this is a group project taken in itec 4020 internet client-server systems of @prof.jimmy.huang. me and my friend @sangwon.kim had a very good time doing this together.

the programming component of this assignment consists of two parts:

1. creating dynamic web pages.
2. building a prototype secured Web information system.

security requirements:

1. the web should include a login page with two fields (id and password) and information content pages, each with a logout button.
2. only authenticated users may access the secure area. once they log out, they must not be able to revisit those pages, whether by the browser’s back button or by typing the url directly.
3. all server-side data and secured urls must remain protected. users should be unable to copy or paste any text from protected pages, print those pages (for example, via the browser’s print function), or download/save any images displayed on them.

therefore, we came up with the idea of building a social media platform that allows users to upload their images, inspired by tumblr and pinterest. it’s palette.

on this webpage, all content is protected by a series of servlets. including:

1. CheckAuthServlet: verifies if the user is authenticated.
2. ForgotPasswordServlet: provides functionality for users to reset their password securely.
3. LoginServlet: handles authentication by verifying user credentials.
4. LogoutServlet: invalidates user sessions securely.
5. SignupServlet: manages secure user registrations by collecting user data.
6. SecuredHomeServlet: provides authenticated users access to the secured homepage.
7. SecuredImageServlet: controls access to secured images by hiding the path to where images are stored, disabling right-click to save images.
8. SecuredPageServlet: dynamically generates and secures individual content pages.
9. SecurityFilter: implements security checks for each http request.