A comprehensive Java-based web application for bus ticket reservation and management built with Java Servlets, JSP, and MySQL.
- User registration with encrypted password storage
- Secure login with session management
- Bus search by route and date
- Ticket booking with seat availability check
- Payment processing (Telebirr, CBE, NIB)
- Booking history view
- Support request submission
- Admin user management
- Bus fleet management (add/update buses)
- Route management (add/update routes)
- Tariff management
- View all bookings
- Search bookings by bus name
- View customer support requests
- Respond to customer queries
- Track request status
- Backend: Java Servlets, JSP
- Database: MySQL 8.0+
- Server: Apache Tomcat 9.0+
- IDE: Eclipse IDE
- Security: AES-256 encryption for passwords
- Build Tool: Maven (optional)
ticket/
├── src/main/
│ ├── java/
│ │ ├── config/ # Database configuration
│ │ ├── util/ # Utility classes (encryption)
│ │ ├── servlet/ # Improved servlet implementations
│ │ ├── filter/ # Authentication filters
│ │ └── *.java # Legacy servlet files
│ └── webapp/
│ ├── style/ # CSS files
│ ├── Uploaded_Files/ # Bus images
│ ├── WEB-INF/
│ │ ├── web.xml # Deployment descriptor
│ │ └── lib/ # JAR dependencies
│ └── META-INF/
├── database/
│ └── schema.sql # Database schema
└── README.md
- JDK 8 or higher
- Apache Tomcat 9.0+
- MySQL 8.0+
- Eclipse IDE (or any Java IDE)
- Install MySQL and start the service
- Create the database:
CREATE DATABASE ticket_db;- Run the schema file:
mysql -u root -p ticket_db < database/schema.sql- Update database credentials in
config/DatabaseConfig.java:
private static final String URL = "jdbc:mysql://localhost:3306/ticket_db";
private static final String USERNAME = "your_username";
private static final String PASSWORD = "your_password";-
Import Project into Eclipse:
- File → Import → Existing Projects into Workspace
- Select the
ticketfolder - Click Finish
-
Configure Tomcat Server:
- Window → Preferences → Server → Runtime Environments
- Add Apache Tomcat 9.0
- Set Tomcat installation directory
-
Add MySQL Connector:
- Download MySQL Connector/J (JDBC driver)
- Copy
mysql-connector-java-x.x.x.jartosrc/main/webapp/WEB-INF/lib/
-
Deploy and Run:
- Right-click project → Run As → Run on Server
- Select Tomcat server
- Access application at:
http://localhost:8080/ticket/home1
-
Password Encryption: Currently uses AES-256 encryption. For production, consider using bcrypt or Argon2 for password hashing.
-
Database Credentials: Move database credentials to environment variables or external configuration files.
-
Encryption Keys: Store encryption keys in secure key management systems (not in source code).
-
SQL Injection: New servlet implementations use PreparedStatements. Migrate all legacy servlets.
-
HTTPS: Enable HTTPS in production and set secure cookies.
-
Input Validation: Add comprehensive input validation on both client and server side.
After running the schema, create an admin user:
-- Password will be encrypted by the application
INSERT INTO user (name, password, phone, Status, User_Type)
VALUES ('admin', 'ENCRYPTED_PASSWORD', '1234567890', 'Active', 'Admin');/home1- Home page and login/sign_up- User registration/SignUpServlet- Improved registration (recommended)
/Dashboard- User dashboard/Admin_page- Admin dashboard/support_dashboard- Support dashboard/payment- Payment processing/BOOKING_HISTORY- View booking history/SEARCH- Search bookings
user- User accounts and authenticationbus- Bus fleet informationroute- Available routestariff- Pricing informationbooking- Ticket bookingspayments- Payment transactionssupport_requests- Customer support ticketssupport_responses- Support responses
✅ Centralized database configuration
✅ Encryption utility class
✅ PreparedStatements to prevent SQL injection
✅ Authentication filter for protected pages
✅ Proper session management
✅ Database schema documentation
✅ Web.xml configuration
✅ Error handling improvements
- Migrate all legacy servlets to new secure implementations
- Add JSP pages instead of HTML in servlets
- Implement connection pooling (HikariCP)
- Add logging framework (Log4j2)
- Implement RESTful API
- Add unit tests
- Add email notifications
- Implement password reset functionality
- Add admin analytics dashboard
- Mobile responsive design
- Payment gateway integration
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
This project is open source and available for educational purposes.
For issues and questions, please create an issue in the GitHub repository.
- Original Implementation: [Your Name]
- Security Improvements: Kiro AI Assistant
Note: This is an educational project. For production use, implement additional security measures, proper error handling, logging, and testing.