Wednesday, August 12, 2009

What are different methods in HttpServlet ? Also what are advantages of Get and POST methods?

There are two main methods by which data can be sent to Servlets. They are GET and POST. Here is the over view of sample Servlet and the methods youshould be over riding.

public abstract synchronized class HttpServlet extendsGenericServlet implements Serializable
{
protected void doGet (HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
// If from the Form, the data is submitted using GET method then this method
// is called. Also by default when this Servlet is called from Browser then this
// method is called.
}

protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
// If from the Form, the data is submitted using PUT method then this method is called
}

protected void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
// If you must respond to requestsmade by a client that is not using the
// HTTP protocol, you must use service(). You normally should never need
// to override this method, except in special cases.
}
}


If you want to support doPost and doGet from same servlet, then in either doPost or doGet method, which ever is getting called, call the other method using doGet(request, response) or doPost(request,response)

For security reasons if the data being submitted is sensitive, then it's always preferred to use POST method so that the elements don't shown up in URL. When submitted using GET, then all the elements get appended to the URL. If user clicks on a third party click and if that server is logging the Referrer, then the entire URL is saved, which will also have sensitive information.

Also there are limitations of amount of data that can be sent through GET method. Some Operating Systems have a limitation on the Max Length of the URL, which is normally 255 characters. If sending through GET method, then the total length of the target Servlet name and all parameters dataneed to be less than 255 characters.

No comments:

Post a Comment