• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Application flow

 
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello ranchers,

I'm trying to develop a simple application with Servlet and JSP. I'm using a controller approach, like FrontMan.

Let's say my first action is "/login.do". My ControllerServlet will call LoginCommand which will handle all business logic and forward the request to my search page. So, what is the better way here? Should I use forward command along with my page's URI, like this:


Right now my application is implemented like that, but I'm not sure if I'm in the right track.

Also, I want to know how to "remove" the command from the URI when doing a forward like above.
 
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm not too sure what 'command' you mean?

Do you mean passing the jsp page as a request parameter ? This is not a good idea, since it can easily be manipulated and result in weird outputs and also security leaks.
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Eduardo Bueno wrote:Right now my application is implemented like that, but I'm not sure if I'm in the right track.



Whether to forward or redirect depends on whether the command that was executed is idempotent or not. For example, you don;t want to forward after a delete operation because hitting the refresh button will re-execute the delete command.

Take a look at this article paying particular attention to the PRG pattern explanation.

Also, I want to know how to "remove" the command from the URI when doing a forward like above.


You don't. Whatever the most recent URI that was sent by the browser is what will appear in the address bar. Trying to change it is useless. Rather, adhere to PRG as described in the article so that there are never any hanging time bombs in the displayed URI.
 
Ranch Hand
Posts: 1374
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Eduardo Bueno wrote: Should I use forward command along with my page's URI, like this:


You can pass various information through various ways one of them is passing command to JSP.

Eduardo Bueno wrote:Also, I want to know how to "remove" the command from the URI when doing a forward like above.




In general, it's standard way to follow MVC Architecture.

(Darn, I am late)
 
Eduardo Bueno
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bear Bibeault wrote:
Whether to forward or redirect depends on whether the command that was executed is idempotent or not. For example, you don;t want to forward after a delete operation because hitting the refresh button will re-execute the delete command.

Take a look at this article paying particular attention to the PRG pattern explanation.

Also, I want to know how to "remove" the command from the URI when doing a forward like above.


You don't. Whatever the most recent URI that was sent by the browser is what will appear in the address bar. Trying to change it is useless. Rather, adhere to PRG as described in the article so that there are never any hanging time bombs in the displayed URI.


I don't get the point at all when reading to your article. In theory it is beautiful, but I'm lost when it comes to practice.

The application starts with Login.jsp page. I enter username and password, Spring security validates it and then redirect to the URI I desire if no errors occur. This URI is set to "Login.do", so it will go by my Controller (which is mapped with "*.do"). The way I am discerning commands is using request.getServletPath(). This first time, "Login.do", will insert the user as an attribute in the session and forward to "Search.do", so it goes again by my Controller, this time doing the SearchCommand business logic, which then forwards to the JSP page.

Note that I didn't use any redirect here, since there is no state change, just data fetching.
My problem is now when the JSP has already shown the data to the user: any submit that is done will again execute the login command, because the URI is set to "MyProject/Login.do".

My conclusion is that using request.getServletPath() to discern between commands is not a good approach. So, does anyone have a good recommendation?
 
Vikas Kapoor
Ranch Hand
Posts: 1374
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ok so you are using Spring MVC.
Which controller you are using?

My conclusion is that using request.getServletPath() to discern between commands is not a good approach. So, does anyone have a good recommendation?

I am also using Spring and I have never faced this problem. You can bind command to your controller i.e. your request.

Note that I didn't use any redirect here, since there is no state change, just data fetching.
My problem is now when the JSP has already shown the data to the user: any submit that is done will again execute the login command, because the URI is set to "MyProject/Login.do".


How come it will execute login controller again? It will execute the controller based on the mapping and the "string" that you have specified in action attribute of form tag. But by 'Submit' if you are referring the page refresh (through browser) then yes it will execute login controller again. To avoid that and to change the URI you can redirect to home page after successful login and map to home controller with mapping like home.do.

Is this what you are asking?
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If Login.do will re-execute an undesirable action, it should never be the end point of the request.
 
Eduardo Bueno
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm not using Spring MVC, where did you take that from? I said I'm using Spring security, these are totally different things.

Please read the post carefully, you are making it really confuse. It will execute login command again, not controller; the controller is always the same. This happens because the URI is MyProject/Login.do, the one Spring security redirected to after validating the login, and the one I desire changing because the forward command is not able to do it.

Bear Bibeault wrote:If Login.do will re-execute an undesirable action, it should never be the end point of the request.


The problem is Login.do will be called by Spring security, and I'm almost sure this is a redirect because it changes the browser's URI. So, should I redirect to Search.do (the home page) after my business logic in LoginCommand? If I do this I will lose every request scope attribute that I need in SearchCommand.
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Eduardo Bueno wrote:So, should I redirect to Search.do (the home page) after my business logic in LoginCommand?


Yes. That breaks the request chain so that a refresh can not call up the previous, undesirable action.

If I do this I will lose every request scope attribute that I need in SearchCommand.


Then they are being set in the wrong place. They should be set in what action serves as the page controller for the search page, which should be the target of the redirect.

What do the search scoped variables have to do with login? Nothing. The logic for search should not be closely coupled with that of login.
 
Eduardo Bueno
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Bear and others for the answers, I got the point.
reply
    Bookmark Topic Watch Topic
  • New Topic