An Introduction to Application Security in J2EE - Denim Group
J2EE Introduction
-
Upload
api-3698230 -
Category
Documents
-
view
122 -
download
0
Transcript of J2EE Introduction
J2EEJ2EE
To Understand the relevance and implication of J2EE, in the present day E-enabled business environment
J2EE J2EE
ObjectivesObjectives
To understand and appreciate the distinguishing characteristics of J2EE
To understand the J2EE Application Programming Model
To understand the Components that makeup J2EE
To develop a simple J2EE application using various server-side Java Components To understand Web Application Servers as implementations of J2EE
Part-I Introducing J2EE Current problems with enterprise-wide networked application environments Future needs What is J2EE? How J2EE meets the challenge? A taste of J2EE
Part-II Components of J2EE J2EE application programming model Components & component APIs – an in-depth look Interactions between the components A component-based development approach
Part-III Application Development with J2EE Developing Servlets and JSPs Developing Enterprise JavaBeans (EJBs) Interactions between the components Architecting a simple J2EE application
Part-IV J2EE Web Application Servers Implementing J2EE : Web application servers Features of Web application servers J2EE certification for Web application servers Future of J2EE
J2EEJ2EE
OrganisationOrganisation
Basic understanding of Java language Basic OOP concepts Basic understanding of E-Commerce applications
J2EEJ2EE
Assumed knowledgeAssumed knowledge
Introducing Introducing J2EEJ2EE
Current problems with enterprise application environments Future needs What is J2EE ? How J2EE meets the challenge A taste of J2EE
Part-IPart-I OrganizationOrganization
Introducing J2EEIntroducing J2EE
Current problems with Current problems with enterprise application environments enterprise application environments
Introducing J2EEIntroducing J2EE
Unix / Solaris / Windows NT/Windows XP/ 2000 / Windows 95, 98 etc.
Presence of multiple hardware / operating system Presence of multiple hardware / operating system combinationcombinations
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Weak application programming models
Lack of serious OOP design and application architectureLack of serious OOP design and application architecture
PROCEDURALPROGRAMS
OBJECTS OBJECTS
OBJECTS OBJECTS
OBJECTS OBJECTS
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Less than 30% of the code is reused, currently
Minimal or no reuse of codeMinimal or no reuse of code
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Lack of portability. Entire system becomes a huge and complex behemoth System more and more difficult to handle – as the business becomes
more and more complex.
Rigidity and InflexibilityRigidity and Inflexibility
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Exchange of data across departments : a nightmare Exchange of data outside the enterprise : ruled out
DATA
Serious problems in integrated data flowSerious problems in integrated data flow
Dept 1
Dept 2
Dept 3
Dept 4
Introducing J2EEIntroducing J2EE Current problems with enterprise application environmentsCurrent problems with enterprise application environments
Back-end systems integration Back-end systems integration
Highly heterogeneous environment - Legacy systems, Relational Databases, ERP Implementations etc.
Need to cope up with scattered enterprise information systems
Future NeedsFuture Needs
Introducing J2EEIntroducing J2EE
Introducing J2EEIntroducing J2EE Future needsFuture needs
Internationalization and GlobalizationInternationalization and Globalization
Business applications must meet the challenges imposed by distributed development environment
Developers - and even applications may be distributed !
Introducing J2EEIntroducing J2EE Future needsFuture needs
Unique challenges of e-BusinessUnique challenges of e-Business
Business must embrace the Internet and e-Commerce – not only for growth, but for very survival !
Need to face a whole new set of problems like Security , Scalability, Load-balancing , Fail-over , Availability
Introducing J2EEIntroducing J2EE Future needsFuture needs
Challenges of E-Commerce driven businessChallenges of E-Commerce driven business
Businesses should rapidly adopt themselves to B2B transactions Otherwise, they will be left behind !
Introducing J2EEIntroducing J2EE Future needsFuture needs
Businesses need Rapid Application DevelopmentBusinesses need Rapid Application Development
Need to respond quickly and effectively in the dynamic market environments….
Competitor is just a click away!
Introducing J2EEIntroducing J2EE Future needsFuture needs
Need to develop quality solutions at competitive prices, in no time!
Businesses cannot spend heavily on Information Technology Businesses cannot spend heavily on Information Technology in the futurein the future
Introducing J2EEIntroducing J2EE Future needsFuture needs
Can it ever be accomplished ?
Challenges in re-architecting systems for multi-tier Challenges in re-architecting systems for multi-tier application developmentapplication development
TIER 1 TIER 2 TIER 3
Introducing J2EEIntroducing J2EE Future needsFuture needs
Unified development efforts and co-ordination
Need to have a standard environment and a common Need to have a standard environment and a common platformplatform
Introducing J2EEIntroducing J2EE Future needsFuture needs
Nobody can neglect
Relevant even to small and medium scale enterprises Relevant even to small and medium scale enterprises because of B2B transactionsbecause of B2B transactions
What is J2EE?What is J2EE?
Introducing J2EEIntroducing J2EE
An enterprise-level platform for developing portable, secure, scalable, distributed, multi-tier business applications with Java.
Java 2 Platform, Enterprise EditionJava 2 Platform, Enterprise Edition
Introducing J2EEIntroducing J2EE What is J2EE?What is J2EE?
Introducing J2EEIntroducing J2EE What is J2EE?What is J2EE?
. . . with a rich set of server-side Java APIs
It is an application development platformIt is an application development platform
CLIENTSCLIENTS E I SE I SWEB CONTAINERWEB CONTAINER
EJB CONTAINEREJB CONTAINER
ENTERPRISE SERVICESENTERPRISE SERVICES
Model 1 architecture
JSP Architecture
Model 2 architecture
Introducing J2EEIntroducing J2EE What is J2EE?What is J2EE?
. . .describing how enterprise applications need to be built / structured
It is an application programming model It is an application programming model
CLIENTSCLIENTSTIERTIER
External Clients from
INTERNET (Browsers ,
WAP etc.) Applets
Internal Clients from INTRANET
(Browsers , Desk top
Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION PRESENTATION LOGIC LOGIC
(Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICES
HTML
JDBC
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
JNDI JMS JTS
RMI - IIOP
EnterpriseInformation
Systems
(Databases,ERP,
Legacy Systems)
Introducing J2EEIntroducing J2EE What is J2EE?What is J2EE?
. . .for developing middleware web application services
It is a standard middleware architectureIt is a standard middleware architecture
How J2EE meets the challengeHow J2EE meets the challenge
Introducing J2EEIntroducing J2EE
Java is write once and run anywhere! The JVM is available for all platforms and OS Standardised environment for development & deployment Codes can be easily ported across multiple platforms
Hardware / OS IndependentHardware / OS Independent
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Java is a strictly Object-Oriented Programming language
Adherence to OOPAdherence to OOP
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
CLASS
CLASS
CLASS
CLASS
CLASS
CLASS
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Entire application development as bits and pieces of independent components
Self-contained modules and logic – ‘assembled’ business applications
Component-based development for code re-useComponent-based development for code re-use
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Clear demarcation of various tiers across the application-independent development environment
Multi-tier application developmentMulti-tier application development
CLIENTSCLIENTSTIERTIER
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION PRESENTATION LOGIC LOGIC
(Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Developers can work anywhere! Application components can be spread across the globe!
Distributed development & deployment made easy Distributed development & deployment made easy
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Flexibility in developing and assembling solutions Portability of application components across J2EE platforms
Flexible and portable solutionsFlexible and portable solutions
Automatic load-balancing / scaling / fail-over
Satisfying the essential requirements of E-Commerce web Satisfying the essential requirements of E-Commerce web applications applications
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Introducing J2EEIntroducing J2EE How J2EE meets the challengeHow J2EE meets the challenge
Standardisation efforts by means of Connector architecture Support for IDL / CORBA
Back-end systems integration Back-end systems integration
A taste of J2EEA taste of J2EE
Introducing J2EEIntroducing J2EE
Introducing J2EEIntroducing J2EE A taste of J2EEA taste of J2EE
Multi-tier thin client architecture MVC model architecture Client tier Presentation tier Business logic tier Enterprise Platform Services tier Back-end tier: Enterprise Information Systems Developing middleware Web Application Services
J2EE as an application programming model J2EE as an application programming model
CLIENTSPRESENTATION /BUSINESS LOGIC
BACKEND
Introducing J2EEIntroducing J2EE A taste of J2EEA taste of J2EE
Java Servlets Java Server Pages (JSP) Enterprise JavaBeans (EJBs) Java Database Connectivity (JDBC) Java Messaging Services (JMS) Java Naming and Directory Interface (JNDI) Java Transaction Services (JTS) JavaMail XML
J2EE – as a combination of various server-side technologies J2EE – as a combination of various server-side technologies
SERVLETS
JSP
EJB
JDBC
Introducing J2EEIntroducing J2EE A taste of J2EEA taste of J2EE
Web application servers – implementations of J2EE reference infrastructure
J2EE – as the standard for web application serversJ2EE – as the standard for web application servers
WEB APPLICATION SERVERS
Components of J2EEComponents of J2EE
J2EE application programming model Components & component APIs – an in-depth look Interactions between the components A component- based development approach
Components of J2EE Components of J2EE
OrganizationOrganization
SERVLETS
JSP
EJB
JDBC
J2EE Application Programming J2EE Application Programming ModelModel
Components of J2EE Components of J2EE
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
J2EE application programming modelJ2EE application programming model
CLIENTCLIENTTIERTIER
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
Client tier componentsClient tier components
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
CLIENTCLIENTTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
Presentation logic components (or web components)Presentation logic components (or web components)
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
CLIENTSCLIENTSTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
HTML
XML
SERVLETS
JSP
WML
Business logic componentsBusiness logic components
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
CLIENTSCLIENTSTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
HTML
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
Enterprise Service APIs Enterprise Service APIs
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
CLIENTSCLIENTSTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
HTML
JDBC
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
JNDI JMS JTS
RMI - IIOP
Enterprise Information Systems (Hosts) Enterprise Information Systems (Hosts)
Components of J2EE Components of J2EE J2EE Application Programming ModelJ2EE Application Programming Model
CLIENTSCLIENTSTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
HTML
JDBC
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
JNDI JMS JTS
RMI - IIOP
EnterpriseInformation
Systems
(Databases,ERP,
Legacy Systems)
Interactions between the Interactions between the Components Components
Components of J2EE Components of J2EE
Components of J2EE Components of J2EE Interactions between the ComponentsInteractions between the Components
Various interactions between the J2EE componentsVarious interactions between the J2EE components
CLIENTSCLIENTSTIERTIER
External Clients from INTERNET
(Browsers , WAP etc.)
Applets
Internal Clients from INTRANET
(Browsers , Desk top Applications etc.)
Applets, Javabeans
BACK END BACK END TIERTIER
J2EE WEB APPLICATION SERVER TIERJ2EE WEB APPLICATION SERVER TIER
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
ENTERPRISE SERVICESENTERPRISE SERVICES
HTML
JDBC
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
JNDI JMS JTS
RMI - IIOP
EnterpriseInformation
Systems
(Databases,ERP,
Legacy Systems)
Components and Component APIs - Components and Component APIs - an in-depth lookan in-depth look
Components of J2EE Components of J2EE
HTML
JDBC
XML
SERVLETS
JSP
WML
EJB EJB
EJB EJB
EJBEJB
JNDI JMS JTS
RMI - IIOP
Standard Java extensions to the basic web server framework. Provide additional functionality to the server / enable dynamic
content creation. Programmers can extend Servlets for their applications. Servlets reside in Servlet engines.
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java ServletsJava Servlets
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
HTML
XML
SERVLETS
JSP
WML
HTTP Clients
(Internal & External)
Another set of server side Java APIs to enhance web server functionality Collecting data / presenting processed results to the client Java snippets can be embedded into normal HTML code Closely linked interaction with JavaBeans API
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java Server Pages (JSP)Java Server Pages (JSP)
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
HTML
XML
SERVLETS
JSP
WML
HTTP Clients
(Internal & External)
Scalable, distributed server-side Java components for encapsulating business logic
Each EJB serves a specific set of well-defined business tasks. EJBs reside in EJB containers, which are an integral part of vendor’s J2EE
implementation and provide crucial system-level services All EJBs should be coded to standard EJB API specifications. Types of EJBs: Stateful Session EJBs, Stateless Session EJBs, Entity EJBs etc. Different types of EJB will be introduced in the future
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Enterprise JavaBeans (EJB)Enterprise JavaBeans (EJB)
PRESENTATION LOGIC PRESENTATION LOGIC (Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
SERVLETS
JSP
EJB EJB
EJB EJB
EJBEJBRMI
Standard Java API for connecting to various databases “Hides” the database from the eyes of the program
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java Database Connectivity (JDBC)Java Database Connectivity (JDBC)
Informix
Oracle
SQL Server
SERVLETS
EJB JDBC API
OtherJava
Classes
JDBCDriver/DB API
Standard Java API for distributed lookup services
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java Naming and Directory Interface (JNDI)Java Naming and Directory Interface (JNDI)
SERVLETS
JSP
RMI
JNDI API / NAMING MANAGER/SERVICE PROVIDER
INTERFACE
LDAP / File
System /DNS /
Drivers
LDAPServer
File System
DNSServer
Standard Java API for Enterprise Messaging Systems
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java Messaging Services (JMS)Java Messaging Services (JMS)
JMS APIEnterpriseMessaging
System
M MM
M MM
Transmission
Reception
Standard Java API for Distributed Transaction Services
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java Transaction API (JTA)Java Transaction API (JTA)
EJB JTA
OtherTransactional
Classes
Transaction Monitor
JDBCAPI
Standard Java API for Mail Server Services (SMTP / IMAP)
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
JavaMail API / JAFJavaMail API / JAF
RMI is a Java API for object-to-object communication between different java Virtual Machines (JVM) RMI over Internet Inter-Orb Protocol (RMI-IIOP) integrates CORBA-compliant distributed computing directly into Java
Components of J2EE Components of J2EE Components and Component APIs - an in-depth lookComponents and Component APIs - an in-depth look
Java RMI / IIOP / IDLJava RMI / IIOP / IDL
A component-based development A component-based development approachapproach
Components of J2EE Components of J2EE
EJB
EJB
EJB
EJB
EJB
Required components can be ‘plugged in’ and ‘plugged out’
Components of J2EE Components of J2EE A component-based development approach
Pluggable ArchitecturePluggable Architecture
Components that have relevance beyond the scope of the project EJBs should be generic – Servlets / JSPs can be specific Logic libraries (Packages) should be generic
Components of J2EE Components of J2EE A component-based development approach
Generic components vs. application specific componentsGeneric components vs. application specific components
SERVLETS
EJB EJB
EJB
JSP
GenericUtilities
Directory names and URLs Database parameters – table names, database URL etc. Application specific parameters
Components of J2EE Components of J2EE A component-based development approach
Identifying the right deployment parametersIdentifying the right deployment parameters
Application Development Application Development with J2EEwith J2EE
Developing Servlets & JSPs Developing Enterprise JavaBeans (EJBs) Interactions between the components Architecting a simple J2EE application
Application Development with J2EE Application Development with J2EE
OrganizationOrganization
Developing Servlets and JSPsDeveloping Servlets and JSPs
Application Development with J2EE Application Development with J2EE
SERVLETS JSP
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
Servlets - Core ConceptsServlets - Core Concepts
Server side Java Classes, that reside in J2EE Presentation Logic Tier Servlets are based on Request – Response models All Servlets extend javax.servlet.Servlet Interface. Most of the application Servlets extend javax.servlet.http.HttpServlet
class ServletRequest and ServletResponse objects enable interaction with
the clients Instantiate EJBs for business data processing
SERVLETS
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
Servlets - LifecycleServlets - Lifecycle
Servlet Engine instantiates and loads the Servlet - either during startup or first request call
Initialisation performed through init() method - only once throughout the life of Servlet
Servlet threads are created for multiple requests. All threads use same Servlet instance.
Business tasks are performed through the service() methods
In the event of a timeout or web server shutdown, Servlet’s destroy() method is called
Java Virtual Machine does the garbage collection- finalize() method is called
Does Not Exist
Servlet Instance
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
Servlets - A simple exampleServlets - A simple example
import javax.servlet.*;import javax.servlet.http.*;
public class SimpleServlet extends HttpServlet {public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException{ res.setContentType("text/html"); ServletOutputStream out = res.getOutputStream();
out.println("<html>"); out.println("<head><title>Simple Servlet</title></head>"); out.println("<body>"); out.println("<h1>Hello J2EE !</h1>"); out.println("</body></html>"); }}
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
JSPs - Core ConceptsJSPs - Core Concepts
JSP
Server-side Java code that resides in J2EE presentation logic tier JSPs are based on Request – Response models Contain HTML code for presenting information, plus directives and
scriplets for processing. JSPs interact with Servlets and JavaBeans Internally JSPs are no different from Servlets Dynamically compiled – unlike Servlets Can instantiate EJBs – but not advised to do so.
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
JSP - LifecycleJSP - Lifecycle
JSP Engine dynamically complies the JSP page as a servlet class
JSP Engine instantiates and loads the class - during the first request call
Initialisation performed through jspInit() method - only once throughout the life of JSP
Threads are created for multiple requests. All threads share the same instance.
Business tasks are performed through the _jspService() methods
In the event of a timeout or web server shutdown, jspDestroy() method is called
Does Not Exist
JSP Instance
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
JSP - A simple exampleJSP - A simple example
<%!String a = “hai”;String b = “hai J2ee”;
%><HTML> <h1> Current Date </h1>Today’s date is : <%= new Date().toString() %><%
if (a.equalsIgnoreCase(b)){
%><font name=”ariel”>A is equal to B</font>
<%}
%></HTML>
Application Development with J2EE Application Development with J2EE Developing Servlets and JSPsDeveloping Servlets and JSPs
A Simple JavaBeanA Simple JavaBean
public class Presentation {//attributesprotected String session;protected String speaker;protected int duration_hours;//constructor methodpublic Presentation () {
this.session = “J2EE Tutorial”;this.speaker = “S.Gokul”;this.duration_hours = 4;
}//Accessor Methodspublic String getSession() {…}public void setSession() {…}………
}
Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
Application Development with J2EE Application Development with J2EE
EJB EJB
EJB EJB
EJBEJB
EJB
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
EJB : Core ConceptsEJB : Core Concepts
Server side distributed, load balanced, scalable business logic components, that reside in the business logic tier
Built on the top of Java RMI specification for distributed computing EJB Container manages EJBs – pooling, distribution, creation,
activation etc. Three types of EJBs : Stateless Session, Stateful Session and Entity
EJBs Each EJB Contains at least 3 user-defined classes and a number of
Container classes. Home Interface – meant for EJB creation; Remote Interface - meant for
using business logic; Bean Class – actual implementation details. Clients can access EJBs only through interfaces. Containers manage
the implementation.
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
EJB : Breathing to LifeEJB : Breathing to Life
CLIENT
ejbCreate () from Home stub reference
Create EJB InstanceCreate Remote stub & Skeleton
Home stub deployed during startup
JNDI EJB CONTAINER
Home Stub obtained from JNDI
Return the remote stub reference
Invoke business methods through the remote stub reference
Process data
Return Results
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
EJB : Breathing to LifeEJB : Breathing to Life
EJB Containers manage the enterprise bean life cycle For each EJB in the system, a home stub is deployed into JNDI –
during the application server startup Clients download a copy of the home stub, to create an EJB instance
in the server. Upon this request, EJB container creates an EJB instance, gives it
state and associates a client context to it. It also creates a remote skeleton and a remote stub The remote stub is returned by the home skeleton Client invokes business methods, through remote stub All clients get identical home stubs, but unique remote stubs !
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
Stateless Session EJBsStateless Session EJBs
Provide a well-defined set of business services to the client Do not maintain state on the behalf of client and hence, do not have
attributes. Do not survive EJB Container crashes. All Stateless EJB instances are identical – and can be reused. Less resource hungry – ideal for clustered environment.
EJB
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
Stateful Session EJBsStateful Session EJBs
Provide business services and maintain state on behalf of client. Stores the state as attribute, for temporary usage. Do not survive EJB Container crashes. Every Stateful EJB instance is unique & tied to the client – hence, they
cannot be reused. Lifetime is determined by the client. More resource hungry – should be avoided in a clustered environment.
EJB
Application Development with J2EE Application Development with J2EE Developing Enterprise JavaBeansDeveloping Enterprise JavaBeans
Entity EJBsEntity EJBs
Retrieve and store information from the database Represent persistent business data – every record in the table, is an
entity bean (single table model) They survive EJB Container crashes Multiple clients may use the same EJB - that represents the same set
of data – but they are not same Entity instances ! State of entity bean is persisted in the storage (file or database). Resource hungry - most useful for transactions.
EJB
PRESENTATION PRESENTATION LOGIC LOGIC
(Web Components)
BUSINESS LOGICBUSINESS LOGIC(EJB Container )
SERVLETS
JSP
EJB EJB
EJB EJB
EJBEJBRMI
Interactions between the Interactions between the ComponentsComponents
Application Development with J2EE Application Development with J2EE
Application Development with J2EE Application Development with J2EE Interactions between the ComponentsInteractions between the Components
BROWSER SERVLET
Request
Presentation LogicPresentation Logic
JSP
ejbCreate () from Home stub reference
Create EJB InstanceCreate Remote stub & Skeleton
RESPONSE
Home stub deployed during startup
JNDI EJB CONTAINER
Home Stub obtained from JNDI
Return the remote stub reference
Invoke business methods through the remote stub reference
Process data
Return Results
Forward Response
with ResultsResponse
Business LogicBusiness Logic
The necessary EJBs / Servlets and JSPs are developed and deployed in the J2EE server
Server is started A client request hits a Servlet Servlet gathers / validates the input data, creates an EJB and forwards
the data to EJB for processing EJB processes the data by applying business rules / interacting with
the database, and responds with the processed results. Servlet gathers the response and forwards to a JSP appropriately. JSP loads the response HTML page to the client.
Application Development with J2EE Application Development with J2EE Interactions between the ComponentsInteractions between the Components
A Typical Interaction ScenarioA Typical Interaction Scenario
Architecting a simple J2EE Architecting a simple J2EE ApplicationApplication
Application Development with J2EE Application Development with J2EE
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
Application SequenceApplication Sequence
BROWSER SERVLET
Request : Collect User name and Password
Presentation LogicPresentation Logic
JSP
ejbCreate () from Home stub reference
Create Authenticate EJB Instance
Create Remote stub & Skeleton
RESPONSE
Home stub deployed during startup
JNDI EJB CONTAINER
Authenticate EJB Home Stub obtained from JNDI
Return the remote stub reference
Verify Username and Password (Business method)
Process data
Return Results (True or False)
Forward Response
with ResultsResponse
Business LogicBusiness Logic
Userdata EJB Home Stub obtained from JNDI
The Request from HTTP client hits the Servlet Username and password are collected from the Request object The Authenticate stateless session EJB is initialised Username and password are passed to this EJB for verification This EJB returns True if the user details are correct If the details are not correct, inform the user accordingly If the details are correct, create / findbyPrimaryKey - an Entity EJB
called Userdata with Username and Password as keys
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
Application SequenceApplication Sequence
Table DetailsTable Details
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
NAME
LOGINNAME
PASSWORD
AGE
SERVICE
Servlet CodeServlet Code
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
package portal;import java.io.*;import java.sql.*;import java.util.*;
import javax.servlet.*;import javax.servlet.http.*;import java.net.URL;
import javax.ejb.*;import javax.naming.*;
public class login extends HttpServlet {static String url = "http://17.252.11.139:7001";static String connection_pool = "";static String user = “guest”;public void init()throws ServletException{ String connection_pool = "oraclepool";}
Servlet Code (Cont..)Servlet Code (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException{
//ACCPET THE FORM VARIABLES AS STRINGS FROM HTMLString login = req.getParameter("login");if (login == null) login = "";else login = login.trim();String password = req.getParameter("password");if (password == null) password = "";else password = password.trim();//INITIALISING RESPONSE WRITERres.setContentType("text/html");PrintWriter out = res.getWriter();
boolean result = false;
Servlet Code (Cont..)Servlet Code (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//THIS BLOCK IS INSIDE THE SERVICE METHODtry{ Context ctx = getInitialContext(); AuthenticateHome home = (AuthenticateHome) ctx.lookup("Authenticate"); Authenticate session_ejb = home.create();
result = session_ejb.check_authentication(login, password);
//System.out.println(”session ejb = " + session_ejb.toString());
session_ejb.remove();}catch (Exception e){ e.printStackTrace();}
Servlet Code (Cont..)Servlet Code (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//SEPARATE METHOD - NOT INSIDE THE SERVICE BLOCKpublic static Context getInitialContext() throws NamingException{Properties p = new Properties(); p.put(Context.INITIAL_CONTEXT_FACTORY,"weblogic.jndi.WLInitialContextFactory"); p.put(Context.PROVIDER_URL, url);
if (user != null) { p.put(Context.SECURITY_PRINCIPAL, user); if (password == null) password = ""; p.put(Context.SECURITY_CREDENTIALS, password); } return new InitialContext(p);}
Servlet Code (Cont..)Servlet Code (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//THIS BLOCK IS INSIDE THE SERVICE METHODif (result){ try{ Context ctx = getInitialContext(); UserdataHome home = (UserdataHome) ctx.lookup(”Userdata"); Userdata entity_ejb = home.create(login, password);
//...
}catch (Exception e){ e.printStackTrace();}
Authenticate Stateless Session EJBAuthenticate Stateless Session EJB
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//HOME INTERFACE CODE (AuthenticateHome.java)package portal;
import javax.ejb.*;import java.rmi.RemoteException;
public interface AuthenticateHome extends EJBHome{
//CREATE METHOD TO BE IMPLEMENTED IN BEAN CODEpublic Authenticate create()throws CreateException, RemoteException;
}
Authenticate Stateless Session EJB (Cont..)Authenticate Stateless Session EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//REMOTE INTERFACE CODE (Authenticate.java)package portal;
import javax.ejb.*;import java.rmi.RemoteException;
public interface Authenticate extends EJBObject{
//BUSINESS METHODS TO BE IMPLEMENTED IN BEAN CODEpublic boolean check_authentication(String username, String password)throws RemoteException;
}
Authenticate Stateless Session EJB (Cont..)Authenticate Stateless Session EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (AuthenticateEJB.java)package portal;import javax.ejb.*;import java.util.*;import javax.naming.*;import java.io.*;import java.sql.*;
public class AuthenticateEJB implements javax.ejb.SessionBean{private SessionContext ctx;public AuthenticateEJB(){}// SessionBean interface implementationpublic void ejbActivate(){}public void ejbPassivate(){}public void ejbRemove(){}
Authenticate Stateless Session EJB (Cont..)Authenticate Stateless Session EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
public void setSessionContext(SessionContext ctx){this.ctx = ctx;
}// create methodspublic void ejbCreate(){}// business methodspublic boolean check_authentication(String username, String password){ boolean result = false; username = username.toUpperCase(); password = password.toUpperCase(); Connection con = null; Statement stmt = null;
Authenticate Stateless Session EJB (Cont..)Authenticate Stateless Session EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//check_authentication method Blocktry{ Class.forName("weblogic.jdbc.pool.Driver").newInstance();con = DriverManager.getConnection("jdbc:weblogic:pool:oraclepool", null); DatabaseMetaData dma = con.getMetaData ();System.out.println("\nConnected to " + dma.getURL());System.out.println("\nDriver " + dma.getDriverName());stmt = con.createStatement();String querry = "SELECT * FROM USERDATA WHERE UPPER(LOGINNAME) = '" + username + "' AND UPPER(PASSWORD) = '" + password +"'";
ResultSet rs =stmt.executeQuery(querry);
//WHEN THERE IS ATLEAST ONE RECORD RETRIEVED, USER IS VALIDwhile(rs.next()){
result = true;}
}catch (SQLException exception){
result = false;}
Userdata Entity EJBUserdata Entity EJB
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//HOME INTERFACE CODE (UserdataHome.java)package portal;import javax.ejb.EJBHome;import javax.ejb.FinderException;import java.rmi.RemoteException;import javax.ejb.CreateException;public interface UserdataHome extends EJBHome{
public Userdata create(String loginname, String password)throws CreateException, RemoteException;
public Userdata findByPrimaryKey(UserdataPK key)throws FinderException, RemoteException;
public Userdata findByLoginName(String loginname)throws FinderException, RemoteException;
}
Userdata Entity EJB (Cont..)Userdata Entity EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
REMOTE INTERFACE CODE (Userdata.java)package portal;import javax.ejb.EJBObject;import java.rmi.RemoteException;public interface Userdata extends EJBObject{
public void setService(String service)throws RemoteException; public String getService()
throws RemoteException; public String getUserEmail()
throws RemoteException; public String getUserName()
throws RemoteException; }
Userdata Entity EJB (Cont..)Userdata Entity EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//PRIMARY KEY CLASS (UserdataPK.java)package portal;import java.io.Serializable;public class UserdataPK implements Serializable{
public String loginname;
public boolean equals(Object that) {// SBgen: Compare membersreturn(this == that);// SBgen: End compare
} }
Userdata Entity EJB (Cont..)Userdata Entity EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (UserdataEJB.java)package portal;import javax.ejb.EntityBean;import javax.ejb.EntityContext;import javax.ejb.CreateException;import javax.naming.Context;import javax.naming.InitialContext;import javax.naming.NamingException;
public class UserdataEJB implements EntityBean{private EntityContext context;public String loginname;/** USERDATA.LOGINNAME */public String password;/** USERDATA.PASSWORD */public String name;/** USERDATA.NAME */public String email;/** USERDATA.EMAIL */public int age;/** USERDATA.AGE */public String service;/** USERDATA.SERVICE */
Userdata Entity EJB (Cont..)Userdata Entity EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (UserdataEJB.java)public void setEntityContext(EntityContext ec){
context = ec;} public void unsetEntityContext(){
this.context = null;}
public void ejbActivate(){} public void ejbPassivate(){}
public void ejbLoad(){}
public void ejbStore(){}
Userdata Entity EJB (Cont..)Userdata Entity EJB (Cont..)
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (UserdataEJB.java)public UserdataPK ejbCreate(String loginname) {
this.loginname = loginname;return null;
} public void ejbPostCreate(String loginname) {} public void ejbRemove() {}
public UserdataPK ejbCreate(String loginname, String password)throws CreateException {
this.password = password;return ejbCreate(loginname);
}
public void ejbPostCreate(String loginname, String password) {
}
Userdata Entity EJBUserdata Entity EJB
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (UserdataEJB.java)public void setService(String service) { this.service = service;} public String getService() {
return this.service;} public String getUserEmail() {
return this.email;} public String getUserName() {
return this.name;}
}
Userdata Entity EJBUserdata Entity EJB
Application Development with J2EE Application Development with J2EE Architecting a simple J2EE ApplicationArchitecting a simple J2EE Application
//BEAN CODE (UserdataEJB.java)protected String getPrimarykey() {java.lang.String prop = null;try { Context initial = new InitialContext(); Context environment = (Context) initial.lookup("java:comp/env"); prop = (java.lang.String) environment.lookup("primarykey");}catch (NamingException e) {}return prop;}
Web Application ServersWeb Application Servers
Implementing J2EE : web application servers Features of web application servers J2EE Certification of application servers Future of J2EE
Web Application ServersWeb Application Servers
OrganizationOrganization
WEBAPPLICATION
SERVER
Implementing J2EE - Implementing J2EE -
Web Application ServersWeb Application Servers
Web Application ServersWeb Application Servers
WEBAPPLICATION
SERVER
SERVLETS
JSP
EJB
EJB
Web Application ServersWeb Application Servers Implementing J2EE - Web Application ServersImplementing J2EE - Web Application Servers
Forrester Research defines an application server as “a software
server product that supports thin clients with an integrated
suite of distributed computing capabilities. Application servers
manage client sessions, host business logic and connect to
back-end computing resources,including data,transactions,
and content.”
Web Application Servers - DefinitionWeb Application Servers - Definition
WEBAPPLICATION
SERVER
Single robust platform to develop and deploy all enterprise / web applications.
Support a variety of components – to cater to various business needs Independent of platform / OS and are capable of connecting together a
heterogeneous mix of back-end systems. Can cluster a host of server instances and treat them as a single pool
of resources – ensuring total availability Can service and monitor sensitive database transactions and allow for
increased security and control.
Web Application ServersWeb Application Servers Implementing J2EE - Web Application ServersImplementing J2EE - Web Application Servers
What can Web Application Servers do for you ?What can Web Application Servers do for you ?
WEBAPPLICATION
SERVER
Allow us to exercise more control over the overall flow of applications – caching, pooling and load balancing.
Provide efficient remote administration capabilities for the enterprise system architecture.
Capable of scaling to meet the increasing net traffic. Provide more flexibility and openness in the overall enterprise system
architecture – every end resource can be virtually ‘plugged in’ or ‘plugged out’ of a single backbone.
Increase the overall system performance – enterprise resources are routed through a single gateway.
Web Application ServersWeb Application Servers Implementing J2EE - Web Application ServersImplementing J2EE - Web Application Servers
What Web Application Servers can do for you ? (Cont..)What Web Application Servers can do for you ? (Cont..)
WEBAPPLICATION
SERVER
Vendor-specific implementations of J2EE infrastructure Features and performance distinguish the products Almost all products are J2EE-based / J2EE-compliant
Web Application ServersWeb Application Servers Implementing J2EE - Web Application ServersImplementing J2EE - Web Application Servers
Looking at J2EE Web Application ServersLooking at J2EE Web Application Servers
WEBAPPLICATION
SERVER
Integrated development environments Development and deployment of EJBs / Servlets / JSPs Example : BEA’s Webgain Studio with Visual Café, Dreamweaver,
Weblogic and Structure Builder
Web Application ServersWeb Application Servers Implementing J2EE - Web Application ServersImplementing J2EE - Web Application Servers
Developing Applications with Web Application ServersDeveloping Applications with Web Application Servers
Features of Web Application ServersFeatures of Web Application Servers
Web Application ServersWeb Application Servers
WEBAPPLICATION
SERVER
@#$%!
Wow !???
! ! ! !
Scalability and availability – capacity to meet the increasing number of client requests
Load balancing – ability to distribute requests evenly across multiple resources
Fail-over and fault tolerance – coping up with software / hardware crashes
Response time – ability to attend to the client’s request as early as possible.
Web Application ServersWeb Application Servers Features of Web Application ServersFeatures of Web Application Servers
Performance-based FeaturesPerformance-based Features
Tools and IDE support – overall application development environment Ease of use and development – overall skill set required for
development Platform Support – compatibility across multiple hardware / OS
configurations
Web Application ServersWeb Application Servers Features of Web Application ServersFeatures of Web Application Servers
Application Development FeaturesApplication Development Features
Open architecture – ability to accommodate multiple standards and components
Back-end integration - ability to integrate with existing EIS Web server support – major HTTP web servers supported by the product
Web Application ServersWeb Application Servers Features of Web Application ServersFeatures of Web Application Servers
Technical FeaturesTechnical Features
WEBAPPLICATION
SERVER
Administration and Manageability – how easy is it to maintain the overall system ?
Site monitoring / analysis and report generation Security management – user governance, requests logging, firewall /
SSL support Transaction monitoring – ability to be a database watchdog
Web Application ServersWeb Application Servers Features of Web Application ServersFeatures of Web Application Servers
Administrative FeaturesAdministrative Features
Availability of local technical support Pricing
Web Application ServersWeb Application Servers Features of Web Application ServersFeatures of Web Application Servers
Miscellaneous FeaturesMiscellaneous Features
J2EE Certification of Web J2EE Certification of Web Application ServersApplication Servers
Web Application ServersWeb Application Servers
Web Application Servers Web Application Servers J2EE Certification of Web Application ServersJ2EE Certification of Web Application Servers
Sun Microsystems’ J2EE Compliance Test and Compatibility Test suite J2EE-branded server must pass more than 6,000 tests in the
Compatibility Test suite.
How to distinguish Web Application Servers ?How to distinguish Web Application Servers ?
???
BEA’s WebLogic server Allaire’s Jrun Bluestone’s Sapphire (Total-e-server) i-Planet application server Oracle ‘s 9i application server Silverstream Ebusiness platform IBM’s Web Sphere
Web Application Servers Web Application Servers J2EE Certification of Web Application ServersJ2EE Certification of Web Application Servers
Some premier Web Application ServersSome premier Web Application Servers
Future of J2EEFuture of J2EE
Web Application Servers Web Application Servers
Web Application Servers Web Application Servers Future of J2EEFuture of J2EE
Future Development PathsFuture Development Paths
tomcat@jakarta : Is it here to stay ? New Draft : Connector Architecture / Messaging beans etc.
Web Application Servers Web Application Servers Future of J2EEFuture of J2EE
Web Application Servers of the FutureWeb Application Servers of the Future
WEBAPPLICATION
SERVER
Move towards J2EE Jini / Javaspaces and other related technologies will have an influence
Introducing J2EEIntroducing J2EE Current problems with enterprise-wide networked application environments Future needs What is J2EE? How J2EE meets the challenge? A taste of J2EE
Components of J2EEComponents of J2EE J2EE application programming model Components & component APIs – an in-depth look Interactions between the components A component-based development approach
Application Development with J2EEApplication Development with J2EE Developing Servlets and JSPs Developing Enterprise JavaBeans (EJBs) Interactions between the components Architecting a simple J2EE application
J2EE Web Application ServersJ2EE Web Application Servers Implementing J2EE : Web application servers Features of Web application servers J2EE certification for Web application servers Future of J2EE
J2EE TutorialJ2EE Tutorial
RECAPRECAP