CSI5389 - Project
Worth 50 marks out of a 100 for the course.
Projects will be done in groups of 4-5
people.
There will be 4 parts to the project this
term.
Each group will receive a group mark for
their project after each part is handed in EXCEPT for Part D, Demonstration
Review. Each student receives an individual mark for Part D.
All parts, except Part D, will be submitted
in electronic form to both the professor (lpeyton@site.uottawa.ca) and the TA
(TBD).
LATE POLICY:
-2 marks/deliverable for any part of the
project that is handed in after the due date
-4 marks/deliverable if it is handed in more
than 1 week after the due date
No deliverables will be accepted that are
handed in more than 2 weeks after the due date.
Only in very rare circumstances will
extensions be given. AND only if the request is made in a timely fashion. E.g.
if you want a 1 week extension, you must ask me at least 1 week before the due
date AND have a valid reason for needing one.
Environment:
Students are responsible for setting up their
own project environments. Arrangements have been made so that the following are
part of the standard setup in both the graduate and undergraduate labs. There is a setup
document which describes where to get these and how to install them if you
are setting up your own environment (at home or in your research lab). Note it
may not point to the most current releases, see below and the References page.
Java SDK 1.4
Tomcat 5.0 (open
source Java web server which supports servlets)
MySQL 4.0 (open
source SQL database)
Connector J 3.0
(JDBC driver for MySQL)
You may use other environments as long as
they are Java based and your project work uses servlets and JDBC. Please see
the course References page
for links to Tomcat, and MySQL (including jdbc drivers, and user interfaces).
There are often hiccups in getting your
environment configured and setup. Students are actively ENCOURAGED to
collaborate and help each other. If you have any problems getting set up,
please report them on the WEBCT FORUM for the class. If you are set up, read
the forum and offer help.
Part A - Setup (5 marks) DUE: Sept. 24
Each group must set up their project
environment and then run the code samples
that will verify their environment is working as described in this document.
Deliverable: email lpeyton@site.uottawa a message that
contains:
- a name for your
group
- a list of members
including a name, student # and email for each member
-identify the
contact person for the group (who should have sent the email
-include a SINGLE
screen shot that shows
a) their login (if
using the school labs) or the machine name (if they are working off-campus)
b) one or two of
the samples running correctly
Part B - Diary Application (20 marks) DUE:
October 22
Create an online website where individuals
can keep their own private diary … and include mechanisms that let them share
selected entries with other individuals if they so desire.
See the full
specification of what is expected.
Deliverable: a single zip file containing the
following (in a reasonable folder hierarchy)
a) Design document
which explains the architecture and algorithms used (a roadmap to the source
code if you will) and illustrates with a few screenshots of the application
running.
b) Clearly
documented and well organized source code.
c) Test drivers and
test data AND an execution log file or screen shot that demonstrates the test
driver running successfully with the test data for your dbAgent, XMLAgent and
each servlet in your solution.
d) A very brief
explanation of what each member of the group contributed.
Please see the marking scheme
for this part.
Part C - Secure Diary Application With
Usage Statistics (15 marks) DUE: November 16
You will secure your diary application
created in part B above, and create a Statistics server that your diary
application will use to log statistics about User activity. The diary application will send requests to the
Statistics server using a special communication protocol.
You need to do the following:
1.
Support https. Modify your TOMCAT
server to support https as described in this document. Then modify your diary web site from part B
above so that all links, buttons etc. use https instead of http.
2.
Create a new separate statistics database. The statistics database has one table,
EventLog, which has columns: logid user logevent logtdate. The table will keep a log when one of the
following events happens in the diary website: Login, Display Entry, Add Entry,
Share Entry, Delete Entry. Below is an
example of the sort of data that EventLog could contain.
eventlogid |
user |
logevent |
logdate |
1 |
sam |
login |
2003/09/09 |
2 |
sam |
display |
2003/09/09 |
3 |
sam |
share |
2003/09/09 |
4 |
jane |
login |
2003/0/910 |
5 |
jane |
add |
2003/09/10 |
6 |
jane |
display |
2003/09/10 |
7 |
jane |
delete |
2003/09/10 |
3. Create a request wrapper utility that can be
used to assemble requests on the client and disassemble them on the
server. Each request has only two
fields: user and logevent. The request
consists of a single string that starts and ends with !, and which separates
the two fields with a single /. So the messages that would correspond to the
example data in #2 above would be:
!sam/login!
!sam/display!
!sam/share!
!jane/login!
!jane/add!
!jane/display!
!jane/delete!
Note that no escape characters are
needed. Instead, you will ensure that
user names and logevent names can not contain / or !
4.
Create a StatisticsClient component that can be called (as a java
object) from the servlets within your Diary application to log events. It will support a single operation: -logEvent
<user> <logevent>. The StatisticsClient
component will send requests (created using the request wrapper utility from #3
above) to the Statistics server using the communication protocol described here.
5.
Create a Statistics Server that will run as a standalone, multi-threaded
server. It will receive requests from
the StatisticsClient and log them in the statistics database.
6.
Secure the communication between the StatisticsClient component and the Statistics Server using
SSL. This ZIP file contains an example client and
server, as well as the PREDEFINED keystore and certificate files you will need.
You can also choose to generate your own keystore and certificate files by
following the instructions in the attached
document
7.
Create a new separate web application, using servlets that can be used
to view the statistics in the database.
The web application should provide an interface where the user can select
a user name (or the keyword ALL USERS) and enter a start date and end date and
then see a report summarizing user activity for that period. This functionality is only available to
administrators who know the administrative password “halloween”. (You DO NOT need to define administrators in
your database). An example of 3
different reports that could be generated for the example data from #2 above is
shown below:
User Activity Report - Sam
Start
Date: 20003/09/09
End
Date: 2003/09/10
Login Display Add Share Delete Total
1 1 1 3
User Activity Report - Jane
Start
Date: 20003/09/09
End
Date: 2003/09/10
Login Display Add Share Delete Total
1 1 1 1 4
User Activity Report – ALL USERS
Start
Date: 20003/09/09
End
Date: 2003/09/10
Login Display Add Share Delete Total
2 2 1 1 1 7
8. Hand in the following Deliverable, a zip file containing the following (in a reasonable
folder hierarchy)
a) Design document
which explains the architecture and design of your systems for user activity
logging and reporting. It should contain
only two screenshots: one screen shots which shows your diary running under
https and one screen shot which shows the creation of a sample user activity
report.
b) Clearly
documented and well organized source code.
c) Test framework
(inputs, expected results) which validates your user activity logging and
reporting.
c) A very brief
explanation of what each member of the group contributed
Please see the marking scheme
for this part.
Part D - Individual Review(10 Marks) DUE:
November 26 (latest)
Each student demonstrates that they are
familiar with everything done for all parts of their group project, by
a) Showing what
configuration is needed to set up a new web application under SSL on Tomcat
b) Showing what
would be needed to be changed in the code and configuration order for the
project to use MS SQL Server instead of MySQL.
c) Showing in the
code how the diary application is secured from unauthorized use (including the
database interaction).
d) Showing in the
code how the statistics server is secured from unauthorized logging of user
activity.
e) Compiling the
source code and doing a demo of both parts of the project
Deliverable: a scheduled review demonstration
with the TA/Instructor