HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Sun's own J2EE architects and enterprise development consultants have written the definitive guide to developing complete enterprise solutions with Java 2 Enterprise Edition, Version 1.3. This new edition fully reflects Sun's latest Version 1.3 technologies and enhancements, and covers every component of a complete enterprise solution: client-side, middleware, and back-end. The authors begin by introducing the J2EE Version 1.3 platform, reviewing several scenarios for using it to build Internet and intranet applications, and offering detailed introductions to each key J2EE technology. Using both code snippets and a complete, start-to-finish case study, they walk through the construction of Web-based clients based on Java Servlets and Java ServerPages (JSP), middle-tier solutions utilizing Enterprise JavaBeans, and backend connections based on JDBC technology. Coverage also includes: packaging and deploying J2EE applications; automatic and programmatic techniques for managing transactions; and leveraging J2EE's robust security features. For all software developers, architects, and IT managers working with Java 2 Enterprise Edition or providing J2EE-based products.
Taming Your Emu to Improve Application Performance
Click below for Web Resources related to this title:
Author Web Site
Designing and Implementing J2EE Clients
Click below for Sample Chapter(s) related to this title:
Sample Chapter
3
Foreword.
Preface.
About the Authors.
1. Introduction.
Challenges of Enterprise Application Development.
Programming Productivity.
Integration with Existing Systems.
Freedom of Choice.
Response to Demand.
Maintaining Security.
The Platform for Enterprise Solutions.
J2EE Platform Overview.
J2EE Platform Benefits.
J2EE Application Scenarios.
Multitier Application Scenario.
Stand-Alone Client Scenario.
Web-Centric Application Scenario.
Business-to-Business Scenario.
How This Book Is Organized.
Summary.
References and Resources.
Component Technologies.
Types of J2EE Clients.
Web Components.
Enterprise JavaBeans Components.
Components, Containers, and Services.
Platform Roles.
J2EE Product Provider.
Application Component Provider.
Application Assembler.
Deployer.
System Administrator.
Tool Provider.
Platform Services.
Naming Services.
Deployment Services.
Transaction Services.
Security Services.
Service Technologies.
JDBC API.
Java Transaction API and Service.
Java Naming and Directory Interface.
J2EE Connector Architecture.
Java API for XML Processing Technology.
Communication Technologies.
Internet Protocols.
Remote Method Invocation Protocols.
Object Management Group Protocols.
Messaging Technologies.
Data Formats.
Summary.
References and Resources.
Client Considerations.
Network Considerations.
Security Considerations.
Platform Considerations.
General Design Issues and Guidelines.
Design Issues and Guidelines for Browser Clients.
Presenting the User Interface.
Validating User Inputs.
Communicating with the Server.
Managing Conversational State.
Design Issues and Guidelines for Java Clients.
Presenting the User Interface.
Validating User Inputs.
Communicating with the Server.
Managing Conversational State.
Summary.
References and Resources.
The Purpose of the Web Tier.
Web-Tier Technologies.
Traditional Web-Tier Technologies.
Web-Tier Technologies in the J2EE Platform.
The Web Container.
Java Servlets.
JavaServer Pages (JSP) Technology.
Web-Tier Technology Guidelines.
Web-Tier Application Structure.
Web-Tier Application Framework Design.
Structuring the Web Tier.
Web-Tier MVC Controller Design.
Web-Tier MVC View Design.
Web-Tier MVC Model Design.
Web Application Frameworks.
Separating Business Logic from Presentation.
Web-Tier State.
Distributable Web Applications.
Summary.
References and Resources.
Business Logic and Business Objects.
Common Requirements of Business Objects.
Enterprise Beans as J2EE Business Objects.
Enterprise Beans and EJB Containers.
Remote and Local Client Views.
Guidelines for Using Local or Remote Client Views.
Entity Beans and Local Client Views.
Entity Beans.
Guidelines for Using Entity Beans.
Entity Bean Persistence.
When to Use Bean-Managed Persistence.
Session Beans.
Stateful Session Beans.
Stateless Session Beans.
Message-Driven Beans.
Uses of Message-Driven Beans.
Example: Invoice Message-Driven Bean.
Design Guidelines.
Remote versus Local Client Access for Entity Beans.
Session Beans as a Facade to Entity Beans.
Fine-Grained versus Coarse-Grained Object Access.
Master-Detail Modeling Using Enterprise Beans.
Data Access Objects.
Implementing an Entity Bean without a Create Method.
Representing References to Entity Beans.
Portability Guidelines.
Typecast Remote References.
Mark Non-Serializable Fields Transient.
Bean-Managed Persistence and Portability.
Summary.
References and Resources.
Integration Scenarios.
An Internet E-Store Application.
An Intranet Human Resources Application.
A Distributed Purchasing Application.
An Order Fulfillment Application.
J2EE Integration Technologies.
J2EE Connector Architecture.
Java Message Service API.
JDBC and RDBMS Access.
Application Integration Design Approaches.
Synchronous Integration.
Asynchronous Integration.
Comparing Approaches.
Data Integration.
Developing an Integration Layer.
Programming Access to Data and Functions.
Using Tools for EIS Integration.
Developing EIS Access Objects.
Guidelines for Connection Management.
Security Guidelines.
Summary.
References and Resources.
Packaging Components.
Roles and Tasks.
Application Component Provider Tasks.
Application Assembler Tasks.
Deployer Tasks.
Packaging J2EE Applications.
EJB Modules.
EJB Module Packaging Guidelines.
Web Modules.
Packaging Components into Web Modules.
Application Client Modules.
Resource Adapter Modules.
Deployment Descriptors.
J2EE Naming Environment.
Specifying Deployment Descriptor Elements.
Naming Convention Recommendations.
Deployment Tools.
Deployment Tool Actions.
Deployment Tool Requirements.
Summary.
References and Resources.
Transactional Concepts.
ACID Transaction Properties.
Transaction Participants.
Transaction Demarcation.
Distributed Transactions.
Two-Phase Commit Protocol.
J2EE Platform Transactions.
Accessing Multiple Resources within a Transaction.
Transactions across Servers.
J2EE Transaction Technologies.
Client Tier Transactions.
Web Tier Transaction Guidelines.
Enterprise JavaBeans Tier Transactions.
Bean-Managed Transaction Demarcation.
Container-Managed Transaction Demarcation.
Transaction Attributes.
Enterprise JavaBeans Tier Transaction Guidelines.
EIS Tier Transactions.
JTA Transactions.
Resource Manager Local Transactions.
EIS Tier Transaction Guidelines.
Compensating Transactions.
Isolation Level.
Performance with Multiple Resource Managers.
J2EE Resource Manager Types.
JDBC Databases.
JMS Providers.
J2EE Connector Architecture.
Summary.
References and Resources.
Security Threats and Mechanisms.
Authentication.
Protection Domains.
Authentication Mechanisms.
Authentication Call Patterns.
Exposing Authentication Boundaries with References.
Authorization.
Declarative Authorization.
Programmatic Authorization.
Declarative versus Programmatic Authorization.
Isolation.
Affects of Identity Selection.
Encapsulation for Access Control.
Controlling Access to J2EE Resources.
Example.
Protecting Messages.
Integrity Mechanisms.
Confidentiality Mechanisms.
Identifying Sensitive Components.
Ensuring Confidentiality of Web Resources.
Auditing.
Summary.
References and Resources.
Internationalization Concepts and Terminology.
Internationalization, Localization, and Locale.
Character Sets.
Encodings.
Using J2SE Internationalization APIs in J2EE Applications.
Resource Bundles.
Message Formatting.
Date Formatting.
Collation.
Web Tier Internationalization.
Tracking Locales and Encodings.
Presentation Component Design.
Internationalizing and Localizing JSP Pages.
EIS Tier Internationalization.
Persistent Localized Data.
Internationalizing Database Schema.
Internationalized Application Design.
Internationalizing Applications with XML.
Generating Localized Dynamic Content with XSLT.
Communicating Locale within an Application.
Communicating Locale among Applications.
Localizing Error and Logging Messages.
Client Messages and Application Exceptions.
System Exceptions and Message Logging.
Summary.
References and Resources.
J2EE Architecture Approaches.
Model-View-Controller Architecture.
J2EE Design Patterns.
Sample Application Overview.
Designing the Sample Application.
Choosing Application Tiers.
Choosing Local or Distributed Architecture.
Architecture of the Sample Application.
Application Web Site Architecture.
Fulfillment Center Architecture.
Summary.
References and Resources.
This book, now in its second edition, describes standard approaches to designing multitier enterprise applications with the Java™ 2 Platform, Enterprise Edition. This book, and the accompanying Java Pet Store sample application, are part of the successful Java BluePrints program created by Sun Microsystems with the introduction of the J2EE platform. This program has been used by thousands of application architects, developers, and students to attain better understanding of the programming model inherent in the J2EE platform.
This book and the Java BluePrints program don't provide information on how to use individual Java technologies to write applications--that's the role of the companion Java Tutorial program. Instead, Java BluePrints focuses on guidelines for application architecture, such as distributing J2EE application functionality across tiers and choosing among design options within each tier. This book assumes that the reader already has basic knowledge of the J2EE platform. We recommend that readers without this knowledge familiarize themselves with the J2EE Tutorial either before or while reading this volume. See "Related Information" later in the Preface for details.
This book describes the architecture and design principles employed in building J2EE applications, and explores of the specific approach adopted by the sample application. Striking a balance between specific details and broad principles is never easy. The hope behind this effort is that the principles presented here are both consistent with and a useful complement to the implementation provided by the sample applications documented in this book.
This book is intended primarily for system architects and enterprise application developers engaged in or considering a transition to the J2EE platform. It is also useful for product vendors interested in developing applications consistent with the J2EE standard.
Obtaining the Sample ApplicationYou can download the Java Pet Store sample application, version 1.3, which is described in this book, from:
http://java.sun.com/blueprints/code/The sample application requires a J2EE v1.3-compliant platform on which to run. You can download J2EE SDK™, which is a freely available implementation of that platform, from:
http://java.sun.com/j2ee/download.htmlRelated InformationPointers to J2EE documentation can be found at:
http://java.sun.com/j2ee/docs.htmlFor information on how to use the J2EE SDK to construct multitier enterprise applications, refer to The J2EE Tutorial, available at:
http://java.sun.com/j2ee/tutorial/The J2EE technologies cited in this book are described in their specifications:Java™ 2 Platform, Enterprise Edition Specification, Version 1.3 (J2EE specification). Available at http://java.sun.com/j2ee/download.html
Java™ 2 Platform, Standard Edition Specification, Version 1.3 (J2SE specification). Available at http://java.sun.com/j2se/1.3/docs/
Java™ Servlet Specification, Version 2.3 (Servlet specification). Available at http://java.sun.com/products/servlet/
JavaServer Pages™ Specification, Version 1.2 (JSP specification). Available at http://java.sun.com/products/jsp/
Enterprise JavaBeans™ Specification, Version 2.0 (EJB specification). Available at http://java.sun.com/products/ejb/
Java™ API for XML Processing Specification, Version 1.1 (JAXP specification). Available at http://java.sun.com/xml/jaxp/
J2EE™ Connector Architecture Specification, Version 1.0 (Connector specification). Available at http://java.sun.com/j2ee/connector/
JDBC™ API Specification, Version 2.0 (JDBC specification). Available at http://java.sun.com/products/jdbc/
JDBC™ Standard Extension API Specification, Version 2.0 (JDBC extension specification). Available at http://java.sun.com/products/jdbc/
Java™ Transaction API Specification, Version 1.0.1 (JTA specification). Available at http://java.sun.com/products/jta/
Java Naming and Directory Interface™ Specification, Version 1.2 (JNDI specification). Available at http://java.sun.com/products/jndi/
Java IDL. Available at http://java.sun.com/j2se/1.3/docs/guide/idl/
RMI over IIOP. Available at http://java.sun.com/products/rmi-iiop/
Java™ Message Service Specification, Version 1.0.2 (JMS specification). Available at http://java.sun.com/products/jms/
Java™ Authentication and Authorization Service Specification, Version 1.0 (JAAS specification). Available at http://java.sun.com/products/jaas/
JavaMail™ API Specification, Version 1.2 (JavaMail specification). Available at http://java.sun.com/products/javamail/
JavaBeans™ Activation Framework Specification, Version 1.0.1 (JAF specification). Available at http://java.sun.com/products/javabeans/glasgow/jaf.html
Typographic ConventionsTable 0.1 describes the typographic conventions used in this book.
Table 0.1 Typographic Conventions
Typeface or Symbol | Meaning | Example |
AaBbCc123 | The names of commands, files, and directories; interface, class, method, and deployment descriptor element names; programming language keywords | Edit the file Main.jsp. How to retrieve a UserTransaction object. Specify the resource-ref element. |
AaBbCc123 | Variable name | The files are named XYZfile. |
AaBbCc123 | Book titles, new words or terms, or words to be emphasized | Read Chapter 6 in User's Guide. These are called class options. You must be root to do this. |
Aaccess objects 189
data access objects 190
  aggregate objects 191
records 192
ACID properties 252
applet clients 61
applets 26
accessing a UserTransaction 38
transactions 260
application assembler tasks 206
application clients 19, 26, 60
accessing a UserTransaction 38
deployment 243
transactions 260
application scenarios 14
business-to-business 20
multitier 16
stand-alone client 18
Web-centric 19
archive files
EAR 207
EJB JAR 210
JAR 49
WAR 214, 222
ASCII 313
asynchronous messaging 154, 180-181, 183-185
point-to-point messaging 183
publish-subscribe messaging 183
auditing 307
authentication 40, 280
basic 41, 285
call patterns 292
changing identity 287
client certificate 41
configuration 285
context 280
  delegating 281
digest 41, 285
EIS resource 291
  application-managed 291
  container-managed 291
EJB tier 287
form-based 41, 285
  configuration 238
lazy 284
mechanisms 284
mutual 280, 285
role of references 293
scenarios 282
user 53
authenticators 280
authorization 40-41, 293
consistency across components 296
declarative versus programmatic 296
enterprise information systems 199
example 302
programmatic 295
auto-registration 293Bbasic authentication
See authentication, basic
bean-managed persistence 145
find methods 140
portability 149
when to use 149
bean-managed transaction demarcation
message-driven beans 155
browsers 54
download time 57
input 56
JavaScript validation 57
server communication 58
user interface 55
business delegate 351
business logic 130
business methods
implementation 139
in component interface 139
business objects 130
behavior 131
controlling access to 133
high availability 133
implemented by enterprise beans 135
maintaining state 132
modeling as entity beans 143-144
operating on shared data 132
participation in transactions 132
remote accessibility 133
requirements of 131-134
reusability 134
servicing multiple clients 133
structural attributes 131Ccaller principal 296
cardinality
of container-managed relationships 146
CCI
See Common Client Interface
character sets 313
8859 series 314
ASCII 313
encoding 314
Unicode 314
class files 49
client certificate authentication
See authentication, client certificate
client tier 7
client view 137
component interface 137
home interface 137
local view 137
remote view 137
clients
See also Java clients
applets 61
applications 60
browsers 54
  download time 57
  input 56
  JavaScript validation 57
  server communication 58
  user interface 55
conversational state 59, 69
cookie 59-60
data download 69
design guidelines 54
in distributed application 52
input validation logic 63
interfaces 51
MIDlets 61
network connections 52
  security 52
platform considerations 53
presentation logic 61
security 52
state 60
  within URL 59
types 51, 60
user authentication 53
user interface 62
code generation wizards 165
collation 320
command beans
access objects
  command beans 189
Common Client Interface 178
data integration 186
Common Secure Interoperability (CSIv2) protocol 288
component interface 137, 139
components 25
applets 26
application clients 26
designing presentation 325
EJB 28
enterprise beans 28, 135
packaging 201
portability 10
presentation 110
rich clients 26
Web 27
wireless clients 27
composite view 350
concurrency 272
concurrent access 143
confidentiality mechanisms 305
connection factory references 193
data source 197
elements of 194
mail session 232
res-auth 194
res-ref-name 194
connection pooling 179, 193
connections
closing 194
getConnection 194
guidelines for managing 193-195
sharing 195
  res-sharing-scope 195
Connector architecture 43
container-managed persistence 145
benefits 149
find methods 140
select methods 140
container-managed relationships 142, 146
fields 146
manipulation of 146
containers 26
applet
  APIs 31
application client 26
  APIs 31
EJB 30
  APIs 31
JSP 28
platform configuration 7
servlet 28
Web 28
  APIs 31
conversational state 151
managing with session beans 157
cookie 59-60, 122
create methods 140
omitting from entity bean 164
credentials 282DDAO 190
data
coarse-grained access 141
fine-grained access 142
in XML format 176
independence 149
persistent localized 332
procedural view of 153
records 192
synchronizatio