SlideShare a Scribd company logo

Hands-On Java web passando por Servlets, JSP, JSTL, JDBC, Hibernate, DAO, MVC, etc

Mario Jorge Pereira
Mario Jorge Pereira

Material sobre Java WEB super mão na massa. Vou construindo e alterando uma aplicação durante a apresentação os assuntos cobertos são: Java Servlet Java Server Pages - JSP JavaServer Pages Standard Tag Library - JSTL Expression Language - EL Java Database Connectivity - JDBC Data Access Object - DAO Model View Controller - MVC Hibernate ... Apresento também formas de fugir do sqlinjection

EducationTechnology
1 of 47
Download to read offline
MVC/DAO JSP/JSTL/EL JDBC/ORM
java web Mario Jorge Pereira
14 20 13 20 12 20 11 20 10 20 09 20 08 20 07 20 06 20 05 20 04 20 03 20 02 20
Agenda • Java Servlet • Java Server Pages - JSP • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL • Java Database Connectivity - JDBC • Data Access Object - DAO • Model View Controller - MVC • Hibernate
JSP
i g lo p js . n versão 1.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“home.jsp"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> </body> </html>
p js . e versão 1.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("login")%> </body> </html>
Servlet
Autenticador.java versão 2.0 package br.com.mariojp; ! import import import import ! java.io.*; javax.servlet.*; javax.servlet.annotation.*; javax.servlet.http.*; Regra: 
 Se o login igual a senha esta ok! @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String login = request.getParameter("login"); String senha = request.getParameter("senha"); if(login!=null && senha!=null && login.equalsIgnoreCase(senha)){ response.sendRedirect("home.jsp?user="+login); }else{ String erro = "Usuario ou Senha Invalidos!"; response.sendRedirect("login.jsp?erro="+erro); } }
i g lo p js . n versão 2.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = request.getParameter("erro"); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html> Aciona o servlet Apresenta o erro de login
p js . e versão 2.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("user")%> </body> </html>
MVC
U .j io r a u s a v a package br.com.mariojp; ! versão 3.0 public class Usuario { private Integer id; private String login; private String senha; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getLogin() { return login; } public void setNome(String login) { this.login = login; } public String getSenha() { return senha; } public void setSenha(String senha) { this.senha = senha; } }
Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } private boolean autenticar(Usuario user) {...} ! }
Autenticador.java versão 3.0 ! private boolean autenticar(Usuario user) { boolean autenticado = false; if(user.getLogin()!=null && user.getSenha()!=null && user.getLogin().equals(user.getSenha())){ autenticado = true; } return autenticado; }
i g lo p js . n versão 3.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = (String) request.getAttribute(“erro”); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html>
m o h p js . e versão 3.0 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <html> <head> <title>HOME</title> </head> <body> <% Usuario user = (Usuario) session.getAttribute("user");%> Bem vindo, <%=user.getLogin() %> </body> </html>
Revisão Rapida • Java Servlet • Java Server Pages - JSP • Model View Controller - MVC
E agora? • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL
WEB-INFlib • javax-1.servlet.jsp.jstl-1.2.1.jar • javax-1.servlet.jsp.jstl-api-1.2.1.jar
i g lo p js . n versão 3.1 <!DOCTYPE html> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <c:out value="${erro}"/> </body> </html>
m o h p js . e versão 3.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
JDBC
HSQLDB java -cp hsqldb.jar org.hsqldb.server.Server -database.0 file:mydb --dbname.0 banco
HSQL Database Manager ! Type: HSQL Database Engine Server Driver: org.hsqldb.jdbcDriver URL: jdbc:hsqldb:hsql://localhost/banco User: SA
HSQLDB CREATE TABLE USUARIOS ( USUARIO_ID INTEGER IDENTITY, LOGIN varchar(100) NOT NULL , SENHA varchar(100) NOT NULL ) ; ! INSERT INTO USUARIOS ( "LOGIN", "SENHA" ) VALUES ('user', ‘1234’); ! SELECT * FROM USUARIOS;
WEB-INFlib • hsqldb.jar
BancoUtil.java package br.com.mariojp; versão 4.0 ! import java.sql.Connection; import java.sql.DriverManager; ! public class BancoUtil { private static Connection connection; static { try { Class.forName("org.hsqldb.jdbc.JDBCDriver" ); connection = DriverManager.getConnection( "jdbc:hsqldb:hsql://localhost/banco", "SA", ""); } catch (Exception e) { e.printStackTrace(); } } public static Connection getConnection() { return connection; } }
Autenticador.java versão 4.0 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { Statement stmt = con.createStatement(); ResultSet resultSet = stmt.executeQuery( "select * from usuarios where "+ "login='"+user.getLogin().trim()+"' and "+ "senha='"+user.getSenha().trim()+"';" ); if(resultSet.next()){ autenticado = true; } resultSet.close(); stmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
Segurança • Voce consegue acessar o home.jsp? • Pela url • Sql Injection
m o h p js . e versão 4.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> <c:if test="${user.login == null}"> <c:redirect url=“login.jsp" /> </c:if> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
Teste? • Use Login = 123 e Senha = ' or '1' = ‘1 • Use Login = ' OR 1=1 --
Autenticador.java versão 4.1 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where " + "login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
DAO
package br.com.mariojp; versão 5.0 ! import import import import java.sql.Connection; java.sql.PreparedStatement; java.sql.ResultSet; java.sql.SQLException; ! public class UsuarioDAO { ! } public boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; } UsuarioDAO.java
Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { private UsuarioDAO usuarioDAO = new UsuarioDAO(); protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(usuarioDAO.autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } }
Hibernate • Framework de mapeamento objeto relacional
WEB-INFlib • hibernate-core-4.3.0.Final.jar • antlr-2.7.7.jar • dom4j-1.6.1.jar • hibernate-commons-annotations-4.0.4.Final.jar • hibernate-jpa-2.1-api-1.0.0.Final.jar • jandex-1.1.0.Final.jar • javassist-3.18.1-GA.jar • jboss-logging-3.1.3.GA.jar • jboss-logging-annotations-1.2.0.Beta1.jar • jboss-transaction-api_1.2_spec-1.0.0.Final.jar
package br.com.mariojp; versão 6.0 ! import java.io.Serializable; Usuario.java ! import import import import javax.persistence.Entity; javax.persistence.GeneratedValue; javax.persistence.Id; javax.persistence.Table; ! @Entity @Table(name="usuarios") public class Usuario implements Serializable{ private static final long serialVersionUID = 1L; ! @Id @GeneratedValue private Integer id; ! } private String login; private String senha; //get’s e set's
package br.com.mariojp; versão 6.0 ! import import import import org.hibernate.SessionFactory; org.hibernate.boot.registry.StandardServiceRegistryBuilder; org.hibernate.cfg.Configuration; org.hibernate.service.ServiceRegistry; ! public class BancoUtil { private static SessionFactory factory; ! static { Configuration configuration = new Configuration().configure(); StandardServiceRegistryBuilder serviceRegistryBuilder; serviceRegistryBuilder = new StandardServiceRegistryBuilder(); serviceRegistryBuilder.applySettings(configuration.getProperties()); ServiceRegistry serviceRegistry = serviceRegistryBuilder.build(); factory = configuration.buildSessionFactory(serviceRegistry); ! } ! ! } public static SessionFactory getFactory() { return factory; } BancoUtil.java
package br.com.mariojp; versão 6.0 ! import org.hibernate.Session; ! public class UsuarioDAO { ! public boolean autenticar(Usuario user) { ! String query = "select u from Usuario as u where " + "u.login=:login and u.senha=:senha"; Session session = BancoUtil.getFactory().openSession(); session.beginTransaction(); Usuario usuario = (Usuario) session .createQuery(query) .setString("login", user.getLogin()) .setString("senha", user.getSenha()).uniqueResult(); session.getTransaction().commit(); session.close(); return usuario != null; ! } ! } UsuarioDAO.java
versão 6.0 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> <hibernate-configuration > <session-factory> <property name="hibernate.connection.driver_class">org.hsqldb.jdbc.JDBCDriver</property> <property name="hibernate.connection.url">jdbc:hsqldb:hsql://localhost/ banco</property> <property name="hibernate.connection.username">SA</property> <property name="hibernate.connection.password"></property> <property name="hibernate.connection.pool_size">1</property> <property name="hibernate.dialect">org.hibernate.dialect.HSQLDialect</ property> <property name="hibernate.current_session_context_class">thread</property> <property name="hibernate.cache.provider_class">org.hibernate.cache.internal.NoCacheProv ider</property> <!-- Echo all executed SQL to stdout --> <property name="hibernate.show_sql">true</property> <!-- Drop and re-create the database schema on startup --> <property name="hibernate.hbm2ddl.auto">create</property> <mapping class="br.com.mariojp.Usuario"/> </session-factory> </hibernate-configuration> hibernate.cfg.xml
Esta obra está licenciada sob a licença Creative Commons Atribuição-CompartilhaIgual 3.0 Não Adaptada. Para ver uma cópia desta licença, visite http://creativecommons.org/licenses/by-sa/3.0/.
Java web Mario Jorge Pereira Como me encontrar? http://www.mariojp.com.br twitter.com/@mariojp mariojp@gmail.com

Recommended

Workshop spring session 2 - La persistance au sein des applications Java
Workshop spring session 2 - La persistance au sein des applications JavaWorkshop spring session 2 - La persistance au sein des applications Java
Workshop spring session 2 - La persistance au sein des applications JavaAntoine Rey
 
Formation jpa-hibernate-spring-data
Formation jpa-hibernate-spring-dataFormation jpa-hibernate-spring-data
Formation jpa-hibernate-spring-dataLhouceine OUHAMZA
 
Support distributed computing and caching avec hazelcast
Support distributed computing and caching avec hazelcastSupport distributed computing and caching avec hazelcast
Support distributed computing and caching avec hazelcastENSET, Université Hassan II Casablanca
 
Fundamentos de JDBC
Fundamentos de JDBCFundamentos de JDBC
Fundamentos de JDBCMario Jorge Pereira
 
Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Daniel Rene FOUOMENE PEWO
 
Node.js - #1 - Introdução - Rodrigo Branas
Node.js - #1 - Introdução - Rodrigo BranasNode.js - #1 - Introdução - Rodrigo Branas
Node.js - #1 - Introdução - Rodrigo BranasRodrigo Branas
 
React + Redux. Best practices
React + Redux. Best practicesReact + Redux. Best practices
React + Redux. Best practicesClickky
 
Webpack DevTalk
Webpack DevTalkWebpack DevTalk
Webpack DevTalkAlessandro Bellini
 

Recommended

Workshop spring session 2 - La persistance au sein des applications Java
Workshop spring session 2 - La persistance au sein des applications JavaWorkshop spring session 2 - La persistance au sein des applications Java
Workshop spring session 2 - La persistance au sein des applications JavaAntoine Rey
 
Formation jpa-hibernate-spring-data
Formation jpa-hibernate-spring-dataFormation jpa-hibernate-spring-data
Formation jpa-hibernate-spring-dataLhouceine OUHAMZA
 
Support distributed computing and caching avec hazelcast
Support distributed computing and caching avec hazelcastSupport distributed computing and caching avec hazelcast
Support distributed computing and caching avec hazelcastENSET, Université Hassan II Casablanca
 
Fundamentos de JDBC
Fundamentos de JDBCFundamentos de JDBC
Fundamentos de JDBCMario Jorge Pereira
 
Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Introduction à JPA (Java Persistence API )
Introduction à JPA (Java Persistence API )Daniel Rene FOUOMENE PEWO
 
Node.js - #1 - Introdução - Rodrigo Branas
Node.js - #1 - Introdução - Rodrigo BranasNode.js - #1 - Introdução - Rodrigo Branas
Node.js - #1 - Introdução - Rodrigo BranasRodrigo Branas
 
React + Redux. Best practices
React + Redux. Best practicesReact + Redux. Best practices
React + Redux. Best practicesClickky
 
Webpack DevTalk
Webpack DevTalkWebpack DevTalk
Webpack DevTalkAlessandro Bellini
 
Workshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les basesWorkshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les basesAntoine Rey
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring bootAntoine Rey
 
Spring boot jpa
Spring boot jpaSpring boot jpa
Spring boot jpaHamid Ghorbani
 
Vue js for beginner
Vue js for beginner Vue js for beginner
Vue js for beginner Chandrasekar G
 
Maven et industrialisation du logiciel
Maven et industrialisation du logicielMaven et industrialisation du logiciel
Maven et industrialisation du logicielENSET, Université Hassan II Casablanca
 
Spring Batch Performance Tuning
Spring Batch Performance TuningSpring Batch Performance Tuning
Spring Batch Performance TuningGunnar Hillert
 
Architecture java j2 ee a partager
Architecture java j2 ee a partagerArchitecture java j2 ee a partager
Architecture java j2 ee a partageraliagadir
 
Java 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJava 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJosé Paumard
 
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...Vinicius Pulgatti
 
Spring security
Spring securitySpring security
Spring securitySlimen Belhaj Ali
 
spring-api-rest.pdf
spring-api-rest.pdfspring-api-rest.pdf
spring-api-rest.pdfJaouad Assabbour
 
React workshop presentation
React workshop presentationReact workshop presentation
React workshop presentationBojan Golubović
 
Introduction JavaEE
Introduction JavaEEIntroduction JavaEE
Introduction JavaEEMourad HASSINI
 
Les Servlets et JSP
Les Servlets et JSPLes Servlets et JSP
Les Servlets et JSPKorteby Farouk
 
Introducing Drools
Introducing DroolsIntroducing Drools
Introducing DroolsMario Fusco
 
Spring Boot in Action
Spring Boot in Action Spring Boot in Action
Spring Boot in Action Alex Movila
 
Presentation Spring, Spring MVC
Presentation Spring, Spring MVCPresentation Spring, Spring MVC
Presentation Spring, Spring MVCNathaniel Richand
 
Strings in Java
Strings in Java Strings in Java
Strings in Java Hitesh-Java
 
Presentation JEE et son écossystéme
Presentation JEE et son écossystémePresentation JEE et son écossystéme
Presentation JEE et son écossystémeAlgeria JUG
 
A Deeper look into Javascript Basics
A Deeper look into Javascript BasicsA Deeper look into Javascript Basics
A Deeper look into Javascript BasicsMindfire Solutions
 
Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaMario Jorge Pereira
 
Labs Jogos Java
Labs Jogos JavaLabs Jogos Java
Labs Jogos JavaMario Jorge Pereira
 

More Related Content

What's hot

Workshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les basesWorkshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les basesAntoine Rey
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring bootAntoine Rey
 
Spring Batch Performance Tuning
Spring Batch Performance TuningSpring Batch Performance Tuning
Spring Batch Performance TuningGunnar Hillert
 
Architecture java j2 ee a partager
Architecture java j2 ee a partagerArchitecture java j2 ee a partager
Architecture java j2 ee a partageraliagadir
 
Java 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJava 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJosé Paumard
 
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...Vinicius Pulgatti
 
React workshop presentation
React workshop presentationReact workshop presentation
React workshop presentationBojan Golubović
 
Introducing Drools
Introducing DroolsIntroducing Drools
Introducing DroolsMario Fusco
 
Spring Boot in Action
Spring Boot in Action Spring Boot in Action
Spring Boot in Action Alex Movila
 
Presentation Spring, Spring MVC
Presentation Spring, Spring MVCPresentation Spring, Spring MVC
Presentation Spring, Spring MVCNathaniel Richand
 
Strings in Java
Strings in Java Strings in Java
Strings in Java Hitesh-Java
 
Presentation JEE et son écossystéme
Presentation JEE et son écossystémePresentation JEE et son écossystéme
Presentation JEE et son écossystémeAlgeria JUG
 
A Deeper look into Javascript Basics
A Deeper look into Javascript BasicsA Deeper look into Javascript Basics
A Deeper look into Javascript BasicsMindfire Solutions
 

What's hot (20)

Workshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les basesWorkshop Spring - Session 1 - L'offre Spring et les bases
Workshop Spring - Session 1 - L'offre Spring et les bases
 
Introduction à spring boot
Introduction à spring bootIntroduction à spring boot
Introduction à spring boot
 
Spring boot jpa
Spring boot jpaSpring boot jpa
Spring boot jpa
 
Vue js for beginner
Vue js for beginner Vue js for beginner
Vue js for beginner
 
Maven et industrialisation du logiciel
Maven et industrialisation du logicielMaven et industrialisation du logiciel
Maven et industrialisation du logiciel
 
Spring Batch Performance Tuning
Spring Batch Performance TuningSpring Batch Performance Tuning
Spring Batch Performance Tuning
 
Architecture java j2 ee a partager
Architecture java j2 ee a partagerArchitecture java j2 ee a partager
Architecture java j2 ee a partager
 
Java 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJava 8-streams-collectors-patterns
Java 8-streams-collectors-patterns
 
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
Apresentacao Boas praticas, revisão java, SOLID, KISS, DRY, design patterns, ...
 
Spring security
Spring securitySpring security
Spring security
 
spring-api-rest.pdf
spring-api-rest.pdfspring-api-rest.pdf
spring-api-rest.pdf
 
React workshop presentation
React workshop presentationReact workshop presentation
React workshop presentation
 
Introduction JavaEE
Introduction JavaEEIntroduction JavaEE
Introduction JavaEE
 
Les Servlets et JSP
Les Servlets et JSPLes Servlets et JSP
Les Servlets et JSP
 
Introducing Drools
Introducing DroolsIntroducing Drools
Introducing Drools
 
Spring Boot in Action
Spring Boot in Action Spring Boot in Action
Spring Boot in Action
 
Presentation Spring, Spring MVC
Presentation Spring, Spring MVCPresentation Spring, Spring MVC
Presentation Spring, Spring MVC
 
Strings in Java
Strings in Java Strings in Java
Strings in Java
 
Presentation JEE et son écossystéme
Presentation JEE et son écossystémePresentation JEE et son écossystéme
Presentation JEE et son écossystéme
 
A Deeper look into Javascript Basics
A Deeper look into Javascript BasicsA Deeper look into Javascript Basics
A Deeper look into Javascript Basics
 

More from Mario Jorge Pereira

Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaMario Jorge Pereira
 
Lógica de Programação e Algoritmos
Lógica de Programação e AlgoritmosLógica de Programação e Algoritmos
Lógica de Programação e AlgoritmosMario Jorge Pereira
 
Guia Rápido de Referência Java
Guia Rápido de Referência JavaGuia Rápido de Referência Java
Guia Rápido de Referência JavaMario Jorge Pereira
 
Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015 Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015 Mario Jorge Pereira
 

More from Mario Jorge Pereira (20)

Educacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial GenerativaEducacao e Inteligencia Artificial Generativa
Educacao e Inteligencia Artificial Generativa
 
Labs Jogos Java
Labs Jogos JavaLabs Jogos Java
Labs Jogos Java
 
Java www
Java wwwJava www
Java www
 
Html
HtmlHtml
Html
 
HTTP
HTTPHTTP
HTTP
 
Lógica de Programação e Algoritmos
Lógica de Programação e AlgoritmosLógica de Programação e Algoritmos
Lógica de Programação e Algoritmos
 
Guia rapido java v2
Guia rapido java v2Guia rapido java v2
Guia rapido java v2
 
Guia Rápido de Referência Java
Guia Rápido de Referência JavaGuia Rápido de Referência Java
Guia Rápido de Referência Java
 
Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015 Android por onde começar? Mini Curso Erbase 2015
Android por onde começar? Mini Curso Erbase 2015
 
Java Nuvem Appengine
Java Nuvem AppengineJava Nuvem Appengine
Java Nuvem Appengine
 
Mini curso Android
Mini curso AndroidMini curso Android
Mini curso Android
 
Java Server Faces
Java Server FacesJava Server Faces
Java Server Faces
 
Minicurso Android
Minicurso AndroidMinicurso Android
Minicurso Android
 
Android, por onde começar?
Android, por onde começar?Android, por onde começar?
Android, por onde começar?
 
Android e Cloud Computing
Android e Cloud ComputingAndroid e Cloud Computing
Android e Cloud Computing
 
Threads
ThreadsThreads
Threads
 
RMI (Remote Method Invocation)
RMI (Remote Method Invocation) RMI (Remote Method Invocation)
RMI (Remote Method Invocation)
 
Socket
SocketSocket
Socket
 
Java e Cloud Computing
Java e Cloud ComputingJava e Cloud Computing
Java e Cloud Computing
 
GUI - Eventos
GUI - EventosGUI - Eventos
GUI - Eventos
 

Hands-On Java web passando por Servlets, JSP, JSTL, JDBC, Hibernate, DAO, MVC, etc

  • 2.
  • 5. Agenda • Java Servlet • Java Server Pages - JSP • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL • Java Database Connectivity - JDBC • Data Access Object - DAO • Model View Controller - MVC • Hibernate
  • 6. JSP
  • 7. i g lo p js . n versão 1.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“home.jsp"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> </body> </html>
  • 8. p js . e versão 1.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("login")%> </body> </html>
  • 10. Autenticador.java versão 2.0 package br.com.mariojp; ! import import import import ! java.io.*; javax.servlet.*; javax.servlet.annotation.*; javax.servlet.http.*; Regra: 
 Se o login igual a senha esta ok! @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String login = request.getParameter("login"); String senha = request.getParameter("senha"); if(login!=null && senha!=null && login.equalsIgnoreCase(senha)){ response.sendRedirect("home.jsp?user="+login); }else{ String erro = "Usuario ou Senha Invalidos!"; response.sendRedirect("login.jsp?erro="+erro); } }
  • 11. i g lo p js . n versão 2.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = request.getParameter("erro"); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html> Aciona o servlet Apresenta o erro de login
  • 12. p js . e versão 2.0 m o h <!DOCTYPE html> <html> <head> <title>HOME</title> </head> <body> Bem vindo, <%=request.getParameter("user")%> </body> </html>
  • 13. MVC
  • 14. U .j io r a u s a v a package br.com.mariojp; ! versão 3.0 public class Usuario { private Integer id; private String login; private String senha; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getLogin() { return login; } public void setNome(String login) { this.login = login; } public String getSenha() { return senha; } public void setSenha(String senha) { this.senha = senha; } }
  • 15. Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { ! protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } private boolean autenticar(Usuario user) {...} ! }
  • 16. Autenticador.java versão 3.0 ! private boolean autenticar(Usuario user) { boolean autenticado = false; if(user.getLogin()!=null && user.getSenha()!=null && user.getLogin().equals(user.getSenha())){ autenticado = true; } return autenticado; }
  • 17. i g lo p js . n versão 3.0 <!DOCTYPE html> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <% String erro = (String) request.getAttribute(“erro”); if(erro!=null && !erro.trim().equals("")){ out.print(erro); } %> </body> </html>
  • 18. m o h p js . e versão 3.0 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <html> <head> <title>HOME</title> </head> <body> <% Usuario user = (Usuario) session.getAttribute("user");%> Bem vindo, <%=user.getLogin() %> </body> </html>
  • 19. Revisão Rapida • Java Servlet • Java Server Pages - JSP • Model View Controller - MVC
  • 20. E agora? • JavaServer Pages Standard Tag Library - JSTL • Expression Language - EL
  • 22. i g lo p js . n versão 3.1 <!DOCTYPE html> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>Login</title> </head> <body> <form method="post" action=“Autenticador"> Login: <input name="login" type="text"> <br> Senha: <input name="senha" type="password"><br> <input type="submit"> </form> <c:out value="${erro}"/> </body> </html>
  • 23. m o h p js . e versão 3.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
  • 24. JDBC
  • 25. HSQLDB java -cp hsqldb.jar org.hsqldb.server.Server -database.0 file:mydb --dbname.0 banco
  • 26. HSQL Database Manager ! Type: HSQL Database Engine Server Driver: org.hsqldb.jdbcDriver URL: jdbc:hsqldb:hsql://localhost/banco User: SA
  • 27. HSQLDB CREATE TABLE USUARIOS ( USUARIO_ID INTEGER IDENTITY, LOGIN varchar(100) NOT NULL , SENHA varchar(100) NOT NULL ) ; ! INSERT INTO USUARIOS ( "LOGIN", "SENHA" ) VALUES ('user', ‘1234’); ! SELECT * FROM USUARIOS;
  • 29. BancoUtil.java package br.com.mariojp; versão 4.0 ! import java.sql.Connection; import java.sql.DriverManager; ! public class BancoUtil { private static Connection connection; static { try { Class.forName("org.hsqldb.jdbc.JDBCDriver" ); connection = DriverManager.getConnection( "jdbc:hsqldb:hsql://localhost/banco", "SA", ""); } catch (Exception e) { e.printStackTrace(); } } public static Connection getConnection() { return connection; } }
  • 30. Autenticador.java versão 4.0 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { Statement stmt = con.createStatement(); ResultSet resultSet = stmt.executeQuery( "select * from usuarios where "+ "login='"+user.getLogin().trim()+"' and "+ "senha='"+user.getSenha().trim()+"';" ); if(resultSet.next()){ autenticado = true; } resultSet.close(); stmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
  • 31. Segurança • Voce consegue acessar o home.jsp? • Pela url • Sql Injection
  • 32. m o h p js . e versão 4.1 <!DOCTYPE html> <%@page import="br.com.mariojp.Usuario"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <html> <head> <title>HOME</title> <jsp:useBean id="user" class="br.com.mariojp.Usuario" scope=“session” /> </head> <body> <c:if test="${user.login == null}"> <c:redirect url=“login.jsp" /> </c:if> Bem vindo, <c:out value=“${user.login}" /> </body> </html>
  • 33. Teste? • Use Login = 123 e Senha = ' or '1' = ‘1 • Use Login = ' OR 1=1 --
  • 34. Autenticador.java versão 4.1 private boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where " + "login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; }
  • 35. DAO
  • 36. package br.com.mariojp; versão 5.0 ! import import import import java.sql.Connection; java.sql.PreparedStatement; java.sql.ResultSet; java.sql.SQLException; ! public class UsuarioDAO { ! } public boolean autenticar(Usuario user) { boolean autenticado = false; Connection con = BancoUtil.getConnection(); try { String sql = "select * from usuarios where login=? and senha=?;"; PreparedStatement pstmt = con.prepareStatement(sql); pstmt.setString(1, user.getLogin()); pstmt.setString(2, user.getSenha()); ResultSet resultSet = pstmt.executeQuery(); if(resultSet.next()){ autenticado = true; } resultSet.close(); pstmt.close(); } catch (SQLException e) { e.printStackTrace(); } return autenticado; } UsuarioDAO.java
  • 37. Autenticador.java versão 3.0 @WebServlet("/Autenticador") public class Autenticador extends HttpServlet { private UsuarioDAO usuarioDAO = new UsuarioDAO(); protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Usuario user = new Usuario(); String login = request.getParameter("login"); String senha = request.getParameter("senha"); user.setLogin(login); user.setSenha(senha); if(usuarioDAO.autenticar(user)){ request.getSession().setAttribute("user", user); response.sendRedirect("home.jsp"); }else{ request.setAttribute("erro", "Usuario ou Senha Invalidos!"); RequestDispatcher d= request.getRequestDispatcher("login.jsp"); d.forward(request,response); } } }
  • 38.
  • 39. Hibernate • Framework de mapeamento objeto relacional
  • 40. WEB-INFlib • hibernate-core-4.3.0.Final.jar • antlr-2.7.7.jar • dom4j-1.6.1.jar • hibernate-commons-annotations-4.0.4.Final.jar • hibernate-jpa-2.1-api-1.0.0.Final.jar • jandex-1.1.0.Final.jar • javassist-3.18.1-GA.jar • jboss-logging-3.1.3.GA.jar • jboss-logging-annotations-1.2.0.Beta1.jar • jboss-transaction-api_1.2_spec-1.0.0.Final.jar
  • 41. package br.com.mariojp; versão 6.0 ! import java.io.Serializable; Usuario.java ! import import import import javax.persistence.Entity; javax.persistence.GeneratedValue; javax.persistence.Id; javax.persistence.Table; ! @Entity @Table(name="usuarios") public class Usuario implements Serializable{ private static final long serialVersionUID = 1L; ! @Id @GeneratedValue private Integer id; ! } private String login; private String senha; //get’s e set's
  • 42. package br.com.mariojp; versão 6.0 ! import import import import org.hibernate.SessionFactory; org.hibernate.boot.registry.StandardServiceRegistryBuilder; org.hibernate.cfg.Configuration; org.hibernate.service.ServiceRegistry; ! public class BancoUtil { private static SessionFactory factory; ! static { Configuration configuration = new Configuration().configure(); StandardServiceRegistryBuilder serviceRegistryBuilder; serviceRegistryBuilder = new StandardServiceRegistryBuilder(); serviceRegistryBuilder.applySettings(configuration.getProperties()); ServiceRegistry serviceRegistry = serviceRegistryBuilder.build(); factory = configuration.buildSessionFactory(serviceRegistry); ! } ! ! } public static SessionFactory getFactory() { return factory; } BancoUtil.java
  • 43. package br.com.mariojp; versão 6.0 ! import org.hibernate.Session; ! public class UsuarioDAO { ! public boolean autenticar(Usuario user) { ! String query = "select u from Usuario as u where " + "u.login=:login and u.senha=:senha"; Session session = BancoUtil.getFactory().openSession(); session.beginTransaction(); Usuario usuario = (Usuario) session .createQuery(query) .setString("login", user.getLogin()) .setString("senha", user.getSenha()).uniqueResult(); session.getTransaction().commit(); session.close(); return usuario != null; ! } ! } UsuarioDAO.java
  • 44. versão 6.0 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd"> <hibernate-configuration > <session-factory> <property name="hibernate.connection.driver_class">org.hsqldb.jdbc.JDBCDriver</property> <property name="hibernate.connection.url">jdbc:hsqldb:hsql://localhost/ banco</property> <property name="hibernate.connection.username">SA</property> <property name="hibernate.connection.password"></property> <property name="hibernate.connection.pool_size">1</property> <property name="hibernate.dialect">org.hibernate.dialect.HSQLDialect</ property> <property name="hibernate.current_session_context_class">thread</property> <property name="hibernate.cache.provider_class">org.hibernate.cache.internal.NoCacheProv ider</property> <!-- Echo all executed SQL to stdout --> <property name="hibernate.show_sql">true</property> <!-- Drop and re-create the database schema on startup --> <property name="hibernate.hbm2ddl.auto">create</property> <mapping class="br.com.mariojp.Usuario"/> </session-factory> </hibernate-configuration> hibernate.cfg.xml
  • 45.
  • 46. Esta obra está licenciada sob a licença Creative Commons Atribuição-CompartilhaIgual 3.0 Não Adaptada. Para ver uma cópia desta licença, visite http://creativecommons.org/licenses/by-sa/3.0/.
  • 47. Java web Mario Jorge Pereira Como me encontrar? http://www.mariojp.com.br twitter.com/@mariojp mariojp@gmail.com