/* * AccessServlet.java - a sample servlet for "member.access" version 2.0. * John Neffenger */ package COM.volano; import java.io.*; import java.net.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; /** * This servlet verifies a member name and password using the original 2.0 * format of the "member.access" script. * * @version 30 April 1999 * @author John Neffenger */ public class AccessServlet extends HttpServlet { protected static final String TRUE = ""; protected static final String FALSE = ""; protected static final String ERROR = ""; protected static final String SUFFIX = ""; protected static final int PASSWORD = 0; // Password array index protected static final int PROFILE = 1; // Profile array index protected static final int DOCUMENT = 2; // Document array index protected static Hashtable database; // Acts as a member database /** * Returns a string containing information about the servlet, such as its * author, version, and copyright. * * @return the servlet information string. */ public String getServletInfo() { return getClass().getName() + " 1.0 (http://www.volano.com/)"; } /** * Called once by the network service each time it loads this servlet. This * method is guaranteed to finish before any service requests are accepted. * * @param config the servlet configuration information. * @exception javax.servlet.ServletException if a servlet error occurs. * @exception java.io.IOException if an I/O error occurs. */ public synchronized void init(ServletConfig config) throws ServletException { super.init(config); // To store servlet configuration if (database == null) { // Do this once among all subclasses // Here is where you would open up a connection to a real database. We // use a simple in-memory database here as an example. String[][] members = // Here's our hard-coded database. {{"password1", "This is the profile for Member #1.", "http://www.volano.com/~member1/"}, {"password2", "This is the profile for Member #2.", null}, {"password3", "This is the profile for Member #3.", "http://www.volano.com/~member3/"}, {"password4", "This is the profile for Member #4.", null}, {"password5", "This is the profile for Member #5.", "http://www.volano.com/~member5/"}}; database = new Properties(); for (int i = 0; i < members.length; i++) database.put("member" + (i + 1), members[i]); } } /** * Called when an HTTP GET request is received for this servlet. * * @param req encapsulates the request to the servlet. * @param res encapsulates the response from the servlet. * @exception javax.servlet.ServletException if a servlet error occurs. * @exception java.io.IOException if an I/O error occurs. */ public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { res.setContentType("text/plain"); ServletOutputStream out = res.getOutputStream(); String name = req.getParameter("name"); if (name == null || name.length() == 0) { out.println(ERROR); // No name given out.println("Missing \"name\" parameter"); } else { String password = req.getParameter("password"); if (password == null || password.length() == 0) { out.println(ERROR); // No password given out.println("Missing \"password\" parameter"); } else { // Here is where you would do a lookup in the real database. We simply // access the in-memory database as an example here. String memberName = URLEncoder.encode(name.toLowerCase()); String[] memberValue = (String[]) database.get(memberName); if (memberValue != null && password.equals(memberValue[PASSWORD])) { out.println(TRUE); // Access granted out.println(memberValue[PROFILE]); // Add member profile string } else out.println(FALSE); // Not a member or bad password } } out.println(SUFFIX); } }