This web application allows different users to perform addition and multiplication, respectively, on two positive arguments. User can login at the URL pattern /login. The username and password for addition is “add” and “addpw”; while the username and password for multiplication is “multiply” and “multiplypw”.
Question 1 (25 marks)
• When a user’s login attempt is unsuccessful, he will be redirected to login page and a login error message will be shown. Yet the given JSP page login_form.jsp fails to show the error message. Explain the problem and correct the code in the web application. [4 marks]
• Suppose the web application is deployed at http://www.exam.org/Exam/. Two users, each using a single web browser, access the web application with different actions. The following table shows the web container events at each time, including
• NewThread: This event indicates that a new thread is created in the web container.
• NewSession: This indicates a new session object is created in the web container.
• New(name): This indicates that a new instance of the Servlet class name is created. E.g., New(LoginServlet) indicates a new instance of LoginServlet is created.
Complete all the table rows. [12 marks]
Time
Action
Web container events
1
The web application is deployed at http://www.exam.org/Exam/.
2
User 1 accesses http://www.exam.org/Exam/login.
3
User 1 logins the account “add” unsuccessfully.
4
User 2 accesses http://www.exam.org/Exam/login.
5
User 2 logins the account “multiply” successfully.
6
User 2 presses the Submit button of the HTML form.
7
User 1 logins the account “add” successfully.
8
User 2 presses the Submit button of the HTML form.
9
The server of http://www.exam.org is shut down.
• The user can perform addition and multiplication by directly accessing the corresponding URLs. To rectify this problem, the web application can keep track of the username of the login user using an attribute. Decide whether the username (a String object) should be kept as a request attribute, session attribute, or context attribute. Justify your choice. [4 marks]
• Modify LoginServlet.java, AdditionServlet.java, MultiplicationServlet.java
such that users must login with the correct account to perform addition / multiplication [5 marks].
Question 2 (25 marks)
A new function to keep track of the login attempts by all users will be added.
• Decide whether the login attempt history (a Vector
• For the new function, add a new Servlet HistoryServlet.java with the URL pattern
/history and a JSP page history.jsp to display the login attempts, as shown below. You also need to modify LoginServlet.java. [20 marks]
If there are no login attempts: If some users attempted to login:
Question 3 (10 marks)
Add a single filter NumberFilter.java which filters requests to the URL patterns /add and /multiply. It checks the two user-specified arguments arg1 and arg2. If any one of them is not a positive number (i.e., it is a non-positive number or not a number), it redirects the user to input again in the corresponding HTML form.
Hint: For URL redirect, you may use the getRequestURL method of the HTTPServletRequest object and the sendRedirect method of the HTTPServletResponse object.
Question 4 (10 marks)
• Identify whether MVC Model 1 or MVC Model 2 is used in the web application. Justify your answer. [6 marks]
• For this web application, discuss which one is the most suitable model out of MVC Model 1 and MVC Model 2. Justify your choice. [4 marks]