/** Copyright 2004 The Apache Software Foundation** Licensed under the Apache License, Version 2.0 (the "License");* you may not use this file except in compliance with the License.* You may obtain a copy of the License at**     http://www.apache.org/licenses/LICENSE-2.0** Unless required by applicable law or agreed to in writing, software* distributed under the License is distributed on an "AS IS" BASIS,* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.* See the License for the specific language governing permissions and* limitations under the License.*/package javax.servlet.http;import java.io.IOException;import java.io.PrintWriter;import java.io.OutputStreamWriter;import java.io.UnsupportedEncodingException;import java.lang.reflect.Method;import java.text.MessageFormat;import java.util.Enumeration;import java.util.Locale;import java.util.ResourceBundle;import javax.servlet.GenericServlet;import javax.servlet.ServletException;import javax.servlet.ServletOutputStream;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;/** * * Provides an abstract class to be subclassed to create * an HTTP servlet suitable for a Web site. A subclass of * <code>HttpServlet</code> must override at least  * one method, usually one of these: * * <ul> * <li> <code>doGet</code>, if the servlet supports HTTP GET requests * <li> <code>doPost</code>, for HTTP POST requests * <li> <code>doPut</code>, for HTTP PUT requests * <li> <code>doDelete</code>, for HTTP DELETE requests * <li> <code>init</code> and <code>destroy</code>,  * to manage resources that are held for the life of the servlet * <li> <code>getServletInfo</code>, which the servlet uses to * provide information about itself  * </ul> * * <p>There's almost no reason to override the <code>service</code> * method. <code>service</code> handles standard HTTP * requests by dispatching them to the handler methods * for each HTTP request type (the <code>do</code><i>XXX</i> * methods listed above). * * <p>Likewise, there's almost no reason to override the  * <code>doOptions</code> and <code>doTrace</code> methods. *  * <p>Servlets typically run on multithreaded servers, * so be aware that a servlet must handle concurrent * requests and be careful to synchronize access to shared resources. * Shared resources include in-memory data such as * instance or class variables and external objects * such as files, database connections, and network  * connections. * See the * <a href="http://java.sun.com/Series/Tutorial/java/threads/multithreaded.html"> * Java Tutorial on Multithreaded Programming</a> for more * information on handling multiple threads in a Java program. * * @author	Various * @version	$Version$ * */public abstract class HttpServlet extends GenericServlet    implements java.io.Serializable{    private static final String METHOD_DELETE = "DELETE";    private static final String METHOD_HEAD = "HEAD";    private static final String METHOD_GET = "GET";    private static final String METHOD_OPTIONS = "OPTIONS";    private static final String METHOD_POST = "POST";    private static final String METHOD_PUT = "PUT";    private static final String METHOD_TRACE = "TRACE";    private static final String HEADER_IFMODSINCE = "If-Modified-Since";    private static final String HEADER_LASTMOD = "Last-Modified";        private static final String LSTRING_FILE =	"javax.servlet.http.LocalStrings";    private static ResourceBundle lStrings =	ResourceBundle.getBundle(LSTRING_FILE);                 /**     * Does nothing, because this is an abstract class.     *      */    public HttpServlet() { }            /**     *     * Called by the server (via the <code>service</code> method) to     * allow a servlet to handle a GET request.      *     * <p>Overriding this method to support a GET request also     * automatically supports an HTTP HEAD request. A HEAD     * request is a GET request that returns no body in the     * response, only the request header fields.     *     * <p>When overriding this method, read the request data,     * write the response headers, get the response's writer or      * output stream object, and finally, write the response data.     * It's best to include content type and encoding. When using     * a <code>PrintWriter</code> object to return the response,     * set the content type before accessing the     * <code>PrintWriter</code> object.     *     * <p>The servlet container must write the headers before     * committing the response, because in HTTP the headers must be sent     * before the response body.     *     * <p>Where possible, set the Content-Length header (with the     * {@link javax.servlet.ServletResponse#setContentLength} method),     * to allow the servlet container to use a persistent connection      * to return its response to the client, improving performance.     * The content length is automatically set if the entire response fits     * inside the response buffer.     *     * <p>When using HTTP 1.1 chunked encoding (which means that the response     * has a Transfer-Encoding header), do not set the Content-Length header.     *     * <p>The GET method should be safe, that is, without     * any side effects for which users are held responsible.     * For example, most form queries have no side effects.     * If a client request is intended to change stored data,     * the request should use some other HTTP method.     *     * <p>The GET method should also be idempotent, meaning     * that it can be safely repeated. Sometimes making a     * method safe also makes it idempotent. For example,      * repeating queries is both safe and idempotent, but     * buying a product online or modifying data is neither     * safe nor idempotent.      *     * <p>If the request is incorrectly formatted, <code>doGet</code>     * returns an HTTP "Bad Request" message.     *      *     * @param req	an {@link HttpServletRequest} object that     *			contains the request the client has made     *			of the servlet     *     * @param resp	an {@link HttpServletResponse} object that     *			contains the response the servlet sends     *			to the client     *      * @exception IOException	if an input or output error is      *				detected when the servlet handles     *				the GET request     *     * @exception ServletException	if the request for the GET     *					could not be handled     *     *      * @see javax.servlet.ServletResponse#setContentType     *     */    protected void doGet(HttpServletRequest req, HttpServletResponse resp)	throws ServletException, IOException    {	String protocol = req.getProtocol();	String msg = lStrings.getString("http.method_get_not_supported");	if (protocol.endsWith("1.1")) {	    resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, msg);	} else {	    resp.sendError(HttpServletResponse.SC_BAD_REQUEST, msg);	}    }    /**     *     * Returns the time the <code>HttpServletRequest</code>     * object was last modified,     * in milliseconds since midnight January 1, 1970 GMT.     * If the time is unknown, this method returns a negative     * number (the default).     *     * <p>Servlets that support HTTP GET requests and can quickly determine     * their last modification time should override this method.     * This makes browser and proxy caches work more effectively,     * reducing the load on server and network resources.     *     *     * @param req	the <code>HttpServletRequest</code>      *			object that is sent to the servlet     *     * @return		a <code>long</code> integer specifying     *			the time the <code>HttpServletRequest</code>     *			object was last modified, in milliseconds     *			since midnight, January 1, 1970 GMT, or     *			-1 if the time is not known     *     */    protected long getLastModified(HttpServletRequest req) {	return -1;    }    /**     *      *     * <p>Receives an HTTP HEAD request from the protected     * <code>service</code> method and handles the     * request.     * The client sends a HEAD request when it wants     * to see only the headers of a response, such as     * Content-Type or Content-Length. The HTTP HEAD     * method counts the output bytes in the response     * to set the Content-Length header accurately.     *     * <p>If you override this method, you can avoid computing     * the response body and just set the response headers     * directly to improve performance. Make sure that the     * <code>doHead</code> method you write is both safe     * and idempotent (that is, protects itself from being     * called multiple times for one HTTP HEAD request).     *     * <p>If the HTTP HEAD request is incorrectly formatted,     * <code>doHead</code> returns an HTTP "Bad Request"     * message.     *     *     * @param req	the request object that is passed     *			to the servlet     *			     * @param resp	the response object that the servlet     *			uses to return the headers to the clien     *     * @exception IOException		if an input or output error occurs     *     * @exception ServletException	if the request for the HEAD     *					could not be handled     */    protected void doHead(HttpServletRequest req, HttpServletResponse resp)	throws ServletException, IOException    {	NoBodyResponse response = new NoBodyResponse(resp);		doGet(req, response);	response.setContentLength();    }        /**     *     * Called by the server (via the <code>service</code> method)     * to allow a servlet to handle a POST request.     *     * The HTTP POST method allows the client to send     * data of unlimited length to the Web server a single time     * and is useful when posting information such as     * credit card numbers.     *     * <p>When overriding this method, read the request data,     * write the response headers, get the response's writer or output     * stream object, and finally, write the response data. It's best      * to include content type and encoding. When using a     * <code>PrintWriter</code> object to return the response, set the      * content type before accessing the <code>PrintWriter</code> object.      *     * <p>The servlet container must write the headers before committing the     * response, because in HTTP the headers must be sent before the      * response body.     *     * <p>Where possible, set the Content-Length header (with the     * {@link javax.servlet.ServletResponse#setContentLength} method),     * to allow the servlet container to use a persistent connection      * to return its response to the client, improving performance.     * The content length is automatically set if the entire response fits     * inside the response buffer.       *     * <p>When using HTTP 1.1 chunked encoding (which means that the response     * has a Transfer-Encoding header), do not set the Content-Length header.      *     * <p>This method does not need to be either safe or idempotent.     * Operations requested through POST can have side effects for     * which the user can be held accountable, for example,      * updating stored data or buying items online.     *     * <p>If the HTTP POST request is incorrectly formatted,     * <code>doPost</code> returns an HTTP "Bad Request" message.     *     *     * @param req	an {@link HttpServletRequest} object that     *			contains the request the client has made     *			of the servlet     *     * @param resp	an {@link HttpServletResponse} object that     *			contains the response the servlet sends     *			to the client     *      * @exception IOException	if an input or output error is      *				detected when the servlet handles     *				the request     *     * @exception ServletException	if the request for the POST     *					could not be handled     *     *     * @see javax.servlet.ServletOutputStream     * @see javax.servlet.ServletResponse#setContentType     *     *     */    protected void doPost(HttpServletRequest req, HttpServletResponse resp)