Professional Documents
Culture Documents
J2EE Platform
TM
Sang Shin
sang.shin@sun.com
Architecture www.javapassion.com/j2ee
Technology Evangelist
Sun Microsystems, Inc.
1 2
Development Frameworks
technology (2002) ? J2EE APIs and Technologies
? J2EE programming with Passion! (It is free!)
TM
Enterprise Computing
Challenges Key Products
Portability Technologie App Servers
s
Diverse Web Servers
Environments J2SE™
™
Components
Time-to-market J2EE
What is J2EE?
Databases
Core JMS
Competence Object to DB
Servlet tools
Assembly JSP
Integration Connector Legacy
XML Systems
Data Databases
Binding TP Monitors
XSLT
EIS Systems
5 6
component-based enterprise
applications
7 8
12/12/2003
9 10
* Under development in JCP
Platform Evolution
The
The Network
Network The
The Computer
Computer Network
Network of
of
Catch
Catch Is
Is the
the Computer
Computer Legacy
Legacy to
to Is
Is the
the Embedded
Embedded Network
Network
Phrase
Phrase Objects
Objects the
the Web
Web Network
Network Things
Things of
of Things
Things
Scale
Scale 100s
100s 1,000s
1,000s 1,000,000s
1,000,000s 10,000,000s
10,000,000s 100,000,000s
100,000,000s 100,000,000s
100,000,000s
When/Peak
When/Peak 1984/1987
1984/1987 1990/1993
1990/1993 1996/1999
1996/1999 2001/2003
2001/2003 1998/2004
1998/2004 2004/2007
2004/2007
History of Leaf
Leaf
Protocol(s)
Protocol(s)
XX XX +HTTP
+HTTP
(+JVM)
(+JVM)
+XML
+XML
Portal
Portal
+RM
+RM Unknown
Unknown
Session
Session
NS,
NS, NS+
RPC,
NS+
RPC, XDR
XDR
+CDS
+CDS
+CORBA
+CORBA
+LDAP(*)
+LDAP(*)
+CORBA,
+CORBA,
+UDDI
+UDDI
+SOAP,
+SOAP,
+Jini
+Jini
+RM/Jini
+RM/Jini
+?
+?
+?
+?
RM
RM XML
XML
Schematic
Schematic
11
12/12/2003
TM
Communication Patterns Communication Patterns: Java 2
Client- Web Web Hybrid
Server 3-Tier Application Services P2P Fractal Business
Business Systems
Systems
DB
DB Server
Server
App
App Server
Server J2EE
J2EE
Web
Web Server
Server
Browser
Browser J2SE/
J2SE/
Client
Client J2ME
J2ME
Web
Application
Bus.
Bus.
Sys.
Sys.
Evolution of
XML
XML
DB
DB (UDDI,
(UDDI,
SOAP)
SOAP)
App
App J2EE
J2EE
Web
Web
J2SE/
J2SE/
Enterprise Application
Browser
Browser
Context
Context and
and Identity
Identity
J2ME
J2ME
Frameworks
(LDAP,
(LDAP, Policy,
Policy, Liberty)
Liberty)
Web
Service
16
12/12/2003
25
27 28
12/12/2003
33 34
What is a Servlet?
? Java™ objects which extend the functionality
of a HTTP server
? Dynamic contents generation
? Better alternative to CGI, NSAPI, ISAPI, etc.
– Efficient
Servlet –
–
Platform and server independent
Session management
– Java-based
41 42
43 44
12/12/2003
First Servlet
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
Session Tracking
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<title>First Servlet</title>");
out.println("<big>Hello Code Camp!</big>");
}
}
49 50
51 52
12/12/2003
53 54
55 56
12/12/2003
57 58
JSP
doFilter(
User Servlet service(
ServletRequest,
implemented container ServletRequest,
ServletResponse,
filters filter ServletResponse)63 64
FilterChain)
12/12/2003
65 66
67 68
12/12/2003
JSP Benefits
? Content and display logic are separated
? Simplify development with JSP, JavaBeans
and custom tags
? Supports software reuse through the use of
components
? Recompile automatically when changes are
made to the source file
Web-Tier Security
? Easier to author web pages Issues
? Platform-independent
69 70
Authentication- –
–
Encoding scheme is Base64
Someone can easily decode it
based ?
– Not encrypted
Would need SSL for encrypting password
Web tier Security 73 74
Step 3: Specify which URLs should Step 4: Specify which URLs should
be access-controlled be available only with SSL
<web-app> <web-app>
... ...
<security-constraint> <security-constraint>
<web-resource-collection> <web-resource-collection>
<web-resource-name>WRCollection</web-resource-name> <web-resource-name>WRCollection</web-resource-name>
<url-pattern>/loadpricelist</url-pattern> <url-pattern>/loadpricelist</url-pattern>
<http-method>GET</http-method> <http-method>GET</http-method>
</web-resource-collection> </web-resource-collection>
<auth-constraint> <auth-constraint>
<role-name>admin</role-name> <role-name>admin</role-name>
</auth-constraint> </auth-constraint>
<user-data-constraint> <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint> </user-data-constraint>
</security-constraint> </security-constraint>
<login-config> <login-config>
<auth-method>BASIC</auth-method> <realm-name></realm-name> <auth-method>BASIC</auth-method> <realm-name></realm-name>
</login-config> </login-config>
... ...
</web-app> 79 </web-app> 80
12/12/2003
Form-based Authentication
? Web application collects user identification
(user name, password, and other
information) through a custom login page
? Not secure since user name and password are
Form-based in “easily decode'able” form over the wire
Authentication –
–
Encoding scheme is Base64
Someone can easily decode it
based ?
– Not encrypted
Would need SSL for encrypting password
Web-tier Security 81 82
85 86
87 88
12/12/2003
Step 5: Specify which URLs should be Step 6: Specify which URLs should be
access-controlled (Same as Basic Auth) available only with SSL (Same as Basic Auth)
<web-app> <web-app>
... ...
<security-constraint> <security-constraint>
<web-resource-collection> <web-resource-collection>
<web-resource-name>WRCollection</web-resource-name> <web-resource-name>WRCollection</web-resource-name>
<url-pattern>/loadpricelist</url-pattern> <url-pattern>/loadpricelist</url-pattern>
<http-method>GET</http-method> <http-method>GET</http-method>
</web-resource-collection> </web-resource-collection>
<auth-constraint> <auth-constraint>
<role-name>admin</role-name> <role-name>admin</role-name>
<role-name>executive</role-name> </auth-constraint>
</auth-constraint> <user-data-constraint>
<user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
<transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint>
</user-data-constraint> </security-constraint>
</security-constraint> <login-config>
<login-config> <auth-method>FORM</auth-method> <realm-name></realm-name>
<auth-method>FORM</auth-method> <realm-name></realm-name> </login-config>
</login-config> ...
... </web-app>
</web-app> 89 90
97 98
105 106
109 110
When to Use CMP vs. BMP? Session Beans and Entity Beans
? CMP entity beans Session Beans Entity Beans
– With CMP 2.0, there is no reason not to use CMP
? Represent a business ? Represent business data
– Database independence process ? Shared instance for
– Higher performance ? One instance per client multiple clients
– Easy to develop and deploy ? Short-lived: Life of ? Long-lived: as long as
client is life of bean data in database
? BMP entity beans ? Transient ? Persistent
– More programmatic control is desired ? Doesn’t survive server ? Survive server crashes
crashes ?
Always transactional
? May be transactional
111 112
12/12/2003
113 114
Connector Architecture
? Defines
– Connection pooling
– Security
– Transaction
JNDI JDBC
? Java Naming and Directory Interface ? Provides standard Java programming API
? Utilized by J2EE applications to locate to relational database
resources and objects in portable fashion – Uses SQL
– Applications use symbolic names to find object ? Vendors provide JDBC compliant driver
references to resources via JNDI which can be invoked via standard Java
– The symbolic names and object references have programming API
to be configured by system administrator
123 124
12/12/2003
Vendor Deploy
JMX
Tools
App
J2EE App Server
127 128
12/12/2003
–
Provider configuration subcontract
Policy configuration subcontract
J2EE as End-to-End
– Policy enforcement subcontract Architecture
? Enable application servers to integrate with
enterprise user registries and authorization
policy infrastructure
129 130
Enterprise
Existing Enterprise Information
JavaBeans™
B2C Applications Client Systems (EIS):
Applications Client Relational
Database,
Web Enterprise Legacy
Client Server JavaBeans Applications,
Web JSP,
Services Servlets ERP Systems
Client
Application Server HTML/XML
Wireless Enterprise Other Services:
Enterprise
JNDI, JMS,
Applications Information Client Middle JavaMail™ Information
Systems
Tier Tier Tier
131 132
12/12/2003
J2EE
Component & Container
Architecture
Web Tier EJB Tier
133 134
J2SE
l Concurrency l Presentation
RMI/IIOP
RMI/IIOP
JavaMail JavaMail
Security Business Logic
JDBC
JDBC
l l
JMS
JTA
JNDI
JMS
JTA
JNDI
Transaction
JDBC
JMS
JNDI
J2SE J2SE
l Lifecycle
management
l Management
Database
135 136
12/12/2003
137 138
139 140
12/12/2003
DB & EIS
J2EE Application
Resources
Anatomies
Browser Web Server EJB Server
Stand-alone
143 144
12/12/2003
J2EE BluePrint
? Best practice guidelines, design patterns
and design principles
– MVC pattern
• SOAPBuilder effort
• Will support WS-I Basic profile
157 158
HTTP
165 166
JAXR Architecture
177 178
Step1: How to Get Started (for Step2: How to Get Started (for
Beginners) for Web-tier Beginners) for EJB tier and Others
? Download and run Java Web Services Developer ? Download and run J2EE 1.3.1 Reference
Pack (Java WSDP) and its tutorial for web-tier Implementation (RI)
programming (Servlet and JSP) – In the future course, we will use Sun ONE App Server 7
Platform Edition, which is production quality and is also
? Java Web Services Developer Pack Download freely downloadable
– java.sun.com/webservices/downloads/webservicespack.html ? Study J2EE Tutorial from java.sun.com
? Java Web Services Developer Pack Tutorial – developer.java.sun.com/developer/onlineTraining/J2EE
– java.sun.com/webservices/downloads/webservicestutorial.ht /Intro2/j2ee.html
ml
179 180
12/12/2003
Step5: Next Step (For Advanced Step6: Next Step (For J2EE 1.4
J2EE Programmers) Features)
? There is no shortage of quality J2EE online ? We will use J2EE 1.4 Beta Reference
resources Implementation for building J2EE
– java.sun.com/j2ee applications that use 1.4 features (or we
– www.theserverside.com might use individually released packages)
– JAXP, JAX-RPC, JAXR, SAAJ
– JMX
– Management and Deployment
– JACC
– ...
183 184
12/12/2003
185 186
189 190
191 192
12/12/2003
Summary
? J2EE is the platform of choice for
development and deployment of n-tier,
web-based, transactional, component-
Summary & ?
based enterprise applications
J2EE is standard-based architecture
Resources ? J2EE is all about community
? J2EE evolves according to the needs of
the industry
195 196
12/12/2003
Resources Resources
? J2EE Home page ? Java Web Services Developer Pack Download
– java.sun.com/j2ee – java.sun.com/webservices/downloads/webservicespack.html
Evaluation Course #
ISUN2SN
199