2.4 Basic Servlet Design
 |
Figure 2-18 shows the classes you will use when writing Servlets (Bates, Sierra and Basham 2008): |
|
Figure 2-18 shows the classes you will use when writing Servlets (Bates, Sierra and Basham 2008): |
|
When writing Servlets, you will usually extend a class named javax.servlet.http.HttpServlet. |
|
This is a base class that provides support for HTTP requests. |
|
The HttpServlet class, in turn, extends javax.servlet.GenericServlet, which provides some basic Servlet |
| functionality. |
|
Finally, GenericServlet implements the primary Servlet API interface, javax.servlet.Servlet. |
|
It also implements an interface called ServletConfig, which allows it to provide easy access to Servlet |
| configuration information (Mukhar, et al. 2006). |
|
Notice that Servlet defines only a small number of methods. |
|
You can probably guess that init() and destroy() don't handle any requests. |
|
We will look at these methods later when we discuss the Servlet lifecycle in more detail. |
|
The getServletConfig() and getServletInfo() methods don't handle requests either. |
|
That leaves only service() to handle requests (Mukhar, et al. 2006). |
|
The service() method is the main method to perform the actual task. |
|
The servlet container calls the service() method to handle requests coming from the client and to write the |
| formatted response back to the client. |
|
Each time the server receives a request for a servlet; the server spawns a new thread and calls service. |
|
The service() method checks the HTTP request type (GET, POST, PUT, DELETE, etc.) and calls doGet, |
| doPost, doPut, doDelete, etc. methods as appropriate (Solutions 2012). |
|
Here is the signature of this method: |
|
You should NOT override the service() method. |
|
Your job is to override the doGet() and/or doPost() methods. |
|
Although this approach takes a couple of extra lines of code, it has several advantages over directly overriding |
| service. |
|
First, you can later add support for other HTTP request methods by adding doPut, doTrace, etc., perhaps in a |
| subclass (Hall and Brown 2004). |
|
Overriding service directly precludes this possibility. |
|
Second, you can add support for modification dates by adding a getLastModified method. |
|
Since getLastModified is invoked by the default service method, overriding service eliminates this option. |
|
Finally, service gives you automatic support for HEAD, OPTION, and TRACE requests (Hall and Brown 2004). |
|
These methods contain the real meat of your servlet. |
|
Ninety-nine percent of the time, you only care about GET or POST requests, so you override doGet and/or |
| doPost. |
|
However, you can also override doDelete for DELETE requests, doPut for PUT, doOptions for OPTIONS, and |
| doTrace for TRACE. |
|
Recall, however, that you have automatic support for OPTIONS and TRACE (Solutions 2012). |
|
GET is meant to be used for getting things. |
|
Sure, you might use the parameters to help figure out what to send back, but the point is-you're not making any |
| changes on the server! POST is meant to be used for sending data to be processed. |
|
This could be as simple as query parameters used to figure out what to send back, just as with a GET, but when |
| you think of POST, think: update. |
|
Think: use the data from the POST body to change something on the server (Bates, Sierra and Basham 2008). |
|
POST has a body. |
|
That's the key. |
|
Both GET and POST can send parameters, but with GET, the parameter data is limited to what you can stuff |
| into the Request line. |
|
But there is another issue other than size, when you use GET, the parameter data shows up in the browser's |
| input bar, right after actual URL (and separated with a "?"), therefore GET is not secured in some situations. |
|
Also still another issue is whether you need or want end-users to be able to bookmark the request page. |
|
GET requests can be bookmarked; POST requests cannot. |
|
Another important difference is that GET is idempotent while POST is not; by idempotent we mean that a |
| method has ability to handle requests that are sent multiple times without altering system state / data / resource | |
| (e.g. when the client clicks on submit button twice after providing his credit card information) in case of POST, if | |
| it is not handled, the client will pay twice! |
|
But what determines whether the browser sends a GET or POST request? A simple hyperlink always means a |
| GET. |
|
While in HTML from you can choose to whether you want to send a GET or a POST request by setting the |
| method property of form tag. |
|
If you left form tag without explicitly specify a method property then, GET is the default. |
