I have a Java servlet that uses HttpSession to store data.
When one user, User-A, logs in and does something on the website, User-B logs in. When User-A navigates to another page, User-B's information is shown instead of User-A's.
My Java servlet:
Expand|Select|Wrap|Line Numbers
- package control;
- import java.io.IOException;
- import java.util.HashMap;
- import javax.servlet.RequestDispatcher;
- import javax.servlet.ServletException;
- import javax.servlet.http.Cookie;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- import model.InstructorUserBean;
- import model.StudentUserBean;
- /**
- * Servlet controls the main interaction between the client and server
- * @author Adam K Hagan
- * @version v1
- */
- public class Servlet extends HttpServlet {
- // Instance variables
- //A bean for the Logged in User
- InstructorUserBean loggedInInstructorUser;
- StudentUserBean loggedInStudentUser;
- //ProfileManager
- UserProfileManager profileManager;
- //Manage login requests
- LoginManager loginManager;
- //Manage account creation
- UserAccountCreator accountCreator;
- // A session
- HttpSession session;
- // Hashmap stores data for processing
- HashMap<String, String> userDetails;
- /**
- * Initialises all the variables
- */
- public void init() {
- userDetails = new HashMap<String, String>();
- loggedInInstructorUser = new InstructorUserBean();
- loggedInStudentUser = new StudentUserBean();
- }
- /**
- * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- protected void processRequest(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- // Stores the action using post or get
- String action = request.getPathInfo();
- // Stores the dispatcher - that directs to other pages
- RequestDispatcher dispatcher = null;
- //A session
- session = request.getSession();
- /* TEMPLATE FOR A SECTION
- else if (action.equals("/action")) {
- // Do something...
- // Direct to page
- dispatcher = this.getServletContext().getRequestDispatcher("webpage");
- }
- */
- /**
- * Action to take if user logging in
- */
- if (action.equals("/login")) {
- // Get the user name and password from the request
- String username = request.getParameter("email_login_input");
- String password = request.getParameter("password_login_input");
- //Create a LoginManager and check if the user is authentic
- loginManager = new LoginManager(username, password);
- //If the user is authentic, take to their dashboard
- if (loginManager.isAuthenticUser()) {
- //Log user in
- loginUser(username, password);
- // Authentic and user profile set up so direct to user's dashbaord
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/dashboard/dashboard.jspx");
- } // If not an authentic user, send user to error login page
- else {
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/login/errorLogin.jspx");
- }
- }
- /**
- * Go to sign in page
- */
- else if (action.equals("/goSignIn")) {
- dispatcher = this.getServletContext().getRequestDispatcher("/signin.jspx");
- }
- /**
- * Action to take when signing up for an account: Stage 1
- */
- else if (action.equals("/signUp")) {
- // Gather signUp page information
- String email = request.getParameter("inputEmail");
- String firstName = request.getParameter("inputFirstName");
- String lastName = request.getParameter("inputLastName");
- String password = request.getParameter("inputPassword");
- String type = request.getParameter("accountTypeInput");
- userDetails.put("username", email);
- userDetails.put("firstname", firstName);
- userDetails.put("lastname", lastName);
- userDetails.put("password", password);
- userDetails.put("type", type);
- if (type.equals("student")) {
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/registration/accountRegistration_s.jspx");
- }
- if (type.equals("instructor")) {
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/registration/accountRegistration_i.jspx");
- }
- }
- /**
- * Action for sign up Stage 2
- */
- else if (action.equals("/accountStudentSetup")) {
- // Gather account setup information
- String courseName = request.getParameter("inputCourseName");
- String courseYear = request.getParameter("inputCourseYear");
- String privacySetting = request.getParameter("privacySetting");
- userDetails.put("courseName", courseName);
- userDetails.put("courseYear", courseYear);
- userDetails.put("privacySetting", privacySetting);
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/registration/profilePic.jspx");
- } else if (action.equals("/accountInstructorSetup")) {
- // Gather account setup information
- String department = request.getParameter("inputDepartment");
- String privacySetting = request.getParameter("privacySetting");
- userDetails.put("department", department);
- userDetails.put("privacySetting", privacySetting);
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/registration/profilePic.jspx");
- }
- /**
- * Action to take if registering with profile pic
- * @TODO
- */
- else if (action.equals("/profilePic")) {
- // Do something...
- // Direct to page
- dispatcher = this.getServletContext().getRequestDispatcher("webpage");
- }
- /**
- * Action to take if user skipped profile pic
- */
- else if (action.equals("/completeRegistration")) {
- boolean accountCreationVerified = false;
- //Create useraccountcreator
- if (userDetails.get("type").equals("student")) {
- StudentUserAccountCreator sUAC = new StudentUserAccountCreator(userDetails);
- //Create the account
- sUAC.createUserAccount();
- //Check the account has been created
- accountCreationVerified = sUAC.isValidAccountCreated();
- }
- //Create useraccountcreator
- if (userDetails.get("type").equals("instructor")) {
- InstructorUserAccountCreator iUAC = new InstructorUserAccountCreator(userDetails);
- //Create the account
- iUAC.createUserAccount();
- //Check the account has been created
- accountCreationVerified = iUAC.isValidAccountCreated();
- }
- // If accountVerified go to dashboard else to login page
- if (accountCreationVerified) {
- loginUser(userDetails.get("username"),userDetails.get("password"));
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/dashboard/dashboard.jspx");
- } else {
- dispatcher = this.getServletContext().getRequestDispatcher("/signin.jspx");
- }
- }
- /**
- * Action to take user to account settings page
- */
- else if (action.equals("/goAccountSettings")) {
- String type = (String) session.getAttribute("type");
- //If student user go to student user page
- if(type.equals("student")){
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/accountsettings/accountSettings_s.jspx");
- }
- else if(type.equals("instructor")){
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/accountsettings/accountSettings_i.jspx");
- }
- }
- /**
- * Action to take on updated account information
- */
- else if (action.equals("/updateInstructorAccountSettings")) {
- // Get input
- String password = request.getParameter("inputPassword");
- String department = request.getParameter("departmentInput");
- String privacySetting = request.getParameter("privacySetting");
- // Change data
- InstructorUserProfileManager iUPM = (InstructorUserProfileManager) profileManager;
- if(!((department == null) || (department.equals("")))){
- iUPM.setDepartment(department);
- }
- iUPM.setPrivacySetting(privacySetting);
- if(!((password == null) || (password.equals("")))){
- iUPM.setPassword(password);
- }
- profileManager = iUPM;
- //Update all details
- String username = iUPM.getUsername();
- loginUser(username,password);
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/accountsettings/accountSettings_i.jspx");
- }
- /**
- * Action to take on updated account information
- */
- else if (action.equals("/updateStudentAccountSettings")) {
- // Get input
- String password = request.getParameter("inputPassword");
- String course = request.getParameter("courseInput");
- String year = request.getParameter("courseYearInput");
- String privacySetting = request.getParameter("privacySetting");
- // Change data
- StudentUserProfileManager sUPM = (StudentUserProfileManager) profileManager;
- if(!((course == null) || (course.equals("")))){
- sUPM.setCourse(course);
- }
- sUPM.setCourseYear(year);
- sUPM.setPrivacySetting(privacySetting);
- if(!((password == null) || (password.equals("")))){
- sUPM.setPassword(password);
- }
- profileManager = sUPM;
- //Update all details
- String username = sUPM.getUsername();
- loginUser(username,password);
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/accountsettings/accountSettings_s.jspx");
- }
- /**
- * Action to take user to dashboard page
- */
- else if (action.equals("/goDashboard")) {
- dispatcher = this.getServletContext().getRequestDispatcher("/webmods/dashboard/dashboard.jspx");
- }
- // String enc = URLEncoder.encode("test", "UTF-8");
- //Forward the request to the selected page
- dispatcher.forward(request, response);
- }
- /**
- * Gathers and creates objects to log a user in
- * @param username
- * @param password
- */
- private void loginUser(String username, String password) {
- //Create a LoginManager and check if the user is authentic
- loginManager = new LoginManager(username, password);
- if (loginManager.getUserType().equals("student")) {
- StudentUserProfileManager studentProfileManager = new StudentUserProfileManager(username, password);
- loggedInStudentUser.setUsername(username);
- loggedInStudentUser.setPassword(password);
- loggedInStudentUser.setName(studentProfileManager.getName());
- loggedInStudentUser.setCourseYear(studentProfileManager.getCourseYear());
- loggedInStudentUser.setCourseName(studentProfileManager.getCourseName());
- loggedInStudentUser.setPrivacySetting(studentProfileManager.getPrivacySetting());
- profileManager = studentProfileManager;
- session.setAttribute("loggedInStudentUser",loggedInStudentUser);
- session.setAttribute("type","student");
- }
- if (loginManager.getUserType().equals("instructor")){
- InstructorUserProfileManager instructorProfileManager = new InstructorUserProfileManager(username, password);
- loggedInInstructorUser.setUsername(username);
- loggedInInstructorUser.setPassword(password);
- loggedInInstructorUser.setName(instructorProfileManager.getName());
- loggedInInstructorUser.setDepartment(instructorProfileManager.getDepartment());
- loggedInInstructorUser.setPrivacySetting(instructorProfileManager.getPrivacySetting());
- profileManager = instructorProfileManager;
- session.setAttribute("loggedInInstructorUser",loggedInInstructorUser);
- session.setAttribute("type","instructor");
- }
- }
- // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
- /**
- * Handles the HTTP <code>GET</code> method.
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
- /**
- * Handles the HTTP <code>POST</code> method.
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
- /**
- * Returns a short description of the servlet.
- * @return a String containing servlet description
- */
- @Override
- public String getServletInfo() {
- return "Short description";
- }// </editor-fold>
- }
Thanks