Foreword

Preface

1 Introduction

1.1 Challenges of Enterprise Application Development

1.1.1 Programming Productivity

1.1.2 Response to Demand

1.1.3 Integration with Existing Systems

1.1.4 Freedom to Choose

1.1.5 Maintaining Security

1.2 The Platform for Enterprise Solutions

1.2.1 J2EE Platform Overview

1.2.2 J2EE Platform Benefits

1.3 J2EE Application Scenarios

1.3.1 Multitier Application Scenario

1.3.2 Stand-Alone Client Scenario

1.3.3 Web-Centric Application Scenario

1.3.4 Business-to-Business Scenario

1.3.5 A Note on the MVC Architecture

1.4 Summary

2 J2EE Platform Technologies

2.1 Component Technologies

2.1.1 Applets and Application Clients

2.1.2 Web Components

2.1.3 Enterprise JavaBeans Components

2.1.4 Components, Containers, and Services

2.2 Platform Roles

2.2.1 J2EE Product Provider

2.2.2 Application Component Provider

2.2.3 Application Assembler

2.2.4 Deployer

2.2.5 System Administrator

2.2.6 Tool Provider

2.3 Platform Services

2.3.1 Naming Services

2.3.2 Deployment Services

2.3.3 Transaction Services

2.3.4 Security Services

2.4 Service Technologies

2.4.1 JDBC API

2.4.2 Java Transaction API and Service

2.4.3 Java Naming and Directory Interface

2.4.4 Connector Architecture

2.5 Communication Technologies

2.5.1 Internet Protocols

2.5.2 Remote Method Invocation Protocols

2.5.3 Object Management Group Protocols

2.5.4 Messaging Technologies

2.5.5 Data Formats

2.6 Summary

3 The Client Tier

3.1 Requirements and Constraints

3.1.1 Operating Environment

3.1.2 Deployment

3.1.3 Implementation

3.2 Overview of Client Options

3.3 Web Clients

3.3.1 Protocols

3.3.2 Content Format

3.3.3 Types of Web Clients

3.4 EJB Clients

3.4.1 Protocols and Facilities

3.4.2 Strengths and Weaknesses

3.4.3 Types of EJB Clients

3.5 Enterprise Information System Clients

3.6 Designing for Multiple Types of Client

3.6.1 Model

3.6.2 View

3.6.3 Controller

3.7 Summary

4 The Web Tier

4.1 Web Applications and Web Containers

4.2 Dynamic Content Creation

4.2.1 Common Gateway Interface

4.2.2 Servlets

4.2.3 JavaServer Pages Technology

4.3 Servlets and JSP Pages

4.3.1 Web Component Roles

4.3.2 Servlets

4.3.3 JSP Pages Versus Servlets

4.4 JSP Page Design

4.4.1 JavaBeans Components

4.4.2 Custom Tags

4.4.3 Using Scriptlets and Expressions

4.5 Internationalization and Localization

4.5.1 Internationalization

4.5.2 Localization

4.6 Application Designs

4.6.1 Applications with Basic JSP Pages and Servlets

4.6.2 Applications with Modular Components

4.6.3 EJB-Centric Applications

4.7 Application Migration

4.7.1 Migrating a Web-Centric Application to Use Enterprise Beans

4.8 Summary

5 The Enterprise JavaBeans Tier

5.1 Business Logic

5.1.1 Common Requirements of Business Objects

5.2 Enterprise Beans as J2EE Business Objects

5.2.1 Enterprise Beans and EJB Containers

5.3 Entity Beans

5.3.1 Guidelines for Using Entity Beans

5.3.2 Persistence in Entity Beans

5.4 Session Beans

5.4.1 Stateful Session Beans

5.4.2 Stateless Session Beans

5.5 Design Guidelines

5.5.1 Data Access Objects

5.5.2 Value Objects

5.5.3 Session Beans as a Facade to Entity Beans

5.5.4 Master-Detail Modeling Using Enterprise Beans

5.6 Summary

6 The Enterprise Information System Tier

6.1 Enterprise Information System Capabilities and Limitations

6.2 Enterprise Information System Integration Scenarios

6.2.1 An Internet E-Store Application

6.2.2 An Intranet Human Resources Application

6.2.3 A Distributed Purchasing Application

6.3 Relational Database Management System Access

6.4 Other Enterprise Information System Access

6.5 Application Component Provider Tasks

6.6 Application Programming Model

6.7 Programming Access to Data and Functions

6.7.1 Client API for Enterprise Information System Access

6.7.2 Tools for Application Development

6.7.3 Access Objects

6.8 Connections

6.8.1 Establishing a Connection

6.8.2 Guidelines for Connection Management

6.9 Security

6.9.1 Security Architecture

6.9.2 Application Programming Model

6.9.3 Resource Signon

6.10 J2EE Connector Architecture

6.11 Summary

7 Packaging and Deployment

7.1 Roles and Tasks

7.2 Packaging J2EE Applications

7.2.1 EJB Modules

7.2.2 Packaging Components Into EJB Modules

7.2.3 Web Modules

7.2.4 Packaging Components Into Web Modules

7.2.5 Application Client Modules

7.3 Deployment Descriptors

7.3.1 Specifying Deployment Descriptor Elements

7.4 Deployment Tools

7.4.1 Deployment Tool Actions

7.4.2 Deployment Tool Requirements

7.5 Summary

8 Transaction Management

8.1 Properties of Transactions

8.2 J2EE Platform Transactions

8.3 Scenarios

8.3.1 Accessing Multiple Databases

8.3.2 Accessing Multiple Enterprise Information Systems From Multiple EJB Servers

8.4 JTA Transactions

8.4.1 JTA and JTS

8.5 Transactions in Applets and Application Clients

8.6 Transactions in Web Components

8.7 Transactions in Enterprise Beans

8.7.1 Bean-Managed Transaction Demarcation

8.7.2 Container-Managed Transaction Demarcation

8.7.3 Transaction Guidelines

8.8 Transactions in Enterprise Information Systems

8.8.1 JTA Transactions

8.8.2 Resource Manager Local Transactions

8.8.3 Choosing Between JTA and Local Transactions

8.8.4 Compensating Transactions

8.8.5 Isolation Level

8.9 Summary

9 Security

9.1 Security Threats and Mechanisms

9.2 Authentication

9.2.1 Protection Domains

9.2.2 Authentication Mechanisms

9.2.3 Authentication Call Patterns

9.2.4 Auto-Registration

9.2.5 Exposing Authentication Boundaries with References

9.3 Authorization

9.3.1 Declarative Authorization

9.3.2 Programmatic Authorization

9.3.3 Declarative Versus Programmatic Authorization

9.3.4 Isolation

9.3.5 Identity Selection

9.3.6 Encapsulation for Access Control

9.3.7 Controlling Access to J2EE Resources

9.3.8 Example

9.4 Protecting Messages

9.4.1 Integrity Mechanisms

9.4.2 Confidentiality Mechanisms

9.4.3 Identifying Sensitive Components

9.4.4 Ensuring Confidentiality of Web Resources

9.5 Auditing

9.6 Summary

10 The Sample Application

10.1 Application Functionality

10.1.1 Scenarios

10.1.2 Functional Specification

10.2 Application Architecture

10.2.1 Application Modules

10.2.2 Application Design

10.3 The View

10.3.1 Shopping Interaction Interface

10.3.2 JSP Pages

10.3.3 Examples

10.4 The Model

10.4.1 State in the J2EE Platform

10.4.2 Persistent Data

10.5 Implementation

10.6 The Controller

10.6.1 Main

10.6.2 RequestProcessor

10.6.3 RequestToEventTranslator

10.6.4 ShoppingClientControllerWebImpl

10.6.5 ShoppingClientController

10.6.6 StateMachine

10.6.7 ScreenFlowManager

10.6.8 Model-View Synchronization

10.7 MVC Summary

10.8 Stateless Services

10.8.1 Example: A Mailer Bean

10.9 Deployment

10.10 Transactions

10.11 Security

10.11.1 Requirements

10.11.2 Implementation

10.12 Summary

Afterword

Glossary

Index