Utilizing Servlets for Web Applications - Java Programming: Comprehensive Concepts and Techniques - page 826

Java Reference

In-Depth Information

Figure 12-42 displays lines 533 through 545 of the WebStocks servlet code.

The delStock() method obtains the user ID from the session attribute, userID.

The symbol for the stock to be deleted is obtained from a parameter set by a

form on the requesting Web page. The StockTrackerDB object contains a

method, delUserStocks(), to delete a stock for a user. The method requires that

the caller supply a user ID and a stock symbol. Because this method belongs to

the StockTrackerDB object and can update the database, the method call is

placed within a block of code synchronized on the StockTrackerDB object. If no

exception is thrown, then the call was successful and the session attributes, stocks

and forwardTo, are set accordingly.

FIGURE 12-42

Figure 12-43 displays lines 546 through 575 of the WebStocks servlet code.

The chgPswd() method obtains the new password from a parameter value on

line 550, as the user entered this value as input to a form. The current password

and user ID values are obtained from session attributes rather than parameters,

requiring that the user be successfully logged on to the application, at least to the

point of identifying a valid user ID and password, before changing the current

password. At the present time, this method is called only when the user's pass-

word has expired, and so the session attribute indicating an expired password

now must be removed (lines 555 and 556). Recall that a Password object exists as

part of a User object, reflecting the “has-a” relationship between the User and

Password classes. Changing a user's password must be done by calling the User

method, changePassword(), requiring a User object. A User object is obtained

from data in the database for the current userID (line 560), the User's password

value is changed to the new password value (line 561), and the database is

updated with the new user data (line 562). Because these statements access and

update the database in succession, they are placed within a code block synchro-

nized on the StockTrackerDB object. A session attribute is set to forward the

request and result to the proper JSP for display to the user (line 565).

Because an exception forces a user to change an expiring password when

first logging on to the application, the remaining session attributes were not set

and now must be set to complete the log on process (lines 567 through 573).

Next Page

Java Programming: Comprehensive Concepts and Techniques

Search WWH ::

Custom Search

Home