[BetNBA]
In this assignment you are going to add new features to the BetNBA online betting game you started in Homework 1. All features described in Homework 1 must still work properly; otherwise there will be a credit penalty of up to 60pt.
[Regular User Interface]
In Homework 1 you have created the admin user interface of BetNBA, and in this assignment you are going to create the regular user interface, which consists of two pages as described below. You may use one or more servlets, or a combination of servlets and HTML pages to create the regular user interface.
1. (40pt) The Bet List page shows the list of the games and the bets a user places on them:
BetNBA - Your Bets | ||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||
Total Points: 1 |
Note that a user may only place a bet on a game (i.e. choose the winner of the game) before the date of the game. The application should not display the Place Your Bet link on or after the date of the game.
After the result of a game is entered by an admin user, the Bet List should be updated to show the winner of the game and the points earned by the user. A user earns 1 point if he or she chose the winner correctly, or 0 point if he or she bet on the wrong team or didn't bet at all.
2. (20pt) When a user clicks on the Place Your Bet link, the application shows the Place Bet page where the user can choose the winner of the game:
BetNBA - Place Your Bet |
The winner of Game 5 will be: |
After the user clicks the Save button, the user is redirected to the Bet List page. Note that after the winner of the game is selected, the Place Your Bet link in the Your Bet column of the game should be replaced with the name of the winning team the user selected.
[Security]
There are two types of users in BetNBA: admin users and regular users. Admin users can only access the admin interface, and regular users can only access the regular user interface.
3. (20pt) Implement authentication using a Login page where a user can enter a username and a password. If the username and the password are valid, the application redirects the user either to the Game List page if the user is an admin user, or the Bet List page if the user is a regular user. Note that authentication must happen on the server side, i.e. you cannot use JavaScript to validate the username/password on the client-side. Also that
After a user is authenticated, a session is created so the user won't be asked for username and password repeatedly. For session tracking, you must use Servlet Session Tracking API.
4. (10pt) A Logout link or button should be displayed on the Game List and the Bet List page. When a user clicks on the Logout link or button, the application terminates the session and redirects the user to the Login page.
5. (20pt) Implement authorization for BetNBA so that whenever a user tries to access a page, the application will first check whether the user is already logged in. If not, the user is redirected to the Login page. If the user is already logged in, the application checks whether the user is authorized to access the page. If not, e.g. when a regular user tries to access a page in the admin user interface or vice versa, the user is redirected to an page showing an error message that tells the user that he or she is not authorized to access the page.