Requirement
Create a JSP/Servlet web application that handles a login sequence. The application should include (at least) the following components:
Initialization servlet
Performs any data initialization required by the application. The main purpose of this servlet is to set up a list of
- a. user names,
- b. passwords,
- c. email addresses and
- d. user roles.
For this assignment, passwords may be stored in plain text, rather than encrypted format. For now, user roles will be the same as those in Milestone 1 - i.e. admin, clerk, and client. In later assignments, the names and number of user roles will change.
The initial set of users should be:
| User Name | Password | Role | |
|---|---|---|---|
| mike | mike | manager | [email protected] |
| mika | mika | manager | [email protected] |
| dirk | dirk | clerk | [email protected] |
| cloe | cloe | client | [email protected] |
| clive | clive | client | [email protected] |
Your application may use the Initialization servlet as the entry point, or it may redirect to the servlet from an html page (e.g. splash screen).
Note: to create a splash screen that redirects automatically (e.g. after 3 seconds) use the following in the head of an html page:1
<meta http-equiv="refresh" content="3; url=Servlet"/>
Login page (JSP or HTML)
This page gathers the user name and password and submits them to a Login servlet.
Login servlet
This servlet tries to match the user name and password with the list created by the initialization servlet. If the login is successful, the servlet navigates to a page determined by the user’s role. If the login is unsuccessful after three successive attempts by the same user, the page displays a “Forgot Password?” button. If the user clicks this button the application navigates to a “Reset” page.
Reset page
This page allows users to reset their own password. It will also allow an administrator to reset any user’s password.
- a. If this page is reached after a user has clicked the “Forgot password” button, the user’s name is automatically set in a read-only text box, and the user may choose a new password. After the resetting the password, the application navigates to the login page.
- b. If this page is used by an administrator to reset a password, the user input is a read-write text-box. In all cases the password must be confirmed by entering it twice. After an administrator resets a password, the application navigates to the administrator page (see below).
User pages
- Admin JSP page. This page will allow an administrator to
- add a new clerk to the list of users,
- reset a clerk or client password.
- Clerk JSP page. This page will allow clerks to create new clients.
- Client.jsp. For now, this page just displays the client’s name.
All data in this application should be defined as JavaBeans and stored on the appropriate attribute list (i.e. should have the appropriate scope.) All JSP pages should access JavaBeans via the ${ } notation.
Hand in a zipped copy of your entire project to the course drop box before the end of the lab. Name your zipped project COMP31A1YourName.zip.
Note: your project should run ‘out of the box’. Test your project thoroughly on a lab machine before submitting it