Advanced Internet Programming - Assignments 31242/32549/ AJPCPEAdvanced Internet Programming INFO: What's New FAQ Software Machines Oracle Assignments MODULES: 00 Admin 01 Intro 02 Architecture 03 Servlets 04 JSP 05 JDBC 06 RMI 06 JNDI 07 EJB 08 XML 08 Web Services 09 Security 10 Transactions 11 Legacy 12 Review 99 Design LINKS: START page Faculty of IT UTS Advanced Internet Programming - Assignment 1- Spring 2013 Due date Due date: Wednesday 11 Sept. 2013, 05:30 pm (before the lecture!) Late assignments will be deducted 2 marks per per day late (out of 30). More than fourteen days late the assignment will receive zero. Special consideration for late submission must be arranged beforehand with the subject coordinator. Weighing This assignment is worth 30% of your final grade in the subject and will be marked out of 30. Objectives This assignment is designed to assess objectives # 1. Implement a medium sized web application incorporating multiple data sources, transaction integrity, data and application security; # 2. Describe at a conceptual level, a full e-commerce application; # 3. Describe the components that make up a multi-tier web based application, including application servers; # 7. Compare and contrast competing web application architectures and list their advantages and disadvantages; Description Your task is to write a three-tier application (browser, web application, database) that: Allows the user to view a list of products Allows the user to enter product orders Allows the user to view an order Allows an administrator to list orders Allows an administrator to update orders For this assignment, you will: Design the application, including web site map, database design, architecture and web pages and forms. Create database tables and queries. Use JSP and Servlets to implement the application and presentation logic. See the JSP lecture slides for possible/preferred architectures. It is highly recommended that you implement this assignment with the Model-View-Controller architecture for web applications (i.e. the so-called "Model 2"). Use JDBC to access the database. It is expected that you should use Java EE technologies learnt in the lectures, labs and in the text book. This includes servlets, JSP, and JDBC. You are not required to use EJBs in this assignment. However, remember that assignment 2 is based on this assignment. You should design your application with modularity and components where possible to make transition to EJB's easier. The recommended technique for authentication involves the use of Java EE security roles (see JSP labs), however, other approaches are also acceptable. Business Specification FC Sportsware Pty. Ltd. has decided to launch an Online shop front to sell its range of soccer sportsware and equipment which they expect to both expand their business and cut costs associated with traditional "bricks and mortar" shop fronts. The Online shop front will sell a range of products including jerseys, shorts, socks, balls, goals and nets. Your job is to design and develop a shop front for customers to browse these products, select these products and to buy these products. You will also create a password protected page which lets an administrator list, view and update orders. Part A. Public web site A.1 Entry page Your website should have an introduction web page called index.jsp. This should provide links to the product browsing/product order pages, as well as some overview of what your company does. It should also have a link for the administrator and any documentation for your assignment. A.2 Browsing products Your website should allow the customer to browse the list of products. This list should be organised by the following categories: Jerseys, Shorts, Socks, Gloves, Jackets, Equipment. Consider in your design how this would work if you had 1000's of products! This implies that you should implement some form of pagination, and should allow users to browse products by category. Where possible, try to be flexible so we can add categories and more products later. Try not to hardcode anything. The list of products should include: A product category A product code A product description A product price (in A$) A.3 Product ordering The customer should be able to select one or more products to order. This implies that you will need to have some form of session management, where each customer will have their own "Shopping cart". You are welcome to use any mechanism you wish to manage this, but using HTTP sessions is probably the best way to do this. The customer should be able to enter or select an unlimited quantity for each product order. Your code should cope with adding repeat orders of the same product by adding the quantities together. A.4 Checking out Once the customer has finished selecting and ordering their products, you will need to provide an option to check out. This should provide the following information to the customer Product category Product code Product description Product quantity Line total for each product (quantity * product price) Grand total of the order (sum of all line totals) The customer should then be able to Add more products to the order (ie: continue shopping) Delete products from the order Change quantities of products on the order Cancel the entire order Proceed to purchase the order A.5 Purchasing the order If the customer chooses to purchase the order, they will get a page where they are asked to enter the following information: Name: (Title, Surname, given name) E-mail: (email address) Address: (House/unit number, street, State, Suburb, Postcode, Country) Payment details: (credit card number) After submitting this information, the customer is presented a confirmation page asking them to confirm this information, giving them the option to cancel or proceed. If the customer proceeds, a unique order number must be generated in the format: fituseridnnnn (where fituserid is your Faculty userid and nnnn is a number generated by you. eg: rheise0001). You must then record this order number in the database along with all of the details about the customer's order. After storing the order information, show a final page to the customer quoting their order number with message to confirm that the order has been successfully placed. You are not required to do any processing of this purchasing information. Just record it in a database!! You MUST to create a 7 character column on the order table called status. The various status codes are: ORDERED PAID SENT The initial status code should be 'ORDERED'. Once the customer proceeds, the shopping cart should be reset and they should be returned to the entry page. A.6 Viewing the order A customer should be able to view an existing order. They can do this by entering the order number and surname recorded in the order. This should be via a link on the entry page. Please note that this isn't good practice for real shopping web sites! You should display the following information only for the chosen order: Product Category Product code Product description Product quantity Line total for each product (quantity * cost price of product) Grand total of the order (sum of all line totals) Order status code Part B. Administrator Web site This part of the assignment will test authentication. You will need to develop a password protected part of the web site that will allow suitably authorised staff to update orders with changes to the order status. B.1 Authentication You will need to create a company orders administrator account which will allow the staff to update orders. This should be a link off the entry web page and this should be password protected. You can use BASIC authentication or FORMS based authentication. You will need to create the following users with the following passwords Username: orders Password: orderspw After authenticating, the user will have two options: View a list of outstanding orders Update an order B.2 View a list of outstanding orders Selecting this option will display a combined list of orders that have a status of either 'ORDERED' or 'PAID'. The list should include the following information Order Number Surname Country Postcode Grand Total of order Status code The user should be able to select an order to update. B.3 Update an order The user should be able to enter an order number directly, or this can be selected from the 'List of outstanding orders' above. When an order is selected, the following information should be displayed for the order: Order Number Name: (Title, Surname, given name) E-mail: (email address) Address: (House/unit number, street, State, Suburb, Postcode, Country) Payment details: (credit card number) Order Status. This should be updatable. You can use text boxes, selection lists, radio buttons or any other mechanism. The following information in the order should also be displayed. Product Category Product code Product description Product quantity Line total for each product (quantity * cost price of product) Grand total of the order (sum of all line totals) For this assignment, you will only need to store and retrieve the orders. You are not required to implement the actual ordering process or do any inventory checking. Additional information You can make any reasonable assumptions about this assignment, as long as they are documented. For example, you may change the screen flow to suit your idea of site navigation, or you may choose to limit quantities to reasonable numbers. Do not concentrate on the user interface. This is only worth a couple of marks. Writing the web site in Flash, using fancy graphics, animations etc will not give you extra marks. Keep the navigation and workflow simple and straight forward. Submission and Return Note that this assignment is to be carried out on an individual basis. You are to submit one file only - a WAR file that contains all parts of your submission. The WAR file you submit should be ready-to-deploy into a WebLogic server. This means that all source code must be compiled into Java classes, and the directory structure of the WAR file must be correct. Do not include any files which are not directly related to running your WAR file (for example, backup files, old java files etc). Especially do not just dump your eclipse project. We expect you to export the WAR file with source code included. Important note: If your WAR file is greater than 10Mb you may have uploading problems later. You are allowed to remove any excess libraries, as long as you document what their names are. Your deployment descriptor (web.xml) should indicate the name of the welcome file. You must submit your Java source code in a sub-directory in the WAR file. This can be achieved in Eclipse by right-clicking on your project, selecting "Export WAR", and then clicking the checkbox to include the Java source files. If you wish to supply any additional documentation about your submission, other than comments in the code itself, you should provide it in HTML format, as a file inside your WAR file, with a link to your documentation from the welcome page. If you use Microsoft Word to write documentation, you can simply save it as HTML. It is your responsibility to ensure that any diagrams or graphics in your documentation can be viewed correctly. As a minimum, you should have installation instructions, a brief design document (database design, class description, context diagram, architecture) and comments about what assumptions you have made. You should submit your WAR file by electronically via UTS Online, and you should also submit your code regularly (at least weekly) to our provided subversion repository. We will provide more details on how to submit later, via an announcement on UTS Online. You will need to demonstrate the working of this assignment to your tutor during tutorial hours. You must be prepared to describe and explain your design during this demonstration. It will be helpful to bring a printout of your design documentation with you. You are allowed to demonstrate on a laptop in class!!. Your assignment mark will be finalised and returned 2 weeks after the due date, and a marking sheet will be returned to you with a breakdown of your marks. Expected work load Assuming that you have completed the relevant lab exercises, this assignment is expected to take approximately 25 hours of work. Weighting This assignment counts as 30% towards your final grade. An assignment that does not execute (i.e. will not deploy into a WebLogic server, or crashes during execution) will receive no more than half the marks available for this assignment. An assignment that is not demonstrated during the lab session on the due date will receive no more than half the marks available for this assignment. You must submit regular (at least weekly) progress on your assignment to our subversion repository. If you do not submit weekly, there will be a penalty of 2 marks (out of 30) for each week in which regular progress is not submitted. You can demonstrate this assignment on laptops or windows if you wish. The key elements of the assignment are to show that you can build an e-commerce website using Java EE technologies. The marking criteria for this assignment are as follows. The following table illustrates what is required of an assignment to achieve a particular mark: Mark range Description 25.5-30 (High Distinction equivalent) To achieve a mark in this range, assignments must satisfy all the requirements for a Distinction grade, but in addition must demonstrate an excellent understanding of the architecture and technologies used in creating three-tier enterprise applications with Java. In addition, assignments in this range must demonstrate originality in their design and/or coding. Note that a large number of hours spent working on the assignment does not necessarily imply that it demonstrates originality. 22.5-25 (Distinction equivalent) To achieve a mark in this range, assignments must satisfy all the requirements for a Credit grade, but in addition must demonstrate a very good understanding of the architecture and technologies used in creating three-tier enterprise applications with Java. The design must be sound and the coding must be of a high quality. All requirements described in the assignment problem must be satisfied. 19.5-22 (Credit equivalent) To achieve a mark in this range, assignments must satisfy all the requirements for a Pass grade, but the design and coding of the assignment must be more than the "minimum" standard in order to pass. That means the design must show evidence of understanding the Java EE architecture, the application must implement at least 80% of the required functionality and the coding must be good quality. 15-19 (Pass equivalent) To achieve a mark in this range, assignments must solve the problem described using Java EE technologies, but may do so in a simplistic way. Some of the harder requirements may perhaps be omitted, but the application must implement at least 60% of the required functionality, including authentication. < 15 (Fail equivalent) An assignment that does not satisfy the basic requirements of this assignment will not achieve a passing grade. Also, an assignment that does not compile, deploy, or does not execute will also not pass. Some of the features that will be considered when marking the assignment are listed below. Features not on this list may also be assessed if they are relevant to the quality of your assignment. completeness of the assignment. How much of the specification is implemented? overall architecture and design of application level of understanding shown in the demonstration of the solution separation of business logic from presentation logic as much as possible appropriate user interface (a simple interface is adequate, so long as it is easy to use and navigate) appropriate workflow from a user perspective correct syntax of web.xml deployment descriptor, and correct directory structure in WAR file use of relative URLs for SRC, HREF, etc. HTML attributes correct use of RequestDispatcher forwarding and including if appropriate avoidance of hard-coding values where possible (use ) database table structure chosen good encapsulation/reuse of JDBC database code efficient use of database connections The following features are optional, but may reflect favourably on the overall quality of your assignment: implementation of security using container-managed authentication (users should not be able to bypass security) use of container-managed database connection pools visually appealing and well-designed user interface use of welcome-file to specify entry URL for application consideration for how well the application design would scale to deal with with thousands of products flexibility of application design, to simplify the transition to using EJBs later. Collaboration/plagiarism Note that this is an individual assignment. Students are reminded of the principles laid down in the Statement of Good Practice and Ethics in Informal Assessment in the Faculty Handbook. Assignments in this Subject should be your own original work. Any collaboration with another participant should be limited to those matters described in the "Acceptable Behaviour" section. Designs and code from the supplied references, lab material, the Internet or any other source should be acknowledged in the form of comments within the code and/or documentation. In particular, specific code, or forms design, are not to be shared, or developed jointly. Students are not to give other students copies of their assessable work in any form (hard copy or an electronic file). To do so is 'academic misconduct' and is a breach of University Rule 5.3(1)(b). That is, assisting other students to cheat or to act dishonestly in a submitted assignment. Accidental submission of another students work as your own is considered to be a breach of Rule 5.3(1)(a) in that you are acting dishonestly since you should not have a copy of another student's work anyway! Any infringement by a student will be considered a breach of discipline and will be dealt with in accordance with the Rules and By-Laws of the University. The Faculty penalty for proven misconduct of this nature is zero marks for the Subject. For more information go to http://www.gsu.uts.edu.au/policies/assessment-coursework.html. © 2013 University of Technology, Sydney. All Rights Reserved. Redistribution without permission prohibited.