1. Security.
Implement security so that all users can view the information about the projects, but only authenticated users (i.e. users who have already logged in) can create and sponsor projects. In particular, your implementation must meet the following requirements:
• Whenever a user tries to create or sponsor a project, the application should first check whether the user is already logged in. If not, the user should be redirected to a login page where they must provide a valid username and the corresponding password.
• User authentication must happen on the server side, i.e. you cannot use JavaScript to validate username/password on the client side.
• Once a user is authenticated, a session is created so the user won't be asked for username and password repeatedly. A user may choose to log out, in which case the session should be terminated. For session tracking, you must use Servlet Session Tracking API.
• Two user accounts should be pre-created for testing purposes:
- Username cysun and password abcd
- Userrname cs320stu31 with password abcd
Note that a few changes must be made to the user interface as part of the security implementation:
• A Login/logout link should be shown on each page. The link should show Login if the user has not logged in yet, and Logout if the user is already logged in.
• After a user logs in (or logs out), the user should be redirected to the Project List page.
• The name of the user is no longer needed when a user creates a project, because the user would have already logged in and the server should keep track who the user is.
2. Sponsor A Project
A link Sponsor This Project should be shown on the Project page. When a user clicks on the link, the application shows a form where the user can enter a dollar amount and select a reward. Note that
• A user can only sponsor a project once. After a user sponsors a project, the Sponsor This Project link will no longer be shown to that user.
• The Project List page should be change to show the funding progress of the projects. In particular, two columns Percentage Funded and Amount Pledged should be added to the display.