Servlets/Filter/Session

Description

An application has a login page. The correct logins are "user" and "admin". The field "password" is not important, it can be any non-empty string. You need to handle login process. To achieve that create 2 servlets, a listener and a filter. All servlets, filters and listeners should be declared via annotations.

  • AuthFilter
  • ContextListener
  • LoginServlet
  • LogoutServlet

Details

AuthFilter should:

  • be placed in com.example.filter package.
  • check session attribute "user" for paths /user/*. If there isn't, redirect the request to the /login.jsp page.

ContextListener should:

  • be placed in com.example.listener package.
  • set "servletTimeInit" attribute in the context, "servletTimeInit" is a LocalDateTime object showing when the context was initialized.

LoginServlet should:

  • be placed in com.example.servlet package.
  • have url /login.
  • check session attribute "user".
  • for GET request if the session attribute "user" does not exist, redirect to the /login.jsp page, else redirect to the /user/hello.jsp.
  • for POST request check the request parameters. "login" should exist in Users and the request parameter "password" shouldn't be empty. If parameters are correct set session attribute "user" and redirect to /user/hello.jsp, else forward to the /login.jsp.

LogoutServlet should:

  • be placed in com.example.servlet package.
  • have url /logout.
  • delete session attribute "user".
  • invalidate session.
  • redirect to /login.jsp.