Information Technology Security (Developing Enterprise Systems)

danish.dan

Project.pdf

Home >Information Systems homework help >Information Technology Security (Developing Enterprise Systems)

MITS5502

Developing Enterprise Systems

Project

50% deduction for Late Submission within one week

0 mark for Late Submission more than one week

0 mark for duplicated Submission or Shared Work

You will be marked based on your submitted zipped file on Moodle. You are

most welcome to check your file with your lab tutor before your submission.

No excuse will be accepted due to file corruption, absence from lecture or lab

classes where details of lab requirements may be given.

Please make sure that you attend Lecture EVERY WEEK as low

attendance may result in academic penalty or failure of this unit.

MITS5502 Project

Table of Contents

Objectives ....................................................................................................................................... 3

An Introduction to the Project ......................................................................................................... 3

How to develop the Project ............................................................................................................. 5

What to Submit ............................................................................................................................... 5

The Project ...................................................................................................................................... 6

Part_1: Product Maintenance (solution given) ............................................................................... 6

Part_2: Product Maintenance with custom tag validation (solution given) .................................. 12

Part_3: Product Maintenance with a database using JDBC (to be submitted) ............................. 13

Part_4: Product Maintenance with a database using JPA (to be submitted) ................................. 14

Part_5: Product Maintenance with SSL and authentication (to be submitted) ............................. 15

Part_6: Product Maintenance within the Music Store web site (to be submitted) ........................ 17

MITS5502 Project

Objectives

This assessment item relates to the unit learning outcomes as in the unit descriptors. It is worth

40% of the total marks for the unit. The project in this document let you apply the enterprise

application design skills that you learn in MITS5502 by creating a Product Maintenance

application that lets users add, update, and delete the product records that are available to the

application.

NOTE: The solutions of the first two parts are given to you to give you a general idea of what you

are expected to do. Make sure you read the description of each part and try to do the first two parts

even though the solutions are given.

An Introduction to the Project

The Project is divided into six smaller parts that each part builds upon the previous parts. Each

Project part should take about 1.5 hours to complete.

Project parts General description and tasks Weightage

Part_1 Solution provided 0%

Part_2 Solution provided 0%

Part_3 Use Part_2 to complete this part (copy Part_2 and rename it Part_3) 10%

Part_4 Use Part_3 to complete this part (copy Part_3 and rename it Part_4) 10%

Part_5 Use Part_4 to complete this part (copy Part_4 and rename it Part_5) 10%

Part_6 Use Part_5 to complete this part (copy Part_5 and rename it Part_6) 10%

MITS5502 Project

Use NetBeans IDE to rename. Right click the project folder and choose rename option. Don’t

forget to check “Also Rename Project Folder”.

Figure 1 Rename option

Figure 2 Rename Project Folder

MITS5502 Project

How to develop the Project

The description of each Project part includes images that show how the pages should appear in a

browser, a general description of the operation of the project’s pages, and some general

specifications for how the project should be coded. This information is detailed enough for you

to complete the project. However, you will need to determine any unspecified details on your

own. For example, you will need to create your own names for the servlet and JSP files that you

create, you will need to determine what error messages to display when the user enters invalid

data, and so on.

Unless you’re instructed otherwise, you can implement each Project using any programming

techniques you wish. In some cases, however, the project’s specifications will direct you to use a

specific programming technique. In that case, you should implement the project as directed.

NOTE: Make sure you take screenshots of each step as well as output results and paste them

into “studentIDMITS5502.doc” with appropriate heading. Your Project will not be marked if this

word document is missing.

What to Submit

(1) A root folder “studentIDMITS5502_Project” containing:

(A) “studentIDMITS5502.doc”

(B) The Project folders

i. Part_1

ii. Part_2

iii. Part_3 (and your codes to complete this Part)

iv. Part_4 (and your codes to complete this Part)

v. Part_5 (and your codes to complete this Part)

vi. Part_6 (and your codes to complete this Part)

(2) Your responses to each Project part should be in the form of a written essay (use the temple

given on Moodle) which includes:

(A) Front page

(B) TOC

(D) Explanation and screenshot of all steps involved in the Project application (code,

all output tests including reports, IDE project structure … etc.). Make sure you put

all in each appropriate heading according to the TOC.

(E) Used references

(F) The name of the Word document should be “studentIDMITS5502.doc”

You are required to zip the root folder (1) for submission via Moodle by the due date.

NOTE: Your Project will not be marked if any one of the 2 items above is missing.

MITS5502 Project

The Project The following pages present the user interface, operation, and specifications for each project. As

you view these pages, remember that each part builds upon the previous parts.

Part_1: Product Maintenance (solution given)

For this part, you’ll create a series of pages that allow you to add, update, or delete a product that’s

available to the application.

The Index page

The Products page

The Product page

MITS5502 Project

The Confirm Delete page

Operation

(1) When the application starts, it displays the Index page. This page contains a link that leads to the Products page that can be used to add, update, or delete products.

(2) To add a new product, the user selects the Add Product button. This displays the Product page with all text fields empty. Then, the user can fill in the text fields and click on the Update Product

button to add the product.

(3) To edit an existing product, the user selects the Edit link for the product. This displays the Product page with all existing data for the product displayed. Then, the user can edit any entries

and click on the Update Product button to update the data for the existing product.

(4) To delete a product, the user selects the Delete link for the product. This displays the Confirm Delete page. Then, if the user confirms the deletion by selecting the Yes button, the product is

deleted and the Products page is displayed to reflect the new data. If the user selects the No

button, the Products page is displayed.

Specifications

(1) Use a Product class like the one shown later in this document to store the product data.

(2) Use a ProductIO class like the one shown later in this document to read and write the product data

to a text file named products.txt in the WEB-INF directory.

(3) Use a text file like the products.txt file shown later in this document as a starting point for the

products that are available to the application.

(4) Use server-side validation to validate all user entries. In particular, make sure the user enters a code,

description, and price for each product. In addition, make sure the product’s price is a valid double

value.

(5) If possible, get the Product.java, ProductIO.java, and product.txt files from your instructor or

trainer. Otherwise, you can create these files yourself.

MITS5502 Project

The Product class

package music.business;

import java.text.NumberFormat;

import java.io.Serializable;

public class Product implements Serializable {

private Long productId;

private String code;

private String description;

private double price;

public Product() {}

public Long getId() {

return productId;

}

public void setId(Long productId) {

this.productId = productId;

}

public void setCode(String code) {

this.code = code;

}

public String getCode() {

return code;

}

public void setDescription(String description) {

this.description = description;

}

public String getDescription() {

return description;

}

public String getArtistName() {

String artistName =

description.substring(0, description.indexOf(" - "));

return artistName;

}

public String getAlbumName() {

String albumName =

description.substring(description.indexOf(" - ") + 3);

return albumName;

}

public void setPrice(double price) {

this.price = price;

}

public double getPrice() {

return price;

}

MITS5502 Project

public String getPriceCurrencyFormat() {

NumberFormat currency = NumberFormat.getCurrencyInstance();

return currency.format(price);

}

public String getImageURL() {

String imageURL = "/musicStore/images/" + code + "_cover.jpg";

return imageURL;

}

public String getProductType() {

return "Audio CD";

}

The ProductIO class

package music.data;

import java.io.*;

import java.util.*;

import music.business.*;

public class ProductIO {

private static List<Product> products = null;

private static String filePath = null;

// Called once from the controller based on servlet context

public static void init(String filePath) {

ProductIO.filePath = filePath;

}

public static List<Product> selectProducts() {

products = new ArrayList<Product>();

File file = new File(filePath);

try {

BufferedReader in

= new BufferedReader(

new FileReader(file));

String line = in.readLine();

while (line != null) {

StringTokenizer t = new StringTokenizer(line, "|");

if (t.countTokens() >= 3) {

String code = t.nextToken();

String description = t.nextToken();

String priceAsString = t.nextToken();

double price = Double.parseDouble(priceAsString);

Product p = new Product();

p.setCode(code);

p.setDescription(description);

p.setPrice(price);

products.add(p);

}

line = in.readLine();

}

in.close();

return products;

MITS5502 Project

} catch (IOException e) {

System.out.println(e);

return null;

}

public static Product selectProduct(String productCode) {

products = selectProducts();

for (Product p : products) {

if (productCode != null

&& productCode.equalsIgnoreCase(p.getCode())) {

return p;

}

return null;

}

public static boolean exists(String productCode) {

Product p = selectProduct(productCode);

if (p != null) return true;

else return false;

}

private static void saveProducts(List<Product> products) {

try {

File file = new File(filePath);

PrintWriter out

= new PrintWriter(

new FileWriter(file));

for (Product p : products) {

out.println(p.getCode() + "|"

+ p.getDescription() + "|"

+ p.getPrice());

}

out.close();

} catch (IOException e) {

System.out.println(e);

}

public static void insertProduct(Product product) {

products = selectProducts();

products.add(product);

saveProducts(products);

}

public static void updateProduct(Product product) {

products = selectProducts();

for (int i = 0; i < products.size(); i++) {

Product p = products.get(i);

if (product.getCode() != null

&& product.getCode().equalsIgnoreCase(p.getCode())) {

products.set(i, product);

}

saveProducts(products);

}

MITS5502 Project

public static void deleteProduct(Product product) {

products = selectProducts();

for (int i = 0; i < products.size(); i++) {

Product p = products.get(i);

if (product != null

&& product.getCode().equalsIgnoreCase(p.getCode())) {

products.remove(i);

}

saveProducts(products);

}

A product.txt file that contains four products

8601|86 (the band) - True Life Songs and Pictures|14.95

pf01|Paddlefoot - The first CD|12.95

pf02|Paddlefoot - The second CD|14.95

jr01|Joe Rut - Genuine Wood Grained Finish|14.95

MITS5502 Project

Part_2: Product Maintenance with custom tag validation (solution given)

For this Part, you’ll enhance the application described in Part_1 by adding a custom tag to validate user

entries.

The Product page with custom tags for validation

Specifications

(1) Use a custom tag to mark empty fields that are required on the Product page with an asterisk.

MITS5502 Project

Part_3: Product Maintenance with a database using JDBC (to be submitted)

For this Part, you’ll enhance the application described in the previous Parts by modifying it so it uses a

database instead of a text file to store the product data. You’ll use JDBC to work with the data (look hard

as solution is also provided). Don’t forget to:

(A) change the password according to your MySQL setup (see below) (B) import the database if you haven’t done so (download db in Lesson 9 folder and use

create_databases.sql during import in MySQL workbench).

The Products page

Specifications

(1) Use a class named ProductDB that’s in the music.data package to add, update, and delete the

products in the Product Maintenance application. This class should use JDBC.

(2) Use a connection pool as described in chapter 12.

(3) Use the music database (available on Moodle for download as DB.zip)

MITS5502 Project

Part_4: Product Maintenance with a database using JPA (to be submitted)

For this Part, you’ll convert the application in the previous Parts so it uses JPA instead of JDBC to work

with a database.

The Products page

Specifications

(1) Add JPA annotations to the Product class.

(2) Use a class named ProductDB that’s in the music.data package to add, update, and delete the

products in the Product Maintenance application. This class should use the EclipseLink JPA

provider.

(3) Since the EclipseLink JPA provider automatically creates a connection pool, please delete any old

code that creates a connection pool for JDBC.

(4) Use the music database (available on Moodle for download as DB.zip)

MITS5502 Project

Part_5: Product Maintenance with SSL and authentication (to be submitted)

For this Part, you’ll enhance the application described in the previous Parts by modifying it so it uses a

secure connection and only allows authorized users (refer to chapters 1-13, 15, and 16 of textbook B)

The Index page

The Warning page for a secure connection

The Login page with a secure connection

MITS5502 Project

The Products page with a secure connection

Specifications

(1) Restrict access to all pages except the Index page. Only allow users in the programmer role and

customer service role to access the rest of the pages in the Product Maintenance application. To do

that, use the UserPass and UserRole tables in the murach database to define the usernames and

passwords for these roles.

(2) Use a secure connection for all pages except the Index page.

MITS5502 Project

Part_6: Product Maintenance within the Music Store web site (to be submitted)

For this project, you’ll enhance the application described in the previous projects by adding it to the

admin section of the Music Store web site. (Prerequisites: 1-13,15, 16, 22 and 23)

The Login page

The Admin Menu page

The Products page

MITS5502 Project

The Add/Update Product page

The Confirm Delete page

Specifications

(1) Add the JSP files for the Product Maintenance application to the admin directory of the

Music Store web site.

(2) Add the controller servlet for the Product Maintenance application to the music.admin

package of the Music Store web site.

(3) Modify the admin/index.jsp file of the Music Store web site so it includes a button that

starts the newly added Product Maintenance application.

(4) Modify all necessary JSP, CSS, Java, and XML files within the Music Store web site so

they work with the newly added Product Maintenance application.

(5) In the controller for the Product Maintenance application, use the getRequestURI method

to determine which action to process as shown in chapter 22. If the URL doesn’t match

any actions in your application, use the sendError method of the response object to send a

404 error to the user to indicate that the page isn’t available.

(6) Don’t break the other applications in the existing Music Store web site.