Chapter 5

Examples of Scheme

Servlets

In this chapter we present several, increasingly more interesting, examples of

Scheme servlets. Each servlet will introduce a few more concepts about Scheme

servlets. Hopefully, by the end of the chapter you will begin to understand how

to create your own Scheme servlets.

5.1

Password protected pages

It is often useful to restrict the audience that has access to any given webpage.

One way to restrict access is to require the users to enter a password before they

can gain access to any other pages on the site. In this first example, we show

how to create a simple password protected page that uses one password for all

users. A more interesting application would allow users to register and select

their own password, but we will get to that later.

The servlet is Figure5.1 shows our servlet. The first time a user visits this

page, there will be no form data (and the  pw  variable will have the value

#null, which is a Scheme constant representing an empty object. In this case,

a form will be generated. If the user fills out the form and presses the submit

button, the servlet will then read an non null value from the  pw  parameter.

If the password is correct, the secret page will be displayed otherwise, the user

will be prompted for the correct password again!

Security Warning   note this servlet is not very secure because the source

code contains the password. Generally, the source code will not be visible to

the outside world, but if you make a backup copy of your servlet and store it

in some file that doesn't end in  .servlet  (say  .txt  or ".servlet~") then the

server will assume that the file is just text and will let anyone see the contents

of this file. It is very common for editors to make exactly this kind of a backup

file and hence by editting a file in your servers webapp folder, you could let

everyone see the password!

65