224 WebSphere Studio Application Developer Version 5 Programming Guide
Creating a server for testing
To test a Web application we require a server. Because our project is a J2EE 1.3
project we require a WebSphere Version 5 server (or a Tomcat server).
A server can be created automatically or manually:
 For automatic server creation, select the ItsoProGuideBasicWeb project and
Run on Server
(context). The dialog shown in Figure 7-39 is displayed.
Figure 7-39 Server selection dialog
The default selection is correct and clicking
OK
defines a server project
named Servers, a server named WebSphere v5.0 Test Environment, and
starts the server. The drawback of this method is that we cannot select a
name for the server and we cannot tailor the server before it starts.
Stop the server, delete it from the Server Configuration view and delete the
Servers project. We want to create a server manually.
 For manual creation of a server, open the Server perspective and select
New
-> Server and Server Configuration
. In the dialog (Figure 7-40) enter the
name of the server (for example, ItsoServer), set the folder as
ItsoProGuideServers (this creates the ItsoProGuideServers project), and
select
WebSphere version 5.0 -> Test Environment
.
Click
Next
and confirm that you want to create the ItsoProGuideServers
project.
Accept the default port of 9080 and click

Finish
.
Select the ItsoServer in the Server Configuration view and
Add ->
ItsoProGuide
(context). This adds the EAR project (with the Web module) to
the server.
The ItsoServer server also appears in the Servers view, from where it can be
started and stopped.
Chapter 7. Developing Web applications 225
Figure 7-40 Creating a WebSphere test server
Testing the application
Start the ItsoServer server.
While the server is starting, you can check its initialization message log on the
Console view. If the view is not visible, select
Window -> Show View -> Console

from the menu bar. You will know that the server is ready when you read the
message “Server server1 open for e-business“.
Select the ItsoProGuideBasicWeb project and
Run on Server
(context). When you
run a Web project itself, instead of a single HTML file, then the welcome page is
displayed. Welcome pages are defined in the deployment descriptor (web.xml) on
the Pages page. Usually the index.html file is the first in the list.
226 WebSphere Studio Application Developer Version 5 Programming Guide
If you are prompted to select a server, select the ItsoServer and also select
Set
server as project default (do not prompt)
. This stores a server as the default in

the properties of the Web project., where it can be changed at any time.
The Web browser window opens and displays the index page (Figure 7-2 on
page 182). In the customer ID field, type any number from 101 to 106 and submit
the form. The resulting page (Figure 7-3 on page 182) should display the
selected customer’s account list.
Working with filters
Servlet filtering is a new addition to the Servlet 2.3 API. It provides a new type of
reusable object called a filter, that can transform requests and responses on the
fly. You can chain filters together so that a group of filters can act on the input and
output of a specified resource or group of resources.
Filters typically include logging filters, image conversion filters, encryption filters,
and MIME type filters. Although filters are not servlets, their life cycle is very
similar.
Filters are handled in the following manner:
 The Web container determines which filters must be constructed for the Web
application, before a request causes a Web resource to be accessed.
 The container instantiates and initializes each filter (if this was not previously
done) by calling the filter’s init method.
 When the container receives a request for a Web resource, it creates a filter
chain containing the filters associated with the resource.
 The container invokes the chain’s doFilter method, which in turn invokes
each filter’s doFilter method. A filter’s doFilter method typically:
– Pre-processes the request object, or wraps it with a customized
implementation of ServletRequest or HttpServletRequest to modify
request headers or data.
– Pre-processes the response object, or wraps it with a customized
implementation of ServletResponse or HttpServletResponse to modify
response headers or data.
– Typically invokes the next filter on the chain by calling the chain’s doFilter
method, but may alternatively block the chain. After this step, the filter may

examine the response’s headers.
– Does additional post-processing to the request and response objects.
Chapter 7. Developing Web applications 227
 Finally, after all the filters on the chain have been invoked, the filter chain calls
the originally requested resource.
 Before a filter can be removed from service, the container must call its
destroy method.
Figure 7-41 shows how the chaining of filters work:
Figure 7-41 Filter chaining
Creating a filter in Application Developer
We implement a simple filter that audits all the banking transactions by writing an
audit trail to a file. This filter in invoked before the PerformTransaction servlet
gets control.
To create a new filter in Application Developer, open the
J2EE Navigator
view of
the ItsoProGuideBasicWeb project.
Create a new package (under Java Source) names itso.basicweb.filter.
Select the itso.basicweb.filter package and
New -> Filter
from the context
menu to start the
New Filter
wizard (Figure 7-42).
Resource
Web Container
Filter 1
doFilter
Filter 2
doFilter

Filter Chain
doFilter
Note: This is a simple example that uses a file for auditing. Such a design
should not be used in a real application.
228 WebSphere Studio Application Developer Version 5 Programming Guide
Figure 7-42 Creating a new filter (page 1)
Make sure the correct package (itso.basicweb.filter) is selected.
In the
Filter Name
field, type TransactionAuditingFilter. Our filter will audit
every transaction that is performed with the bank accounts, logging the
transaction type, time stamp, and parameters, as well as the client’s hostname
and IP address.
Click
Next
to proceed to the second page (Figure 7-43).
The wizard’s second page lets you select method stubs and deployment
descriptor information.
Chapter 7. Developing Web applications 229
Figure 7-43 Creating a new filter (page 2)
The filter has to be added to the Web deployment descriptor. Configure the
initialization parameter by clicking the respective
Add
. Enter pathname for the
parameter name and c:/transactionAudit.txt for its value.
Finally, we have to set with which servlets this filter should be associated. Click
the respective
Add
to open the
Choose a Servlet

dialog. Select
PerformTransaction and click
OK
.
Click
Finish
to complete the wizard. The TransactionAuditingFilter.java file is
opened for editing.
Note: To change the filter’s servlet associations or initialization parameters,
open the Web deployment descriptor on the
Filters
page.
230 WebSphere Studio Application Developer Version 5 Programming Guide
Editing the filter
Switch to the Java editor opened on the TransactionAuditingFilter.java file.
The source code of the sample filter is available in:
\sg246957\sampcode\dev-web\filter\TransactionAuditingFilter.java
Add an import statement and declare the following instance variable:
import java.io.RandomAccessFile;
private RandomAccessFile auditFile;
The auditFile property holds a reference to the audit file. Generate its getter
and setter methods by selecting the field in the Outline view and
Generate Getter
and Setter
from its context menu. Change the generated method access
modifiers from public to private (Figure 7-44):
Figure 7-44 Getter and setter methods for the auditFile property
The audit file should be opened upon the filter initialization. Edit the init method
as shown in Figure 7-45.
Figure 7-45 TransactionAuditingFilter init method

After opening the file for both read and write access, we move the file pointer to
the end, so that the file can be appended instead of overwritten.
Because we opened the file in the init method, we have to close it in the
destroy method (Figure 7-46).
private RandomAccessFile getAuditFile() {
return auditFile;
}
private void setAuditFile(RandomAccessFile auditFile) {
this.auditFile = auditFile;
}
public void init(FilterConfig config) throws ServletException {
String pathname = config.getInitParameter("pathname");
try {
setAuditFile(new RandomAccessFile(pathname, "rw"));
getAuditFile().seek(getAuditFile().length());
} catch (IOException e) {
e.printStackTrace());
}
}
Chapter 7. Developing Web applications 231
Figure 7-46 TransactionAuditingFilter destroy method
Finally, edit the filter’s doFilter method as shown in Figure 7-47.
Figure 7-47 TransactionAuditingFilter doFilter method
Save your changes and close the editor. The next time you perform a transaction
with any of the accounts, the audit file c:\transactionAudit.txt is created and
populated. See Figure 7-54 on page 236 for sample output of the filter (and the
listener that we create next).
public void destroy() {
try {
getAuditFile().close();

} catch (IOException e) {
e.printStackTrace();
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws ServletException, IOException {
String protocol = req.getProtocol();
String address = req.getRemoteAddr();
String host = req.getRemoteHost();
String transaction = req.getParameter("transaction");
String parameters = "";
java.util.Enumeration parameterNames = req.getParameterNames();
while (parameterNames.hasMoreElements()) {
String name = parameterNames.nextElement().toString();
String value = req.getParameter(name);
parameters += name + "=" + value + ", ";
}
parameters = parameters.substring(0, parameters.length() - 2);
String output = "- " + transaction +
" being performed from " + host + " (" + address +
") using " + protocol + " at " + new java.util.Date() +
" Parameters: " + parameters + "\r\n";
synchronized (getAuditFile()) {
getAuditFile().writeBytes(output);
}
System.out.println(output);
chain.doFilter(request, response);
}
232 WebSphere Studio Application Developer Version 5 Programming Guide
Working with listeners

Life-cycle listeners, now part of the Servlet API, enable you to be notified when
servlet contexts and HTTP sessions are created, destroyed or modified. They
give the application developer greater control over interactions with
ServletContext and HttpSession objects. Servlet context listeners manage
resources at an application level. Session listeners manage resources
associated with a particular client’s HTTP session.
Listeners are available for life-cycle events and for attribute modification events.
The listener developer creates a class that implements the interface
corresponding to the desired listener functionality:
 javax.servlet.ServletContextListener
Receives javax.servlet.ServletContextEvent events that notify that a
servlet context has just been created or is about to be destroyed.
 javax.servlet.ServletContextAttributeListener
Receives javax.servlet.ServletContextAttributeEvent events that notify
that an attribute in the servlet context has been added, removed, or modified.
 javax.servlet.http.HttpSessionListener
Receives javax.servlet.http.HttpSessionEvent events that notify that an
HTTP session object has just been created or is about to be destroyed.
 javax.servlet.http.HttpSessionAttributeListener
Receives javax.servlet.http.HttpSessionBindingEvent events that notify
that an attribute in an HTTP session has been added, removed, or modified.
Note that the same listener may implement any combination of the above
interfaces. At application startup time, the container uses introspection to create
an instance of the listener class and registers it with the appropriate event
generators.
As an example, we will create a listener that implements both the
HttpSessionListener and HttpSessionAttributeListener interfaces. It will be
called HttpSessionInspector and will print to the standard output detailed HTTP
session event notifications that can be used by the developer to determine:
 When HTTP sessions are created and destroyed.

 The size of the HTTP session objects at creation and destruction.
 When HTTP session attributes are added, removed or modified, and their
sizes.
Chapter 7. Developing Web applications 233
Creating a listener in Application Developer
To create a listener in Application Developer, open the
J2EE Navigator
view of
the ItsoProGuideBasicWeb project.
Create a new package (under Java Source) names itso.basicweb.listener.
Select the itso.basicweb.listener package under the Java Source folder and
then select
New -> Life-cycle Listener
from the context menu to start the
New
Life-cycle Listener
wizard (Figure 7-48):
Figure 7-48 Creating a new life-cycle listener (page 1)
Make sure the correct package (itso.basicweb.listener) is selected.
In the Listener Name field, type HttpSessionInspector. In the Listener Types
field, select both
Http Session Listener
and
Http Session Attribute Listener
. Click
Next
to continue to the second page (Figure 7-49):