Index

A

access objects 189

data access objects 190

aggregate objects 191

records 192

ACID properties 252

applet clients 61

applets 26

accessing a UserTransaction38

transactions 260

application assembler tasks 206

application clients 19, 26, 60

accessing a UserTransaction 38

deployment 243

transactions 260

application scenarios 14

business-to-business 20

multitier 16

stand-alone client 18

Web-centric 19

archive files

EAR 207

EJB JAR 210

JAR 49

WAR 214, 222

ASCII 313

asynchronous messaging 154, 180-181, 183-185

point-to-point messaging 183

publish-subscribe messaging 183

auditing 307

authentication 40, 280

basic 41, 285

call patterns 292

changing identity 287

client certificate 41

configuration 285

context 280

delegating 281

digest 41, 285

EIS resource 291

application-managed 291

container-managed 291

EJB tier 287

form-based 41, 285

configuration 238

lazy 284

mechanisms 284

mutual 280, 285

role of references 293

scenarios 282

user 53

authenticators 280

authorization 40-41, 293

consistency across components 296

declarative versus programmatic 296

enterprise information systems 199

example 302

programmatic 295

auto-registration 293

B

basic authentication

See authentication, basic

bean-managed persistence 145

find methods 140

portability 149

when to use 149

bean-managed transaction demarcation

message-driven beans 155

browsers 54

download time 57

input 56

JavaScript validation 57

server communication 58

user interface 55

business delegate 351

business logic 130

business methods

implementation 139

in component interface 139

business objects 130

behavior 131

controlling access to 133

high availability 133

implemented by enterprise beans 135

maintaining state 132

modeling as entity beans 143-144

operating on shared data 132

participation in transactions 132

remote accessibility 133

requirements of 131-134

reusability 134

servicing multiple clients 133

structural attributes 131

C

caller principal 296

cardinality

of container-managed relationships 146

CCI

See Common Client Interface

character sets 313

8859 series 314

ASCII 313

encoding 314

Unicode 314

class files 49

client certificate authentication

See authentication, client certificate

client tier 7

client view 137

component interface 137

home interface 137

local view 137

remote view 137

clients

See also Java clients

applets 61

applications 60

browsers 54

download time 57

input 56

JavaScript validation 57

server communication 58

user interface 55

conversational state 59, 69

cookie 59-60

data download 69

design guidelines 54

in distributed application 52

input validation logic 63

interfaces 51

MIDlets 61

network connections 52

security 52

platform considerations 53

presentation logic 61

security 52

state 60

within URL 59

types 51, 60

user authentication 53

user interface 62

code generation wizards 165

collation 320

command beans

access objects

command beans 189

Common Client Interface 178

data integration 186

Common Secure Interoperability (CSIv2) protocol 288

component interface 137, 139

components 25

applets 26

application clients 26

designing presentation 325

EJB 28

28, 135

packaging 201

portability 10

presentation 110

rich clients 26

Web 27

wireless clients 27

composite view 350

concurrency 272

concurrent access< a href="ejb-tier/ejb-tier5.html#1056904">143

confidentiality mechanisms 305

connection factory references 193

data source 197

elements of 194

mail session 232

res-auth< a href="eis-tier/eis-tier5.html#1042860">194

res-ref-name 194

connection pooling 179, 193

connections

closing 194

getConnection 194

guidelines for managing 193-195

sharing 195

res-sharing-scope 195

Connector architecture 43

container-managed persistence 145

benefits 149

find methods 140

select methods 140

container-managed relationships 142, 146

fields 146

manipulation of 146

containers 26

applet

APIs 31

application client 26

APIs 31

EJB 30

APIs 31

JSP 28

platform configuration 7

servlet 28

Web 28

APIs 31

conversational state 151

managing with session beans

cookie 59-60, 122

create methods 140

omitting from entity bean 164

credentials 282

D

DAO 190

data

coarse-grained access 141

fine-grained access 142

in XML format 176

independence 149

persistent localized 332

procedural view of 153

records 192

synchronization 71

data access objects 161, 190, 351

clarifying session bean implementations 162

example 162

examples 190-191

implications of use 163

portability 150

providing database portability 161

data integration 185-186

Common Client Interface 186

data access objects 190

J2EE Connector architecture 181

JDBC 181, 186

date formatting 320

deployer task s206

deployment 201

deployment descriptors 36

abstract persistence schema 147

application 36

application client 37

auth-constraint element 299

common elements 225

component 36

container-transaction element 236

EJB 36

ejb-ref element 293

ejb-ref-type element 231

env-entry element 226

error-page element 238

login-config element 238, 285

method-permission element 41, 235, 302

persistence-type element 237

res-auth element 197, 232

resource-ref element 291, 293

res-type element 232

security-constraint element 238, 299

security-role element 234

security-role-ref element 235, 295

servlet element 237

servlet-mapping element 238

specifying service information 137

transaction attributes 264

transport-guarantee element 286

versioning 248

Web 36

deployment tools

features

name collision management 248

name space management 248

remote accessibility 247

single point of entry 246

undeployment capability 247

requirements 242

digest authentication

See authentication, digest

distributed architecture model 357

E

EAI

See enterprise application integration

EAR files 207

EIS

See enterprise information systems

EIS clients 69

EIS tier 7

EJB clients 18, 68

limitations 68

EJB components 129

See enterprise beans

EJB containers 135-136

services 135, 157

services to enterprise bean instances 136

EJB JAR files 210

EJB QL 147

bean-managed persistence 150

find methods 147

FROM clause 147

guidelines 148

SELECT clause 147

select methods 147

WHERE clause 147

EJB servers 135

EJB tier 7

EJB-centric design 356

ejbCreate 140

ejbFind 140

EJBHome 138

ejb-link 228, 239-240

EJBObject 139

ejb-ref 228

ejb-ref-name 228

encoding 314

determining HTTP request 321

setting HTTP response 324

storing at runtime 323

tracking 321

UTF-8 315

enterprise application integration 171

application integration 172

data integration 172

design guidelines 186

legacy integration 172

enterprise applications

development challenges 3

enhancing application developer productivity 3

ensuring choice in servers, tools, and components 4

ensuring scalability 4

integrating with information systems 4

maintaining security 5

enterprise beans 28, 136

See also

entity beans

session beans

accessing a UserTransaction 38

class 139

client view 137

guidelines 141-142

implementation 140

local 141

remote 140

client-neutral code 157

component interface 139

operations 139

create methods 139

deployment 242

EntityBean 139

finder methods 139

guidelines 157-158

home interface 138

local client view 138

implementing business objects 135

instances

creating 138

in EJB container 136

obtain home interface 139

remove bean object 139

removing 138

local interfaces 29

master-detail relationships

modeling 161

MessageDrivenBean 139

metadata 138

obtaining a handle to home interface 138

packaging into EJB JAR files 211

by related functionality 212

by security profile 213

interrelated 212

with circular dependencies 213

portability 136

protecting 299, 301

remote interfaces 29

service information decoupled from implementation 137

SessionBean 139

transaction attributes

See transaction attributes

transaction management 137

transactions 262-266

types 29, 135

enterprise information systems 171

access objects 188

command beans 189

data access objects 190

examples 189

guidelines 192

scenarios 192

aggregate access objects 191

application component provider role 187

authorization 199

connections

guidelines for managing 193-195

managing 193

managing by component type 195

EIS sign on 196

container-managed 197

integration

design approaches 181

role of tools 187

technologies 176-181

integration scenarios 172

distributed purchasing application 174

employee self-service application 174

order fulfillment application 176

records 192

relational databases

accessing with JDBC 180

resource sign on

application-managed 198

security

requirements 196

security guidelines 196-199

synchronous integration 181

transactions

JTA 268

resource manager local 269

using 268

Enterprise JavaBeans (EJB) architecture 28, 134

See also enterprise beans

Enterprise JavaBeans (EJB) tier

overview 129

system-level services 129, 134

Enterprise JavaBeans Query Language (EJB QL) 147

enterprise messaging systems 180

message priority and ordering 184

message routing 184

message transformation 184

reliable message delivery 184

services 184

transaction management 184

enterprise resource planning (ERP) systems 171

entity beans 29, 135, 142

abstract persistence schema 147

bean-managed persistence 145, 149

find methods 140

characteristics 143

concurrent access 143

container-managed persistence 145

benefits 149

EJB QL 147

find methods 140

select methods 140

container-managed relationships 142, 146

manipulation of 146

example 145

find methods 140

home interface

business logic 138

find methods 138

home methods 139

implementation for home methods 140

instances

finding 138

obtaining primary key 139

lifetime 143

local client view 142, 158

local interfaces 142

omitting create methods 164

persistence 143-144

persistent data

portability 144

persistent identity 143

primary key 135, 165

queries 144

references 164

remote client view 158

state after system crash 143

transaction handling 144

EntityBean 139

error pages

invoking automatically 238

exceptions

portability of 168

F

facade 158

find methods 138, 140

findByPrimaryKey 138, 147, 165

formatting

date 320

message 319

form-based authentication

See authentication, form-based

front controller 350

H

high availability 133

home 140

home business methods 139

implementation

ejbHome 140

home handle 138

home interface 137-138

home business methods 138

home handle 138

local client view 138

remote client view 138

HTML 49, 55-56

input 56

HTTP 45, 58, 65

determining request locale and encoding 321

GET requests 58

POST requests 58

setting response locale and encoding 324

I

I18n 312

identity

of caller 296

private accessor 298

shared accessor 298

identity assertion 288

identity selection 297

invocation identity 289

IDL 46

idljcompiler 46

image files 49

impersonation 280

identity assertion 288

integration

design guidelines 186

integration technologies 176-181

integrity mechanisms 304

intercepting filter 350

internationalization 312

of application design 336

of applications with XML 337

of database schema 334

of JSP pages 327

Interoperable Object References (IORs) 289

isolation levels 272

J

J2EE applications 36, 207

deployment tasks 242

packaging and deployment activities 203

scenarios

See application scenarios

J2EE Compatibility Test Suite 9

J2EE Compatibility Test Suite (CTS) 165

J2EE Connector architecture 176-177, 274

application-level contract 178

contracts 177

synchronous integration 181-182

system-level contracts 178

connection management contract 179

security contract 179

services 179

thread management contract 179

transaction management contract 179

J2EE design patterns 350

business delegate 351

composite view 350

data access object 351

front controller 350

in sample application 364, 372

intercepting filter 350

session facade 351

value object 351

view helper 350

J2EE environment 6

J2EE Platform

distributed architecture model 358

local architecture model 358

J2EE platform5

benefits 10

choice in servers, tools, and components 13

enhanced application development productivity 11

integration with enterprise information systems 12

scalability 14

simplified security model 14

communication technologies 45

component technologies 25

data formats 49

database API 42

deployment services 36

email API 48

integration technologies 176-181

Internet protocols 45

messaging API 47

messaging technologies 47

naming and directory API 43

naming services 35

OMG protocols 46

remote object method invocation API 46

role of containers 7

security services 40

service technologies 42

Standard Extension APIs 31

support for component portability 10

support for multiple client types 7

transaction API 43

transaction services 37

J2EE Reference Implementation (J2EE RI)165

J2EE roles 32

application assembler 34

application component provider 33

deployer 34

J2EE product provider 33

packaging and deployment tasks 203-207

system administrator 34

tool provider 34

J2EE SDK 9

J2EE specifications xvi, 9

J2EE transaction management 256

J2EE Verifier 165

JAF (JavaBeans Activation Framework) 48

JAR files 49

Java 2 Micro Edition (J2ME) 61

Java API for XML Processing (JAXP) 44

Java Application Descriptor (JAD) file 61

Java Authentication and Authorization Services (JAAS) 42

Java clients

advantages over browser clients 62

applets 61

applications 60

conversational state 69

data download 69

data manipulation 71

data synchronization 71

input validation logic 63

MIDlets 61

presentation logic 61

server communication 65

as EIS clients 69

as EJB clients 68

as Web clients 65

message formats 66

types 60

user interface 62

XML messages 67

Java Foundation Classes 61

Java IDL 46

Java Message Service 135, 176, 179

Java Message Service (JMS) 47

Java Naming and Directory Interface (JNDI) 43

Java Network Launching Protocol (JNLP) 60

Java Remote Method Protocol (JRMP) 46

Java Transaction API (JTA) 43, 259

Java Transaction Service (JTS) 43

JavaBeans Activation Framework (JAF) 48

JavaMail 48

JavaScript 56

validation function 57

JavaServer Pages (JSP) technology28

See also JSP pages

JDBC42, 177, 180, 273

API 178, 187

client API 180

data integration 186

system-level contract 180

JMS

See Java Message Service

API 180

client 180

domain 180

point-to-point 180

publish-subscribe 180

message listener interface 135

messages 154

provider 180, 274

queue 135

topic 135

JMS (Java Message Service) 47

JNDI (Java Naming and Directory Interface) 43

JRMP (Java Remote Method Protocol) 46

JSP

custom tags 56

JSP pages 28, 80

as presentation components 325

error mechanism 342

error pages 238

localizing and internationalizing 327

where to use 86

XML syntax 80

JTA

TransactionManager interface 260

UserTransaction interface 260-261, 263

XAResource interface 254, 260

JTA (Java Transaction API) 43

JTA transactions

See transactions, JTA

JTS (Java Transaction Service) 43

L

L10n 312

local architecture model 357

local client view 140

component interface 139

container-managed relationships 146

entity beans 142

guidelines for using 141-142, 158

home interface 138

parameter passing 141-142

when to use 141

locale 312

communicating among applications 338

communicating with an application 338

determining HTTP request 321

setting HTTP response 324

standard naming convention 313

storing at runtime 323

tracking 321

localization 312

error messages 343

of error and logging messages 341

of JSP pages 327

localized content

generating dynamic, with XSLT 337

M

markup languages 56

message digests 304

message formatting 319

message signatures 304

message-driven beans 30, 135, 154

application integration 155

as message listeners 154

bean-managed transaction demarcation 155

business logic 154

example 156

message selectors 156

onMessage 139, 155

transaction attributes 267

transactions 155

when to use 155

MessageDrivenBean 139

messages

asynchronous 135

definition 184

ensuring privacy of 305

formats 66

localization of 341

message-driven beans 135

preventing tampering 304

security threats 304

messaging

asynchronous communication 183-185

HTTP-based 67

peer-to-peer 180

point-to-point 47

publish-subscribe 48

synchronous and asynchronous approaches 185

synchronous communication 182-183

metadata 138

middle tier 7

MIDlet clients 61

MIDP User Interface API 61

Mobile Information Device Profile (MIDP) 61

modules

application client 37

packaging 222

EJB 36

contents 210

packaging 210

J2EE 36

resource adapter 36

types 36

Web 36

contents 214, 222

packaging 214, 222

mutual authentication

See authentication, mutual

MVC architecture 348

controller 349

in sample application 371

model 348

in sample application 369

view 348

in sample application 366

N

naming contexts 35

environment 35, 228

naming environments 35

entries 225

naming subcontexts 35

ejb 35, 228

jdbc 35

O

object decomposition 360

onMessage 139, 155

P

packaging 201

components 201

of J2EE applications 207

parameter passing

pass-by-reference semantics 141

pass-by-value semantics 141

peer-to-peer messaging 180

persistent data 143

portability 144

pluggability standard 178

point-to-point messaging 183

portability

bean-managed persistence 149, 167

code generation wizards 165

component 10

data access objects 150

database connections 167

enterprise bean 136

entity bean 144

exceptions 168

guidelines 165-169

non-transient fields 166

of instance fields 168

SQL 167

type narrowing 166

with container-managed persistence 149

PortableRemoteObject.narrow 166

principal mapping 291

principals 40

protection domains 281

publish-subscribe messaging 183

Q

queries 144, 147

find 147

guidelines 148

select 147

query methods 140

queue-based communication 183

R

records 192

references

connection factory

data source 197

mail session 232

relational database management systems (RDBMS) 180

remote client view 140

component interface 139

guidelines for using 141-142, 158

home interface 138

parameter passing 141

when to use 140

request-response interaction model 182

resource adapter 177-178

examples 178

system-level mechanisms 177

resource-env-ref 233

resource-ref 231

resource-ref-env-name 233

resources

protected 284, 298

unprotected 301

rich clients 26

RMI 46

rmiccompiler 47

RMI-IIOP 46

S

sample application

API manageability 369

architecture 359

components 359

data access 370

EJB-centric design 356

enterprise requirements 15

fulfillment center 353

architecture 375

functional modules 363

functional specification 361

functionality 352

high-level view 352

J2EE design patterns 372

message-driven beans 380

MVC architecture 364, 372

controller 371

model 369

view 366

object decomposition 360

obtaining xv

page layout 367

partitioning 361

process manager 380

role separation 368, 370

security requirements 363

separation of logic 367

tiers 355

using JMS 380

Web site 353

architecture 360

Web-centric design 356

scriptlets 89

security 179

accessor components 297

application-managed sign on 198

attacks on messages 304

attributes 294

capabilities 294

clients 52

container-managed EIS sign on 197

declarative 40

EIS access authorization 199

EIS sign on 196

guidelines for application integration 196-199

mechanisms 280

auditing 307

authentication 280

authorization 293

confidentiality 305

integrity 304

mutual authentication 280

See also

authentication

authorization

permissions 294

principal mapping 291

programmatic 40

protection domains 281

requirements 196

roles 41, 294

mapping to group identities 295

mapping to principal identities 295

threats to 279

Security Attribute Service (SAS) protocol 288

See authentication, form-based

select methods 140

servlets 27, 79

error mechanism 342

where to use 82

session beans29, 135, 150

as facade to entity beans 158

managing conversational state 157

stateful 150

characteristics 151

example 151

lifetime 150

stateless 152

characteristics 152

example 153

session facade 351

SessionBean 139

SQL query 147

SSL 45, 285, 288

state 130

conversational 151

cookie 59

in clients 59, 69

of entity beans 143

persistence 143

session 59-60

within URL 59

session object 150

synchronous communication

See synchronous integration

synchronous integration 181-182

request-response interaction model 182

T

TCP/IP 45

templates 110

thin clients 54

tiers

client 7

EJB 7

middle 7

Web 7

TLS 288

transaction attributes 264

for entity beans 265

for message-driven beans 267

for session beans 265

guidelines 266-267

Mandatory 266

Never 266

NotSupported 265

Required 265

RequiresNew 265

Supports 265

with container-managed persistence 267

transaction management 137, 144, 179

transactions 37, 251

access to resources 256

ACID 252

applets 260

application clients 260

attributes

See transaction attributes

begin operation 253

commit operation 253

compensating 269-271

pitfalls 271

concurrency 272

Connector 253, 274

context propagation 254

creating 38

definition of 251

demarcation 253, 256

bean-managed 39, 263

container-managed 39, 264

benefits of 264

guidelines 266

distributed 254, 256, 273

enterprise beans 39, 262-266

setRollbackOnly 264

enterprise informations systems 268

isolation level 272

guidelines 272

J2EE platform

characteristics 256

J2EE SDK 257

JDBC 273

JMS provider 274

JTA 38, 260

benefits 260

local 269

message-driven beans 155

multiple application servers 258

multiple resource managers 273

participants 253

properties 252

atomicity 252

consistency 252

durability 252

isolation 252

resource adapter 253

LocalTransaction 275

NoTransaction 275

transaction level 275

XATransaction 275

resource manager 253

JDBC 273

JMS provider 274

resource manager local 38, 269-270

rollback operation 253

transaction context 254

transaction manager 254

transactional application 253

transactional resource object 253

two-phase commit protocol 255

Web components 38, 261

Web tier guidelines 262

XA protocol 254

type narrowing 166

U

Unicode 314

URL

rewriting 59

use case analysis 353

UserTransaction

accessing 38

from applets 38

from application clients 38

from enterprise beans 38

from Web components 38

UTF-8 315

V

value object 351

value objects 159

example 160

immutability 160

Vendor-Specific Deployment Information 245

verification tools

J2EE Verifier 165

view helper 350

W

WAR files 214, 222

Web applications

distributable 123

Web clients 65

Web components 27

accessing a UserTransaction 38

deployment 243

limitations on transactions 38

packaging into WAR files 215

cross-linked static content 219

transaction guidelines 262

using transactions 261

Web container 78

Web resources 284

confidentiality across absolute links 306

306

protected 284

299

Web tier 7, 75

application framework design 94

application structure 91

state scope 116

Web-centric design 356

wireless clients 27

X

XML 17, 20, 49, 67

DOM 68

JSP page syntax 80

Simple API for XML (SAX) 68

XSLT

generating localized dynamic content with 337