 1,1970 (GMT) at
which the session was first built. To get a value useful for printing out, pass the value
to the Dafie constructor or the s efi Time I nMi11 i s method of Gre gor i anCalendar.
8 public long getLastAccessedTime()

This method returns the time in milliseconds since midnight, Januaryl970 (GMT) at
which the session was last sent from the client.
public int getMaxInactiveInterval()
public void setMaxInactiveInterval(int seconds)

These methods get or set the amount of time, in seconds, that a session should go
without access before being automatically invalidated. A negative value indicates
that the
session should never time out.

Example for creating session

Index.html
<html>
<head>
<title>TODO supply a title</title> </head>
<body>
<form method="post" action="Validate">
<h3>User: <input type="text" name="user" /></h3>
<h3> Password: <input type="password" name="pass"></h3>
<input type="submit" value="submit">

</body>
</html>

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 33


Module-1 Servlets 16MCA41

Validate.java
public class Validate extends HttpServlet (
protected void doPost(HttpServletRequest request, HttpServletResponse respons
throws ServletException, IOException { response.setContentType("text/html;cha

String name = request.getParameter("user"); String pass = request.getParamete

if(pass.equals("1234"))

//creating a session
HttpSession session = request.getSession(); session.setAttribute("user", nam

Welcome.java
public class Welcome extends HttpServlet {

protected void doGet(HttpServletRequest request, HttpServletResponse response)t

response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.


HttpSession session = request.getSession();
String user(String)session.getAttribute("user"); out.println("Hello "+user);

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 34


Module-1 Servlets 16MCA41

1.12 Overview of JSP: JSP Technology


• JSP technology is used to create dynamic web applications. JSP pages are easier to
maintain then a Servlet.
• JSP pages are opposite of Servlets as a servlet adds HTML code inside Java code,
while JSP adds Java code inside HTML using JSP tags.
• JSP enables us to write HTML pages containing tags, inside which we can include
powerful Java programs.
• JSP pages are converted into Servlet by the Web Container. The Container
translates a JSP page into servlet class source(.java) file and then compiles into a
Java Servlet

• There are three main types of JSP constructs that you embed in a page:
o scripting elements
o directives
o actions
1.12.1 lifecycle of JSP
JSP pages are saved with .jsp extension which lets the server know that this is a JSP page and
needs to go through JSP life cycle stages.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 35


Module-1 Servlets 16MCA41

1.13 Need of JSP


• JSP provides an easier way to code dynamic web pages.
• JSP does not require additional files like, java class files, web.xml etc
• Any change in the JSP code is handled by Web Container (Application server like
tomcat), and doesn't require re-compilation.
• JSP pages can be directly accessed, and web.xml mapping is not required like in
servlets.

1.14 Advantages of JSP


• Extension to Servlet
o JSP technology is the extension to servlet technology. We can use all the
features of servlet in JSP. In addition to, we can use implicit objects,
predefined tags, expression language and Custom tags in JSP, that makes JSP
development

• Easy to maintain
o JSP can be easily managed because we can easily separate our business
logic with presentation logic. In servlet technology, we mix our business
logic with the presentation logic.
• Fast Development: No need to recompile and redeploy
o If JSP page is modified, we don't need to recompile and redeploy the
project. The servlet code needs to be updated and recompiled if we have to
change the look and feel of the application.
• Less code than Servlet
o In JSP, we can use a lot of tags such as action tags, jstl, custom tags etc.
that reduces the code. Moreover, we can use EL, implicit objects etc

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 36


Module-1 Servlets 16MCA41

i. 1s Basic syntax
There are four different types of elements you can use in JSP.

• Scripting elements
• Comments
• Directives
• Actions
Scripting elements

There are three types of scripting elements in JSP


o Scriptlets - A scriptlet tag is used to execute java source code in JSP.
• General form:
<% java source code %>

• Example:

<body>
<% out.print("welcome to jsp"); %>
</body>
x/htmlx

O to declare fields and method•!


• General form:

<%! field or method declaration %>

• Example

<html>
<body>
<%! int data=50 %>
</body>
</html>

O Expressions—Contains a Java expression that the server evaluates. The


result of the expression is inserted into the Web page.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 37


Module-1 Servlets 16MCA41

• General form:

<%- Java Expression %>

• Example:

Current time: <%= new java.util.Date() %>

• Comments or Template text


o In many cases, a large percentage of your JSP page just consists of static
HTML, known as template text. In almost all respects, this HTML looks just
like normal HTML, follows all the same syntax rules, and is simply “passed
through” to the client by the servlet created to handle the page.
o If you want a comment to appear in the JSP page use the below form

<%-- JSP Comment --%>

• Directives
o JSP directives let you give directions to the server on how a page should
be processed. There are three directives in JSP.
Directive Description
<%@page...%> defines page dependent properties such
as language, session, errorPage etc.
<%@ include.. . defines file to be included.
%>
<%@ taglib.. .%> declares tag library used in the page

• Actions
o The action tags are used to control the flow between pages and to use
Java Bean. The Jsp action tags are given below.
JSP Action Tags Description
jsp:forward forwards the request and response to another resource.
jsp:include includes another resource.
jsp:useBean creates or locates bean object.
jsp:setProperty sets the value of property in bean object.
jsp:getProperty prints the value of property of the bean.
jsp:plugin embeds another components such as applet.
jsp:param sets the parameter value. It is used in forward and include
mostly.
jsp:fa11back can be used to print the message if plugin is working. It is
used in jsp:plugin.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 38


Module-1 Servlets 16MCA41

Extra questions
• Difference between get() and post
HTTPPOST
GET The request contains only Along with request line and header it also
Request the request line and HTTP contains HTTP body.
header
Parameter The form elements are The form elements are passed in the body of
Passing passed to the server by the HTTP request.
appending at the end of the

Size The parameter data is Can send huge amount of data to the server.
limited(the limit depends
on the container)
Usage Generally used to fetch Generally used to process the sent data
some information from
the host.

• sendRedirect
o In case of sendRedirect() method, the request is transferred to another
resource to a different domain or the different server for further processing
o When developers use the sendRedirect(), the web-container transfers the
request to a client or a browser so that the URL given inside
the sendRedirect() method is visible as a new request to the client
o In case of sendRedirect() call, the old request and response object is lost
because it is treated as a new request by the browser
o In browser's address bar, developers are able to see the new redirected address
i.e. it is not transparent
o sendRedirect() is slower as one extra round trip is required i.e. The
complete new request is created and the old request object is lost
o In case of sendRedirect() call, if developers want to store the data they will
do it in a Session object or pass it along the value with the URL

• sendError

versions of the s eridE rror ( ) method:


• one that takes an ink parameter representing the HTTP
response code (such as 5oo), and the other taking an ink
parameter and

error page is not configured for that particular response code.

Prepared By: Rajatha S, AP Dept. Of MCA, RNSIT 39

You might also like