Prentice Hall and Sun Microsystems. Personal use only; do not redistribute.

110

Chapter 4 Handling the Client Request: HTTP Request Headers

Listing 4.3 ProtectedPage.java 

package coreservlets;

import java.io.*;

import javax.servlet.*;

import javax.servlet.http.*;

import java.util.Properties;

import sun.misc.BASE64Decoder;

/** Example of password protected pages handled directly

 *  by servlets.

*/

public class ProtectedPage extends HttpServlet {

  private Properties passwords;

  private String passwordFile;

  /** Read the password file from the location specified

   *  by the passwordFile initialization parameter.

   */

  public void init(ServletConfig config)

      throws ServletException {

    super.init(config);

    try {

      passwordFile = config.getInitParameter("passwordFile");

      passwords = new Properties();

      passwords.load(new FileInputStream(passwordFile));

    } catch(IOException ioe) {}

  }

  public void doGet(HttpServletRequest request,

                    HttpServletResponse response)

      throws ServletException, IOException {

    response.setContentType("text/html");

    PrintWriter out = response.getWriter();

    String authorization = request.getHeader("Authorization");

    if (authorization == null) {

      askForPassword(response);

    } else {

      String userInfo = authorization.substring(6).trim();

Second edition of this book: www.coreservlets.com; Sequel: www.moreservlets.com.

Servlet and JSP training courses by book's author: courses.coreservlets.com.