The source code of MySQLServletSecure.java :
<![CDATA[
/* Java servlet to access CS MySQL database directly
Fetches my authentication data securely from a file.
Needs MySQL Connector/J driver in the classpath (e.g. WEB-INF/lib/).
Simon Jones
*/
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.*;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class MySQLServletSecure extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException,
ServletException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC " + "\"-//W3C//DTD HTML 4.01 " + "Transitional//EN\">");
out.println("<html><body><pre>");
// Now fetch username and password securely
String username = null;
String password = null;
try {
BufferedReader userPassIn =
new BufferedReader(
new FileReader("/home/sbj/servlet/WEB-INF/mysqlauth"));
username = userPassIn.readLine();
password = userPassIn.readLine();
userPassIn.close();
}
catch (IOException e) {
out.println("Failed to read authorization file "
+ e.getMessage()) ;
return;
}
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://shark.cs.stir.ac.uk/"+username; // The last part is the name of the database
Connection con;
ResultSet rs;
Statement stmt;
try {
Class.forName(driver);
}
catch (java.lang.ClassNotFoundException e) {
out.print("ClassNotFoundException: ");
out.println(e.getMessage());
}
try {
con = DriverManager.getConnection(url, username, password) ;
stmt = con.createStatement();
rs = stmt.executeQuery("SELECT DISTINCT Season, Title FROM sbj.Panto"); // Note the sbj.
ResultSetMetaData rsmd = rs.getMetaData();
int numberOfColumns = rsmd.getColumnCount();
int rowCount = 0;
while (rs.next()) {
out.println("Row " + (++rowCount) + ": ");
for (int i = 1; i <= numberOfColumns; i++) {
out.print(" Column " + i + ": ");
out.print(rsmd.getColumnLabel(i) + ": "); // or could use columnName
out.println(rs.getString(i));
}
}
con.close();
}
catch (SQLException ex) {
out.println("SQLException: " + ex.getMessage());
}
out.println("</pre></body></html>");
}
}
]]>