import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
/**
* This servlet retrieves a variable named 'login' from Session and checks if it
* has the specific value 'login is correct'.
* By this way the servlet detects user's direct access.
*
* @author Sofoklis Stouraitis
*/
public class ServletB extends HttpServlet {
/*
* Define the variable session here in order to be visible from both doGet
* and checkSessionVariable methods.
*/
private HttpSession session;
/**
* Handles HTTP GET requests.
*
* @param request
* the request object
* @param response
* the response object
*
* @throws IOException
* if an input or output error is detected when the servlet
* handles the GET request
* @throws ServletException
* if the request for the GET could not be handled
*/
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
response.setContentType("text/html; charset=ISO-8859-7");
PrintWriter out = new PrintWriter(response.getWriter(), true);
/*
* Enable Session
*/
session = request.getSession(true);
try {
out.println("<html>");
out.println("<head>");
out.println("<Meta Http-Equiv='Content-Type' Content='text/html; Charset=windows-1253'>");
out.println("<title>AddDataToSessionServlet</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>ServletB is running...</h1>");
if (!checkSessionVariable()) {
out.println("<br><b><font size='4' color='##FF0000'>Κακόβουλη παρέμβαση!<br>");
out.println("<br>H έισοδος δεν πραγματοποιήθηκε μέσο στου ServletA!!!</font><b>");
return;
}
out.println("<br><font size='4' color='#009933'><b>Η είσοδος μέσο του ServletA έγινε κανονικά!</b></font>");
out.println("</body>");
out.println("</html>");
} catch (Exception ex) {
out.println("Exception: " + ex.getMessage());
out.println("</body>");
out.println("</html>");
}
}
/**
* Checks variable 'login' in Session. Note: If variable 'login' does not
* exist in Session then a NullPointerException will be thrown.
*
* @return boolean, true if in Session there is a variable named 'login'
* with value 'login is correct', false otherwise.
*/
private boolean checkSessionVariable() {
try {
String loginStatus = session.getAttribute("login").toString();
if (loginStatus.equals("login is correct"))
return true;
else
return false;
} catch (NullPointerException e) {
return false;
}
}
}// End of class
|