Business-Driven Software Engineering (6.Vorlesung) Bean ... · Bean Interaction and Configuration...
Transcript of Business-Driven Software Engineering (6.Vorlesung) Bean ... · Bean Interaction and Configuration...
IBM Research – Zurich
© 2011 IBM Corporation
Business-Driven Software Engineering (6.Vorlesung)Bean Interaction, Configuration, Transactions, SecurityThomas Gschwind <thg at zurich.ibm.com>
IBM Research – Zurich
© 2011 IBM Corporation2
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation3
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation4
Sample EJB Component System
Thick ClientsServlets/JSPs
Message Driven Bean
HTTP
JMS RMI-IIOP RMI-IIOP
Web Services
Other Systems
SOAP
RMI-IIOP
Browsers
App
licat
ion
Ser
ver
Messaging Clients
Session Bean
Session Bean
Session Bean
Session Bean
Entity Bean Entity Bean
IBM Research – Zurich
© 2011 IBM Corporation5
Bean Lookup
� Option 1: Use JNDI similarly as used by clients
� Use the session context to look up a bean– More efficient, since no InitialContext object needs to be created
…@Resource SessionContext context;OtherBean bean = (OtherBean)
context.lookup(OtherBean.class.getName());…
� Option 2: In EJB 3.0, use the @EJB annotation…@EJB OtherBean bean;…
IBM Research – Zurich
© 2011 IBM Corporation6
Bean Customization
� Environment Properties
� Stored in Deployment descriptor<env-entry>
<description> Order in which quotes are returned. </description><env-entry-name>QuoteService/order</env-entry-name><env-entry-type>java.lang.String</env-entry-type><env-entry-value>text</env-entry-value>
</env-entry>
IBM Research – Zurich
© 2011 IBM Corporation7
Bean Customization (cont‘d)
� Option 1: Again use JNDI
� Use the session context to look up a bean– More efficient, since no InitialContext object needs to be created
� Option 2: In EJB 3.0, use the @Resource annotation…@Resource(name = "QuoteService/order")String order;…
…@Resource SessionContext context;String order=(String)
context.lookup("java:comp/env/QuoteService/order");…
IBM Research – Zurich
© 2011 IBM Corporation8
Resource Factories
� Necessary for calling external resources– Acquiring database connections– JCA adapters– …
� Looked up through Context (similar to references)� Use resource injection� For EJB 3.0 entities, use persistence units
IBM Research – Zurich
© 2011 IBM Corporation9
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation10
Why Transactions?� Series of statements that
execute like a single one
� Naive implementation– Need to consider every possible
error– Error handling out of control
(eg, network failures)
– Testing challenge
try {// withdraw funds from// account 1
} catch(Exception e) {// handle errorreturn;
}try {
// deposit funds to// account 2
} catch(Exception e) {// redeposit to account 1// handle errorreturn;
}
IBM Research – Zurich
© 2011 IBM Corporation11
Transactions
� Advantages– Guarantee all-or-nothing execution– Allow concurrent access to data
� Using Transactions– Explicit middleware
• Programmed
– Implicit middleware• Declarative
IBM Research – Zurich
© 2011 IBM Corporation12
Transaction Properties
� Atomicity– All or no statements will be executed– In a distributed setting, achieved by voting
� Consistency– Inconsistencies while transaction is running are OK– No inconsistent state after transaction commits
� Isolation– Changes from one transaction only visible after commit– Achieved by locking database
� Durability– Updates survive crashes– Achieved using logs
IBM Research – Zurich
© 2011 IBM Corporation13
Transactional Models
� Flat Transactions
� On abort no statement is executed– Invalid parameters– Constraint violation– Failure
� On commit, all statements are executed
IBM Research – Zurich
© 2011 IBM Corporation14
Transactional Models (cont’d)
� Nested Transactions
� On abort, only nested transaction is rolled back– Allows to find alternatives to complete transaction– Ideal for long running transactions
� On commit only nested transaction completes
� Commit/rollback of global transaction=> commit/rollback of nested transactions
Not supported by EJB
IBM Research – Zurich
© 2011 IBM Corporation15
Isolation Properties
� Read Uncommitted
� Read Committed
� Repeatable Read
� Serializable
Definition of isolation properties not standardized
IBM Research – Zurich
© 2011 IBM Corporation16
Distributed Transactions
� When?– Multiple application servers– Updates to different databases– Whenever you have different communication partners
� How?– Use a distributed transaction manager– Two phase commit– Phase one: send prepare– Phase two: send commit/rollback
No interoperability between application servers
IBM Research – Zurich
© 2011 IBM Corporation17
Programmatic vs. Declarative Transactions
� Programmatic (bean-managed)– Good if several smaller transactions required– More powerful– Only available for Session & Message Driven Beans
� Declarative (container-managed)– Easy to use
IBM Research – Zurich
© 2011 IBM Corporation18
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation19
Declarative Transactions
<transaction-type>Container</transaction-type>
EJB Container/Server
Enterprise Bean
2. beginClient
1. transfer() Transaction Service
EJB Object
4.Business ops.
3. delegate
5. commit/abort
IBM Research – Zurich
© 2011 IBM Corporation
Declarative Transactions: Annotations
20
@Stateless@TransactionManagement(TransactionManagementType.CONTAINER)Public class BankBean implements BankRemote {
@PersistenceContext private EntityManager em;@Resource private SessionContext ctx;
@TransactionAttribute(TransactionAttributeType.REQUIRED)public void transfer(double amount,
String from, String to) {// …
}}
IBM Research – Zurich
© 2011 IBM Corporation21
Declarative Transactions: Deployment Descriptor
<assembly-descriptor><container-transaction>
<method><ejb-name>TellerBean</ejb-name><method-name>*</method-name>
</method><trans-attribute>Required</trans-attribute>
<container-transaction><container-transaction>
<method><ejb-name>TellerBean</ejb-name><method-name>deposit</method-name><method-param>double</method-param>
</method><trans-attribute>Required</trans-attribute>
<container-transaction></assembly-descriptor>
IBM Research – Zurich
© 2011 IBM Corporation22
Transaction Attributes
� Required
� RequiresNew
� Supports
� Mandatory
� NotSupported
� Never
IBM Research – Zurich
© 2011 IBM Corporation23
Controlling Transaction-Length
EJB Container/Server
Account 2
2. beginClient
1. transfer() Transaction Service
TellerEJB Object
3. delegate
6. commit/abort
Teller Bean
Account 1
4. withdraw 5. deposit
<trans-attribute>Required</trans-attribute>
IBM Research – Zurich
© 2011 IBM Corporation24
Aborting a Transaction
� Transaction may be aborted using ctx.setRollbackOnly()
� Identify whether a transaction is in the aborted state withctx.getRollbackOnly()
public void deposit(double amt) {balance+=amt;
}
public void withdraw(double amt) {if(balance-amt<creditline) ctx.setRollbackOnly();else balance-=amt;
}
IBM Research – Zurich
© 2011 IBM Corporation25
Programmatic Transactions
<transaction-type>Bean</transaction-type>
EJB Container/Server
Enterprise Bean
2. delegate
Client 1. method()
Transaction Service
EJB Object
4.Business ops.
3. begin5. commit/abort
IBM Research – Zurich
© 2011 IBM Corporation
Programmatic Transactions (cont’d)
� Use Java Transaction API (JTA)
26
public interface javax.transaction.UserTransaction {public void begin();public void commit();public int getStatus();public void rollback();public void setRollbackOnly();public void setTransactionTimeout(int tmo);
}
IBM Research – Zurich
© 2011 IBM Corporation
Programmatic Transactions (Ex.)
27
@Resource private UserTransaction ut;
public void deposit(double amt) throws AccountExcept ion {try {
ut.begin();balance+=amt;ut.commit();
} catch(Exception e) {if(ut!=null) ut.rollback();throw new AccountException("Error: "+e.getMessage() );
}}
IBM Research – Zurich
© 2011 IBM Corporation
Programmatic Transactions (Ex.)
28
public void deposit(double amt) throws AccountExcept ion {UserTransaction ut=null;try {ut=ctx.getUserTransaction();ut.begin();balance+=amt;ut.commit();
} catch(Exception e) {if(ut!=null) ut.rollback();throw new AccountException("Error: "+e.getMessage() );
}}
IBM Research – Zurich
© 2011 IBM Corporation29
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation30
Transactional Callbacks
� Allows bean to react to committed/rolled back transactions
� Bean has to implementjavax.ejb.SessionSynchronization interface– afterBegin()– beforeCompletion()– afterCompletion(boolean)
true => commit, false => rollback
� Only for transactional, stateful, CMP session beans
IBM Research – Zurich
© 2011 IBM Corporation31
Doomed Transactions
� Sometimes obvious that transaction cannot commit=> Doom transaction– Cont. managed => ctx.setRollbackOnly()– Bean managed => userTransaction.setRollbackOnly()
� Overhead if statements until commit are executed=> Query for doomed transactions– Cont. managed => ctx.getRollbackOnly()– Bean managed => userTransaction.getStatus()
IBM Research – Zurich
© 2011 IBM Corporation32
Client-Initiated Transactions
EJB Container/Server
Enterprise Bean
3. delegate
Client
2. method()
Transaction Service
EJB Object
4.Business ops.
1. begin()5. commit/abort()
IBM Research – Zurich
© 2011 IBM Corporation33
Transactions from Client Code
� Useful if client needs to identify commit
� Client-initiated distributed transactions
� Be careful! Performance!
try {Properties props=System.getProperties();Context ctx=new InitialContext(props);ut=(UserTransaction)
ctx.lookup("java:comp/UserTransaction");ut.begin();// invoke server-side methodsut.commit();
} catch(Exception e) { … }
IBM Research – Zurich
© 2011 IBM Corporation34
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation35
EJB Security
� Java Authentication & Authorization Service (JAAS)– Who am I?– What may I?
� For Session and Entitybeans
Client MachineServlet/JSPJava App.
Portable JAAS API
Vendorspecif. logic
J2EE Server
PropietaryProvider
EJB Component
FooSecurityInc.
1. Login
2. Call server
3. Authenticate
4. Invoke
IBM Research – Zurich
© 2011 IBM Corporation36
Configuration
Authentication
Client
Login Module
LoginContext
Subject
Action
J2EE Server
1
23
4
1
2
3
4
56
7
8
IBM Research – Zurich
© 2011 IBM Corporation
Authentication (cont’d)Red:
1.Invoke new
2.Invoke new and getAppConfigurationEntry
3.Return list of LoginModules
4.Invoke new and initialize
Blue:
1.Invoke getSubject
2.Invoke login
3.Authenticate with proprietary API
4.Invoke getSubject and receive subject
5.Invoke new
6.Invoke doAs(subject, action)
7.Invoke run
8.Perform operation (invoked via the network)
37
IBM Research – Zurich
© 2011 IBM Corporation38
Authorization – Client Side
public class QuoteClient {private static LoginContext loginContext = null;
public static void login(String u, String p)throws LoginException {
loginContext=new LoginContext("QuoteService",new UsernamePasswordHandler(u, p.toCharArray()));
loginContext.login();}
public static void logout() throws LoginException {loginContext.logout();
}
public static void main(String[] args) throws Excep tion {Context ctx=new InitialContext(System.getProperties ());login(args[0],args[1]);QuoteServiceRemote quoteService = (QuoteServiceRemote )
ctx.lookup("QuoteService/remote");…
IBM Research – Zurich
© 2011 IBM Corporation
Authorization – Client Side (cont‘d)
� The QuoteService login context needs to be defined
� The login context is retrieved from the file specified in the java.security.auth.login.config system property
39
QuoteService {org.jboss.security.ClientLoginModule required;
};
-Djava.security.auth.login.config=login.config
IBM Research – Zurich
© 2011 IBM Corporation40
Authorization – Server Side
� Declarative Authorization– Security logic defined in deployment descriptor– May be changed more easily
� Programmatic Authorization– Beans interlaced with security logic– More powerful
IBM Research – Zurich
© 2011 IBM Corporation
Declarative Authorization (Annotations)
41
@SecurityDomain("other")@DeclareRoles({"admin, user"})public class QuoteService implements QuoteServiceRem ote,… {
…
@RolesAllowed({"user"})@TransactionAttribute(TransactionAttributeType.REQU IRED)public Quote addQuote(String text) {
System.out.println("QuoteService.addQuote("+text+") ");if (ctx.getRollbackOnly()) return null;Quote quote = new Quote(text);em.persist(quote);return quote;
}
…}
IBM Research – Zurich
© 2011 IBM Corporation42
Declarative Authorization
� Specifying permissions in the deployment descriptor
<ejb-jar><enterprise-beans>
…</enterprise-beans><assembly-descriptor>
<method-permission><role-name>administrators</role-name><method>
<ejb-name>Cookie</ejb-name><method-name>*</method-name>
</method></method-permissions>
IBM Research – Zurich
© 2011 IBM Corporation
Declarative Authorization (cont‘d)
43
<method-permission><role-name>guests</role-name><method>
<ejb-name>CookieServer</ejb-name><method-name>getCookie</method-name><method-params>int</method-params>
</method></method-permissions><exclude-list>
<method>…
</method></exclude-list>
</assembly-descriptor></ejb-jar>
IBM Research – Zurich
© 2011 IBM Corporation44
Programmatic Authorization
� EJB context allows programmer to get authentication information
� Authorization may be performed on– User information
– Roles
� Security roles defined in deployment descriptor
public interface javax.ejb.EJBContext {…public java.security.Principal getCallerPrincipal();public boolean isCallerInRole(String role);…
IBM Research – Zurich
© 2011 IBM Corporation
Programmatic Authorization (Sample)
45
@SecurityDomain("other")@DeclareRoles({"admin, user"})public class QuoteService implements QuoteServiceRem ote,… {
…public void updateQuote(long quoteId, String text) {
Quote quote = findQuote(quoteId);String name = ctx.getCallerIdentity().getName();if(!ctx.isCallerInRole("administrators") &&
!name.equals(quote.getOwner())) {throw new SecurityException(
"only admins and quote owner allowed to change quote");}// change text of cookie
}…
}
IBM Research – Zurich
© 2011 IBM Corporation
Users and Roles
� Where does the other SecurityDomain store users and roles?– users.properties
• username = password
– roles.properties• username = role1, role2, …
� Other authentication modules exist that store user information in a database
46
IBM Research – Zurich
© 2011 IBM Corporation
Security Propagation
� How are security credentials passed betweenbeans?
� Client credentials? Other credentials?
� Defined with the @RunAs annotation orin the Deployment Descriptor
47
<entity><ejb-name>Cookie</ejb-name>…<security-identity>
<use-caller-identity></security-identity>…
…<security-identity>
<run-as><role-name>admins</role-name>
</run-as></security-identity>
IBM Research – Zurich
© 2011 IBM Corporation48
Agenda� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation49
Summary� Bean Interaction and Configuration
– Bean Lookup– References– Resource Factories– Configuration
� Transactions– Basics– Declarative Transaction Handling– Programmatic Transaction Handling– Advanced Topics
� EJB Security– Authentication– Authorization– Security Propagation
� Demo
IBM Research – Zurich
© 2011 IBM Corporation
Review Questions
� Explain the ACID properties
� Explain the different isolation properties
� Explain the EJB transaction attributes
� How can you control the transaction length with the transaction attributes, give examples
� Explain the difference between container managed and bean managed transactions– How do you set a transaction to be rollback only– How do you check whether a transaction is rollback only and why
would one need this
� Explain the difference between declarative and programmatic security management
50
IBM Research – Zurich
© 2011 IBM Corporation
Tasks
1. Experiment with the sample fro this lecture
2. Deactivate security in the client and connect to the server
3. Try logging in with an incorrect user/role
4. Play with the maxQuotes parameter to trigger a rollback of the transaction
51