Home

Web Applications with Java/JSP

Issue 197

From Issue #197
September 2010

Nov 01, 2010  By Christopher Schultz
 in
Linux's history as an enthusiast's playground has always made it a fun place to work for programmers. Combine the fun of Linux with the power of Java and JSP, and quickly build secure multi-tier Web applications using the latest technologies.

Listing 6. SaveTaskServlet.java

    public Task save(Task task)
        throws SQLException
    {
        Connection conn = null;
        PreparedStatement ps = null;
        ResultSet rs = null;

        try
        {
            conn = getConnection();

            if(null == task.getId())
            {
                // A new task
                ps = conn.prepareStatement(
                         "INSERT INTO
                              task (owner, date, client_id,
                                    description, duration)
                              VALUES (?,?,?,?,?)",
                         PreparedStatement.RETURN_GENERATED_KEYS);

                ps.setString(1,  task.getOwner());
                ps.setTimestamp(2, new Timestamp(
                                           task.getDate().getTime()));
                ps.setInt(3, task.getClientId());
                ps.setString(4, task.getDescription());
                ps.setInt(5, task.getDuration());

                ps.executeUpdate();

                rs = ps.getGeneratedKeys();

                if(!rs.next())
                    throw new SQLException(
                        "Expected auto-generated key, got none");

                int taskId = rs.getInt(1);

                if(rs.wasNull())
                    throw new SQLException(
                        "Got bogus auto-generated key");

                task = new Task(taskId,
                                task.getOwner(),
                                task.getDate(),
                                task.getClientId(),
                                task.getDescription(),
                                task.getDuration());
            }
            else
            {
                ps = conn.prepareStatement(
                         "UPDATE task SET date=?, client_id=?,
                                          description=?, duration=?
                             WHERE id=? AND owner=?");

                ps.setTimestamp(1, new Timestamp(
                                           task.getDate().getTime()));
                ps.setInt(2, task.getClientId());
                ps.setString(3, task.getDescription());
                ps.setInt(4, task.getDuration());
                ps.setInt(5, task.getId());
                ps.setString(6, task.getOwner());

                ps.executeUpdate();
            }

            return task;
        }
        finally
        {
            close(conn, ps, rs);
        }
    }

First, this method obtains a connection from a database connection pool and then determines if the Task is being created from scratch or updated (although our UI doesn't offer an “update” method yet, this class has been designed to allow updates). In each case, a parameterized SQL statement is prepared and then filled with data passed in from the calling code. Then, the statement is executed to write to the database, and a new object is passed back to the caller. In the case of a new task, the database-generated primary key is fetched from the statement after execution in order to pass it back to the caller.

Under normal circumstances, methods such as “save” would be split out into a separate class for easier organization, testing and architectural separation, but I've left them in the servlet classes for simplicity.

The example's full source code and prebuilt WAR file are available from the Linux Journal FTP server (see Resources), and I encourage you to download it and play around with it. I've also included quick installation instructions for Java and the Apache Tomcat servlet container, which will be required to run the example application.

Java and Model-View-Controller Architecture

Often, Perl and PHP-based Web applications are composed of self-contained scripts that perform one task: loading and displaying tasks, for instance. This kind of thing is entirely possible using nothing but JSPs. There are tag libraries that perform SQL queries, and you even can write Java code directly into a JSP, although I haven't covered it here because it's not necessary with the rich tools provided by the JSTL. On the other hand, there are some philosophical and practical reasons not to stuff everything into a single JSP. Most (Java) programmers subscribe to the “model-view-controller” architecture, where code is separated into logical units that model your problem domain (that would be the Task and Client objects in our example), provide views of your data (that's our JSPs) and control program flow (the servlets). This architectural separation actually leads to quite a few practical benefits, including:

  1. Easier code maintenance: separation promotes code re-use and simplifies automated testing.

  2. Error handling: if the controller is the only likely component to fail (due to bad input, db connection failure and so on), you don't have to worry about the view component failing during rendering, ruining your output.

Most Java projects are going to be split up in this way, so I wrote my example to illustrate this architecture, and I hope you consider using this architecture in your Java projects too.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Helpful article.

Raymond's picture
Submitted by Raymond (not verified) on Wed, 12/15/2010 - 17:42.

Thank you for bringing greater clarity to the Java Web world.

Cool article! Very insghtful.

Barbara's picture
Submitted by Barbara (not verified) on Wed, 12/15/2010 - 16:03.

This is an insightful article that expands horizons for Java users!

Webcast
More Resources
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers

Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions